Quoting Dan Smith (danms@xxxxxxxxxx): > When checkpointing a task tree with network namespaces, we hook into > do_checkpoint_ns() along with the others. Any devices in a given namespace > are checkpointed (including their peer, in the case of veth) sequentially. > Each network device stores a list of protocol addresses, as well as other > information, such as hardware address. > > This patch supports veth pairs, as well as the loopback adapter. The > loopback support is there to make sure that any additional addresses and > state (such as up/down) is copied to the loopback adapter that we are > given in the new network namespace. > > On restart, we instantiate new network namespaces and veth pairs as > necessary. Any device we encounter that isn't in a network namespace > that was checkpointed as part of a task is left in the namespace of the > restarting process. This will be the case for a veth half that exists > in the init netns to provide network access to a container. > > Still to do are: > > 1. Routes > 2. Netfilter rules > 3. IPv6 addresses > 4. Other virtual device types (e.g. bridges) > > Signed-off-by: Dan Smith <danms@xxxxxxxxxx> Cool - I don't see any issues in the patchset. Acked-by: Serge Hallyn <serue@xxxxxxxxxx> thanks, -serge _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
