1 files changed, 133 insertions, 3 deletions
diff --git a/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml b/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml
index 6f74061..c6ce223 100644
--- a/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml
+++ b/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml
@@ -1,8 +1,138 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="ISO-8859-1"?>
 <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-<chapter condition="hidden" id="workflow">
+<chapter id="container-virtualization">
  <title>Container Virtualization</title>
-  <para></para>
+  <section id="docker">
+    <title>Docker</title>
+    <para>Docker is an open-source project that automates the deployment of
+    applications inside software containers, by providing an additional layer
+    of abstraction and automation of operating-system-level virtualization on
+    Linux.</para>
+    <para>The software container mechanism uses resource isolation features
+    inside the Linux kernel, such as cgroups and kernel namespaces to allow
+    multiple containers to run within a single Linux instance, avoiding the
+    overhead of starting and maintaining virtual machines. </para>
+    <para>Containers are lightweight and include everything needed to run
+    themselves: code, runtime, system tools, system libraries and settings.
+    The main advantage provided by containers is that the encapsulated
+    software is isolated from its surroundings. For example, differences
+    between development and staging environments can be kept separate in order
+    to reduce conflicts between teams running different software on the same
+    infrastructure. </para>
+    <para>For a better understanding of what Docker is and how it works, the
+    official documentation provided on the Docker website should be consulted:
+    <ulink
+    url="https://docs.docker.com/">https://docs.docker.com/</ulink>.</para>
+    <section id="launch-docker-container">
+      <title>Launching a Docker container</title>
+      <para>Docker provides a hello-world container which checks whether your
+      system is running the daemon correctly. This container can be launched
+      by simply running:</para>
+      <programlisting>&gt;docker run hello-world
+Hello from Docker!</programlisting>
+      <para>This message shows that your installation appears to be working
+      correctly.</para>
+    </section>
+    <section id="run-enfv-guest-image">
+      <title>Run an Enea NFV Access Platform guest image</title>
+      <para>Enea NFV Access Platform guest images can run inside Docker as any
+      other container can. Before starting an Enea NFV Access Platform guest
+      image, a root filesystem has to be imported in Docker:</para>
+      <programlisting>&gt;docker import enea-linux-virtualization-guest-x86-64.tar.gz el7guest</programlisting>
+      <para>To check that the Docker image has been imported successfully,
+      run:</para>
+      <programlisting>&gt;docker images</programlisting>
+      <para>Finally, start an Enea NFV Access Platform container with
+      <literal>bash</literal> running as the shell, by running:</para>
+      <programlisting>&gt;docker run -it el7guest /bin/bash</programlisting>
+    </section>
+    <section id="attach-ext-resources-docker-containers">
+      <title>Attach external resources to Docker containers</title>
+      <para>Any system resource present on the host machine can be attached or
+      accessed by a Docker container.</para>
+      <para>Typically, if a file or folder on the host machine needs to be
+      attached to a container, that container should be launched with the
+      <literal>-v</literal> parameter. For example, to attach the
+      <literal>roots</literal> home folder to a container, the command line
+      for Docker should have the following format:</para>
+      <programlisting>&gt;docker run -it -v /home/root:/home/host_root/ el7guest /bin/bash</programlisting>
+      <para>To check that folders have been properly passed from the host to
+      the container, create a file in the source folder on the host root
+      filesystem and check for its existence inside the containers destination
+      location.</para>
+      <section id="attach-vhost-descriptors">
+        <title>Attach vhost file descriptors</title>
+        <para>If OVS is running on the host and vhost file descriptors need to
+        be passed to the container, this can be done by either mapping the
+        folder where all the file descriptors are located or mapping the file
+        descriptor itself:</para>
+        <itemizedlist>
+          <listitem>
+            <para>Mapping the folder can be done as exemplified above:</para>
+            <programlisting>docker run -it --rm -v /var/run/openvswitch/:/var/run/openvswitch/ el7guest /bin/bash</programlisting>
+          </listitem>
+          <listitem>
+            <para>Mapping a file descriptor is done in a similar way, but the
+            <literal>-v</literal> flag needs to point directly to it:</para>
+            <programlisting>&gt;docker run -it --rm -v /var/run/openvswitch/vhost-user1 el7guest /bin/bash</programlisting>
+          </listitem>
+        </itemizedlist>
+      </section>
+      <section id="attach-hugepages-mount-folders">
+        <title>Attach hugepages mount folders</title>
+        <para>Hugepages mount folders can also be accessed by a container
+        similarly to how a plain folder is mapped, as shown in 1.3.</para>
+        <para>For example, if the host system has hugepages mounted in the
+        <literal>/mnt/huge</literal> location, a container can also access
+        hugepages by being launched with:</para>
+        <programlisting>&gt;docker run -it -v /mnt/huge el7guest /bin/bash</programlisting>
+      </section>
+      <section id="access-pci-bus">
+        <title>Access the PCI bus</title>
+        <para>If the host machine has multiple SRIOV instances created, a
+        container can access the instances by being given privileged access to
+        the host system. Unlike folders, PCI devices do not have to be mounted
+        explicitly in order to be accessed and will be available to the
+        container if the <literal>--privileged</literal> flag is passed to the
+        command line:</para>
+        <programlisting>&gt;docker run --privileged -it el7guest /bin/bash</programlisting>
+      </section>
+    </section>
+  </section>
 </chapter>
 \ No newline at end of file

diff --git a/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml b/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml index 6f74061..c6ce223 100644 --- a/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml +++ b/doc/book-enea-nfv-access-platform-guide/doc/container_virtualization.xml
@@ -1,8 +1,138 @@
1	<?xml version="1.0" encoding="UTF-8"?>	1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"	2	<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">	3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4	<chapter condition="hidden" id="workflow">	4	<chapter id="container-virtualization">
5	<title>Container Virtualization</title>	5	<title>Container Virtualization</title>
6		6
7	<para></para>	7	<section id="docker">
		8	<title>Docker</title>
		9
		10	<para>Docker is an open-source project that automates the deployment of
		11	applications inside software containers, by providing an additional layer
		12	of abstraction and automation of operating-system-level virtualization on
		13	Linux.</para>
		14
		15	<para>The software container mechanism uses resource isolation features
		16	inside the Linux kernel, such as cgroups and kernel namespaces to allow
		17	multiple containers to run within a single Linux instance, avoiding the
		18	overhead of starting and maintaining virtual machines. </para>
		19
		20	<para>Containers are lightweight and include everything needed to run
		21	themselves: code, runtime, system tools, system libraries and settings.
		22	The main advantage provided by containers is that the encapsulated
		23	software is isolated from its surroundings. For example, differences
		24	between development and staging environments can be kept separate in order
		25	to reduce conflicts between teams running different software on the same
		26	infrastructure. </para>
		27
		28	<para>For a better understanding of what Docker is and how it works, the
		29	official documentation provided on the Docker website should be consulted:
		30	<ulink
		31	url="https://docs.docker.com/">https://docs.docker.com/</ulink>.</para>
		32
		33	<section id="launch-docker-container">
		34	<title>Launching a Docker container</title>
		35
		36	<para>Docker provides a hello-world container which checks whether your
		37	system is running the daemon correctly. This container can be launched
		38	by simply running:</para>
		39
		40	<programlisting>>docker run hello-world
		41
		42	Hello from Docker!</programlisting>
		43
		44	<para>This message shows that your installation appears to be working
		45	correctly.</para>
		46	</section>
		47
		48	<section id="run-enfv-guest-image">
		49	<title>Run an Enea NFV Access Platform guest image</title>
		50
		51	<para>Enea NFV Access Platform guest images can run inside Docker as any
		52	other container can. Before starting an Enea NFV Access Platform guest
		53	image, a root filesystem has to be imported in Docker:</para>
		54
		55	<programlisting>>docker import enea-linux-virtualization-guest-x86-64.tar.gz el7guest</programlisting>
		56
		57	<para>To check that the Docker image has been imported successfully,
		58	run:</para>
		59
		60	<programlisting>>docker images</programlisting>
		61
		62	<para>Finally, start an Enea NFV Access Platform container with
		63	<literal>bash</literal> running as the shell, by running:</para>
		64
		65	<programlisting>>docker run -it el7guest /bin/bash</programlisting>
		66	</section>
		67
		68	<section id="attach-ext-resources-docker-containers">
		69	<title>Attach external resources to Docker containers</title>
		70
		71	<para>Any system resource present on the host machine can be attached or
		72	accessed by a Docker container.</para>
		73
		74	<para>Typically, if a file or folder on the host machine needs to be
		75	attached to a container, that container should be launched with the
		76	<literal>-v</literal> parameter. For example, to attach the
		77	<literal>roots</literal> home folder to a container, the command line
		78	for Docker should have the following format:</para>
		79
		80	<programlisting>>docker run -it -v /home/root:/home/host_root/ el7guest /bin/bash</programlisting>
		81
		82	<para>To check that folders have been properly passed from the host to
		83	the container, create a file in the source folder on the host root
		84	filesystem and check for its existence inside the containers destination
		85	location.</para>
		86
		87	<section id="attach-vhost-descriptors">
		88	<title>Attach vhost file descriptors</title>
		89
		90	<para>If OVS is running on the host and vhost file descriptors need to
		91	be passed to the container, this can be done by either mapping the
		92	folder where all the file descriptors are located or mapping the file
		93	descriptor itself:</para>
		94
		95	<itemizedlist>
		96	<listitem>
		97	<para>Mapping the folder can be done as exemplified above:</para>
		98
		99	<programlisting>docker run -it --rm -v /var/run/openvswitch/:/var/run/openvswitch/ el7guest /bin/bash</programlisting>
		100	</listitem>
		101
		102	<listitem>
		103	<para>Mapping a file descriptor is done in a similar way, but the
		104	<literal>-v</literal> flag needs to point directly to it:</para>
		105
		106	<programlisting>>docker run -it --rm -v /var/run/openvswitch/vhost-user1 el7guest /bin/bash</programlisting>
		107	</listitem>
		108	</itemizedlist>
		109	</section>
		110
		111	<section id="attach-hugepages-mount-folders">
		112	<title>Attach hugepages mount folders</title>
		113
		114	<para>Hugepages mount folders can also be accessed by a container
		115	similarly to how a plain folder is mapped, as shown in 1.3.</para>
		116
		117	<para>For example, if the host system has hugepages mounted in the
		118	<literal>/mnt/huge</literal> location, a container can also access
		119	hugepages by being launched with:</para>
		120
		121	<programlisting>>docker run -it -v /mnt/huge el7guest /bin/bash</programlisting>
		122	</section>
		123
		124	<section id="access-pci-bus">
		125	<title>Access the PCI bus</title>
		126
		127	<para>If the host machine has multiple SRIOV instances created, a
		128	container can access the instances by being given privileged access to
		129	the host system. Unlike folders, PCI devices do not have to be mounted
		130	explicitly in order to be accessed and will be available to the
		131	container if the <literal>--privileged</literal> flag is passed to the
		132	command line:</para>
		133
		134	<programlisting>>docker run --privileged -it el7guest /bin/bash</programlisting>
		135	</section>
		136	</section>
		137	</section>
8	</chapter> \ No newline at end of file	138	</chapter> \ No newline at end of file