Docker Runc Container life cycle
The lifecycle of a container involves internal program implementations and user-oriented command-line interfaces, Runc internal container state conversion operations, Runc command parameter definition operations, Docker client-defined container operations, such as for Docker client's create,
Semantics and Runc are completely different, and this article analyzes the abstract, internal implementation, and state transition diagrams of Runc's container lifecycle. It is easier to understand the runc of container state transitions and to understand the semantics of container manipulation commands provided by Docker client.
Container life cycle related interfaces
- The most basic required interface
- Start: Initialize the container environment and start an init process, or join the namespace of the existing container and start a setns process; execute the Poststart hook; Blocking the write end of the Init pipeline, the user sends a signal to replace the execution of the real command
- Exec: Read the Init pipeline, notify the INIT process or setns process to continue to execute
- Combination of Run:start + exec
- Signal: Signal to the INIT process in the container
- Destroy: Kill the process in cgroups, delete cgroups corresponding path, run Poststop hook
- Other
- Set: Update the configuration information for the container, such as modifying cgroups resize, etc.
- Config: Get configuration information for container
- State: Get status information for container
- Status: Gets the current running state of the container: Created, running, pausing, paused, stopped
- Processes: Returns a list of all processes within a container
- Stats: cgroups Statistical information in containers
- Defines and implements a unique functional interface for the Linux container
- All processes in the Pause:free container
- All processes within the Resume:thaw container
- Checkpoint:criu Checkpoint
- Restore:criu Restore
Implementation of interface in the interior
- For START/RUN/EXEC interfaces that are exposed to developers as standard interfaces in different OS environments, there are many overlapping parts of the interface's internal implementations that can be unified, so the internal interface is actually more concise, as illustrated by the Linux container example
- For start/run/exec, the internal implementation actually uses only the following two functions to differentiate between the INIT process that created the container or the INIT process that created the process by passing in the flag (whether the container is in the stopped state)
- Start: Create the Init process, if the status = = Stopped, then create and execute newinitprocess, otherwise create and execute newsetnsprocess, wait for the user to send an execution signal (wait on the pipe write end), replace it with the user's command
- EXEC: Read the pipe, send the execution signal
- Start directly using the start
- Run actually uses start first (Doinit = True), and then the exec
- EXEC actually first uses start (Doinit = False), and then exec
The corresponding relationship between the user-exposed command line parameters and the container interface, taking the Linux container as an example
- Create-> Start (Doinit = True)
- Start-> Exec
- Run-> run (Doinit = True)
- EXEC-> Run (Doinit = False)
- Kill-> Signal
- Delete-> Signal and Destroy
- Update-> Set
- State-> State
- Events-> Stats
- PS-> Processes
- List
- Linux Specific
- Pause-> Pause
- Resume-> Resume
- Checkpoint-> Checkpoint
- Restore-> Restore
The effect of the action sequence of the Runc command line on the container state machine
- For the life cycle of a container, there are 4 stable states: Stopped, created, running, paused
- Note that the action in the state transition diagram below is the Runc command-line parameter action, not the interface action of the container, and the checkpoint related restore state is not considered here
Delete |------|
/-------------------------------------------------------------| | | /|-----Start---|
| | V/| |
| |---------|
-----------Create----------> |---------|<---------/| | Stopped | | Created |------------|
| |---------| <--------Delete (with Kill)---|---------| |
| ^ ^ | |
| | | | | Run | |---------------Delete (-F with kill)---| exec |
| Delete (-F with Kill) | | |
| | | | |
| | Resume | V |
| |---------| -----------------------------> |----------| |
| | Paused | |
Running |<----------|-------| |---------| <----------------------------|----------|
| ^ Pause ^ |
| | | |
| | |--exec--|
| |
| |---------------------------Pause---------------------------|
Thank you for reading, I hope to help you, thank you for your support for this site!