CN112925581A - Method and device for starting DPDK container and electronic equipment - Google Patents
Method and device for starting DPDK container and electronic equipment Download PDFInfo
- Publication number
- CN112925581A CN112925581A CN202110196718.2A CN202110196718A CN112925581A CN 112925581 A CN112925581 A CN 112925581A CN 202110196718 A CN202110196718 A CN 202110196718A CN 112925581 A CN112925581 A CN 112925581A
- Authority
- CN
- China
- Prior art keywords
- dpdk
- container
- containers
- virtual network
- starting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 105
- 238000011161 development Methods 0.000 claims abstract description 11
- 238000004891 communication Methods 0.000 claims description 19
- 238000005516 engineering process Methods 0.000 claims description 18
- 238000002955 isolation Methods 0.000 claims description 14
- 238000009434 installation Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 7
- 230000003213 activating effect Effects 0.000 claims description 5
- 230000002093 peripheral effect Effects 0.000 claims description 4
- 230000008569 process Effects 0.000 abstract description 52
- 230000008901 benefit Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000015556 catabolic process Effects 0.000 description 2
- 238000006731 degradation reaction Methods 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44505—Configuring for program initiating, e.g. using registry, configuration files
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45595—Network integration; Enabling network access in virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides a method and a device for starting a DPDK container and electronic equipment, and relates to the technical field of Internet. The method comprises the following steps: acquiring a first number M of DPDK containers of a data plane development kit, wherein M is a positive integer; determining a second quantity of the required virtual network cards according to the first quantity, and virtualizing the physical network cards into the virtual network cards of the second quantity; configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers; and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers. According to the scheme, the flow of each DPDK process is independent, only the message belonging to the current DPDK process is received and sent, when a problem occurs in a certain process, the current process is only affected, other processes are not affected, and the stability of the whole machine is improved.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method and a device for starting a DPDK container and electronic equipment.
Background
In recent years, with the popularization of a technology of Data Plane Development Kit (DPDK) for transceiving Data messages to bypass a Linux KERNEL protocol stack kernelby PASS and the huge performance benefits brought BY the technology, the DPDK is more and more apt to be used for optimizing Input/Output (IO) intensive applications. While the application based on DPDK is very different from the application based on the conventional Linux protocol stack. The DPDK application generally needs to monopolize a physical machine, which is mainly because the entire process of the DPDK is in a user state and is easily interfered by other processes, thereby causing packet loss. While the use of DPDK improves overall yield, exclusive use of the machine means a reduction in hardware utilization. And the DPDK application needs to monopolize at least one physical network card, which means that if the DPDK application crashes, the network is disconnected, the stability of the whole machine will be deteriorated, and great challenges are brought to the application of the DPDK.
Disclosure of Invention
The invention provides a method and a device for starting a DPDK container and electronic equipment, which are used for solving the problems that the whole process of the DPDK in the prior art is in a user state, is easily interfered by other processes, and is easy to cause poor stability of the whole machine to a certain extent.
In a first aspect of the present invention, a method for starting a DPDK container is provided, where the method includes:
acquiring a first number M of DPDK containers of a data plane development kit, wherein M is a positive integer;
determining a second quantity of the required virtual network cards according to the first quantity, and virtualizing the physical network cards into the virtual network cards of the second quantity;
configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers;
and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
In a second aspect of the present invention, there is provided a DPDK container activating apparatus, including:
the device comprises a first obtaining module, a second obtaining module and a control module, wherein the first obtaining module is used for obtaining a first number M of DPDK containers, and M is a positive integer;
the first processing module is used for determining a second quantity of the required virtual network cards according to the first quantity and virtualizing the physical network cards into the virtual network cards of the second quantity;
the first configuration module is used for configuring a virtual network card for each DPDK container in the M DPDK containers to obtain M target DPDK containers;
and the first starting module is used for starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
In a third aspect of the present invention, there is also provided an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing the steps in the DPDK container starting method when executing the program stored in the memory.
In a fourth aspect implemented by the present invention, there is also provided a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the method for booting a DPDK container as described above.
In a fifth aspect of the embodiments of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the method for booting a DPDK container as described above.
Aiming at the prior art, the invention has the following advantages:
in the embodiment of the invention, by acquiring the first number M of DPDK containers of the data plane development kit, determining the second number of required virtual network cards according to the first number, and virtualizing the physical network card into the virtual network cards with the second number, the virtual network cards can ensure that the flow received by each process is own, and performance loss caused by flow forwarding of other processes cannot be generated additionally; and configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers, and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments will be briefly described below.
Fig. 1 is a flowchart of a method for starting a DPDK container according to an embodiment of the present invention;
FIG. 2 is a block diagram of a physical machine according to an embodiment of the present invention;
fig. 3 is a block diagram of a starting apparatus of a DPDK container according to an embodiment of the present invention;
fig. 4 is a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms first, second and the like in the description and in the claims of the present application are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that embodiments of the application may be practiced in sequences other than those illustrated or described herein, and that the terms "first," "second," and the like are generally used herein in a generic sense and do not limit the number of terms, e.g., the first term can be one or more than one. In addition, "and/or" in the specification and claims means at least one of connected objects, a character "/" generally means that a preceding and succeeding related objects are in an "or" relationship.
Specifically, as shown in fig. 1, an embodiment of the present invention provides a method for starting a DPDK container, where the method is adapted to multiple scenarios, and is mainly applied to a physical machine, so as to facilitate rapid transformation of traditional network IO intensive applications into DPDK applications, and moreover, the DPDK and container technologies are combined to facilitate seamless access to a container scheduling system Kubernetes.
In the case that the above method is applied to a physical machine, the method specifically includes the steps of:
In step 101, the physical machine acquires a first number of DPDK containers to be deployed, where the first number may be denoted by M, and M is a positive integer greater than or equal to 1. If a physical machine needs to deploy a first number (i.e., M) of DPDK containers, M DPDK containers need to be installed in the physical machine. The DPDK represents a high-performance network IO forwarding library developed by Intel.
And step 102, determining a second quantity of the required virtual network cards according to the first quantity, and virtualizing the physical network cards into the virtual network cards of the second quantity.
In step 102, the physical machine may obtain, according to the first number of DPDK containers, the second number of virtual network cards (i.e., virtualization network cards) required in the physical machine, and after determining the second number of virtual network cards, the physical machine may virtualize the physical network cards in the physical machine out of the virtual network cards of the second number according to the second number, and using the virtual network cards may ensure that the traffic received by each process is own, so that performance loss caused by traffic forwarding of other processes may not be additionally generated.
Further, if the physical machine needs to deploy M DPDK containers, the physical machine needs M virtual network cards. After the second number of the virtual network cards is determined to be M, the physical machine can virtualize the physical network cards in the physical machine into M virtual network cards according to the second number M.
In step 103, after determining the first number of DPDK containers and the second number of virtual network cards, the physical machine allocates one virtual network card to each DPDK container, in other words, each DPDK container in the M DPDK containers is allocated one virtual network card.
And step 104, starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
In step 104, for each DPDK container in the M DPDK containers, according to the start parameters of the DPDK container, the target DPDK container corresponding to the DPDK container may be started, and since the traffic of each DPDK process is independent, only the packet belonging to the current DPDK process is received and sent, when a problem occurs in a certain process, only the current process is affected, and no influence is generated on other processes, so that the stability of the entire DPDK container is improved.
The specific structure of the physical machine is described below by a specific embodiment:
as shown in fig. 2, the physical machine 21 includes a physical network card 216, and the physical machine 21 is communicatively connected to the switch 22 through the physical network card 216. The first number M of DPDK containers may be obtained through the above step 101, for example: m is 4, i.e., a first DPDK container 211, a second DPDK container 212, a third DPDK container 213, and a fourth DPDK container 214 need to be deployed in the physical machine. According to step 102, it can be known that the second number of the virtual network cards is 4, and the physical network card 216 virtualizes 4 virtual network cards, where the virtualized four virtual network cards are: a first virtual network card 2111, a second virtual network card 2121, a third virtual network card 2131, and a fourth virtual network card 2141. According to step 103, the first virtual network card 2111 may be allocated to the first DPDK container 211, the second virtual network card 2121 may be allocated to the second DPDK container 212, the third virtual network card 2131 may be allocated to the third DPDK container 213, and the fourth virtual network card 2141 may be allocated to the fourth DPDK container 214, so as to obtain four target DPDK containers.
In the above embodiment of the present invention, by obtaining the first number M of DPDK containers in the data plane development kit, determining the second number of virtual network cards required according to the first number, and virtualizing the physical network card into the virtual network cards of the second number, it can be ensured that the traffic received by each process is own by using the virtual network cards, and performance loss caused by traffic forwarding of other processes is not additionally generated; and configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers, and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
Optionally, the step 102 determines a second number of the required virtual network cards according to the first number, and virtualizes the physical network card into the virtual network cards of the second number, which may specifically include the following steps:
determining a second number of the required virtual network cards according to the first number;
and virtualizing the physical network cards into the virtual network cards of the second quantity by a network card Virtualization technology (SR-IOV) according to the second quantity.
In the above embodiment, the physical machine may know the second number of virtual network cards (i.e. virtualized network cards) required in the physical machine according to the first number of DPDK containers, after determining the second number of virtual network cards, the physical machine virtualizes the physical network cards in the physical machine into the second number of virtual network cards by using SR-IOV technology according to the second number, SR-IOV virtualizes the physical network cards into a plurality of virtual network cards, each virtual network card has its own independent Media Access Control Address (MAC), DPDK multiprocess can make each process take over one independent virtual network card, compared with the prior art using virtual network cards, the method and the device can ensure that the flow received by each process is own, cannot additionally generate performance loss caused by flow forwarding of other processes, and solve the problem of performance reduction of DPDK cross-process forwarding in the prior art. Moreover, after the SR-IOV is used for virtualizing the virtual network card, because the flow of each DPDK process is independent, only the message belonging to the current DPDK process is received and sent, when a certain process goes wrong, only the current process is affected, no influence is caused to other processes, and the problem of poor stability of the DPDK multi-process in the prior art is solved.
Optionally, after acquiring the first number M of DPDK containers in step 101, the method may further include the following steps:
determining a third number of Central Processing Units (CPUs) to be isolated according to the first number;
and isolating the third quantity of CPUs by adopting a CPU isolation technology according to the third quantity.
In the above embodiment, the physical machine may obtain the third number of CPUs required to be isolated in the physical machine according to the first number of DPDK containers, and after determining the third number of CPUs required to be isolated, the physical machine isolates the third number of CPUs according to the third number by using a CPU isolation technology, that is, according to the third number, the physical machine isolates the CPU in which each DPDK container is located by using a CPU isolation technology. As shown in fig. 2, in order to make the machine fully utilize the redundant CPU resources in the DPDK environment, other applications may be deployed in a mixed manner, and by using the SR-IOV technology and the CPU isolation technology, the DPDK application and the legacy application 215 may be completely isolated, thereby ensuring that the DPDK application and the legacy application 215 coexist in the same machine harmoniously. The CPU isolation is mainly to fixedly allocate some CPUs to DPDK containers, and then the conventional application 215 is not scheduled on the CPU where the DPDK application is located, thereby affecting the DPDK application in each DPDK container.
Optionally, the step 103 configures one virtual network card for each DPDK container in the M DPDK containers to obtain M target DPDK containers, and specifically includes the following steps:
configuring a virtual network card for each DPDK container in M DPDK containers;
acquiring a Peripheral Component Interconnect (PCI) address of a virtual network card configured for each DPDK container through a first interface;
configuring a virtual network card white list parameter of an application program in each DPDK container according to the PCI address of the virtual network card configured in each DPDK container;
and obtaining a corresponding target DPDK container according to each DPDK container and the virtual network card white list parameters of the application programs in the DPDK container.
In the above embodiment, after determining the first number of DPDK containers and the second number of virtual network cards, for each DPDK container, the physical machine allocates one virtual network card for each DPDK container, and acquires a PCI address of the virtual network card through the first interface, which may be denoted as: and VF _ PCI. The first interface may be a Linux proc interface, and the Linux proc interface is a virtual file operating system interface through which communication between a Linux kernel space and a user space may be performed. In addition, the physical machine configures, according to the PCI address of the virtual network card configured in each DPDK container, a whitelist parameter PCI-whitelist of the virtual network card of the application program in each DPDK container is configured to be VF _ PCI, which may be written as: the DPDK _ PCI _ WHITELIST, where the virtual network card white list parameter is used for the DPDK application to identify the virtual network card that needs to be taken over, that is, the DPDK application can identify the corresponding virtual network card through the virtual network card white list parameter.
Optionally, before the step 104 starts the corresponding target DPDK container according to the start parameter of each DPDK container in the M DPDK containers, the method may further include the following steps:
and configuring corresponding starting parameters for each DPDK container in the M DPDK containers.
In the above embodiment, for each DPDK container, the physical machine configures the corresponding start parameter for each DPDK container, so as to start the target DPDK container corresponding to each DPDK container.
Further, the step of configuring the corresponding start parameter for each DPDK container in the M DPDK containers may specifically include the following steps:
configuring a container installation mirror image for each DPDK container;
configuring an IP address for each DPDK container;
configuring an isolated CPU for each DPDK container;
configuring a network mode starting parameter for each DPDK container;
and configuring isolation parameters of the application programs in each DPDK container.
In the configuration step of the starting parameters, aiming at each DPDK container, a physical machine installs a mirror IMAGE IMAGE for the DPDK container configuration container; for each DPDK container, the physical machine configures an independent IP address capable of communicating with the outside for the DPDK container, which can be written as: IP _ ADDR; for each DPDK container, the physical machine configures an isolated CPU for the DPDK container, which may be written as: CPU _ NR; for each DPDK container, the physical machine configures a network mode start parameter for the DPDK container, which may be written as: NETWORK _ MODE, the NETWORK MODE starting parameter is used for completely isolating the NETWORK environment of DPDK container and physical machine, the virtual NETWORK card and physical NETWORK card used by DPDK process do not influence each other, under the condition that DPDK process is crashed or stopped, other applications can still communicate with the outside normally through physical NETWORK card, thus solving the problem of difficult operation and maintenance caused by the crash of DPDK application in the prior art.
Moreover, for each DPDK container, the physical machine configures an isolation parameter file-prefix of an application program for the DPDK container, which may be written as: the DPDK _ ISOLATE is used to ISOLATE memory resources between DPDK applications in different DPDK containers.
It should be noted that the configuration time of the above start-up parameters is not limited in sequence, and all the parameters may be configured at the same time, or different start-up parameters may be configured at different times.
Optionally, the method may further include the steps of:
installing a containerization tool;
in the step of configuring a container installation mirror image for each DPDK container, the container installation mirror image is configured by the container chemical tool.
In the above embodiment, the physical machine installs the container loader, and the container loader is used to configure a container installation mirror image for the DPDK application.
Optionally, after acquiring the first number M of DPDK containers in step 101, the method may further include the following steps:
determining a fourth quantity of the memory blocks required to be configured according to the first quantity;
and obtaining the required total capacity of the memory according to the fourth quantity and the capacity of the memory block required by each DPDK container.
In the above embodiment, the physical machine may obtain, according to the first number of DPDK containers, the fourth number of memory blocks required in the physical machine, that is, the number of large-page memory blocks to be allocated; if the memory block capacity of the large-page memory block required by one DPDK container is SIZE, the total required large-page memory SIZE (i.e., total memory capacity) can be obtained by calculation as a value of M × SIZE, and the total required large-page memory (i.e., total memory capacity) is obtained through the Linux proc interface.
Optionally, before the step 104 starts the corresponding target DPDK container according to the start parameter of each DPDK container in the M DPDK containers, the method may further include the following steps:
a first drive required for installing the DPDK container;
and binding the virtual network card configured for each DPDK container with the first drive.
In the above embodiment, before starting the target DPDK container, the physical machine needs to install a first driver IGB _ UIO driver required by the DPDK container, where the driver is a shared driver, and a virtual network card configured in the DPDK container may be bound to the driver by using a DPDK development kit self-contained tool DEV _ BIND.
In addition, the physical machine can also be provided with a second driver RTE _ KNI driver, and the RTE _ KNI driver can be installed by using a kernel multithreading mode; after the target DPDK containers are started, the virtual network card configured in each DPDK container is automatically connected with the second driver, so that the kernel protocol stack and the DPDK application are communicated.
Optionally, the step 104 starts the corresponding target DPDK container according to the starting parameter of each DPDK container in the M DPDK containers, and specifically includes the following contents:
and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers and the first drive.
In the above embodiment, after the physical machine configures the boot parameters of each DPDK container and binds the virtual network card configured for each DPDK container to the first drive, the physical machine may boot the target DPDK container corresponding to each DPDK container through the DOCKER according to the boot parameters and the first drive, so that the target DPDK container is in a working state.
In summary, in the embodiments of the present invention, the SR-IOV is adopted to virtualize the physical network card into a plurality of virtual network cards, each virtual network card has an independent MAC address, and the DPDK multiprocess enables each process to take over an independent virtual network card, so that it can be ensured that the traffic received by each process is own, and performance loss caused by traffic forwarding of other processes is not additionally generated, and the DPDK application does not need to monopolize a machine, thereby saving the use cost of the machine, improving the performance of a single-process CPU, and solving the problem of performance degradation of the DPDK cross-process forwarding in the prior art; moreover, after the SR-IOV is used for virtualizing the virtual network card, because the flow of each DPDK process is independent, only the message belonging to the current DPDK process is received and sent, when a certain process goes wrong, only the current process is affected, no influence is caused to other processes, and the problem of poor stability of the DPDK multi-process in the prior art is solved; moreover, by combining the SR-IOV technology and the CPU isolation technology, the DPDK application and the traditional application can be completely isolated, the DPDK application and the traditional application are ensured to coexist in the same machine harmoniously, the network environment of a DPDK container and a physical machine which are parameter complete isolators is started through a network mode, a virtual network card and a physical network card which are used by a DPDK process are not influenced by each other, other applications can still normally communicate with the outside through the physical network card under the condition that the DPDK process is crashed or stopped, and the problem of operation and maintenance difficulty caused by the crash of the DPDK application in the prior art is solved.
As shown in fig. 3, an apparatus 300 for activating a DPDK container according to an embodiment of the present invention includes:
a first obtaining module 301, configured to obtain a first number M of DPDK containers, where M is a positive integer;
the first processing module 302 is configured to determine a second number of the required virtual network cards according to the first number, and virtualize the physical network card into the virtual network cards of the second number;
a first configuration module 303, configured to configure a virtual network card for each DPDK container in the M DPDK containers, to obtain M target DPDK containers;
a first starting module 304, configured to start a corresponding target DPDK container according to a starting parameter of each DPDK container in the M DPDK containers.
In the above embodiment of the present invention, by obtaining the first number M of DPDK containers in the data plane development kit, determining the second number of virtual network cards required according to the first number, and virtualizing the physical network card into the virtual network cards of the second number, it can be ensured that the traffic received by each process is own by using the virtual network cards, and performance loss caused by traffic forwarding of other processes is not additionally generated; and configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers, and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
Optionally, the first processing module 302 includes:
the first determining unit is used for determining the second number of the required virtual network cards according to the first number;
and the first processing unit is used for virtualizing the physical network cards into the virtual network cards of the second quantity through a network card virtualization technology SR-IOV according to the second quantity.
Optionally, after the first obtaining module 301, the apparatus further includes:
the first determining module is used for determining the third number of the Central Processing Units (CPUs) needing to be isolated according to the first number;
and the first isolation module is used for isolating the CPUs in the third quantity by adopting a CPU isolation technology according to the third quantity.
Optionally, the first configuration module 303 includes:
the first configuration unit is used for configuring a virtual network card for each DPDK container in the M DPDK containers;
a first obtaining unit, configured to obtain, through a first interface, a peripheral component interconnect standard PCI address of the virtual network card configured in each DPDK container;
a second configuration unit, configured to configure a whitelist parameter of the virtual network card of the application program in each DPDK container according to the PCI address of the virtual network card configured in each DPDK container;
and a second obtaining unit, configured to obtain a corresponding target DPDK container according to each DPDK container and a whitelist parameter of a virtual network card of an application program in the DPDK container.
Optionally, before the first starting module 304, the apparatus further includes:
a second configuration module, configured to configure, for each DPDK container of the M DPDK containers, corresponding start parameters.
Optionally, the second configuration module includes:
a third configuration unit, configured to configure a container installation mirror image for each DPDK container;
a fourth configuration unit, configured to configure an IP address for each DPDK container;
a fifth configuration unit, configured to configure an isolated CPU for each DPDK container;
a sixth configuration unit, configured to configure a network mode start parameter for each DPDK container;
a seventh configuration unit, configured to configure isolation parameters of the application program in each DPDK container.
Optionally, the apparatus further comprises:
a first mounting module for mounting a containerization tool;
wherein, in the third configuration unit, the container installation mirror is configured by the container chemical tool.
Optionally, after the first obtaining module 301, the apparatus further includes:
a second determining module, configured to determine, according to the first number, a fourth number of the memory blocks that need to be configured;
a second obtaining module, configured to obtain a required total memory capacity according to the fourth number and the memory block capacity required by each DPDK container.
Optionally, before the first starting module 304, the apparatus further includes:
the second installation module is used for installing a first drive required by the DPDK container;
and the second processing module is used for binding the virtual network card configured by each DPDK container with the first drive.
Optionally, the first starting module 304 includes:
and the first starting unit is used for starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers and the first drive.
It should be noted that the embodiment of the starting apparatus for a DPDK container is an apparatus corresponding to the starting method for a DPDK container, and all implementation manners of the above embodiments are applicable to the embodiment of the apparatus, and can achieve the same technical effect as that of the DPDK container, which is not described herein again.
In summary, in the embodiments of the present invention, the SR-IOV is adopted to virtualize the physical network card into a plurality of virtual network cards, each virtual network card has an independent MAC address, and the DPDK multiprocess enables each process to take over an independent virtual network card, so that it can be ensured that the traffic received by each process is own, and performance loss caused by traffic forwarding of other processes is not additionally generated, and the DPDK application does not need to monopolize a machine, thereby saving the use cost of the machine, improving the performance of a single-process CPU, and solving the problem of performance degradation of the DPDK cross-process forwarding in the prior art; moreover, after the SR-IOV is used for virtualizing the virtual network card, because the flow of each DPDK process is independent, only the message belonging to the current DPDK process is received and sent, when a certain process goes wrong, only the current process is affected, no influence is caused to other processes, and the problem of poor stability of the DPDK multi-process in the prior art is solved; moreover, by combining the SR-IOV technology and the CPU isolation technology, the DPDK application and the traditional application can be completely isolated, the DPDK application and the traditional application are ensured to coexist in the same machine harmoniously, the network environment of a DPDK container and a physical machine which are parameter complete isolators is started through a network mode, a virtual network card and a physical network card which are used by a DPDK process are not influenced by each other, other applications can still normally communicate with the outside through the physical network card under the condition that the DPDK process is crashed or stopped, and the problem of operation and maintenance difficulty caused by the crash of the DPDK application in the prior art is solved.
The embodiment of the invention also provides the electronic equipment which can be a physical machine. As shown in fig. 4, the system comprises a processor 401, a communication interface 402, a memory 403 and a communication bus 404, wherein the processor 401, the communication interface 402 and the memory 403 are communicated with each other through the communication bus 404.
A memory 403 for storing a computer program.
When the processor 401 is configured to execute the program stored in the memory 403, part or all of the steps in the method for starting a DPDK container according to the embodiment of the present invention are implemented.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the terminal and other equipment.
The Memory may include a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
In another embodiment provided by the present invention, a computer-readable storage medium is further provided, which stores instructions that, when executed on a computer, cause the computer to execute the method for booting a DPDK container described in the above embodiments.
In a further embodiment of the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to execute the method for booting a DPDK container as described in the above embodiments.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present invention are included in the protection scope of the present invention.
Claims (13)
1. A method of activating a DPDK container, the method comprising:
acquiring a first number M of DPDK containers of a data plane development kit, wherein M is a positive integer;
determining a second quantity of the required virtual network cards according to the first quantity, and virtualizing the physical network cards into the virtual network cards of the second quantity;
configuring a virtual network card for each DPDK container in M DPDK containers to obtain M target DPDK containers;
and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
2. The method of claim 1, wherein determining a second number of virtual network cards required according to the first number and virtualizing a physical network card out of the second number of virtual network cards comprises:
determining a second number of the required virtual network cards according to the first number;
and virtualizing the physical network cards into the virtual network cards of the second quantity through a network card virtualization technology SR-IOV according to the second quantity.
3. The method of claim 1, wherein after obtaining the first number M of data plane development kit DPDK containers, the method further comprises:
determining a third number of the Central Processing Units (CPUs) to be isolated according to the first number;
and isolating the third quantity of CPUs by adopting a CPU isolation technology according to the third quantity.
4. The method of claim 3, wherein the configuring one virtual network card for each DPDK container in the M DPDK containers to obtain M target DPDK containers comprises:
configuring a virtual network card for each DPDK container in M DPDK containers;
acquiring a Peripheral Component Interconnect (PCI) address of a virtual network card configured for each DPDK container through a first interface;
configuring a virtual network card white list parameter of an application program in each DPDK container according to the PCI address of the virtual network card configured in each DPDK container;
and obtaining a corresponding target DPDK container according to each DPDK container and the virtual network card white list parameters of the application programs in the DPDK container.
5. The method according to claim 1, wherein before starting the corresponding target DPDK container according to the starting parameters of each of the M DPDK containers, the method further comprises:
and configuring corresponding starting parameters for each DPDK container in the M DPDK containers.
6. The method of claim 5, wherein the configuring the corresponding startup parameters for each of the M DPDK containers comprises:
configuring a container installation mirror image for each DPDK container;
configuring an IP address for each DPDK container;
configuring an isolated CPU for each DPDK container;
configuring a network mode starting parameter for each DPDK container;
and configuring isolation parameters of the application programs in each DPDK container.
7. The method of claim 6, further comprising:
installing a containerization tool;
wherein, in the step of configuring a container installation mirror image for each DPDK container, the container installation mirror image is configured by the containerization tool.
8. The method of claim 1, wherein after obtaining the first number M of data plane development kit DPDK containers, the method further comprises:
determining a fourth quantity of the memory blocks required to be configured according to the first quantity;
and obtaining the required total capacity of the memory according to the fourth quantity and the capacity of the memory block required by each DPDK container.
9. The method according to claim 1, wherein before starting the corresponding target DPDK container according to the starting parameters of each of the M DPDK containers, the method further comprises:
a first drive required for installing the DPDK container;
and binding the virtual network card configured for each DPDK container with the first drive.
10. The method according to claim 9, wherein the starting a corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers includes:
and starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers and the first drive.
11. An apparatus for activating a DPDK container, the apparatus comprising:
the device comprises a first obtaining module, a second obtaining module and a control module, wherein the first obtaining module is used for obtaining a first number M of DPDK containers, and M is a positive integer;
the first processing module is used for determining a second quantity of the required virtual network cards according to the first quantity and virtualizing the physical network cards into the virtual network cards of the second quantity;
the first configuration module is used for configuring a virtual network card for each DPDK container in the M DPDK containers to obtain M target DPDK containers;
and the first starting module is used for starting the corresponding target DPDK container according to the starting parameters of each DPDK container in the M DPDK containers.
12. An electronic device, further comprising: a processor, a communication interface, a memory, and a communication bus; the processor, the communication interface and the memory complete mutual communication through a communication bus;
a memory for storing a computer program;
a processor for implementing the steps of the method for activating a DPDK container according to any one of claims 1 to 10 when executing the program stored in the memory.
13. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the method for booting a DPDK container as claimed in any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110196718.2A CN112925581A (en) | 2021-02-22 | 2021-02-22 | Method and device for starting DPDK container and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110196718.2A CN112925581A (en) | 2021-02-22 | 2021-02-22 | Method and device for starting DPDK container and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112925581A true CN112925581A (en) | 2021-06-08 |
Family
ID=76170077
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110196718.2A Pending CN112925581A (en) | 2021-02-22 | 2021-02-22 | Method and device for starting DPDK container and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112925581A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114244717A (en) * | 2022-02-28 | 2022-03-25 | 苏州浪潮智能科技有限公司 | Configuration method and device of virtual network card resources, computer equipment and medium |
| CN114629844A (en) * | 2022-02-28 | 2022-06-14 | 浙江大华技术股份有限公司 | Message forwarding method and device and electronic equipment |
| CN116257276A (en) * | 2023-05-09 | 2023-06-13 | 珠海星云智联科技有限公司 | Virtual host machine user back-end upgrading method supporting virtualized hardware acceleration |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107294869A (en) * | 2017-06-22 | 2017-10-24 | 郑州云海信息技术有限公司 | A kind of method and system of Microsoft Loopback Adapter message crawl |
| CN108964959A (en) * | 2017-05-27 | 2018-12-07 | 阿里巴巴集团控股有限公司 | A kind of network interface card direct communication system and data packet monitoring and managing method for virtual platform |
| CN109361693A (en) * | 2018-11-21 | 2019-02-19 | 南京中孚信息技术有限公司 | Virtual unit communication means and device |
| CN109981403A (en) * | 2019-03-05 | 2019-07-05 | 北京勤慕数据科技有限公司 | Virtual machine network data traffic monitoring method and device |
| CN110380992A (en) * | 2019-07-24 | 2019-10-25 | 南京中孚信息技术有限公司 | Message processing method, device and network flow acquire equipment |
| CN111447155A (en) * | 2020-03-24 | 2020-07-24 | 广州市百果园信息技术有限公司 | Data transmission method, device, equipment and storage medium |
| CN111522624A (en) * | 2020-04-17 | 2020-08-11 | 成都安恒信息技术有限公司 | Message forwarding performance flexible extension system based on virtualization technology and extension method thereof |
| CN111711801A (en) * | 2020-06-30 | 2020-09-25 | 重庆紫光华山智安科技有限公司 | Video data transmission method, device, server and computer readable storage medium |
| CN112003797A (en) * | 2020-07-16 | 2020-11-27 | 苏州浪潮智能科技有限公司 | Method, system, terminal and storage medium for improving performance of virtualized DPDK network |
-
2021
- 2021-02-22 CN CN202110196718.2A patent/CN112925581A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108964959A (en) * | 2017-05-27 | 2018-12-07 | 阿里巴巴集团控股有限公司 | A kind of network interface card direct communication system and data packet monitoring and managing method for virtual platform |
| CN107294869A (en) * | 2017-06-22 | 2017-10-24 | 郑州云海信息技术有限公司 | A kind of method and system of Microsoft Loopback Adapter message crawl |
| CN109361693A (en) * | 2018-11-21 | 2019-02-19 | 南京中孚信息技术有限公司 | Virtual unit communication means and device |
| CN109981403A (en) * | 2019-03-05 | 2019-07-05 | 北京勤慕数据科技有限公司 | Virtual machine network data traffic monitoring method and device |
| CN110380992A (en) * | 2019-07-24 | 2019-10-25 | 南京中孚信息技术有限公司 | Message processing method, device and network flow acquire equipment |
| CN111447155A (en) * | 2020-03-24 | 2020-07-24 | 广州市百果园信息技术有限公司 | Data transmission method, device, equipment and storage medium |
| CN111522624A (en) * | 2020-04-17 | 2020-08-11 | 成都安恒信息技术有限公司 | Message forwarding performance flexible extension system based on virtualization technology and extension method thereof |
| CN111711801A (en) * | 2020-06-30 | 2020-09-25 | 重庆紫光华山智安科技有限公司 | Video data transmission method, device, server and computer readable storage medium |
| CN112003797A (en) * | 2020-07-16 | 2020-11-27 | 苏州浪潮智能科技有限公司 | Method, system, terminal and storage medium for improving performance of virtualized DPDK network |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114244717A (en) * | 2022-02-28 | 2022-03-25 | 苏州浪潮智能科技有限公司 | Configuration method and device of virtual network card resources, computer equipment and medium |
| CN114244717B (en) * | 2022-02-28 | 2022-05-20 | 苏州浪潮智能科技有限公司 | Configuration method and device of virtual network card resources, computer equipment and medium |
| CN114629844A (en) * | 2022-02-28 | 2022-06-14 | 浙江大华技术股份有限公司 | Message forwarding method and device and electronic equipment |
| CN114629844B (en) * | 2022-02-28 | 2024-04-05 | 浙江大华技术股份有限公司 | Message forwarding method and device and electronic equipment |
| CN116257276A (en) * | 2023-05-09 | 2023-06-13 | 珠海星云智联科技有限公司 | Virtual host machine user back-end upgrading method supporting virtualized hardware acceleration |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112925581A (en) | Method and device for starting DPDK container and electronic equipment | |
| US10778521B2 (en) | Reconfiguring a server including a reconfigurable adapter device | |
| CN106844007B (en) | Virtualization method and system based on spatial multiplexing | |
| EP3242440B1 (en) | Fault tolerant method, apparatus and system for virtual machine | |
| US8966480B2 (en) | System for migrating a virtual machine between computers | |
| US9792136B2 (en) | Hardware assisted inter hypervisor partition data transfers | |
| US8886862B2 (en) | Virtualization of interrupts | |
| KR20140002048A (en) | Combined virtual graphics device | |
| US8271707B2 (en) | Method and system for PCI hybrid function | |
| US20150370582A1 (en) | At least one user space resident interface between at least one user space resident virtual appliance and at least one virtual data plane | |
| US10572434B2 (en) | Intelligent certificate discovery in physical and virtualized networks | |
| US20200201624A1 (en) | State-preserving upgrade of an intelligent server adapter | |
| US20220156103A1 (en) | Securing virtual machines in computer systems | |
| CN114168271B (en) | Task scheduling method, electronic device and storage medium | |
| CN114398172A (en) | Resource allocation method and device, electronic equipment and computer readable storage medium | |
| CN115269213A (en) | Data receiving method, data transmitting method, device, electronic device and medium | |
| CN109656675B (en) | Bus equipment, computer equipment and method for realizing physical host cloud storage | |
| CN115599510A (en) | Processing method and corresponding device for page fault exception | |
| CN111522624B (en) | Message forwarding performance elastic expansion system and expansion method based on virtualization technology | |
| CN113312141A (en) | Virtual serial port for virtual machines | |
| Ermakov et al. | Testing docker performance for HPC applications | |
| CN113703914B (en) | Test method and test system | |
| CN115292077A (en) | Kernel exception handling method and system | |
| CN104182271A (en) | Virtualization implementation method based on SW processor | |
| US11392504B2 (en) | Memory page fault handling for network interface devices in a virtualized environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |