Versions Compared

Old Version 16

changes.mady.by.user Yoshitaka Fukushima (福島 佳孝)

Saved on

compared with

New Version 17

changes.mady.by.user Yoshitaka Fukushima (福島 佳孝)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Following diagram shows the difference between the conventional AdamApp(not the docker) and the example of Container AdamApp.

Drawio
mVer2
zoom1
simple0
zoominComment10
inCommentcustContentId01544749670
pageId1538556241
custContentIdlbox15447496701
diagramDisplayNameadam_vs_containeradam.drawio
lbox1
contentVer1
revision2
baseUrlhttps://iproiot.atlassian.net/wiki
diagramNameadam_vs_containeradam.drawio
pCenter0
width1020.4999999999999
links
tbstyle
height1070

...

If you want to run an existing container on an i-PRO camera, you can add the docker_multi_images for management from the camera, and the existing container can be run on the camera with minimal changes.

Drawio
mVer2
zoom1
simple0
zoominComment10
inCommentcustContentId01543832138
pageId1538556241
custContentIdlbox15438321381
diagramDisplayNamedocker_multi_images構成.drawiolbox1
contentVer4
revision5
baseUrlhttps://iproiot.atlassian.net/wiki
diagramNamedocker_multi_images構成.drawio
pCenter0
width721
links
tbstyle
height791

...

  • Add the sub-image information to the child level of the services key. This is already written in the sample app, so we will explain the contents here.

  • The complete description of the web service is as follows:

    image-20240909-101606.png

  • images:
    Here you specify the image name and tag created in 3.2. If the image specified here does not exist, the app build script will fail.

  • networks:
    If you want containers to communicate with each other, they must specify the same network.

  • restart:
    Specifies how to recover when the container is terminated. In the case of ext format Docker, the main container is monitored by the camera firmware without using Docker mechanisms, so specifying "no" will restart it appropriately. On the other hand, subcontainers are not monitored by the camera firmware, so set it according to the actual operation.

  • ports:
    If the sub-image exposes a port that can be connected from outside, describe it in the format of [camera side]:[container side].

  • volumes:
    Describes volumes and bind mounts.
    Only volumes defined in this docker-compose.yaml can be specified for volume. In addition, volume names defined here must also be separately listed in the volumes: section at the top of the yaml file.
    There are restrictions on directory paths that can be bind mounted.
    Data is written to the camera's internal flash memory. Since there is a limit to the number of times data can be written to flash memory, if you plan to write data frequently, we recommend using tmpfs or an SD card.

  • tmpfs:
    Security policies prevent writing to containers, so if there are directories under /var where apps temporarily store data, specify them here.
    In the case of nginx, it writes to /var/cache/nginx and /var/run, so these are specified as tmpfs.
    The data is written to the camera's internal RAM.

  • Required parameters
    The following parameters must be added to satisfy the security policy of the i-RPO PRO camera. Please copy and paste as is.

    Code Block
        read_only: true
    user:
      1000:1000
    cap_drop:
      - "net_raw"
    security_opt:
      - "label=type:ipro-container.process"
      - "no-new-privileges"
    labels:
      com.i-pro.app-type: "ext"
      com.i-pro.device-category: "CV5x-A"
      com.i-pro.device-vendor: "i-PRO"

  • Listing root-level volumes
    Enter the volume name in the volumes: section under the root of the yaml file.

    image-20240801-032019.png

...