Dear Lucas,
thanks for your answer. I also tested my container with the "-net
host" flag and in this case PVaccess works also from a remote
host, yes!
My only concern is, if I want to run multiple IOCs on the same
host. (Never actually did that). Don't I have to set individual CA
Server ports for each IOC? PVaccess sets it's port dynamically if
the default port is already in use. But does a remote PVaccess
client (e.g. phoebus) notice that?
Best regards,
Florian
On 7/10/19 12:54 PM, Lucas Russo wrote:
Hi Florian,
Althought I can't specifically help you with
your issue I wonder if the "-net host" docker run flag could
help you here. In this way you won't need the CA gateway in
the middle of your client/IOC server when running multiple
IOCs on the same host.
My group at the Brazilian Synchrotron is also
using docker containers as a way of deploying our IOCs to
the control system. Good to know there are more people
working in the same way.
PS: as a side note, ICALEPCS will have a workshop about
containers in controls. Maybe this would be interesting for
you: https://icalepcs2019.bnl.gov/workshops.html#12
Cheers!
Lucas
On Mon, Jul 8, 2019, 03:58
Florian Feldbauer via Tech-talk < [email protected]>
wrote:
Dear
all,
at the collaboration meeting last month I presented, that
we are looking
into Docker containers for deploying and managing our
EPICS
installations for the PANDA experiment.
I have now tested several things with containers for IOCs,
ca-gateway,
phoebus and the archive-engine (from phoebus).
@Heinz: During the meeting you asked how the containers
get access to
network devices: Actually, this is quiet easy. if you use
the bridge
network driver from Docker for the virtual network your
containers live in,
NATing is enabled by default. (Otherwise CMS which are
usually run
inside of containers could not get their updates ;-) ). So
even if you
run mutliple IOCs on the same host, accessing network
devices is no problem.
For access those IOCs via CA from a remote host you need a
CA gateway as
well. I also tested access to serial devices with
asyn+stream.
One thing which is not working for me at the moment is
PVaccess. For CA
i add the option `-p 5064-5065:5064-5065 -p
5064-5065:5064-5065/udp` to
publish the CA ports of my container (either IOC or
ca-gateway) to the
outside world.
For PVaccess I tried with `-p 5075:5075 -p 5076:5076/udp`
but this was
not working. Accessing the IOC from the host directly (via
the virual
network) works. So the IOC has a PVaccess server.
Did I miss some important ports for PVaccess or is this
protocol working
differently when establishing connections?
The IOC is connected to a virtual network with its own IP
address. The
ports are mapped to the physical ports of my host system.
The remote
client only "sees" the physical connection of my host.
If anyone is interested in this work let me know! We will
establish our
own docker registry server soon, where the images will be
made available.
Best regards,
Florian
--
Dr. Florian Feldbauer
Ruhr-Universität Bochum
Experimentalphysik I AG
Universitätsstr. 150
Fach-Nr. 125
D-44801 Bochum
Office: NB 2/134
Phone: (+49)234 / 32-23563
Fax: (+49)234 / 32-14170
https://paluma.ruhr-uni-bochum.de
--
Dr. Florian Feldbauer
Ruhr-Universität Bochum
Experimentalphysik I AG
Universitätsstr. 150
Fach-Nr. 125
D-44801 Bochum
Office: NB 2/134
Phone: (+49)234 / 32-23563
Fax: (+49)234 / 32-14170
https://paluma.ruhr-uni-bochum.de
|