The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This section explains the different kinds of application hosting, and demonstrates how a simple application can be hosted natively or in a third-party container on IOS XR.
Application hosting on IOS XR supports docker containers. You can create your own container on IOS XR using docker, and host applications within the container. The applications can be developed using any Linux distribution. This is well suited for applications that use system libraries that are different from that provided by the IOS XR root file system. Cisco NCS 540 supports only docker-based application hosting.
This section introduces the concept of container application hosting and describes its workflow.
Container application hosting makes it possible for applications to be hosted in their own environment and process space (namespace) within a Linux container on Cisco IOS XR. The application developer has complete control over the application development environment, and can use a Linux distribution of choice. The applications are isolated from the IOS XR control plane processes; yet, they can connect to networks outside XR through the XR GigE interfaces. The applications can also easily access local file systems on IOS XR.
Docker is a container used for hosting applications on Cisco IOS XR. Docker provides isolation for application processes from the underlying host processes on XR by using Linux network namespaces.
Docker is becoming the industry-preferred packaging model for applications in the virtualization space. Docker provides the foundation for automating application life cycle management.
Docker follows a layered approach that consists of a base image at the bottom that supports layers of applications on top. The base images are available publicly in a repository, depending on the type of application you want to install on top. You can manipulate docker images by using the docker index and registry.
Docker provides a git-like workflow for developing container applications and supports the "thin update" mechanism, where only the difference in source code is updated, leading to faster upgrades. Docker also provides the "thin download" mechanism, where newer applications are downloaded faster because of the sharing of common base docker layers between multiple docker containers. The sharing of docker layers between multiple docker containers leads to lower footprint for docker containers on XR.The following figure illustrates the docker architecture on IOS XR.
The application binaries for the applications to be hosted are installed inside the docker container.
The following figure illustrates the workflow for hosting applications in Docker containers on IOS XR.
The docker file in the source repository is used to build the application binary file on your (docker engine build) host machine.
The application binary file is pushed into the docker image registry.
The application binary file is pulled from the docker image registry and copied to the docker container on XR (docker engine target host).
The application is built and hosted in the docker container on XR.
The following figure illustrates the workflow for updating applications hosted in docker containers.
The application update is generated as a base libs update file (delta update file) and pushed to the docker image registry.
The delta update file (containing only the difference in application code) is pulled from the docker image registry and copied to the docker containers on XR (docker engine target host).
The docker containers are restarted with the delta update file.
|
Feature Name |
Release Information |
Feature Description |
|---|---|---|
|
On-Demand Docker Daemon Service |
Release 7.5.1 |
From this release onwards, the Docker daemon service starts on a router only if you configure a third-party hosting application using the appmgr command. Such an on-demand service optimizes operating system resources such as CPU, memory, and power. In earlier releases, the Docker daemon service automatically started during the router boot up. |
In previous releases, the applications were hosted and controlled by the Docker commands. These Docker commands were executed in the bash shell of the Kernel that also hosted the Cisco IOS XR software. With the introduction of Application Manager, it is now possible to manage third-party application hosting and their functioning through Cisco IOS XR CLIs. With this feature, all the activated third party applications can restart automatically after a router reload or an RP switchover. This automatic restart of the applications ensure seamless functioning of the hosted applications.
For every application manager command or configuration executed, the Application Manager performs the requested action by interfacing with the Docker daemon through the Docker socket.
The following table lists the Docker container functionalities, the generic Docker commands that were used in the previous releases, and its equivalent application manager commands that can now be used:
|
Functionality |
Application Manager Commands |
|
|---|---|---|
|
Install the application RPM |
NA | Router#appmgr package install rpm image_name-0.1.0-XR_7.3.1.x86_64.rpm |
|
Configure and activate the application |
|
Router#configRouter(config)#appmgrRouter(config-appmgr)#application app_nameRouter(config-application)#activate type docker source image_name docker-run-opts "--net=host" docker-run-cmd "iperf3 -s -d"Router(config-application)#commit |
|
View the list, statistics, logs, and details of the application container |
|
Router#show appmgr source-tableRouter#show appmgr application name app_name info summaryRouter#show appmgr application name app_name info detailRouter#show appmgr application name app_name statsRouter#show appmgr application-tableRouter#show appmgr application name app_name logs |
|
Run a new command inside a running container |
|
Router#appmgr application exec name app_name docker-exec-cmd |
|
Stop the application container |
|
Router#appmgr application stop name app_name |
|
Kill the application container |
|
Router#appmgr application kill name app_name |
|
Start the application container |
|
Router#appmgr application start name app_name |
|
Deactivate the application |
|
Router#configureRouter(config)#no appmgr application app_nameRouter(config)#commit |
|
Uninstall the application image/RPM |
|
Router#appmgr package uninstall package image_name-0.1.0-XR_7.3.1.x86_64 |
 Note |
The usage of the application manager commands are explained in the "Hosting iPerf in Docker Containers to Monitor Network Performance using Application Manager" section. |
This section describes how you can configure a Docker with multiple VRFs on Cisco IOS XR. For information on configuring multiple VRFs, see Configuring Multiple VRFs for Application Hosting topic.
Use the following steps to create and deploy a multi-VRF Docker on XR.
Create a multi-VRF Docker with NET_ADMIN and SYS_ADMIN privileges.
In the following example, a Docker container containing three VRFs (yellow, blue, and green) is launched. The example assumes
that a previous “multivrfimage” docker image was installed using the appmgr package install command.
Router# appmgr application multivrfcontainer activate type docker source multivrfimage docker-run-opts “-td --net=host --name multivrfcontainer1
-v /var/run/netns/yellow:/var/run/netns/yellow
-v /var/run/netns/blue:/var/run/netns/blue
-v /var/run/netns/green:/var/run/netns/green
--cap-add NET_ADMIN --cap-add SYS_ADMIN”Note |
|
Verify if the multi-VRF Docker has been successfully loaded.
Router# show appmgr application-table
Name Type Config State Status
---- ------ ------------ ------------------------------------------------------
multivrfcontainer Docker Activated Up About a minuteConnect to the multi-VRF Docker container by executing the following command.
Router# appmgr application exec name multivrfcontainer1 docker-exec-cmd /bin/bash/By default, the Docker is loaded in global-vrf namespace on Cisco IOS XR.
Verify if the multiple VRFs are accessible from the Docker.
root@host:/# ifconfig
fwd_ew Link encap:Ethernet HWaddr 00:00:00:00:00:0b
inet6 addr: fe80::200:ff:fe00:b/64 Scope:Link
UP RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:1 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:140 (140.0 B)
fwdintf Link encap:Ethernet HWaddr 00:00:00:00:00:0a
inet6 addr: fe80::200:ff:fe00:a/64 Scope:Link
UP RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:1 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:140 (140.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@host:/# ip netns list
yellow
green
blue
root@host:/# /sbin/ip netns exec green bash
root@host:/# ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@host:/# ifconfig lo up
root@host:/# ifconfig lo 127.0.0.2/32
root@host:/# ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.2 Mask:0.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[host:/misc/app_host]$ ip netns exec green bash
[host:/misc/app_host]$ ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.2 Mask:0.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
You have successfully launched a multi-VRF Docker on Cisco IOS XR.
Feedback