Abilities to use DPDK and SR-IOV with Kubernetes
2,091 views
Skip to first unread message
Ihor Dvoretskyi
Jun 29, 2016, 6:19:04 AM6/29/16
to kubernetes-sig-network
Hello all,
Currently, I'm researching abilities to use DPDK and SR-IOV with Kubernetes (with VM's spawned inside of containers). Are there any people with the related experience who may provide some useful information?
Thank you.
Currently, I'm researching abilities to use DPDK and SR-IOV with Kubernetes (with VM's spawned inside of containers). Are there any people with the related experience who may provide some useful information?
Thank you.
Dan Williams
Jun 29, 2016, 10:52:17 AM6/29/16
to Ihor Dvoretskyi, kubernetes-sig-network
In any case, there are containers-in-VMs and plain hypervisor-based
work happening in various projects like Hypernetes, rkt, and others.
But these aren't quite ready yet, and there is still some work in the
Kubernetes core being done to make all the components better understand
hypervisor/VM-based environments.
I don't think either of Hypernetes or rkt can utilize DPDK and/or SRIOV
yet, but that typically depends on the network plugin that gets used to
set up networking for the container. I'd imagine once there's basic
support for containers-in-VMs you'll see the networking side grow to
include things like DPDK and SRIOV.
Dan
Ihor Dvoretskyi
Jun 29, 2016, 10:55:19 AM6/29/16
to Dan Williams, kubernetes-sig-network
Hi Dan,
No, I meant spawning VM inside of container (while container runs on bare metal) not vise versa. What do you think about this use case?
--
Best Regards,
Ihor Dvoretskyi
Xu Wang
Jun 29, 2016, 7:53:34 PM6/29/16
to Ihor Dvoretskyi, kubernetes-sig-network
Does SR-IOV means no overlay network will be replied.
--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-network" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-ne...@googlegroups.com.
To post to this group, send email to kubernetes-...@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-sig-network.
For more options, visit https://groups.google.com/d/optout.
Frederick Kautz
Jun 29, 2016, 8:56:25 PM6/29/16
to kubernetes-sig-network, dc...@redhat.com
I can't think of anything that would technically prevent you from running a VM in a container or using DPDK from within a container.
Logistically, it's a bit more difficult. You'll need to make sure your kernel modules are compiled fro the host, and you'll need to relax the container's
security restrictions via --privileged. You may also need to mount a few devices (e.g. maybe /dev) from the host into your container.
ivan coughlan
Jul 1, 2016, 4:24:40 AM7/1/16
to kubernetes-sig-network, dc...@redhat.com
I concur with Frederick, technically no reason it cannot be done but plumbing is not currently supported via plugin.
This is something we are working on for both SR-IOV and DPDK currently and ideally without the privileged requirement.
I am curious about your VM inside container use case, containers inside VMs is more typical and for the more security conscious we are working on lightweight VM per container/pod.
Can I understand better your need for this particular setup?
Ivan....
Kuralamudhan Ramakrishnan
Jun 1, 2017, 8:17:55 AM6/1/17
to kubernetes-sig-network
We achieving this by using (https://github.com/Intel-Corp/multus-cni) plugin and DPDK-SRIOV(https://github.com/Intel-Corp/sriov-cni) plugin together
Kural
Reply all
Reply to author
Forward
0 new messages