From 354a7575bf00327878d2f315939052fb6c23e188 Mon Sep 17 00:00:00 2001 From: Ace-Tang Date: Fri, 17 Aug 2018 16:03:21 +0800 Subject: [PATCH 1/2] cr: don't restore net namespace by default since runc don't manage net device and their configuration, checkpoint also don't dump net namespace by default, so set 'nsmask = unix.CLONE_NEWNET' by default in restore. Or if user do not pass 'empty-ns network', criu will cost extra time in restore. Signed-off-by: Ace-Tang --- restore.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/restore.go b/restore.go index ca9e1e897f5..f00bec192c1 100644 --- a/restore.go +++ b/restore.go @@ -97,6 +97,9 @@ using the runc checkpoint command.`, return err } options := criuOptions(context) + if err := setEmptyNsMask(context, options); err != nil { + return err + } status, err := startContainer(context, spec, CT_ACT_RESTORE, options) if err != nil { return err From 30152c0b53bd44ed5ae5a549d486924b215dab49 Mon Sep 17 00:00:00 2001 From: Andrei Vagin Date: Tue, 10 Jul 2018 09:53:34 -0700 Subject: [PATCH 2/2] cr: don't dump network devices and their configuration RunC doesn't manage network devices and their configuration, so it is impossible to describe external dependencies to restore them back. This means that all users have to set --empty-ns network, so let's do this by default. Signed-off-by: Andrei Vagin --- checkpoint.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/checkpoint.go b/checkpoint.go index 788f33475ec..12b01ec9b92 100644 --- a/checkpoint.go +++ b/checkpoint.go @@ -118,7 +118,8 @@ var namespaceMapping = map[specs.LinuxNamespaceType]int{ } func setEmptyNsMask(context *cli.Context, options *libcontainer.CriuOpts) error { - var nsmask int + /* Runc doesn't manage network devices and their configuration */ + nsmask := unix.CLONE_NEWNET for _, ns := range context.StringSlice("empty-ns") { f, exists := namespaceMapping[specs.LinuxNamespaceType(ns)]