DOCA Services
This is an overview of the set of services provided by DOCA and their purpose.
DOCA services are DOCA-based products, wrapped in a container for fast and easy deployment on top of the NVIDIA® BlueField® DPU. DOCA services leverage DPU capabilities to offer telemetry, time synchronization, networking solutions, and more.
Services containers can be found under the official NGC catalog, labeled under the "DOCA" and "DPU" NGC labels, as well as the built-in NVIDIA platform option ("DOCA") on the container catalog.
For information on the deployment of the services, refer to the NVIDIA BlueField DPU Container Deployment Guide.
DOCA-based containers consist of two main categories:
DOCA Base Images – containerized DOCA environments for both runtime and development. Used either by developers for their development environment or in the process of containerizing a DOCA-based solution.
DOCA Services – containerized DOCA-based products
The process of developing and containerizing a DOCA-based product is described in the following sections.
Development
Before containerizing a product, users must first design and develop it using the same process for a bare-metal deployment on the BlueField DPU.
This process consists of the steps:
Identifying the requirements for the DOCA-based solution.
Reviewing the feature set offered by the DOCA SDK libraries, as shown in detail in their respective programming guides.
Starting the development process by following our Developer Guide to make the best use of our provided tips and tools.
Testing the developed solution.
Once the developed product is mature enough, it is time to start containerizing it.
Containerization
In this process, it is recommended to make use of DOCA's provided base-images, as available on DOCA's NGC page.
Three image flavors are provided:
base-rt – includes the DOCA runtime, using the most basic runtime environment required by DOCA's SDK
full-rt – builds on the previous image and includes the full list of runtime packages, which are all user-mode components that can be found under the doca-runtime package
devel – builds on the previous image and adds headers and development tools for developing and debugging DOCA applications. This image is particularly useful for multi-stage builds.
All images are preconfigured to use to the DOCA repository of the matching DOCA version. This means that installing an additional DOCA package as part of a Dockerfile / within the development container can be done using the following commands:
apt update
apt install <package
name>
For DOCA and CUDA environments, there are similar flavors for these images combined with CUDA's images:
base-rt (DOCA) + base (CUDA)
full-rt (DOCA) + runtime (CUDA)
devel (DOCA) + devel (CUDA)
Once the containerized solution is mature enough, users may start profiling it in preparation for a production-grade deployment.
Profiling
As mentioned in the NVIDIA BlueField DPU Container Deployment Guide, the current deployment model of containers on top of the DPU is based on kubelet-standalone. And more specifically, this Kubernetes-based deployment makes use of YAML files to describe the resources required by the pod such as:
CPU
RAM
Huge pages
It is recommended to profile your product so as to estimate the resources it requires (under regular deployments, as well as under stress testing) so that the YAML would contain an accurate "resources" section. This allows an administrator to better understand what the requirements are for deploying your service, as well as allow the k8s infrastructure to ensure that the service is not misbehaving once deployed.
Once done, the containerized DOCA-based product is ready for the final testing rounds, after which it will be ready for deployment in production environments.
Container Deployment
This page provides an overview and deployment configuration of DOCA containers for NVIDIA® BlueField® DPU.
DOCA BlueMan
DOCA BlueMan service runs in the DPU as a standalone web dashboard and consolidates all the basic information, health, and telemetry counters into a single interface. This friendly, easy-to-use web dashboard acts as a one-stop shop for all the information needed to monitor the DPU.
DOCA Firefly
DOCA Firefly service provides precision time protocol (PTP) based time syncing services to the BlueField DPU . PTP is used to synchronize clocks in a network which, when used in conjunction with hardware support, PTP is capable of sub-microsecond accuracy, which is far better than what is normally obtainable with network time protocol (NTP).
DOCA Flow Inspector
DOCA Flow Inspector service allows monitoring real-time data and extraction of telemetry components which can be utilized by various services for security, big data and more.
Specific mirrored packets can be transferred to Flow Inspector for parsing and analyzing. These packets are forwarded to DTS, which gathers predefined statistics determined by various telemetry providers.
DOCA HBN
DOCA Host-based Networking service orchestrates network connectivity of dynamically created VMs/containers on cloud servers. HBN service is a BGP router that supports E-VPN extension to enable multi-tenant cloud.
At its core, HBN is the Linux networking acceleration driver of the DPU, Netlink to a DOCA daemon which seamlessly accelerates Linux networking using hardware programming APIs.
DOCA Telemetry
DOCA Telemetry service (DTS) collects data from built-in providers and from external telemetry applications. Collected data is stored in binary format locally on the DPU and can be propagated onwards using Prometheus endpoint pulling, pushing to Fluent Bit, or using other supported providers. Exporting NetFlow packets collected using the DOCA Telemetry NetFlow API is a great example of DTS usage.
For questions, comments, and feedback, please contact us at DOCA-Feedback@exchange.nvidia.com.