The Docker Runc container lifecycle is described in detail

  • 2020-05-30 21:18:43
  • OfStack

Docker Runc container lifecycle

The life cycle of the container involves the internal program implementation and the user-oriented command line interface. runc internal container state transition operation, runc command parameter definition operation, docker client definition container operation are different, for example, docker client create,

The semantics are quite different from runc. This article analyzes the abstraction, internal implementation, and state transition diagram of runc's container lifecycle. Understanding runc's container state transitions is easier than understanding the semantics of the container operation commands provided by docker client.

Container lifecycle related interfaces

The most basic required interface
Start: initializes the container environment and starts an init process, or joins the namespace of the existing container and starts an setns process; Perform postStart hook; Blocked on the write side of the init pipe, the user signals the substitution to execute the actual command Exec: read the init pipeline to notify the init process or the setns process to continue execution Run: combination of Start + Exec Signal: signals the init process in the container Destroy: kill the process in cgroups, delete path corresponding to cgroups, and run hook of postStop other
Set: updates container configuration information, such as modifying cgroups resize, etc Config: gets configuration information for the container State: gets the status information of the container Status: gets the current running state of the container: created, running, pausing, paused, stopped Processes: returns a list of all processes in the container Stats: cgroups statistics in the container Specific functional interfaces are defined and implemented for the linux container
Pause: all processes in the free container Resume: all processes in the thaw container Checkpoint: criu checkpoint Restore: criu restore

The internal implementation of the interface

The interface of Start/Run/Exec is exposed to developers as a standard interface in different os environments. The internal implementation of the interface has many repetitive parts that can be unified, so the internal interface is actually more concise. Here, linux container is taken as an example
The internal implementation of Start/Run/Exec actually USES only the following two functions to distinguish between the init process that created the container and the init process that created the process by passing in flag(whether the container is in stopped state)
start: create the init process, if status == stopped, create and execute newInitProcess, otherwise create and execute newSetnsProcess, wait for the user to send the execution signal (wait on the pipe write side), and replace it with the user's command exec: read the pipeline and send the execution signal Start USES start directly Run actually USES start(doInit = true) first, then exec Exec actually USES start(doInit = false) first, then exec

The corresponding relationship between the command line parameters exposed by the user and the container interface, taking the linux container as an example

create - > Start(doInit = true) start - > Exec run - > Run(doInit = true) exec - > Run(doInit = false) kill - > Signal delete - > Signal and Destroy update - > Set state - > State events - > Stats ps - > Processes list linux specific
pause - > Pause resume - > Resume checkpoint - > Checkpoint restore - > Restore

The effect of the runc command line action sequence on the container state machine

For the lifetime of a container, there are four stable states: stopped, created, running, paused Note that the actions in the state transition diagram below are runc command-line parameter actions, not container interface actions, and restore states associated with checkpoint are not considered here

   delete
   |------|  /-------------------------------------------------------------|
   |   | /                  |----- start ---|     |
   |   V /                   |        |     |
  |---------| ----------- create ----------> |---------|<---------/     |
  | stopped |                | created |------------|    |
  |---------| <-------- delete(with kill)--- |---------|      |    |
   ^  ^                      |       |    |
   |  |                      |       |   run
   |  |--------------- delete(-f with kill) ---| exec      |    |
 delete(-f with kill)               |  |       |    |
   |                      |  |       |    |
   |           resume        |  V       |    |
  |---------| -----------------------------> |----------|      |    |
  | paused |                | running |<----------|-------|
  |---------| <---------------------------- |----------|      |
    ^           pause       ^    |      |
    |                    |    |      |
    |                    |--exec--|      |
    |                               |
    |--------------------------- pause ---------------------------|

Thank you for reading, I hope to help you, thank you for your support of this site!


Related articles: