cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
29072
Views
12
Helpful
21
Comments
szeya
Cisco Employee
Cisco Employee

Hosting Native Docker Container on C9300

 

Powered by an x86 CPU, the application hosting solution on the Cisco® Catalyst® 9000 series switches provide the intelligence required at the edge. This gives administrators a platform for leveraging their own tools and utilities, such as a security agent, Internet of Things (IoT) sensor, and traffic monitoring agent.

Application hosting on Cisco Catalyst 9000 family switches opens up new opportunities for innovation by converging network connectivity with a distributed application runtime environment, including hosting applications developed by partners and developers.

Cisco IOS XE 16.12.1 introduced native Docker container support on Catalyst 9300 series switches. Now, C9404 and C9407 models also can support Docker container with Cisco IOS XE 17.1.1 release.  This enables users to build and bring their own applications without additional packaging. Developers don’t have to reinvent the wheel by rewriting the applications every time there is an infrastructure change. Once packaged within Docker, the applications will work within any infrastructure that supports docker containers.

In this blog, you will see how you can use native docker image (iperf) from Docker Hub to measure network performance by hosting on Cisco Catalyst 9300 switch.

 

Step-by-step installation configuration

 

1. Download the iPerf docker image to the local laptop.

Download the latest iPerf image from Docker Hub to the laptop.

Screen Shot 2019-06-05 at 11.41.12 AM.png

 

Docker engine has to be installed on laptop and can pull iPerf image from Docker Hub.

MyPC$ docker pull mlabbe/iperf3

 

Save the downloaded iPerf docker image as a tar archive:

MyPC$ docker save mlabbe/iperf3 > iPerf.tar

 

2. Login to the Catalyst 9300 and copy the iPerf.tar archive to the flash: drive.

copy usbflash0:iPerf.tar flash:

3. Configure network connectivity to the IPerf docker.

 

Screen Shot 2019-06-05 at 12.55.59 PM.png

a. Create the VLAN and VLAN interface:

      conf t
      interface Vlan123
      ip address 192.168.1.1 255.255.255.0

 

b. Configure the AppGigabitEthernet1/0/1 interface:

       interface AppGigabitEthernet1/0/1
       switchport mode trunk

The above configuration allows VLAN 123 on the AppGigabitEthernet port.

 

c. Map vNIC interface eth0 of the IPerf docker to VLAN 123 on the AppGigabitEthernet 1/0/1 interface: 

       conf t
       app-hosting appid iPerf
       app-vnic AppGigEthernet trunk
       guest-interface 0

       vlan 123 guest-interface 0
       guest-ipaddress 172.26.123.202 netmask 255.255.255.0
       app-default-gateway 172.26.123.1 guest-interface 0

 

4. Enable and verify App Hosting.

 

a. Verify that the USB SSD-120G flash storage is used.

     dir usbflash1:
     Directory of usbflash1:/
    11 drwx           16384    Mar 25 2019 22:32:36 +00:00    lost+found
    118014062592 bytes total (105824313344 bytes free)
Note: SSD-120G will be shown as usbflash1: in IOS-XE CLI. Internal flash and front panel usb (usbflash0:) do not support for application hosting.

 

b. Configure iox for App Hosting:

 conf t
 iox

 

show iox-service
IOx Infrastructure Summary:
 ---------------------------
 IOx service (CAF)      : Running
 IOx service (HA)        : Running
 IOx service (IOxman)  : Running
 Libvirtd                      : Running
 Dockerd                    : Running

 

5. Install ,activate and run the IPerf docker cat9k application.

Screen Shot 2019-05-14 at 9.26.51 PM.png

a. Deploy the IPerf docker application:

   app-hosting install appid iPerf package flash:iPerf.tar
   Installing package 'flash:iPerf.tar' for iPerf. Use 'show app-hosting list' for progress.

    show app-hosting list
    App id                                   State
    ------------------------------------------------------
    iPerf                                  DEPLOYED

 b. Activate the IPerf docker application:

    app-hosting activate appid iPerf
    iPerf activated successfully
    Current state is: ACTIVATED

c. Start the IPerf docker  application:

    app-hosting start appid iPerf
    iPerf started successfully
    Current state is: RUNNING

d. Verify that the IPerf docker  application is running:

    show app-hosting list
    App id                                   State
    ---------------------------------------------------------
     iPerf                                  RUNNING

 

6. Working with the app.

a. Check app details.

   show app-hosting detail appid iperf

   App id                 : iperf

   Owner                 : iox

   State                   : RUNNING

   Application

   Type                    : docker

   Name                   : mlabbe/iperf3

   Version                : latest

   Description          :

   Path                 : usbflash0:iperf3_sai.tar

   Activated profile name : custom

 

   Resource reservation

     Memory              : 2048 MB

     Disk                    : 4000 MB

     CPU                    : 7400 units

     VCPU                  : 1 units

   Attached devices

     Type              Name               Alias

     ---------------------------------------------

     serial/shell      iox_console_shell   serial0

     serial/aux        iox_console_aux     serial1

     serial/syslog    iox_syslog          serial2

     serial/trace      iox_trace           serial3

   Network interfaces

   ---------------------------------------

  eth0:

   MAC address        : 52:54:dd:50:b5:ce

   IPv4 address         : 172.26.123.202

   Network name      : mgmt-bridge193

   Docker

   ------

   Run-time information

     Command              :

     Entry-point             : iperf3 -s

     Run options in use  :

   Application health information

     Status                    : 0

     Last probe error     :

     Last probe output   :

b. Check app utilization.

   show app-hosting utilization appid iPerf
   Application: iPerf
   CPU Utilization:
     CPU Allocation: 7400 units
     CPU Used: 1.49 %
   Memory Utilization:
     Memory Allocation: 2048 MB
     Memory Used: 893 KB
  Disk Utilization:
     Disk Allocation: 4000 MB
     Disk Used: 0.00 MB

 

7. Monitoring performance between the laptop and C9300.

 

MyPC$ iperf3 -c 172.26.123.202

Connecting to host 172.26.123.202, port 5201

[  5] local 10.154.164.97 port 59408 connected to 172.26.123.202 port 5201

[ ID] Interval           Transfer     Bitrate

[  5]   0.00-1.00   sec  7.51 MBytes  63.0 Mbits/sec                 

[  5]   1.00-2.00   sec  8.24 MBytes  69.2 Mbits/sec                 

[  5]   2.00-3.00   sec  10.0 MBytes  84.2 Mbits/sec                 

[  5]   3.00-4.00   sec  9.52 MBytes  79.9 Mbits/sec                 

[  5]   4.00-5.00   sec  9.36 MBytes  78.5 Mbits/sec                 

[  5]   5.00-6.00   sec  10.8 MBytes  90.8 Mbits/sec                 

[  5]   6.00-7.00   sec  10.1 MBytes  84.9 Mbits/sec                 

[  5]   7.00-8.00   sec  9.62 MBytes  80.7 Mbits/sec                 

[  5]   8.00-9.00   sec  10.9 MBytes  91.2 Mbits/sec                 

[  5]   9.00-10.00  sec  4.51 MBytes  37.7 Mbits/sec                 

- - - - - - - - - - - - - - - - - - - - - - - - -

[ ID] Interval           Transfer     Bitrate

[  5]   0.00-10.00  sec  90.6 MBytes  76.0 Mbits/sec                  sender

[  5]   0.00-10.01  sec  90.1 MBytes  75.5 Mbits/sec                  receiver

 

21 Comments
rohitdhobale
Level 1
Level 1

I am trying to install sample docker application on Catalyst 9300 ( ios xe 17.09.01) using these general instructions. Application (.tar) is deployed successfully on usb flash drive and its current state is DEPLOYED.

While activating application, I am getting below error,
% Error: Required: 10. Platform does not have enough storage, available storage 0

The usb flash is 120 gb size and dir command output shows 0 bytes free. However, the drive has only 15 gb size content (sum of sizes in dir command output). Is there any way to resolve this?

Also, if the docker application requires database to store data (outside the container), is there any recommendation? Is it through docker volume?

Your support and advice is greatly appreciated.
Rohit

ikrneta
Level 1
Level 1

Tried running it on Catalyst 8300, but when trying to start container I get the error:

app-hosting start appid iperf
"% Error: Error while starting the app: iperf, Cause: Failed to start container: Error: internal error: guest failed to start: Failure in libvirt_lxc startup: internal error: User iperf doesn't exist"

Any help would be appreciated.

show app-hosting detail appid iperf
App id : iperf
Owner : iox
State : ACTIVATED
Application
Type : docker
Name : localhost/docker-iperf3
Version : latest
Description :
Author :
Path : harddisk:iperf.tar
URL Path :
Multicast : yes
Activated profile name : custom

Resource reservation
Memory : 2048 MB
Disk : 10 MB
CPU : 32585 units
CPU-percent : 50 %
VCPU : 1

Platform resource profiles
Profile Name CPU(unit) Memory(MB) Disk(MB)
--------------------------------------------------------------

Attached devices
Type Name Alias
---------------------------------------------
serial/shell iox_console_shell serial0
serial/aux iox_console_aux serial1
serial/syslog iox_syslog serial2
serial/trace iox_trace serial3

 

JEFF GRANT
Level 1
Level 1

What is interface AP3/0/1 and 4/0/1? These just popped into my switch and I don't know what caused them to appear

Larry Sullivan
Level 3
Level 3

Anyone know if all functions of iperf are available.  Interested in doing UDP test to check for out of order packets.

szeya
Cisco Employee
Cisco Employee
Yes. All iperf functions will work.
Thiago Perrini
Level 4
Level 4

Thanks for this usefull guide.
We planed to perform some iPerf Tests for our customer and during the PoC we found some restrictions and requirements that are important to mention and highlight for the 9300 Plattform.

First: Be aware of the network speed you can get via AppHosting. For Catalyst 9300/L/LM you have 1x1G and for 9300X you have 2x10G. Reference BRKOPS-2490 or white paper, see the link below.
Second: On the documentation, there is no mention or we didn't found anything regarding the signature verification. 
Third: During the iPerf installation we hitted the BugID CSCwa56172, regarding the need of a USB-Disk from Cisco if you want to install a non-Cisco signed application on bootflash memory. And that only Cisco signed appllication can be installed, activated and executed on the bootflash memory.


CSCwa56172 Restrictions

  • 17.3.x releases: Applications not signed by Cisco can be installed, activated and executed on the bootflash memory by disabling "App Signature Verification" from the Switch WEB GUI.
  • 17.6.x releases: Applications not signed by Cisco can only be installed on the bootflash memory by disabling "App Signature Verification" from the Switch WEB GUI. The activation and execution of the application is blocked.
  • 17.9.x releases: Applications not signed by Cisco cannot be installed, activated or executed on the bootflash memory.
  • Workaround: To execute an Application not signed by Cisco a Solid State Drive (SSD) is required.


iPerf Restrictions

  • Application hosting is not virtual routing and forwarding aware (VRF-aware).
  • In releases prior to Cisco IOS® XE Amsterdam 17.3.3, application hosting requires dedicated storage allocations, and is disabled on the bootflash.
  • In Cisco IOS® XE Amsterdam 17.3.3 and later releases, application hosting is enabled on the bootflash, however, only Cisco-signed applications are hosted.
  • The front-panel Universal Serial Bus (USB) stick is not supported.
  • Cisco Catalyst 9300 Series Switches support only back-panel Cisco-certified USB.
  • Cisco Catalyst 9500-High Performance Series Switches and Cisco Catalyst 9600 Series Switches do not support front-panel USB for application hosting.
  • Cisco Catalyst 9500 and 9500-High Performance Series Switches and Cisco Catalyst 9600 Series Switches do not support AppGigabitEthernet interfaces.
  • Cisco Catalyst 9410R Switches do not support application-hosting in release prior to Cisco IOS® XE Bengaluru 17.5.1.
  • Configure the enable command on the AppGigabitEthernet interfaces to enable application hosting on Cisco Catalyst 9410R Switches.

In summary with a current IOS XE you can not install non-signed App on Catalyst 9300 Devices. You require a Cisco-certified USB Stick to install iPerf. And Cisco SSD-120G is EoL and the replacement device is the SSD-240G.


Overview regarding hardware and network speed for iPerf on Catalyst 9300 via App Hosting.

apphosting_speed.jpg

Cisco References:

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: