This is the repository for the proof-of-concept (POC) implementation for my master's thesis. The POC extends current migration techniques (iterative migration) in order to provide both container live migration and failover in a unified and container-generic solution.
This demo shows a migration of a container that increments and prints an integer every second. The instance on the left starts the container and the one on the right joins the cluster. Eventually the left instance receives a migration request and will migrate the container to the instance on the right. Notice how after the migration the instance on the right keeps counting from where the one on the left stopped.
This demo shows a failover of a container that increments and prints an integer every second. The instance on the left starts the container and the one on the right joins the cluster. Eventually the left instance is killed and, after a while the one on the right notices it and recovers the container. Notice how after the failover the instance on the right does not keep counting from where the one on the left stopped, instead it has regress in time to a previous state.
While the system should work with any OCI-bundle, how to generate some examples that may be interesting are provided here.
Dependencies:
This a minimal example of an OCI-bundle that runs a simple script that increments an integer every second.
To generate the rootfs, any simple filesystem containing a shell should work.
Here, busybox is used.
mkdir -p rootfs && docker export $(docker create busybox) | tar xvfC - rootfsNext we need to copy the actual script to execute:
cp demos/runc/count.sh rootfs/Generating config.json:
oci-runtime-tool generate \
--args "sh" --args "/count.sh" \
--linux-namespace-remove network > config.jsonThis example creates an OCI-bundle for a redis database.
mkdir -p rootfs && docker export $(docker create redis) | tar xvfC - rootfsGenerate config.json:
oci-runtime-tool generate \
--args "redis-server" --args "--save ''" --args "--appendonly no" \
--linux-namespace-remove network > config.jsonThe --save '' and --appendonly no options passed to the --args options
disables writing the redis database to disk, keeping everything in-memory, as
the system is not able to deal with persistent storage.
The database can populate with junk data for testing using the script
scripts/redis/redis_populate.lua, which generates n pairs of the form i=i
for every 0<=i<n, where n is the first argument passed to script. The script
can be evaluated as follows:
redis-cli -h <host> --eval scripts/redis/redis_populate.lua <n>After creating a OCI-bundle a node can be run in docker in order to simulate different hosts. Building:
docker build -t msc -f docker/Dockerfile .Docker sets the the cgroup filesystems in /sys to read-only. In order for runc
to mount these in the container, the SYS_CAP_ADMIN capability needs to be set,
which can be done via the --privileged flag to docker run.
Also the OCI-bundle's rootfs and config.json need to be passed to the
container as volumes using the v flag.
Running
docker run --name msc --privileged \
-v $(pwd)/rootfs:/app/rootfs \
-v $(pwd)/config.json:/app/config.json \
msc <options>