Chapter 33. Creating and running containers
This section provides information about creating and running containers with the real-time kernel.
Prerequisites
-
Install
podman
and other container related utilities. - Get familiar with administration and management of Linux containers on RHEL.
-
Install the
kernel-rt
package and other real-time related packages.
33.1. Creating a container
You can use all the following options with both the real time kernel and the main RHEL kernel. The kernel-rt
package brings potential determinism improvements and allows the usual troubleshooting.
Prerequisites
- You have administrator privileges.
Procedure
The following procedure describes how to configure the Linux containers in relation with the real time kernel.
Create the directory you want to use for the container. For example:
# mkdir cyclictest
Change into that directory:
# cd cyclictest
Log into a host that provides a container registry service:
# podman login registry.redhat.io Username: my_customer_portal_login Password: *** Login Succeeded!
Create the following
Dockerfile
:# vim Dockerfile
Build the container image from the directory containing the Dockerfile:
# podman build -t cyclictest .
33.2. Running a container
You can run a container built with a Dockerfile.
Procedure
Run a container using the
podman run
command:# podman run --device=/dev/cpu_dma_latency --cap-add ipc_lock --cap-add sys_nice --cap-add sys_rawio --rm -ti cyclictest /dev/cpu_dma_latency set to 0us policy: fifo: loadavg: 0.08 0.10 0.09 2/947 15 T: 0 ( 8) P:95 I:1000 C: 3209 Min: 1 Act: 1 Avg: 1 Max: 14 T: 1 ( 9) P:95 I:1500 C: 2137 Min: 1 Act: 2 Avg: 1 Max: 23 T: 2 (10) P:95 I:2000 C: 1601 Min: 1 Act: 2 Avg: 2 Max: 7 T: 3 (11) P:95 I:2500 C: 1280 Min: 1 Act: 2 Avg: 2 Max: 72 T: 4 (12) P:95 I:3000 C: 1066 Min: 1 Act: 1 Avg: 1 Max: 7 T: 5 (13) P:95 I:3500 C: 913 Min: 1 Act: 2 Avg: 2 Max: 87 T: 6 (14) P:95 I:4000 C: 798 Min: 1 Act: 1 Avg: 2 Max: 7 T: 7 (15) P:95 I:4500 C: 709 Min: 1 Act: 2 Avg: 2 Max: 29
This example shows the podman run
command with the required, real time-specific options. For example:
-
The first in first out (FIFO) scheduler policy is made available for workloads running inside the container through the
--cap-add=sys_nice
option. This option also allows setting the CPU affinity of threads, another important configuration dimension when tuning a real time workload. The
--device=/dev/cpu_dma_latency
option makes the host device available inside the container (subsequently used by the cyclictest workload to configure the CPU idle time management). If the specified device is not made available, an error similar to the message below appears:WARN: stat /dev/cpu_dma_latency failed: No such file or directory
When confronted with error messages like these, refer to the podman-run(1) manual page. To get a specific workload running inside a container, other
podman-run
options may be helpful.In some cases, you also need to add the
--device=/dev/cpu
option to add that directory hierarchy, mapping per-CPU device files such as/dev/cpu/*/msr
.