Chapter 33. Creating and running containers
This section provides information on creating and running containers with the real time kernel.
podmanand other container-related utilities.
- Get familiar with administration and management of Linux containers on RHEL 8.
kernel-rtpackage and other real time-related packages.
33.1. Creating a container
You can use all the following options with both the real time kernel and the main RHEL kernel. The
kernel-rt package brings potential determinism improvements and allows the usual troubleshooting.
- You have administrator privileges.
The following procedure describes how to configure the Linux containers in relation with the real time kernel.
Create the directory you want to use for the container. For example:
# mkdir cyclictest
Change into that directory:
# cd cyclictest
Log into a host that provides a container registry service:
# podman login registry.redhat.io Username: my_customer_portal_login Password: *** Login Succeeded!
For more information about logging into the registry host, refer to Building, running, and managing containers.
Create the following Dockerfile:
# vim Dockerfile FROM rhel8 RUN subscription-manager repos --enable=rhel-8-for-x86_64-rt-rpm RUN dnf -y install rt-tests ENTRYPOINT cyclictest --smp -p95
Build the container image from the directory containing the Dockerfile:
# podman build -t cyclictest .
33.2. Running a container
You can run a container built with a Dockerfile.
Run a container using the
# podman run --device=/dev/cpu_dma_latency --cap-add ipc_lock --cap-add sys_nice --cap-add sys_rawio --rm -ti cyclictest /dev/cpu_dma_latency set to 0us policy: fifo: loadavg: 0.08 0.10 0.09 2/947 15 T: 0 ( 8) P:95 I:1000 C: 3209 Min: 1 Act: 1 Avg: 1 Max: 14 T: 1 ( 9) P:95 I:1500 C: 2137 Min: 1 Act: 2 Avg: 1 Max: 23 T: 2 (10) P:95 I:2000 C: 1601 Min: 1 Act: 2 Avg: 2 Max: 7 T: 3 (11) P:95 I:2500 C: 1280 Min: 1 Act: 2 Avg: 2 Max: 72 T: 4 (12) P:95 I:3000 C: 1066 Min: 1 Act: 1 Avg: 1 Max: 7 T: 5 (13) P:95 I:3500 C: 913 Min: 1 Act: 2 Avg: 2 Max: 87 T: 6 (14) P:95 I:4000 C: 798 Min: 1 Act: 1 Avg: 2 Max: 7 T: 7 (15) P:95 I:4500 C: 709 Min: 1 Act: 2 Avg: 2 Max: 29
This example shows the
podman run command with the required, real time-specific options. For example:
The first in first out (FIFO) scheduler policy is made available for workloads running inside the container through the
--cap-add=sys_niceoption. This option also allows setting the CPU affinity of threads, another important configuration dimension when tuning a real time workload.
--device=/dev/cpu_dma_latencyoption makes the host device available inside the container (subsequently used by the cyclictest workload to configure the CPU idle time management). If the specified device is not made available, an error similar to the message below appears:
WARN: stat /dev/cpu_dma_latency failed: No such file or directory
When confronted with error messages like these, refer to the podman-run(1) manual page. To get a specific workload running inside a container, other
podman-runoptions may be helpful.
In some cases, you also need to add the
--device=/dev/cpuoption to add that directory hierarchy, mapping per-CPU device files such as