NVIDIA Docs Hub Homepage NVIDIA Networking Networking Software Management Software NVIDIA UFM Enterprise User Manual v6.23.1 Installing UFM Docker Container Mode

Installing UFM Docker Container Mode

General Prerequisites

UFM dedicated NVIDIA Host InfiniBand Networking packages provided by DOCA-Host must be installed on the server that will run UFM Docker.

RedHat:

Copy
Copied!

            
            yum install doca-ufm doca-kernel

Ubuntu:

Copy
Copied!

            
            apt install doca-ufm doca-kernel

For UFM to work, you must have an InfiniBand port configured with an IP address and in "up" state.

Note

For InfiniBand support, please refer to DOCA-Host documentation.

If the hosting server is equipped with XDR HCAs (ConnectX-8/ConnectX-9 SuperNICs), SMI devices for the InfiniBand interfaces intended to be used as fabric interfaces in UFM (for OpenSM) must be created if they do not already exist.

Fabric interfaces are defined in the Server section of the gv.cfg file.

Copy
Copied!

            
            [Server]
# SM Management interface
fabric_interface = ib0
# disabled (default) | enabled (configure OpenSM with multiple GUIDs) | ha_enabled (configure multiport SM with high availability).
multi_port_sm = disabled
# When enabling multi_port_sm, specify here the additional fabric interfaces for OpenSM conf.
# Example: ib1,ib2,ib5 (OpenSM will support the first 8 GUIDs where first GUID will
# be extracted from the fabric_interface, and remaining GUIDs from additional_fabric_interfaces.
additional_fabric_interfaces =

Prerequisites for Creating SMI Devices

Install the mlnx-iproute2 package (if it is not already installed):

Copy
Copied!

            
            apt install mlnx-iproute2

Retrieve the list of active InfiniBand (IB) devices based on the defined fabric interfaces.
Use the following bash command to obtain the device names:

ibdev2netdev | grep ib0 | cut -d" " -f1

For the interface name ib0, the corresponding device name will be mlx5_0.

Create SMI devices for the active IB interfaces using the following command:

Copy
Copied!

            
            /opt/mellanox/iproute2/sbin/rdma dev add [interface_name] type SMI parent [device name]
 
for device mlx5_0 smi device name will be smi1 (should not be smi0. Just add one to device name extension (mlx5_0)
Example:
/opt/mellanox/iproute2/sbin/rdma dev add smi1 type SMI parent mlx5_0

Make sure to stop the following services before running UFM Docker container, as it utilizes the same default ports that they do: Pacemaker, httpd, OpenSM, and Carbon.
If firewall is running on the host, please make sure to add an allow rule for UFM used ports (listed below):

Note

If the default ports used by UFM are changed in UFM configuration files, make sure to open the modified ports on the host firewall.
- 80 (TCP) and 443 (TPC) are used by WS clients (Apache Web Server)
- 8000 (UDP) is used by the UFM server to listen for REST API requests (redirected by Apache web server)
- 6306 (UDP) is used for multicast request communication with the latest UFM Agents
- 8005 (UDP) is used as a UFM monitoring listening port
- 8888 (TCP) is used by DRBD to communicate between the UFM Primary and Standby servers
- 2022 (TCP) is used for SSH

Prerequisites for Upgrading UFM Docker Container

Supported versions for upgrade are UFM v.6.10.0 and above.
UFM files directory from previous container version mounted on the host.

Step 1: Loading UFM Docker Image

To load the UFM docker image, pull the latest image from docker hub:

Copy
Copied!

            
            docker pull mellanox/ufm-enterprise:latest

Note

You can see full usage screen for ufm-installation by running the container with -h or -help flag:

Copy
Copied!

            
            docker run --rm mellanox/ufm-enterprise-installer:latest -h

If an Internet connection is not available, perform the following:

Copy the UFM image to your machine.

Load the image from the file using this command:

Copy
Copied!

            
            docker image load -i <image-path>

Step 2: Installing UFM Docker

Installation Command Usage

Copy
Copied!

            
            docker run -it --name=ufm_installer --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /etc/systemd/system/:/etc/systemd_files/ \
-v /opt/ufm/files/:/installation/ufm_files/ \
-v [LICENSE_DIRECTORY]:/installation/ufm_licenses/ \
mellanox/ufm-enterprise:latest \
--install [OPTIONS]

Modify the variables in the installation command as follows:

[UFM_LICENSES_DIR]: UFM license file or files location.

Note

Example: If your license file or files are located under /downloads/ufm_license_files/ then you must set this volume to be -v /downloads/ufm_license_files/:/installation/ufm_licenses/
[OPTIONS]: UFM installation options. For more details see the table below.

Command Options

Flag	Description	Default Value
`--install`	Flag to indicate that UFM should perform the installation	N/A
`-f \| --fabric-interface`	IB fabric interface name.	ib0
`-g \| --mgmt-interface`	Management interface name.	eth0
`-m \| --multisubnet-consumer`	UFM Multisubnet Consumer mode	N/A
`--local-certs-dir <directory>`	A directory on the host that contains the SSL certificate and key (`server.crt` and `server.key`) and the ca-intermediate certificate (ca-intermediate.crt), all in PEM format.	N/A
`-h \| --help`	Show help	N/A

Options applicable only on Podman Unprivileged User Installation

Flag	Description	Default Value
`--rootless`	Flag to indicate that the installation should be rootless.	N/A
`--plugin-path`	Path to the plugin data created in the previous step.	N/A
`--ufm-user`	The user that will run UFM on the host (e.g., `ufmadm`).	N/A
`--ufm-group`	The user group that will run UFM on the host (e.g., `ufmadm`).	N/A

Installation Modes

UFM Enterprise installer supports several deployment modes:

On This Page