-
Stéphane Graber (Canonical Ltd.)14/09/2022, 10:00
-
Mathieu Desnoyers (EfficiOS Inc.)14/09/2022, 10:05
There are various use-cases related to tracing which could benefit from introducing a notion of "tracer namespace" rather than playing tricks with ptrace. This idea was introduced in the LPC 2021 Tracing MC.
For instance, it would be interesting to offer the ability to trace system calls, uprobes, and user events using a kernel tracer controlled from within a container. Tracing a hierarchy...
Go to contribution page -
Pavel Tikhomirov (Virtuozzo)14/09/2022, 10:30
Re-parenting may put processes having same inherit-only resource into completely different and far away locations in the process tree, so that they don't have ancestor/descendant relations between each other anymore.
In mainstream CRIU currently we don't have nested pid-namespaces support and re-parenting to child-sub-reaper support. We just handle the most common case where task was...
Go to contribution page -
Aleksa Sarai (SUSE LLC)14/09/2022, 11:00
Thanks to
Go to contribution pageopenat2(2), it is now possible for a container runtime to be absolutely sure that they are accessing the procfs path they intended by usingRESOLVE_NO_XDEV|RESOLVE_NO_SYMLINKS(the main limitation before this was the fact that there was no way to safely do the equivalent ofRESOLVE_NO_XDEVin userspace on Linux, and implementing the necessary behaviour in userspace was... -
Michal Koutný14/09/2022, 11:45
rstat is a framework how generic hierarchical stats collection is implemented
Go to contribution page
for cgroups.
It is light on the writer (update) side since it works with per-cgroup per-cpu
structures only (mostly).
It is quick on the reader side since it aggregates only cgroups active since
the previous read in a given subtree.
It is used for accounting CPU time on the unified hierachy, blkcg and memcg... -
Younes Manton14/09/2022, 12:10
This talk will discuss on-going changes to CRIU to introduce an "unprivileged" mode, utilizing a minimal set of Linux capabilities that allow for non-root users to checkpoint and restore processes.
It will also touch on a particularly motivating use-case; improving JVM start-up time.
Go to contribution page -
Mathieu Desnoyers (EfficiOS Inc.)14/09/2022, 12:35
Introducing per-memory-space virtual CPU IDs allocation domains helps solving user-space per-core data structure memory scaling issues as long as the data structure is private to a memory space (typically a single process). However, this does not help in use-cases where the data structure sits in shared memory used across processes.
In order to address this part of the problem, a...
Go to contribution page -
Alexander Mikhalitsyn (Virtuozzo)14/09/2022, 13:00
Bringing up FUSE mounts C/R support
Intro
Each filesystem support in CRIU brings their own problems. Block-device based filesystems
Go to contribution page
comparably easy to handle, we just need to save mount options and use it at the restore stage,
it is also possible to provide such filesystems as an external mounts. Some virtual filesystems
should be handled specially, for instance for tmpfs we... -
Christian Brauner14/09/2022, 13:25
Choose timezone
Your profile timezone:
