Container Migration CS 208, Class 7.
Based on slides from 2 presentations:
Live Container Migration: Opportunities and Challenges
by , OpenVZ
Copyright By PowCoder代写 加微信 powcoder
Live migrating a container : pros, cons and gotchas
by @ Virtuozzo
Miigration in a nutshel
Save state
Copy state Restore from state
Conventional Cold Migration
copy file ● Copy filesystem to destination server. need to plan
● Stop a container
● Start the container at destination
★ Involves downtime
★ Prior Planning Required
start problem down time ahead
Suspend/Resume Migration files down at dst network link up
dst notstartedduringcopying
too resume
● More ‘Secure’
● Destination host is inactive during transfer
● Network connections dropped and reestablished at destination
● Disk transfer optimization with disk deltas
● Can support disconnected operations
Checkpointing and Restoring (C/R)
Checkpoint and save to disk
Destination
Copy File system
Transfer Checkpoint
CRIU: Checkpoint and Restore in User Space
start from chkpone ends with restoring freezing doneby Tif Freeze signal variety of dependencies saved complicated
hook added at the top for stack restore Roll back if needed
Important Notes on C/R
● First step in Checkpointing and last step in Restoring is process freezing
● Process freezing is done by TIF_FREEZE signal
● Different dependencies should be saved — complex
● hook() is added on top of process stack for restoration
● Roll back possible
Live Migration
● Move a running container from one server to another without areboot
● Transparent to user, container source and container destination
5 steps Processes Live migration at length detail
Memory pre-copy (iteratively, optional) Freeze + Save state
Copy state
Restore from state + Unfreeze and resume Memory post-copy (optional)
Mempre copy loop
Mem pose copy ofwanted
restore t unfreeze
VM vs. Container migration
– Processes: there may be many child processes
• Have to track down all the state associated with these
VM: self contained environment for migration
Environment: virtual hardware, paravirtualization CPU
Container: In principle, it should be faster (smaller footprint as there is no Guest OS to move). But have to consider:
Environment: cgroups, namespaces
Consider the Child process
group HWallocationrights namespace process isolation
track them down
Memory pre-copy
Contamer Memory
– Plain address space
copy everything messy everywhere
All memory at hand
to desk file
is scattered all over the processes
can be (or can not be) shared
can be (or can not be) mapped to disk files
Save state
UM state HW tree
Hardware state
I too obis amore of data for foxed
o Ohg graph as big as Ik objs
Container state track all relationships with other containers Allobjects
Tree of ~100 objects
Fixed amount of data for each VM (?) Container
State of all objects – need to track down the relationship between containers
Graph of up to ~1000 objects
All have different amount of data, different APIs for reading
Allhave differamountofdatathat use differ APIs to read
– Copy memory in place, write state into devices back
Restore from state
Container ONE’create dose obys
– Not all have same API for creation
mightrequire multiple to create
Creation of many small objects
● Creation sequence can be non-trivial to obp
APIs have an order might create the
CPU comprebatity chk load kernel liptables Fs
copy non shared F S Roll back plan
Keep tasksfrozen Non-shared filesystem should be copied after dump restore
kill after Roll-back on source node if something fails in between
Sort of list check
Additional Considerations for Migration
Check for CPU’s compatibility
Check and load necessary kernel modules (iptables, filesystems)
Keep tasks frozen after dump, kill after restore
Implementation for Container Migration
chkpones Save & restore state
Memory pre/post copy P.Haul
Perform Checks
Orchestrate all Checkpoint/Restore steps Needed as it deals with filesystem
P.Haul goals
Provide engine for container’s live migration using CRIU
Perform necessary pre-checks (e.g. CPU compatibility)
Organize memory pre-copy and/or post-copy Take care of file-system migration (if needed)
Container migration sequence
CRIU p.haul docker -d
migrate check (CPUs, kernels)
p.haul CRIU
cage I log
freeze time
other images
Steps in Live Container Migration
• Container’s file system synchronization
• Docker daemon starts with informing p.Haul (compatibility checks)
• Transfer container’s file system to the destination server. This can
be done using the rsync utility
• Pre-dump memory using CRIU and perform pre-copy
• Use p.Haul to copy File System Metin corn
• Freeze the container Freeze dump copy process
• Freeze all the processes and disable networking. • Dump memory again using CRIU
• Second container’s file system synchronization.
• During the first synch, a container is still running, so some files on the destination server can become outdated.
• So, after a container is frozen and its files are not being changed, the second file system synchronization is performed.
• Copy the dump file – transfer dump file to dest. server
Steps in Live Container Migration
• Restart the container on the destination server
• At this stage, creating a container on the destination server and creating processes inside it in the same state as saved in dump file. So at this stage, the processes will be in the frozen state
• P-Haul invokes Docker daemon to then use CRIU to restore
• Resume the container’s execution on dest. server • Stop the container on the source server
• Kill the container’s processes and unmount its file system
• Destroy the container on source server.
• Remove the container’s file system and config files on the source server
http://criu.org
http://criu.org/P.Haul
+CriuOrg/@ criu https://github.com/xemul/(criu|p.haul)
References
● Brendan Burns, , , , and , “Borg, Omega, and Kubernetes”, Communications of the ACM 59(5):50-57, April 2016
● Medina, Violeta ; Garcia, ; “A Survey of Migration Mechanisms of Virtual Machines” ACM Computing Surveys Fall, 2014, Vol.46(3), p.30(33)
● Felter, Wes; Ferreira, Alexandre; Rajamony, Ram ; Rubio, Juan; “An Updated Performance Comparison of Virtual Machines and Linux Containers” Performance Analysis of Systems and Software (ISPASS), 2015 IEEE International Symposium on 2015 IEEE International Symposium on Performance Analysis of Systems and Software, March 29-31 2015, pp.171-172
● Bussmann, Jens; Grzadkowski, Filip; “Containers with Google: from Borg to Kubernetes” available at
http://www.redhatonline.com/pl/wp-content/uploads/2016/05/RH-
GOOG_WAW_JensBussmann.pdf
● Emelyanov, Pavel; “Live migrating a container: pros, cons and gotchas”
available at http://www.slideshare.net/Docker/live-migrating-a-container-
pros-cons-and-gotchas
● Mirkin, Andrey; Kuznetsov, Alexey; Kolyshkin, Kir; “Containers checkpointing and live
migration” available at https://landley.net/kdocs/ols/2008/ols2008v2-pages-85-90.pdf
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com