Attention

You are viewing an older version of the documentation. The latest version is v3.3.

Microservice: veth TSN

The following section describes how to build, import and run a set of containerized TSN tools user-space libraries and examples. These instructions assume an existing ECI installation, familiarity with building Docker containers.

Building: veth-tsn Container

The following section is applicable to:

../../_images/linux4.png

The following steps detail how to build a Yocto poky based Docker image which contains TSN software.

  1. If not already completed, follow the section Setting up ECI Build to prepare the build system.

  2. Navigate to the directory where the ECI build script setup.sh is located. The build is started as follows:

    $ mkdir -p ./build/container-veth-tsn
$ cd ./build/container-veth-tsn
$ kas build ../../targets/kas/container-veth-tsn.yml

    After the build has completed successfully, there will be a tarballed OCI-compatible image under build/tmp/deploy/images/qemux86-64/container-veth-tsn-qemux86-64.tar.bz2:

    Docker Image archive name

    Description of Docker Image

    container-veth-tsn-qemux86-64.tar.bz2

    Docker image which contains TSN software.

Executing: veth-tsn Container

The following section is applicable to:

../../_images/target5.png

  1. Ensure that the Docker daemon is active. Run the following command to restart the Docker daemon.

    Warning

    All running Docker containers will also restart.

    $ systemctl restart docker

    The status of the Docker daemon can be verified with the following command:

    $ systemctl status docker

  2. Copy the Docker image created earlier to the target system.

  3. Import the copied Docker image by performing the following command:

    $ docker import container-veth-tsn-qemux86-64.tar.bz2

    When the command complete, a SHA1 value will be outputted like this (the value will be different):

    sha256:0ef46b756d5a17f7cb9ee5f5ee68c666576662b80fe66fde26ba2ec0c84e64bf

    The image that was imported which can be identified with the SHA1 should be present in the list of Docker images provided by the command:

    $ docker images
REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE
<none>                <none>              0ef46b756d5a        2 minutes ago       48.7MB

  4. The image can be instantiated with a new container by using the image ID to run the workloads. Example 1: run the open62541 pubsub_publish:

    $ docker run -it --rm \
  --privileged \
          --pid=host \
  0ef46b756d5a \
  /usr/share/open62541/examples/tutorial_pubsub_publish
[2020-10-09 15:53:45.350 (UTC+0000)] warn/server        Username/Password configured, but no encrypting SecurityPolicy. This can leak credentials on the network.
[2020-10-09 15:53:45.350 (UTC+0000)] warn/userland      AcceptAll Certificate Verification. Any remote certificate will be accepted.
[2020-10-09 15:53:45.350 (UTC+0000)] info/userland      PubSub channel requested
[2020-10-09 15:53:45.350 (UTC+0000)] info/network       TCP network layer listening on opc.tcp://08a20c52e74d:4840/

  5. Example 2: run BPF xdpdump in unprivileged container:

    $ docker run -it --rm \
  --cap-add=SYS_ADMIN \
  --cap-add=NET_ADMIN \
  0ef46b756d5a \
  bash -c "cd /opt/xdp/bpf-examples/ && ./xdpdump -i eth0 -S"

  6. Example 3: run check_clocks in unprivileged container:

    $ docker run -it --rm \
  --net=host \
  -v /var/run:/var/run \
  --device /dev/ptp0
  0ef46b756d5a \
  check_clocks -d enp1s0 -v