24-28 August 2020
US/Pacific timezone

FastFreeze: Unprivileged checkpoint/restore for containerized applications

24 Aug 2020, 07:45
Microconference1/Virtual-Room (LPC 2020)


LPC 2020

Containers and Checkpoint/Restore MC Containers and Checkpoint/Restore MC


Nicolas Viennot (Two Sigma)


CRIU is not easy to use for the average user. What to do with the file system? How and where to store images?

We developed an easy-to-use checkpoint/restore tool that uses the CRIU engine. It provides the following features:
It does not require root access to operate. Only an empty container (e.g. kubernetes) is required
Provides time virtualization, critical when migrating (java) applications across different machines
Provides CPUID virtualization, essential when migrating applications across an heterogeneous cluster
Handles file system checkpoint/restore
Fast image upload/download from Google Storage or AWS S3
Image compression
* Production metrics

The talk will do a overview of these different components, and present the current state of rootless CRIU.
I will be covering the introduction of a new kernel capability, CAP_CHECKPOINT_RESTORE, proposed by Adrian Reber.

The tool that I will be presenting will be open-sourced before the talk.

I agree to abide by the anti-harassment policy I agree

Primary author

Nicolas Viennot (Two Sigma)

Presentation Materials