Project Description
As per discussions in the SOAFEE SIG that SUSE is a founding member of, container users will be in need of running workloads with mixed criticality.
Maybe the easiest starting point will be allowing to assign containerized processes real-time priorities.
During last Hack Week, code review had confirmed no process priorities were being set in runc, but work towards experimental code changes got interrupted.
Goal for this Hackweek
Goal is to create a proof of concept where initially a hardcoded process priority gets assigned to a container (which would confirm we found the right place and have the needed capability permissions). This includes figuring out a development set-up for these container components. SUCCESS! Nice values such as -5 (range -20 to 19) could be assigned to a Tumbleweed container executed via podman on Tumbleweed x86_64, using a modified locally built and installed (PREFIX=/usr) runc binary in the initProcess code path.
Next step would be to alternatively assign a real-time process priority (different syscall and number range). SUCCESS! Among others, FIFO scheduler with real-time priority 42 (range 1 to 99) could be assigned to the Tumbleweed container's bash process.
A further step would be figuring out how to pass such meta information from container manifest through orchestrator to the runtime components, so that the priority does not need to be hardcoded and can be applied to one specific container only.
Out of scope will likely be investigating alternative container components, such as crun in place of runc.
It is understood real-time process priorities can be investigated on regular current Tumbleweed or SLE kernels, without requiring a SLERT kernel with PREEMPT_RT patchset specifically (although that would still be the deployment use case).
Resources
SUSE Labs Conference 2022 paper "SOAFEE: The quest for mixed criticality" by A. Färber, sections "Operating system and real-time" and "Kubernetes and real-time".
Looking for hackers with the skills:
This project is part of:
Hack Week 22 Hack Week 21
Activity
Comments
-
9 months ago by afaerber | Reply
Results presented in SOAFEE MCO tiger team: 20230214_SUSE_Hackweek_real-time.pdf
Code is pushed to GitHub now: https://github.com/afaerber/runc/commits/hackweek22
Similar Projects
mikrolite - a cli to create lighweight Kubernetes clusters using microvms by rcase
[comment]: # (Please use the project descriptio...
A CLI for Harvester by mohamed.belgaied
[comment]: # Harvester does not officially come...
RKE2/K3S working on IBM Power by tkelly
[comment]: # (Please use the project descriptio...
Predefined app security policy template for NeuVector by feih
Project Description
Idea is to predefin...
Containerized home mirror by lkocman
I'm running a simple home mirror, but I managed...
Hangar: tool for mirror container images & generate rancher image lists. by StarryWang
Project Description
Hangar is a tool for ...
Package MONAI Machine Learning Models for Medical Applications by jordimassaguerpla
Project Description
MONAI Deploy aims to ...
Building a container bootloader by flonnegren
[comment]: # (Please use the project descriptio...
Exploring DPDK within containers by paolodepa
Project Description
Containerization is h...
Cluster API Provider for Harvester by rcase
[comment]: # (Please use the project descriptio...
Learn Golang contribuing to opensource projects by mbussolotto
Project Description
Get practice in Golan...
WebUI for your data by avicenzi
[comment]: # (Please use the project descriptio...
Rancher Upgrader - Upgrades your rancher install via helm, and communicates critical changes from release A to B. by rweir
[comment]: # (Please use the project descriptio...
A CLI for Harvester by mohamed.belgaied
[comment]: # Harvester does not officially come...