Constraints

You need to fully understand the following constraints on the hardware, system, and applications when you deploy and use the Kbox cloud phone container.

Hardware Constraints

Contact Huawei engineers to obtain the GPU model for the Kbox cloud phone.
When the server is configured with GPUs or encoding cards, pay attention to the heat dissipation of components. You are advised to set the server fan modules to the high-performance mode using the iBMC.

System Constraints

The Kbox deliverable is a binary library component that cannot run independently. It does not provide reliability functions such as active/standby processes, active/standby database switchover, backup, and restoration for the cloud phone system. For commercial use, you need to harden the reliability. The Kbox deliverable does not ensure cloud phone system security, resilience, and privacy protection. You need to harden security, resilience, and privacy protection as well for commercial use.
The Kbox cloud phone supports only the native Android system. Based on your requirements, android-11.0.0_r48 is supported and the supported host OS version is openEuler 22.03 LTS SP1. When installing openEuler, access the Software Selection page, select Server as the base environment on the left pane, and select System Tools and Development Tools for installation on the right pane.
Defects of the native Android version are not involved in the Kbox cloud phone design scope and therefore not solved. The defects need to be solved or avoided in the Kbox basic cloud phone prototype based on ISVs' and customers' requirements.
Cloud phones use the container-based solution. GPU resources are shared among multiple containers and cannot be completely isolated. ISVs or customers can control the abnormal use of GPU resources by a single container through monitoring the video RAM usage of the corresponding process. Alternatively, use a trustlist to record apps that can be installed and a blocklist to disable apps that consume a large number of GPU resources, such as 3D mark. GPU faults may spread level by level (container -> graphics card -> OS). ISVs or customers should make recovery policies upon faults.
During the development, the Android source code may be modified to implement some necessary functions, which may affect the pass rate of CTS test cases. For details about the test cases, contact Huawei engineers.
The current version supports only Wi-Fi status emulation and does not support Wi-Fi settings or Wi-Fi search.
The current version does not support Bluetooth devices.

Application Constraints

For details about Android compatibility issues, see "Application Compatibility List" in the Kbox Cloud Phone Container Version Mapping.
The Android native launcher shortcuts (such as gallery, email, and browser) are not synchronized with application messages. For example, you open an application from the desktop shortcut, enter the initial screen, perform an operation, and then return to the home screen. However, when you enter the application again from the application drawer, the initial screen of the application is displayed.
The texture compression function converts Vulkan RGB/RGBA textures into compressed textures to reduce the GPU memory usage of applications. This function is disabled by default. To enable texture compression, perform the following steps:
- The setting of texture compression cannot be changed during application running. To enable it, exit the application first.
- The function does not support texture postprocessing. If postprocessing is applied, rendering exceptions may occur. In this case, you need to disable texture compression and restart the application.
On the server terminal interface, access the container using the following command. index indicates the container ID.
1
docker exec -it kbox_${index} sh
Call the setprop method to set the value of the current property. Value 1 indicates that texture compression is enabled, and 0 indicates that texture compression is disabled.
1
setprop vk.TextureSoftEncode 1

Others

Kbox implements cloud phones based on an enhanced container solution. Other virtualization solutions (such as QEMU, KVM, and Xen), containers (such as Docker), or cloud phones (such as Robox and Anbox) cannot be deployed on the server where Kbox is deployed.
When a Kbox cloud phone runs for a long time, it occupies a large amount of cache on the host. You are advised to run the following command to clear the cache periodically (for example, once a week).
1
echo 3 > /proc/sys/vm/drop_caches
Clearing the cache will temporarily affect the system performance. Therefore, you need to control the clearing period and granularity. You can run the free -g command to query the cache size.
- Clear the page cache.
  1
  echo 1 > /proc/sys/vm/drop_caches
- Clear kernel slab objects (including inode and dentry).
  1
  echo 2 > /proc/sys/vm/drop_caches
- Clear both the page cache and kernel slab objects.
  1
  echo 3 > /proc/sys/vm/drop_caches

Before compiling images, deploying the environment, configuring system properties, read Security Management carefully to ensure that all security risks in the solution are acceptable.
The host OS is not within the delivery scope of this solution. Therefore, security hardening measures related to the OS need to be implemented by you or the independent software vendor (ISV). This document does not provide related descriptions.
To quickly deploy the Kbox container solution, the root permission is used by default to call scripts. The scripts of the Kbox container solution are for reference only, and no commercial commitment is made. To minimize OS security risks, it is recommended that you or the ISV implement defense measures such as file access control and minimum authorization in commercial deployment scenarios.
When performing operations based on this document, configure appropriate permissions on the uploaded files and directories. You are advised not to configure the write permission for other user groups.

Parent topic: Feature Description