SPDX-License-Identifier: Apache-2.0
Copyright (c) 2019 Intel Corporation

Userspace CNI

Overview

Userspace CNI is a Container Network Interface Kubernetes plugin that was designed to simplify the process of deployment of DPDK based applications in Kubernetes pods. The plugin uses Kubernetes and Multus CNI’s CRD to provide pod with virtual DPDK-enabled ethernet port. In this document you can find details about how to install OpenNESS with Userspace CNI support and how to use it’s main features.

Setup Userspace CNI

OpenNESS for Network Edge has been integrated with Userspace CNI to allow user to easily run DPDK based applications inside Kubernetes pods. To install OpenNESS Network Edge with Userspace CNI support, please add value userspace to variable kubernetes_cnis in group_vars/all/10-default.yml and set value of the variable kubeovn_dpdk in group_vars/all/10-default.yml to true:

# group_vars/all/10-default.yml
kubernetes_cnis:
- kubeovn
- userspace
# group_vars/all/10-default.yml
kubeovn_dpdk: true

HugePages configuration

Please be aware that DPDK apps will require specific amount of HugePages enabled. By default the ansible scripts will enable 1024 of 2M HugePages in system, and then start OVS-DPDK with 1Gb of those HugePages. If you would like to change this settings to reflect your specific requirements please set ansible variables as defined in the example below. This example enables 4 of 1GB HugePages and appends 1 GB to OVS-DPDK leaving 3 pages for DPDK applications that will be running in the pods.

# group_vars/controller_group/10-default.yml
hugepage_size: "1G"
hugepage_amount: "4"
# group_vars/edgenode_group/10-default.yml
hugepage_size: "1G"
hugepage_amount: "4"
# group_vars/all/10-default.yml
# Hugepage size to be used with DPDK: 2Mi or 1Gi
kubeovn_dpdk_hugepage_size: "1Gi"
# Overall amount of hugepages available to DPDK
kubeovn_dpdk_hugepages: "1Gi"

Pod deployment

To deploy pod with DPDK interface please create pod with hugepages mounted to /dev/hugepages, host directory /var/run/openvswitch/ (with mandatory trailing slash character) mounted into pod with the volume name shared-dir (the name shared-dir is mandatory) and userspace-openness network annotation. You can find example pod definition with two DPDK ports below:

apiVersion: v1
kind: Pod
metadata:
  name: userspace-example
  annotations:
    k8s.v1.cni.cncf.io/networks: userspace-openness, userspace-openness
spec:
  containers:
  - name: userspace-example
    image: image-name
    imagePullPolicy: Never
    securityContext:
      privileged: true
    volumeMounts:
    - mountPath: /ovs
      name: shared-dir
    - mountPath: /dev/hugepages
      name: hugepages
    resources:
      requests:
        memory: 1Gi
      limits:
        hugepages-1Gi: 2Gi
    command: ["sleep", "infinity"]
  volumes:
  - name: shared-dir
    hostPath:
      path: /var/run/openvswitch/
  - name: hugepages
    emptyDir:
      medium: HugePages

Virtual interface usage

Socket files for virtual interfaces generated by Userspace CNI are created on host machine in /var/run/openvswitch directory. This directory has to be mounted into your pod by volume with obligatory name shared-dir (in our example pod definition /var/run/openvswitch is mounted to pod as /ovs). Then you can use sockets available in your mount-point directory in your DPDK-enabled application deployed inside pod. You can find further example in Userspace CNI’s documentation.