Documentation

Deploying Containers

Table 1 describes the procedure for deploying containers. Before deploying a container, add the SHA256 value of the container to the image trustlist by referring to Modify the security configurations of the AtlasEdge container.

Due to resource limitation, an Atlas 500 AI edge station (model 3000) supports a maximum of 8 containers.

Table 1 Procedure for deploying containers

No.

Operation

Description

Reference

1

Create an image file.

An image file is a Docker image file required for creating a container. You can upload the images created from applications to the image repository of FusionDirector. When deploying an application, you can directly select the required image file.

Creating an Image File

2

(Optional) Create application configurations.

ConfigMaps store configuration information required for containers. ConfigMaps decouple configuration files from container images to enhance the portability of containers.

NOTE:

When a container with ConfigMaps is deployed, ConfigMaps are stored as files in the host and container. The file owner group is root, and the read and write permissions are 0644. You are advised to encrypt sensitive data to prevent data leakage.

(Optional) Create application configurations.

3

Create an application template.

An application template contains information such as image files, container specifications, environment variables, volumes, restart policies, and container network parameters. You can use an application template to quickly create a container with the same service features.

Creating an Application Template

4

Create a container.

Containers are service applications running on edge devices. You can use FusionDirector to deploy containers on edge devices in batches.

Creating a Container

Creating an Image File

  1. On the FusionDirector WebUI, choose Menu > Configuration > Configuration Deployment > Containerized Application Deployment > Image Files.

  2. Click Create Image File.

  3. On the Create Image File page displayed, configure image file information and click OK.

  4. In the image file list, select the image file and click Create Subversion in the Operation column.
  5. On the Create Subversion page displayed, configure the subversion information and click OK.

    Table 2 Item description

    Item

    Description

    Value

    Version

    Subversion number.

    The value consists of 1 to 64 characters, allowing only lowercase letters, digits, hyphens (-), underscores (_), and periods (.). The value must start and end with a lowercase letter or digit.

    Image File

    Image file uploaded.

    The file must be in tar or tar.gz format and cannot exceed 10 GB after decompression.

    Verification

    Specifies whether to verify the uploaded image file.

    Security risks exist if the image file is not verified. You are advised to perform the verification.

    Image Verification Mode

    If you select Check for Verification, you must also enter the image verification mode.

    Only SHA256 is supported.

    Image File Verification Code

    If you select Check for Verification, you must also enter the image verification code.

    You can obtain the verification code in multiple ways. For example, on the Windows OS, enter cmd to switch to the CLI, and run the certutil -hashfile "Absolute path of the image file" sha256 command to obtain the verification code.

    Subversion Description

    Enter supplementary information about the subversion.

    N/A

(Optional) Create application configurations.

  1. On the FusionDirector WebUI, choose Menu > Configuration > Configuration Deployment > Containerized Application Deployment > Application Configuration.

  2. Choose the ConfigMap tab and click Create ConfigMap.

  3. Configure ConfigMap settings.
    Table 3 Item description

    Item

    Description

    Value

    ConfigMap Name

    Name of a ConfigMap.

    The value must contain 4 to 64 characters and start with a lowercase letter, allowing only lowercase letters, digits, and hyphens (-). It cannot end with a hyphen (-).

    Description

    Description of a ConfigMap.

    -

    ConfigMap Data

    Enter the key and value of a ConfigMap.

    To add multiple ConfigMap records, click Add ConfigMap and enter the ConfigMap information.

    A maximum of 256 ConfigMap records can be added.

    NOTICE:

    The ConfigMap configuration information is displayed in plaintext. Please prevent information leakage.
  4. Click OK.

    The ConfigMap created is displayed in the ConfigMap list.

Creating an Application Template

  1. On the FusionDirector WebUI, choose Menu > Configuration > Configuration Deployment > Containerized Application Deployment > Application Templates.

  2. Click Create Application Template.

  3. Configure basic information about the application template.

  4. Configure the application template.

    Click Add Image, select an image file from the image list, click OK, and perform related configuration.

    If multiple container images need to be deployed for an application, you can click Add Image and configure each image as follows:

    • An application with a single pod and multiple container images deployed using FusionDirector can run properly after being migrated to the WebUI of the Atlas 500 AI edge station (model 3000). You can only start, stop, and delete the application on the WebUI. Other operations, such as modification and upgrade, are not supported.
    • An application with a single pod and one container image deployed using FusionDirector can run properly after being migrated to the WebUI of the Atlas 500 AI edge station (model 3000). You can start, stop, delete, modify, and upgrade the application on the WebUI.
    1. Configure the container basic information.

    2. Configure container specifications.

      Table 4 Item description

      Item

      Description

      CPU Quota

      Enter the minimum number of CPUs required by the container and the maximum number of CPUs allowed by the container.

      Memory Quota

      Enter the minimum memory size required by the container and the maximum memory size allowed by the container.

      NPU Quota
      • By default, this item is not configured. Enter the number of NPUs to be used if required, and ensure that the total NPUs configured for all containers do not exceed the number of available NPUs on the device.

        The Atlas 500 AI edge station (model 3000) supports the NPU sharing mode. For details about how to enable and disable this mode, see Setting the NPU Sharing Mode. The NPU allocation for the NPU sharing mode is as follows:

        • If the NPU sharing mode is enabled, the configured multiple containers can share the NPU resources of the same processor. Enter the required NPU quota for each container.
        • If the NPU sharing mode is disabled, a container exclusively occupies an NPU even if less than one NPU is allocated.
      • Currently, NPU resources can be shared among containers only in resource preemption mode. NPU resources cannot be shared based on the configured quota.
      • Currently, FusionDirector cannot collect statistics on the resource usage of unknown containers and migrated unknown containers, including the usage of CPU, memory, and NPU resources.
      • During the deployment of a container with specified NPU resources, if the NPU resources are sufficient but the system still displays a message indicating that no NPU resource is available, run the npu-smi info command to check the NPU health status. If the NPU health status is abnormal, restart the edge node for recovery. Before running the npu-smi command, check whether the owner and owner group of the command are root. If no, install Ascend HDK 22.0.RC5 or a later version by referring to the Ascend 310P NPU Driver and Firmware Installation Guide (AI Accelerator Card).
      • The limits of the CPU and memory resources to be configured cannot exceed the container resource limits in the AtlasEdge container security configuration file podconfig.json. For details, see Modify the security configurations of the AtlasEdge container.
    3. Configure environment variables.

      Configure system environment variables for running the container. Click Add Environment Variable and enter the variable name and value.

    4. Configure volumes.

      A volume is a storage volume used for container running. You can mount the local volume to the container for persistent data file storage. If a local volume name is used for different containers, the volume type must be the same.

      Click Add Volume and configure volume information.

      Table 5 Item description

      Item

      Description

      Local Volume Name

      The volume name can contain 1 to 63 characters, allowing only lowercase letters and digits.

      Type

      ConfigMap: a configuration item. Ensure that the corresponding configuration item exists. If the configuration item does not exist, create it by following the procedure in (Optional) Create application configurations..

      Mount Directory

      The volume mount directory can contain 2 to 1024 characters and start with a slash (/), allowing only digits, letters, slashes (/), hyphens (-), underscores (_), and dots (.).

      Permission

      Operation permission. Select a value from the drop-down list box.
    5. (Optional) Configure a security policy. For details, see "Configuration and Deployment > Containerized Application Deployment > Application Template > Creating an Application Template" in the FusionDirector Operation Guide.
  5. Perform advanced configurations of the application template. Select Port Mapping for Container Network, and set other parameters, including the network settings and option policy. For details, see "Configuration and Deployment > Containerized Application Deployment > Application Template > Creating an Application Template" in the FusionDirector Operation Guide.
    • If the restart policy of a container is set to Not Restart, the container remains abnormal after an exception occurs.
    • The value range supported by the current container port is [1024,65535].

Creating a Container

  1. On the FusionDirector WebUI, choose Menu > Configuration > Configuration Deployment > Containerized Application Deployment > Containerized Application.

  2. Click Create Containerized Application.

  3. Configure basic information and click Next.

  4. Configure the container information.

    Enter the version and click Select Application Template. In the displayed dialog box, select the application template. You can also modify the parameters in the selected application template, and click Next.

  5. On the page to select a resource file, click Next to skip this step.
  6. Add edge devices.

    On the Add Edge Device page, click Add. In the displayed dialog box, select one or more edge devices to be associated and click OK.

  7. Click OK.

    The task created by the container is displayed in the task list in the upper right corner of the page. After the container is created successfully, the newly added Container is displayed in the container list. Click the container name to go to the Basic Information page of the container. If the instance running status is Running, the container is successfully deployed on the edge node and is running properly.

Other Operations

Create other optional configurations (such as model files and probes) in the container by referring to "Additional Information About Application Deployment on FusionDirector" in the container_capability_tool document.