Skip to content

criu: enable setting of RPC config file #1892

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

criu: enable setting of RPC config file #1892

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,8 @@ AS_IF([test "x$enable_criu" != "xno"], [
AC_MSG_NOTICE([CRIU version doesn't support for pre-dumping])])
PKG_CHECK_MODULES([CRIU_NETWORK_LOCK_SKIP], [criu >= 3.19], [have_criu_network_lock_skip="yes"], [have_criu_network_lock_skip="no"
AC_MSG_NOTICE([CRIU version doesn't support CRIU_NETWORK_LOCK_SKIP])])
PKG_CHECK_MODULES([CRIU_CONFIG_FILE], [criu > 4.1.1], [have_criu_config_file="yes"], [have_criu_config_file="no"
AC_MSG_NOTICE([libcriu version doesn't support setting RPC config file])])
AS_IF([test "$have_criu" = "yes"], [
AC_DEFINE([HAVE_CRIU], 1, [Define if CRIU is available])
])
Expand All @@ -278,6 +280,9 @@ AS_IF([test "x$enable_criu" != "xno"], [
AS_IF([test "$have_criu_network_lock_skip" = "yes"], [
AC_DEFINE([CRIU_NETWORK_LOCK_SKIP_SUPPORT], 1, [Define if CRIU_NETWORK_LOCK_SKIP is available])
])
AS_IF([test "$have_criu_config_file" = "yes"], [
AC_DEFINE([CRIU_CONFIG_FILE], 1, [Define if CRIU_CONFIG_FILE is available])
])

], [AC_MSG_NOTICE([CRIU support disabled per user request])])

Expand Down
1 change: 1 addition & 0 deletions src/libcrun/container.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,6 +207,7 @@ struct libcrun_checkpoint_restore_s
int network_lock_method;
char *lsm_profile;
char *lsm_mount_context;
char *config_file;
};
typedef struct libcrun_checkpoint_restore_s libcrun_checkpoint_restore_t;

Expand Down
12 changes: 12 additions & 0 deletions src/libcrun/criu.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
# define CRIU_CHECKPOINT_LOG_FILE "dump.log"
# define CRIU_RESTORE_LOG_FILE "restore.log"
# define DESCRIPTORS_FILENAME "descriptors.json"
# define CRIU_RUNC_CONFIG_FILE "/etc/criu/runc.conf"
Copy link
Member

@giuseppe giuseppe Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we have a crun version as well?

If the crun version doesn't exist we can use this one

Copy link
Contributor Author

@rst0git rst0git Oct 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We want users be able to use the checkpointing functionality of CRI-O, Podman and containerd with crun in the same way as they would with runc. Support for the runc.conf file was introduced back in 2019 (opencontainers/runc#1933) and has been used as a method to overwrite the CRIU options set by the container runtime. This configuration file allows, for example, to checkpoint/restore containers with established TCP connections in Kubernetes.

In addition to runc.conf, CRIU supports /etc/criu/default.conf. This file is parsed before the CRIU options set by the container runtime via RPC and doesn't overwrite them.

Adding support for crun.conf could confuse users about which configuration file to use and end up being more frustrating than helpful. However, from the perspective of users who do not use runc at all, they might expect the file to be called /etc/criu/crun.conf.

@adrianreber What do you think?

Copy link
Collaborator

@kolyshkin kolyshkin Oct 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think @giuseppe means to support both crun.conf and runc.conf, with the former one being a priority.


# define CRIU_EXT_NETNS "extRootNetNS"
# define CRIU_EXT_PIDNS "extRootPidNS"
Expand Down Expand Up @@ -99,6 +100,9 @@ struct libcriu_wrapper_s
void (*criu_set_work_dir_fd) (int fd);
int (*criu_set_lsm_profile) (const char *name);
int (*criu_set_lsm_mount_context) (const char *name);
# ifdef CRIU_CONFIG_FILE
int (*criu_set_config_file) (const char *path);
# endif
};

static struct libcriu_wrapper_s *libcriu_wrapper;
Expand Down Expand Up @@ -194,6 +198,9 @@ load_wrapper (struct libcriu_wrapper_s **wrapper_out, libcrun_error_t *err)
LOAD_CRIU_FUNCTION (criu_set_work_dir_fd, false);
LOAD_CRIU_FUNCTION (criu_set_lsm_profile, false);
LOAD_CRIU_FUNCTION (criu_set_lsm_mount_context, false);
# ifdef CRIU_CONFIG_FILE
LOAD_CRIU_FUNCTION (criu_set_config_file, false);
# endif

libcriu_wrapper = *wrapper_out = wrapper;
wrapper = NULL;
Expand Down Expand Up @@ -522,6 +529,11 @@ libcrun_container_checkpoint_linux_criu (libcrun_container_status_t *status, lib
/* Set up logging. */
libcriu_wrapper->criu_set_log_level (4);
libcriu_wrapper->criu_set_log_file (CRIU_CHECKPOINT_LOG_FILE);

# ifdef CRIU_CONFIG_FILE
libcriu_wrapper->criu_set_config_file (CRIU_RUNC_CONFIG_FILE);
# endif

/* Setting the pid early as we can skip a lot of checkpoint setup if
* we just do a pre-dump. The PID needs to be set always. Do it here.
* The main process of the container is the process CRIU will checkpoint
Expand Down