[go: up one dir, main page]

CN116860393A - Method for direct connection of display card of LXC container - Google Patents

Method for direct connection of display card of LXC container Download PDF

Info

Publication number
CN116860393A
CN116860393A CN202310831440.0A CN202310831440A CN116860393A CN 116860393 A CN116860393 A CN 116860393A CN 202310831440 A CN202310831440 A CN 202310831440A CN 116860393 A CN116860393 A CN 116860393A
Authority
CN
China
Prior art keywords
display card
equipment
lxc
dev
container
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310831440.0A
Other languages
Chinese (zh)
Inventor
叶梓枫
肖飞
卓洪强
马凯杰
张瑶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Vclusters Information Technology Co ltd
Original Assignee
Shenzhen Vclusters Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Vclusters Information Technology Co ltd filed Critical Shenzhen Vclusters Information Technology Co ltd
Priority to CN202310831440.0A priority Critical patent/CN116860393A/en
Publication of CN116860393A publication Critical patent/CN116860393A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45562Creating, deleting, cloning virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The application discloses a method for directly communicating an LXC container display card, which comprises the following steps: obtaining a main equipment number and a secondary equipment number of a corresponding/dev/dri/cadX and/dev/dri/renderDXX equipment file of a display card through udevadm filtering and screening, wherein the/dev/dri/cadX is an equipment file path related to graphic equipment in a Linux system; and controlling the access authority of the LXC container to the display card character equipment through the LXC. And giving rwm authority to the LXC container by the main device number and the secondary device number corresponding to the obtained display card character device file, and allowing the container to access and operate the display card character device. The method for directly connecting the display card of the LXC container has the advantage of realizing free distribution and isolation of the display card resources on the LXC container.

Description

Method for direct connection of display card of LXC container
Technical Field
The application relates to the field of operating systems, in particular to a method for directly connecting an LXC container display card.
Background
LXC (Linux Containers) is an operating system level virtualization technique for creating and managing lightweight containers on a Linux system. The LXC technology utilizes the container characteristics of Linux kernels to provide an isolated environment so that multiple independent Linux system instances can be run on the same host. LXC containers are lightweight, consume fewer resources than traditional virtual machines, start up faster, and have less overhead on physical hardware. LXC containers provide strong resource isolation, each with its own file system, network, process space, and user space. This allows the containers to be isolated from each other and avoid interference with each other. LXC technology is applicable to many scenarios including application isolation, containerized development, continuous integration and deployment, etc. It is a powerful tool to build a container-based lightweight virtualization solution.
Graphics card pass-through (GPU pass through) is a virtualization technology that allows a physical graphics card to be directly assigned to a virtual machine, enabling the virtual machine to directly access and utilize the capabilities of the graphics card. Such techniques are typically used to perform tasks requiring GPU acceleration, such as machine learning, data analysis, and gaming, in a virtualized environment. The implementation of graphics card pass-through is typically based on hardware virtualization techniques such as Intel's VT-d (Virtualization Technology for Directed I/O) or AMD's IOMMU (Input/Output Memory Management Unit). These techniques allow the physical graphics card of the host to pass through to the virtual machine via PCIe, enabling the virtual machine to directly access the graphics card resources without intermediate forwarding via the virtualization software.
The display card direct connection technology of the LXC container combines the LXC container and the display card, and aims to directly connect one or more display cards to a specific LXC container, so that free allocation and isolation of display card resources on the LXC container are realized, and the display card resources can be practically used on the LXC container to allow the LXC container to promote computing capacity and rendering capacity.
Disclosure of Invention
The application provides a method for directly connecting a display card of an LXC container, which has the advantages of realizing free distribution and isolation of display card resources on the LXC container, and solves the problems that the existing LXC container cannot directly use display card equipment on a host machine and cannot realize free distribution and isolation of the display card resources on the LXC container.
The method for directly connecting the LXC container display card provided by the embodiment of the application comprises the following steps:
the method comprises the steps that a display card kernel module is required to be loaded on a host machine, and a display card starting rule is created at the speed of/etc/udev/rules.d, wherein the display card starting rule creates a display card character equipment file through the display card kernel module when the display card is started and loaded, and the display card character equipment file is expressed as/dev/nvidia and/dev/dri/;
the method comprises the steps of obtaining a main equipment number and a secondary equipment number of display card character equipment by inquiring display card character equipment files/dev/nvidia and/dev/dri/;
obtaining a main equipment number and a secondary equipment number of a corresponding/dev/dri/cadX and/dev/dri/renderDXX equipment file of a display card through udevadm filtering and screening, wherein the/dev/dri/cadX is an equipment file path related to graphic equipment in a Linux system;
and controlling the access authority of the LXC container to the display card character equipment through the LXC. And giving rwm authority to the LXC container by the main device number and the secondary device number corresponding to the obtained display card character device file, and allowing the container to access and operate the display card character device.
Preferably, the display card device is accessed and used by mapping the display card character device file into the LXC container through the LXC.
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
the application provides a method for directly connecting a display card of an LXC container, which is characterized in that a display card character device file is created through a display card kernel module and a starting rule, the LXC container is endowed with access and operation authority to the display card character device file, and the display card character device file is mapped into the LXC container so as to realize the direct connection technology of the display card of the LXC container, and the display card device can be accessed and used.
The application controls the access authority of the LXC container to the display card character equipment through the cgroups so as to allow the LXC container to access and operate the display card. The application can realize free allocation and isolation in the LXC container through the main equipment number and the secondary equipment number of different graphic card character equipment files. The method solves the problem that the existing LXC container cannot directly use the display card equipment on the host machine, and the free allocation and isolation of the display card resources on the LXC container cannot be realized.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method configuration process for direct connection of an LXC container display card;
fig. 2 is a schematic diagram of a method for directly connecting a graphics card of an LXC container according to the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It is also to be understood that the terminology used in the description of the application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
LXC is an operating system level virtualization technology that creates containers through kernel isolation, each with its own independent namespaces and resource limitations. This means that the container cannot directly access the hardware devices on the host, including the graphics card.
The display card is communicated through, and a kernel driver VFIO-pci provided by a VFIO (Virtual Function I/O) technical framework allows a user space program to communicate with a VFIO subsystem through a device file so as to manage and control the through device. The VFIO-PCI driver allows the user to bind the PCI device identifier of the physical graphics card to the VFIO driver, enabling a pass-through operation, directly assigning the physical graphics card to the virtual machine, exclusively accessing and using graphics card resources.
Referring to fig. 1-2, the present application provides a method for directly connecting an LXC container graphics card, where the graphics card will be described by taking an NVIDIA graphics card as an example, and the method includes the following steps:
firstly, a display card kernel module is loaded in a host machine, and a display card starting rule is created at/etc/udev/rules. And the display card starting rule creates a display card character equipment file through the display card kernel module when the display card is started and loaded. The display card character equipment file is expressed as/dev/nvidia and/dev/dri/.
And obtaining the primary equipment number and the secondary equipment number of the display card character equipment by inquiring the display card character equipment file/dev/nvidia and/dev/dri/.
And obtaining the corresponding/dev/dri/cardX and/dev/dri/renderDXX equipment files of the display card through the udevadm filtering and screening, and obtaining the main equipment number and the secondary equipment number of the equipment files in the mode. the/dev/dri/cardX is a device file path related to the graphic device in the Linux system. By accessing/dev/dri/cardX device files, a user can communicate with the main graphics device of the system, including performing hardware accelerated rendering, graphics processing, and display control. the/dev/dri/renderDXX is a device file path for rendering nodes in the Linux system. By accessing the/dev/dri/renderxxx device file, a user can interact with a rendering node using a hardware-accelerated graphics rendering function.
And controlling the access authority of the LXC container to the display card character equipment through the LXC. And giving rwm (reading, writing and creating files) rights to the LXC container by the main device number and the secondary device number corresponding to the obtained display card character device file, and allowing the container to access and operate the display card character device.
And mapping the display card character device file into the LXC container through the LXC. .
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
the application provides a method for directly connecting a display card of an LXC container, which is characterized in that a display card character device file is created through a display card kernel module and a starting rule, the LXC container is endowed with access and operation authority to the display card character device file, and the display card character device file is mapped into the LXC container so as to realize the direct connection technology of the display card of the LXC container, and the display card device can be accessed and used.
The application controls the access authority of the LXC container to the display card character equipment through the cgroups so as to allow the LXC container to access and operate the display card. The application can realize free allocation and isolation in the LXC container through the main equipment number and the secondary equipment number of different graphic card character equipment files. The method solves the problem that the existing LXC container cannot directly use the display card equipment on the host machine, and the free allocation and isolation of the display card resources on the LXC container cannot be realized.
While the application has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the application. Therefore, the protection scope of the application is subject to the protection scope of the claims.

Claims (2)

1. The method for directly communicating the LXC container display card is characterized by comprising the following steps of:
the method comprises the steps that a display card kernel module is required to be loaded on a host machine, and a display card starting rule is created at the speed of/etc/udev/rules.d, wherein the display card starting rule creates a display card character equipment file through the display card kernel module when the display card is started and loaded, and the display card character equipment file is expressed as/dev/nvidia and/dev/dri/;
the method comprises the steps of obtaining a main equipment number and a secondary equipment number of display card character equipment by inquiring display card character equipment files/dev/nvidia and/dev/dri/;
obtaining a main equipment number and a secondary equipment number of a corresponding/dev/dri/cadX and/dev/dri/renderDXX equipment file of a display card through udevadm filtering and screening, wherein the/dev/dri/cadX is an equipment file path related to graphic equipment in a Linux system;
and controlling the access authority of the LXC container to the display card character equipment through the LXC. And giving rwm authority to the LXC container by the main device number and the secondary device number corresponding to the obtained display card character device file, and allowing the container to access and operate the display card character device.
2. The method for directly communicating the display card of the LXC container according to claim 1, wherein said display card character device file is mapped into the LXC container by LXC.
CN202310831440.0A 2023-07-05 2023-07-05 Method for direct connection of display card of LXC container Pending CN116860393A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310831440.0A CN116860393A (en) 2023-07-05 2023-07-05 Method for direct connection of display card of LXC container

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310831440.0A CN116860393A (en) 2023-07-05 2023-07-05 Method for direct connection of display card of LXC container

Publications (1)

Publication Number Publication Date
CN116860393A true CN116860393A (en) 2023-10-10

Family

ID=88228135

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310831440.0A Pending CN116860393A (en) 2023-07-05 2023-07-05 Method for direct connection of display card of LXC container

Country Status (1)

Country Link
CN (1) CN116860393A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119251371A (en) * 2024-12-09 2025-01-03 麒麟软件有限公司 A method for switching window compositor rendering backends compatible with different domestic graphics card performances
CN120723335A (en) * 2025-08-22 2025-09-30 北京景行锐创软件有限公司 A method, system, device, medium and product for mounting and unmounting a GPU device in a container

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119251371A (en) * 2024-12-09 2025-01-03 麒麟软件有限公司 A method for switching window compositor rendering backends compatible with different domestic graphics card performances
CN120723335A (en) * 2025-08-22 2025-09-30 北京景行锐创软件有限公司 A method, system, device, medium and product for mounting and unmounting a GPU device in a container

Similar Documents

Publication Publication Date Title
EP4053706A1 (en) Cross address-space bridging
US7784060B2 (en) Efficient virtual machine communication via virtual machine queues
US9424067B2 (en) Managing virtual machine instances utilizing an offload device
US8924959B2 (en) Switching hardware devices in virtual machine systems using resource converting relationships
GB2565770B (en) Data processing systems
ES2379575T3 (en) Make a virtual configuration topology change
KR101495862B1 (en) Virtual server and virtual machine management method for supporting zero client
CN110764901A (en) Data processing method based on GPU (graphics processing Unit) resources, electronic equipment and system
CN113296950B (en) Processing method, processing device, electronic equipment and readable storage medium
EP4407470A1 (en) Request processing method, apparatus and system
CN112330229B (en) Resource scheduling method, device, electronic equipment and computer readable storage medium
WO2015080719A1 (en) Apparatus and method for scheduling graphics processing unit workloads from virtual machines
CN113032103B (en) VF resource dynamic scheduling method based on SR-IOV function of high-speed network card
CN116860393A (en) Method for direct connection of display card of LXC container
US20180239715A1 (en) Secure zero-copy packet forwarding
US20040107329A1 (en) Memory pool configuration system
CN113312141A (en) Virtual serial port for virtual machines
US20170249106A1 (en) Multiple input-output memory management units with fine grained device scopes for virtual machines
CN113419845A (en) Calculation acceleration method and device, calculation system, electronic equipment and computer readable storage medium
CN114253655B (en) MIPS64 instruction set-based security container isolation method and device
JP6974510B2 (en) Methods, devices, devices and media for processing data
US10185679B2 (en) Multi-queue device assignment to virtual machine groups
CN118426912B (en) GPU-based user container processing method, device, equipment and medium
US10481951B2 (en) Multi-queue device assignment for application groups
KR102417882B1 (en) Method for managing gpu resources and computing device for executing the method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination