Linux / arm64
The NVIDIA® DOCA™ SDK (software development kit) enables developers to rapidly create applications and services on top of NVIDIA BlueField® data processing units (DPUs), leveraging industry-standard APIs.
NOTE: The DOCA Application Recognition application container is deprecated and starting from DOCA 2.5.0 release will no longer be supported.
The Application Recognition (AR) DOCA App runs on top of Data Plan Development Kit (DPDK) based Stateful Flow Tracking (SFT) to identify the flow that each packet belongs to, then uses DPI to process L7 classification.
All preparation steps are listed under DOCA's Container Deployment User Guide.
Note: The DOCA Application container is configured for K8S-based deployment, hence the use of the docker pull
command is discouraged.
As explained in the application's documentation there are some resource allocation steps needed before the application can be executed:
# Allocate huge-pages, required by DPDK
echo 2048 > /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages
# Make sure the regex engine is active
systemctl status mlx-regex
# If the status is inactive (“Active: failed”), run
systemctl start mlx-regex
The application is meant to be used with Scalable Functions (SFs), hence they should be configured accordingly. An example illustration is shown in the application's system design section.
Once all SFs and OVS bridges are configured, we can continue on to the next step, in which we will notify the container about them.
The .yaml configuration for our container is doca_application_recognition.yaml:
wget --content-disposition https://api.ngc.nvidia.com/v2/resources/nvidia/doca/doca_container_configs/versions/2.0.2v1/files/configs/2.0.2/doca_application_recognition.yaml
Note: The file is also stored with the rest of the .yaml configurations as were pulled from NGC in the previous steps (See "Installation and Getting Started").
We are going to focus on the deployment-specific fields:
Note: The container currently shares a shared directory with the DPU:
/tmp/doca_application_recognition
/doca_application_recognition
Please make sure to create this directory (or modify the .yaml to use a path of your liking):
mkdir /tmp/doca_application_recognition
Important: Once created, make sure to copy your signature file to this folder, so that the application inside the container will be able to access it.
Simply copy the updated doca_application_recognition.yaml
file to the /etc/kubelet.d
directory. Kubelet will automatically pull the container image from NGC, and spawn a pod executing the container. The DOCA Application Recognition application will start executing right away, and its printouts could be seen via the container's logs:
# View currently active pods, and their IDs (it might take up to 20 seconds for the pod to start)
crictl pods
# View currently active containers, and their IDs
crictl ps
# Examine logs of a given container
crictl logs
# Examine kubelet logs, in case something didn't work as expected
journalctl -u kubelet
Please refer to the documentation for more information.
The DOCA Application Recognition developer guide is available here.
DOCA is licensed under the NVIDIA DOCA License. By pulling and using the container, you accept the terms and conditions of this license.
Use the NVIDIA Developers forum for questions regarding this Software.