1podman-container-checkpoint(1)()              podman-container-checkpoint(1)()
2
3
4

NAME

6       podman-container-checkpoint  - Checkpoints one or more running contain‐
7       ers
8
9

SYNOPSIS

11       podman container checkpoint [options] container [container ...]
12
13

DESCRIPTION

15       podman container checkpoint checkpoints all the  processes  in  one  or
16       more  containers.  A  container  can be restored from a checkpoint with
17       podman-container-restore. The container IDs or names are used as input.
18
19
20       IMPORTANT: If the container is using systemd as entrypoint  checkpoint‐
21       ing the container might not be possible.
22
23

OPTIONS

25   --all, -a
26       Checkpoint all running containers.
27       The default is false.
28       IMPORTANT:  This  OPTION  does not need a container name or ID as input
29       argument.
30
31
32   --compress, -c=zstd | none | gzip
33       Specify the compression algorithm used for the checkpoint archive  cre‐
34       ated  with  the --export, -e OPTION. Possible algorithms are zstd, none
35       and gzip.
36       One possible reason to use none is to enable faster creation of  check‐
37       point  archives.  Not  compressing the checkpoint archive can result in
38       faster checkpoint archive creation.
39       The default is zstd.
40
41
42   --create-image=image
43       Create a checkpoint image from a running container. This is a  standard
44       OCI  image  created  in  the local image store. It consists of a single
45       layer that contains all of the checkpoint files. The  content  of  this
46       image  layer  is  in the same format as a checkpoint created with --ex‐
47       port. A checkpoint image can be pushed to a standard container registry
48       and  pulled on a different system to enable container migration. In ad‐
49       dition, the image can be exported with podman image save and  inspected
50       with  podman inspect. Inspecting a checkpoint image would display addi‐
51       tional information, stored as annotations, about the  host  environment
52       used to do the checkpoint:
53
54
55io.podman.annotations.checkpoint.name:  Human-readable name of
56                the original container.
57
58io.podman.annotations.checkpoint.rawImageName:     Unprocessed
59                name  of  the  image used to create the original container (as
60                specified by the user).
61
62io.podman.annotations.checkpoint.rootfsImageID: ID of the  im‐
63                age used to create the original container.
64
65io.podman.annotations.checkpoint.rootfsImageName:  Image  name
66                used to create the original container.
67
68io.podman.annotations.checkpoint.podman.version:  Version   of
69                Podman used to create the checkpoint.
70
71io.podman.annotations.checkpoint.criu.version: Version of CRIU
72                used to create the checkpoint.
73
74io.podman.annotations.checkpoint.runtime.name: Container  run‐
75                time (e.g., runc, crun) used to create the checkpoint.
76
77io.podman.annotations.checkpoint.runtime.version:  Version  of
78                the container runtime used to create the checkpoint.
79
80io.podman.annotations.checkpoint.conmon.version:  Version   of
81                conmon used with the original container.
82
83io.podman.annotations.checkpoint.host.arch:  CPU  architecture
84                of the host on which the checkpoint was created.
85
86io.podman.annotations.checkpoint.host.kernel: Version of Linux
87                kernel of the host where the checkpoint was created.
88
89io.podman.annotations.checkpoint.cgroups.version:  cgroup ver‐
90                sion used by the host where the checkpoint was created.
91
92io.podman.annotations.checkpoint.distribution.version: Version
93                of host distribution on which the checkpoint was created.
94
95io.podman.annotations.checkpoint.distribution.name:   Name  of
96                host distribution on which the checkpoint was created.
97
98
99
100   --export, -e=archive
101       Export the checkpoint to a tar.gz file. The exported checkpoint can  be
102       used  to  import the container on another system and thus enabling con‐
103       tainer live  migration.  This  checkpoint  archive  also  includes  all
104       changes to the container's root file-system, if not explicitly disabled
105       using --ignore-rootfs.
106
107
108   --file-locks
109       Checkpoint a container with file locks. If an  application  running  in
110       the  container  is  using  file  locks,  this OPTION is required during
111       checkpoint and restore. Otherwise checkpointing  containers  with  file
112       locks  is  expected to fail. If file locks are not used, this option is
113       ignored.
114       The default is false.
115
116
117   --ignore-rootfs
118       If a checkpoint is exported to a tar.gz file it is  possible  with  the
119       help  of --ignore-rootfs to explicitly disable including changes to the
120       root file-system into the checkpoint archive file.
121       The default is false.
122       IMPORTANT: This OPTION only works in combination with --export, -e.
123
124
125   --ignore-volumes
126       This OPTION must be used in combination with the --export,  -e  OPTION.
127       When  this  OPTION is specified, the content of volumes associated with
128       the container will not be included into the checkpoint tar.gz file.
129       The default is false.
130
131
132   --keep, -k
133       Keep all temporary log and statistics  files  created  by  CRIU  during
134       checkpointing.  These  files are not deleted if checkpointing fails for
135       further debugging. If checkpointing succeeds these files are  theoreti‐
136       cally  not  needed,  but  if these files are needed Podman can keep the
137       files for further analysis.
138       The default is false.
139
140
141   --latest, -l
142       Instead of providing the container ID or name,  use  the  last  created
143       container. If other methods than Podman are used to run containers such
144       as CRI-O, the last started container could  be  from  either  of  those
145       methods.
146       The default is false.
147       IMPORTANT:  This OPTION is not available with the remote Podman client,
148       including Mac and Windows (excluding WSL2) machines. This  OPTION  does
149       not need a container name or ID as input argument.
150
151
152   --leave-running, -R
153       Leave the container running after checkpointing instead of stopping it.
154       The default is false.
155
156
157   --pre-checkpoint, -P
158       Dump  the  container's  memory  information only, leaving the container
159       running. Later operations will supersede prior dumps. It only works  on
160       runc 1.0-rc3 or higher.
161       The default is false.
162
163
164       The functionality to only checkpoint the memory of the container and in
165       a second checkpoint only write out the memory pages which have  changed
166       since the first checkpoint relies on the Linux kernel's soft-dirty bit,
167       which is not available on all systems as it depends on the  system  ar‐
168       chitecture  and the configuration of the Linux kernel. Podman will ver‐
169       ify if the current system supports this functionality and return an er‐
170       ror if the current system does not support it.
171
172
173   --print-stats
174       Print  out  statistics about checkpointing the container(s). The output
175       is rendered in a JSON array and contains  information  about  how  much
176       time  different  checkpoint operations required. Many of the checkpoint
177       statistics are created by CRIU and just passed through to  Podman.  The
178       following information is provided in the JSON array:
179
180
181podman_checkpoint_duration:  Overall  time  (in  microseconds)
182                needed to create all checkpoints.
183
184runtime_checkpoint_duration: Time (in microseconds)  the  con‐
185                tainer runtime needed to create the checkpoint.
186
187freezing_time:  Time  (in  microseconds)  CRIU needed to pause
188                (freeze) all processes in the container (measured by CRIU).
189
190frozen_time: Time (in microseconds) all processes in the  con‐
191                tainer were paused (measured by CRIU).
192
193memdump_time: Time (in microseconds) needed to extract all re‐
194                quired memory pages from all container processes (measured  by
195                CRIU).
196
197memwrite_time:  Time (in microseconds) needed to write all re‐
198                quired memory pages  to  the  corresponding  checkpoint  image
199                files (measured by CRIU).
200
201pages_scanned:  Number of memory pages scanned to determine if
202                they need to be checkpointed (measured by CRIU).
203
204pages_written: Number of memory pages actually written to  the
205                checkpoint image files (measured by CRIU).
206
207
208
209       The default is false.
210
211
212   --tcp-established
213       Checkpoint  a container with established TCP connections. If the check‐
214       point image contains established TCP connections, this  OPTION  is  re‐
215       quired  during  restore.  Defaults to not checkpointing containers with
216       established TCP connections.
217       The default is false.
218
219
220   --with-previous
221       Check out the container with previous criu image files in pre-dump.  It
222       only works on runc 1.0-rc3 or higher.
223       The default is false.
224       IMPORTANT: This OPTION is not available with --pre-checkpoint.
225
226
227       This option requires that the option --pre-checkpoint has been used be‐
228       fore on the same container. Without an  existing  pre-checkpoint,  this
229       option will fail.
230
231
232       Also see --pre-checkpoint for additional information about --pre-check‐
233       point availability on different systems.
234
235

EXAMPLES

237       Make a checkpoint for the container "mywebserver".
238
239
240              # podman container checkpoint mywebserver
241
242
243
244       Create a checkpoint image for the container "mywebserver".
245
246
247              # podman container checkpoint --create-image mywebserver-checkpoint-1 mywebserver
248
249
250
251       Dumps the container's memory information of the latest  container  into
252       an archive.
253
254
255              # podman container checkpoint -P -e pre-checkpoint.tar.gz -l
256
257
258
259       Keep  the container's memory information from an older dump and add the
260       new container's memory information.
261
262
263              # podman container checkpoint --with-previous -e checkpoint.tar.gz -l
264
265
266
267       Dump the container's memory information of the latest container into an
268       archive with the specified compress method.
269
270
271              # podman container checkpoint -l --compress=none --export=dump.tar
272              # podman container checkpoint -l --compress=gzip --export=dump.tar.gz
273
274
275

SEE ALSO

277       podman(1), podman-container-restore(1), criu(8)
278
279

HISTORY

281       September  2018,  Originally compiled by Adrian Reber areber@redhat.com
282       ⟨mailto:areber@redhat.com⟩
283
284
285
286                                              podman-container-checkpoint(1)()
Impressum