CRIU now supports autodetection of external mounts via the --ext-mount-map auto
--enable-external-sharing --enable-external-masters options, so we don't need
to explicitly pass the cgmanager mount or any of the mounts from the config.
This also means that lxcfs mounts (since they are bind mounts from outside the
container) are autodetected, meaning that c/r of containers using lxcfs works.
A further advantage of this patch is that it addresses some of the ugliness
that was in the exec_criu() function. There are other criu options that will
allow us to trim this even further, though.
Finally, with --enable-external-masters, criu understands slave mounts in the
container with shared mounts in the peer group that are outside the namespace.
This allows containers on a systemd host to be dumped and restored correctly.
However, these options have just landed in criu trunk today, and the next
tagged release will be 1.6 on June 1, so we should avoid merging this into any
stable releases until then.
v2: remount / as private before bind mounting the container's directory for
criu. The problem here is that if / is mounted as shared, even if we
unshare() the /var/lib/lxc/rootfs mountpoint propagates outside of our
mount namespace, which is bad, since we don't want to leak mounts. In
particular, this leak confuses criu the second time it goes to checkpoint
the container.
v3: whoops, we really want / as MS_SLAVE | MS_REC here, to match what start
does
v4: rebase onto master for revert of logging patch
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
projects / thirdparty / lxc.git / commit
