Provided by: podman_5.0.3+ds1-5ubuntu1_amd64 bug

NAME

       podman-container-checkpoint - Checkpoint one or more running containers

SYNOPSIS

       podman container checkpoint [options] container [container ...]

DESCRIPTION

       podman  container  checkpoint  checkpoints  all the processes in one or more containers. A
       container can be restored from a checkpoint with podman-container-restore.  The  container
       IDs or names are used as input.

       IMPORTANT:  If  the  container  is using systemd as entrypoint checkpointing the container
       might not be possible.

OPTIONS

   --all, -a
       Checkpoint all running containers.
       The default is false.
       IMPORTANT: This OPTION does not need a container name or ID as input argument.

   --compress, -c=zstd | none | gzip
       Specify the compression algorithm  used  for  the  checkpoint  archive  created  with  the
       --export, -e OPTION. Possible algorithms are zstd, none and gzip.
       One  possible  reason to use none is to enable faster creation of checkpoint archives. Not
       compressing the checkpoint archive can result in faster checkpoint archive creation.
       The default is zstd.

   --create-image=image
       Create a checkpoint image from a running container. This is a standard OCI  image  created
       in  the  local  image  store.  It  consists  of  a  single  layer that contains all of the
       checkpoint files. The content of this image layer is in the same format  as  a  checkpoint
       created  with  --export. A checkpoint image can be pushed to a standard container registry
       and pulled on a different system to enable container migration. In addition, the image can
       be  exported  with  podman  image  save  and  inspected  with podman inspect. Inspecting a
       checkpoint image displays additional information, stored as annotations,  about  the  host
       environment used to do the checkpoint:

              • io.podman.annotations.checkpoint.name:   Human-readable   name  of  the  original
                container.

              • io.podman.annotations.checkpoint.rawImageName: Unprocessed name of the image used
                to create the original container (as specified by the user).

              • io.podman.annotations.checkpoint.rootfsImageID:  ID  of  the image used to create
                the original container.

              • io.podman.annotations.checkpoint.rootfsImageName: Image name used to  create  the
                original container.

              • io.podman.annotations.checkpoint.podman.version: Version of Podman used to create
                the checkpoint.

              • io.podman.annotations.checkpoint.criu.version: Version of CRIU used to create the
                checkpoint.

              • io.podman.annotations.checkpoint.runtime.name:  Container  runtime  (e.g.,  runc,
                crun) used to create the checkpoint.

              • io.podman.annotations.checkpoint.runtime.version:  Version   of   the   container
                runtime used to create the checkpoint.

              • io.podman.annotations.checkpoint.conmon.version:  Version of conmon used with the
                original container.

              • io.podman.annotations.checkpoint.host.arch: CPU architecture of the host on which
                the checkpoint was created.

              • io.podman.annotations.checkpoint.host.kernel: Version of Linux kernel of the host
                where the checkpoint was created.

              • io.podman.annotations.checkpoint.cgroups.version: cgroup version used by the host
                where the checkpoint was created.

              • io.podman.annotations.checkpoint.distribution.version:     Version     of    host
                distribution on which the checkpoint was created.

              • io.podman.annotations.checkpoint.distribution.name: Name of host distribution  on
                which the checkpoint was created.

   --export, -e=archive
       Export  the checkpoint to a tar.gz file. The exported checkpoint can be used to import the
       container on another system and thus enabling container live  migration.  This  checkpoint
       archive  also  includes all changes to the container's root file-system, if not explicitly
       disabled using --ignore-rootfs.

   --file-locks
       Checkpoint a container with file locks. If an application  running  in  the  container  is
       using  file  locks,  this  OPTION  is  required  during  checkpoint and restore. Otherwise
       checkpointing containers with file locks is expected to fail. If file locks are not  used,
       this option is ignored.
       The default is false.

   --ignore-rootfs
       If  a  checkpoint  is  exported to a tar.gz file it is possible with the help of --ignore-
       rootfs to explicitly disable including changes to the root file-system into the checkpoint
       archive file.
       The default is false.
       IMPORTANT: This OPTION only works in combination with --export, -e.

   --ignore-volumes
       This OPTION must be used in combination with the --export, -e OPTION.  When this OPTION is
       specified, the content of volumes associated with the container is not included  into  the
       checkpoint tar.gz file.
       The default is false.

   --keep, -k
       Keep  all  temporary  log and statistics files created by CRIU during checkpointing. These
       files are not deleted if checkpointing  fails  for  further  debugging.  If  checkpointing
       succeeds  these  files  are theoretically not needed, but if these files are needed Podman
       can keep the files for further analysis.
       The default is false.

   --latest, -l
       Instead of providing the container ID or name, use the last created container. The default
       is  false.   IMPORTANT:  This  OPTION  is  not  available  with  the remote Podman client,
       including Mac and Windows (excluding WSL2) machines. This OPTION does not need a container
       name or ID as input argument.

   --leave-running, -R
       Leave the container running after checkpointing instead of stopping it.
       The default is false.

   --pre-checkpoint, -P
       Dump  the  container's  memory  information  only,  leaving  the  container running. Later
       operations supersedes prior dumps. It only works on runc 1.0-rc3 or higher.
       The default is false.

       The functionality to only  checkpoint  the  memory  of  the  container  and  in  a  second
       checkpoint  only  write out the memory pages which have changed since the first checkpoint
       relies on the Linux kernel's soft-dirty bit, which is not available on all systems  as  it
       depends  on  the  system  architecture  and  the configuration of the Linux kernel. Podman
       verifies if the current system supports this functionality and  return  an  error  if  the
       current system does not support it.

   --print-stats
       Print  out  statistics  about  checkpointing the container(s). The output is rendered in a
       JSON array and contains information about how much time  different  checkpoint  operations
       required. Many of the checkpoint statistics are created by CRIU and just passed through to
       Podman. The following information is provided in the JSON array:

              • podman_checkpoint_duration: Overall time (in microseconds) needed to  create  all
                checkpoints.

              • runtime_checkpoint_duration:  Time (in microseconds) the container runtime needed
                to create the checkpoint.

              • freezing_time: Time (in microseconds) CRIU needed to pause (freeze) all processes
                in the container (measured by CRIU).

              • frozen_time:  Time  (in  microseconds) all processes in the container were paused
                (measured by CRIU).

              • memdump_time: Time (in microseconds) needed to extract all required memory  pages
                from all container processes (measured by CRIU).

              • memwrite_time:  Time  (in microseconds) needed to write all required memory pages
                to the corresponding checkpoint image files (measured by CRIU).

              • pages_scanned: Number of memory pages scanned to determine if  they  need  to  be
                checkpointed (measured by CRIU).

              • pages_written:  Number  of  memory pages actually written to the checkpoint image
                files (measured by CRIU).

       The default is false.

   --tcp-established
       Checkpoint a container with established TCP connections. If the checkpoint image  contains
       established  TCP  connections,  this  OPTION  is  required during restore. Defaults to not
       checkpointing containers with established TCP connections.
       The default is false.

   --with-previous
       Check out the container with previous criu image files in pre-dump. It only works on  runc
       1.0-rc3 or higher.
       The default is false.
       IMPORTANT: This OPTION is not available with --pre-checkpoint.

       This  option  requires  that  the option --pre-checkpoint has been used before on the same
       container. Without an existing pre-checkpoint, this option fails.

       Also see --pre-checkpoint for additional information about  --pre-checkpoint  availability
       on different systems.

EXAMPLES

       Make a checkpoint for the container "mywebserver".

       # podman container checkpoint mywebserver

       Create a checkpoint image for the container "mywebserver".

       # podman container checkpoint --create-image mywebserver-checkpoint-1 mywebserver

       Dumps the container's memory information of the latest container into an archive.

       # podman container checkpoint -P -e pre-checkpoint.tar.gz -l

       Keep  the  container's  memory  information from an older dump and add the new container's
       memory information.

       # podman container checkpoint --with-previous -e checkpoint.tar.gz -l

       Dump the container's memory information of the latest container into an archive  with  the
       specified compress method.

       # podman container checkpoint -l --compress=none --export=dump.tar
       # podman container checkpoint -l --compress=gzip --export=dump.tar.gz

SEE ALSO

       podman(1), podman-container-restore(1), criu(8)

HISTORY

       September    2018,    Originally    compiled    by    Adrian    Reber    areber@redhat.commailto:areber@redhat.compodman-container-checkpoint(1)