피드 구독

Starting with the beta release of Red Hat Enterprise Linux 8.1 Podman offers the possibility to migrate running containers from one system to another, without losing the state of the applications running in the container. With the help of CRIU Podman is able to offer stateful container migration for some containers.

The following is an example how to use container migration to move a running container from one system to another. The container in the example is running Wildfly, and is used to demonstrate multiple use cases of container migration.

2023 Gartner® Magic Quadrant™에서 리더로 선정된 Red Hat

Red Hat은 Gartner 2023 Magic Quadrant 컨테이너 관리 부문의 실행 능력 및 비전의 완성도에서 최고점을 획득했습니다.

The first use case is the obvious one. Take a running container, checkpoint it, transfer it to another system and restore it. Stateful container migration.

Another interesting approach to use Podman’s container migration feature is to use it as a way to quickly start up a container which requires some time to initialize. The following examples are using the Wildfly application server which requires about 8 seconds to start up and to load the application I deployed. 

Checkpointing this container and restoring it from the checkpoint only takes about 4 seconds. Once the initial version of the container is running and ready to answer client requests the container is checkpointed and can then be restored requiring only 50% of the initial startup time. The container can be restored multiple times on the same host or on different hosts.

Container migration example

Based on the helloworld Wildfly quick start example I created a minimal application which returns a number and increments it. On the next request the client gets the next higher number back. A really simple but stateful application. To start Wildfly with Podman it needs a few additional options:

# podman run -d \
-v /home/deployments:/opt/jboss/wildfly/standalone/deployments \
--tmpfs /tmp \
--tmpfs /opt/jboss/wildfly/standalone/log \
--tmpfs /opt/jboss/wildfly/standalone/configuration \
--tmpfs /opt/jboss/wildfly/standalone/configuration/standalone_xml_history \
jboss/wildfly

This already shows one of the biggest container migration limitations. Currently, as implemented in Podman, stateful container migration only works with containers which do not change their file-system. Everything which the container potentially changes during runtime needs to be on a tmpfs. (I already opened a pull request (3443) which implements container migration including all root file-system changes, which will make it unnecessary to mount directories as tmpfs—so this limitation may soon be resolved upstream.)

As mentioned, all directories which are modified by Wildfly have to be mounted as tmpfs. Additionally, a volume which contains the helloworld application is mounted into the container: -v /home/deployments:/opt/jboss/wildfly/standalone/deployments

After about 8 seconds, the container is ready to answer client requests. The first step is to get the IP address of the container:

# podman inspect -l --format "{{.NetworkSettings.IPAddress}}"
10.88.0.247
# curl 10.88.0.247:8080/helloworld/
0
# curl 10.88.0.247:8080/helloworld/
1

The container can now be checkpointed and the checkpoint can be exported:

# podman container checkpoint -l -e /tmp/chkpt.tar.gz
# scp /tmp/chkpt.tar.gz rhel08:/tmp

Once the checkpoint archive has been transferred to the other system (rhel08) the container can be restored on that system:

# podman container restore -i /tmp/chkpt.tar.gz
# podman inspect -l --format "{{.NetworkSettings.IPAddress}}"
10.88.0.247
# curl 10.88.0.247:8080/helloworld/
2

At this point the stateful container has been migrated from one system to another without losing its state. This is also an example for the first use case of the container migration feature.

As previously mentioned container migration can also be used to reduce startup time of containers which require a certain time to initialize. Using the checkpoint archive (chkpt.tar.gz) from above it is possible to restore the checkpointed multiple times. This restore can happen on any host:

# podman container restore -i /tmp/chkpt.tar.gz -n hello1
# podman container restore -i /tmp/chkpt.tar.gz -n hello2
# podman container restore -i /tmp/chkpt.tar.gz -n hello3

This time I am using the parameter -n (--name), with which I can tell Podman to restore the container from the checkpoint archive with a different name.

# podman ps -a --format "{{.ID}} {{.Names}}"
a8b2e50d463c hello3
faabc5c27362 hello2
2ce648af11e5 hello1

#️ podman inspect hello1 --format "{{.NetworkSettings.IPAddress}}"
10.88.0.248
#️ curl 10.88.0.248:8080/helloworld/
4
#️ podman inspect hello2 --format "{{.NetworkSettings.IPAddress}}"
10.88.0.249
#️ curl 10.88.0.249:8080/helloworld/
4
#️ podman inspect hello3 --format "{{.NetworkSettings.IPAddress}}"
10.88.0.250
#️ curl 10.88.0.250:8080/helloworld/
4

This way it is possible to quickly start up stateful replicas of the initially checkpointed container.

All shown examples are running on the beta release of Red Hat Enterprise Linux 8.1.

Recording example #1:

Recording example #2:


저자 소개

UI_Icon-Red_Hat-Close-A-Black-RGB

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Original series icon

오리지널 쇼

엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리