NVIDIA DOCA Programming Guides Overview
This document provides an overview of the programming guides for the DOCA libraries implemented on top of NVIDIA® BlueField® DPU.
DOCA libraries are designed to serve DOCA-based software such as the provided example applications. For optimal performance, it is recommended to run these applications on the DPU. However, if necessary, DOCA libraries can be run on the host.
In addition, built-in gRPC support for DOCA allows certain libraries to be used by gRPC clients running on the host that communicates with a matching gRPC server which implements the library's functionality on the DPU.
2.1. DOCA App Shield
DOCA App Shield library API offers intrusion detection capabilities using the built-in hardware services of the DPU to collect data from the host's memory space. App Shield makes it possible to detect attacks on critical services in the host system. This library leverages the DPU's direct memory access (DMA) capability to monitor the host's memory space directly without involving the host's operating system nor CPU.
2.2. DOCA Arg Parser
DOCA Arg Parser library offers DOCA-based programs an easy and simple command-line interface. Arg Parser supports both regular command-line arguments and a JSON mode that accepts a JSON file containing the required arguments.
2.4. DOCA Compress
The DOCA Compress library offers a hardware-accelerated way to compress and decompress data on both DPU and host.
2.5. DOCA Core
The DOCA Core library provides a unified interface to construct standardized DOCA workflows that other libraries and applications can build upon.
2.6. DOCA DMA
The DOCA Direct Memory Access (DMA) library offers an API for copying data buffers between the host and the DPU using hardware acceleration, supporting both local and remote copy. DMA allows the execution of complex memory operations in an optimized, hardware-accelerated manner.
2.7. DOCA DPI
DOCA Deep Packet Inspection (DPI) library offers a deep examination of data packets as they traverse a monitored network checkpoint. DPI provides a robust mechanism for enforcing network packet filtering, as it can be used to identify or block a range of complex threats due to efficient data stream inspection.
DPI leverages the RegEx engine on the DPU which can very efficiently parse regular expressions found in packets.
DOCA DPI has built-in gRPC support.
2.8. DOCA Flex IO SDK
The DOCA Flex IO SDK API manages the DPA (data path accelerator) auxiliary processor located on the NVIDIA® BlueField-3 DPUs and allows executing native code over it.
The DPA processor is designed to accelerate packet processing and other datapath operations.
2.9. DOCA Flow
DOCA Flow library is the most fundamental API for building generic execution pipes in hardware. The main building block of the library is a pipe. Each pipe consists of match criteria, monitoring, and a set of actions. Pipes can be chained to create a set of complex actions to be performed on ingress packets.
This library serves as an abstraction layer API for network acceleration and should be used by applications intended to offload packet processing from the operating system Kernel directly to the user space.
DOCA Flow has a built-in gRPC-support.
2.10. DOCA RegEx
DOCA RegEx library provides regular expression pattern matching to DOCA programs. It provides access to the regular expression processing (RXP) engine, a high-performance hardware-accelerated engine available on the DPU.
RegEx allows the execution of complex regular expression operations in an optimized, hardware-accelerated manner.
DOCA Rivermax
The DOCA Rivermax library provides an API for using NVIDIA® Rivermax®, an optimized networking SDK for media and data streaming applications. Rivermax leverages the DPU hardware streaming acceleration technology which allows data to be transferred to and from the GPU to deliver best-in-class throughput and latency.
2.12. DOCA SHA
The DOCA SHA library provides a flexible and unified API to leverage the secure hash algorithm offload engine present in the NVIDIA® BlueField®-2 DPU. The SHA hardware engine supports SHA-1, SHA-256, and SHA-512 algorithms either as "single shot" or stateful calculations.
2.13. DOCA Telemetry
DOCA Telemetry library offers a fast and convenient way to transfer user-defined data to the DOCA Telemetry Service (DTS). Telemetry API provides the user a choice between several different outputs including saving the data directly to storage, NetFlow, Fluent Bit forwarding, or Prometheus endpoint.
2.14. DOCA UCX
Unified Communication X (UCX) is an optimized point-to-point communication framework. UCX exposes a set of abstract communication primitives that makes the best use of available hardware resources and offloads. UCX facilitates rapid development by providing a high-level API, masking the low-level details, while maintaining high performance and scalability.
