Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Creating a Docker Container

Install KAE, virtualize devices, configure resource constraints, and create a Docker container.

  1. Install KAE. For details, see Installing KAE.

    After the installation, perform the subsequent operations to create a Docker container.

  2. Virtualize existing devices into more devices as required.
    1. Check the current device. 
      1
      		 
      ls /dev

    2. Virtualize the three drivers (hisi_sec2, hisi_hpre, and hisi_zip) into three new devices, respectively. 
      1
2
3
      		 
      echo 1 > /sys/bus/pci/drivers/hisi_sec2/0000:76:00.0/sriov_numvfs
echo 1 > /sys/bus/pci/drivers/hisi_hpre/0000:79:00.0/sriov_numvfs
echo 1 > /sys/bus/pci/drivers/hisi_zip/0000:75:00.0/sriov_numvfs

      In this example, only one Docker container is to be created. Therefore, one driver is virtualized into one device. If multiple Docker containers are to be created, one driver can be virtualized into multiple devices.

    3. Check the current devices again. 
      1
      		 
      ls /dev

      New devices such as hisi_sec2-6, hisi_hpre-7, and hisi_zip-8 are created.

  3. Create a Docker container based on the devices virtualized in 2 and access the container.
    1
    		 
    docker run -d -it --cpus=4 --cpuset-cpus=20-23 --cpuset-mems=1 -m 16g --name 4c16g-nginx-kae -v /usr/:/usr -v /home/:/home/ --device=/dev/hisi_sec2-6:/dev/hisi_sec2-6:rwm --device=/dev/hpre7:/dev/hpre7:rwm --device=/dev/hisi_zip-8:/dev/hisi_zip-8:rwm --network host --privileged=true openeuler-22.03-lts-sp1 /bin/bash

    Parameters in the command are described as follows:

    • -d: allows the container running in the background.
    • -i: enables the standard input of the container as always.
    • --cpuset-cpus: specifies the CPU cores on which the container runs.
    • -m: specifies the maximum memory used by the container.
    • -t: enables Docker to allocate a pseudo terminal and bind it to the standard input of the container.
    • -v: mounts the host machine directory to the image. The directory before the colon (:) is the host machine directory, which must be an absolute path. The directory after the colon (:) is the mount path in the image.
    • --device: specifies the host machine devices used by the container. The value before the colon (:) indicates the VF device created on the host. The value after the colon (:) indicates the directory in the container. r, w, m indicates that the container has the permission to read, write, and create files on the device.
    • openeuler-22.03-lts-sp1: Docker image (or image ID) that is used. You can run the docker images command to check the available Docker images on the current host.