Sandbox and Demo Environment

Welcome! Thank you for taking the time to play around with Cedana. We’ve deployed a test cluster for you to play with, at sandbox.cedana.ai. You can interact and experiment with the system using the instructions below!

When running Cedana against an EKS cluster, ensure that cgroupsv2 is being used by your container runtime and is installed on your AMI. Checkpoint/Restore will not work otherwise.

Trying out our Checkpoint/Restore Service

You can very quickly start playing with our checkpoint/restore service if you have a Kubernetes cluster you can access. If you don’t, you can run a local k3d instance (which effectively simulates Kubernetes locally) and attach to that.

In order to get started, a Service Account needs to get created for Cedana to be able to deploy the Cedana Binary onto your instances.

kubectl -n kube-system create serviceaccount <service-account-name>

Now create a cluster role binding for the service account and make it cluster-admin:

kubectl create clusterrolebinding <binding-name> --clusterrole=cluster-admin --serviceaccount=kube-system:<service-account-name>

We now need to obtain an auth token, start by applying the following secret:

apiVersion: v1
kind: Secret
metadata:
  name: <kubeconfig-sa-token-name>
  namespace: kube-system
  annotations:
    kubernetes.io/service-account.name: <service-account-name>
type: kubernetes.io/service-account-token

We can now obtain the data needed to hit Cedana's attach to kubernetes endpoint. The following command returns the service account token:

kubectl describe secrets <kubeconfig-sa-token-name> -n kube-system

We also need the certificate of authority:

kubectl get secret test-sa-token -n kube-system -o jsonpath='{.data.ca\.crt}'

We can now hit the attach to kubernetes endpoint and deploy Cedana to your kubernetes cluster:

curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -d '{
    "server": "your_cluster_server_url",
    "token": "your_token_value",
    "cert": "your_cert_value"
  }' https://sandbox.cedana.ai/kubernetes/attach

Once Cedana is attached, a CustomResourceDefinition called Cedana and a Kubernetes Operator called Cedana_Controller are deployed to your kube cluster. You can now create an instance of the Cedana resource and conduct checkpoint and restore of containers in your cluster. The Cedana_Controller pod also containers a rest service with the following endpoints:

Cedana Rest Service: Checkpoint and Restore

The Cedana Rest Service provides a REST API for checkpointing and restoring containers in your Kubernetes cluster. The API runs concurrently with the Cedana Controller. Below are curl commands illustrating the schema of the API. All curls are using the in-cluster ip of the cedanacontroller pod. In order to do out of cluster checkpoint and restore, you would have to expose the pod and create an external ip address with kubernetes services.

List Containers in Namespace

GET /list/:namespace

List containers in a specific namespace by querying Kubernetes pods with specific labels.

Response

  • Returns JSON array containing a list of containers in the specified namespace.

Checkpoint

Initiate a checkpoint for a container:

curl -X POST -H "Content-Type: application/json" -d '{
  "sandbox_id": "sandbox_id",
  "container_name": "container_name",
  "namespace": "namespace"
}' http://<CONTROLLER_CLUSTER_IP>/checkpoint

Argument:

  • sandbox_id: Identifier for the sandbox.

  • container_name: Name of the container to checkpoint.

  • namespace: Namespace in which the container resides.

Response:

  • checkpoint_id: A uuid that is associated with the checkpoint, used for restore.

Restore

Restore a container from a checkpoint:

curl -X POST -H "Content-Type: application/json" -d '{
  "sandbox_id": "sandbox_id",
  "container_name": "container_name",
  "namespace": "namespace",
  "checkpoint_id": "checkpoint_id"
}' http://<CONTROLLER_CLUSTER_IP>/restore

Argument:

  • sandbox_id: Identifier for the sandbox.

  • container_name: Name of the container to restore.

  • namespace: Namespace in which the container resides.

  • checkpoint_id: Identifier for the checkpoint to restore.

Response:

  • Status Code: 200 OK

Checkpoint and Restore with Cedana Resource

In order to conduct a checkpoint and restore via a Cedana resource, you can POST a Cedana command to the Cedana Kind endpoint with the method field set to "checkpoint" and this will create a new Cedana resource and conduct a checkpoint.

All fields and arguments reside in the Cedana resource definition and includes validation. You can also conduct checkpoint and restore via kubectl by applying the Cedana resource as a yaml.

Last updated