#!/bin/bash
set -eux
ls -la
echo "Load additional SELinux policy for checkpointing"
# Add missing selinux policy
cat << EOF > criu.te
module criu 1.0;
require {
type container_t;
type container_var_lib_t;
type sysctl_kernel_ns_last_pid_t;
class file { append write };
}
allow container_t sysctl_kernel_ns_last_pid_t:file write;
allow container_t container_var_lib_t:file append;
EOF
cat criu.te
checkmodule -M -m criu.te -o criu.mod
semodule_package -o criu.pp -m criu.mod
#semodule -i criu.pp
echo "Start container with tomcat"
podman --log-level debug run --tmpfs /tmp --tmpfs /usr/local/tomcat/logs -d docker://docker.io/yovfiatbeb/podman-criu-test
echo "See which containers are running"
podman ps
# tomcat needs some time to start up
echo "Wait 15 seconds for tomcat to start"
sleep 15
echo "Connect to tomcat in the container"
curl `podman inspect -l | jq -r '.[0].NetworkSettings.IPAddress'`:8080/examples/servlets/servlet/HelloWorldExample -v
echo "Checkpoint container"
podman --log-level debug container checkpoint -l
podman ps -a
echo "Restore container"
podman --log-level debug container restore -l
podman ps -a
echo "Check if we can connect to the restored container"
curl `podman inspect -l | jq -r '.[0].NetworkSettings.IPAddress'`:8080/examples/servlets/servlet/HelloWorldExample -v
ls -la
echo test