...
2.1 Design docker container architecture
| Info |
|---|
Please refer here for information on which to choose between the existing AdamApp, Container AdamApp and Cotainer AdamApp for Azure IoT Edge. |
...
Please see here for resources for CV52 cameras that support docker capabiilitycapability.
Please make sure the app you are porting can work within these limits.
RAM/CPU limits are enforced by cgroups. If RAM usage exceeds the limit, the app will be killed by the OOM Killer.
2.3.2
...
Followings are important points when porting. For more information on Container AdamApp's security policy, please see here.
Containers cannot be run with root privileges. The app runs in the camera with user privileges of uid 1000, gid 1000.
The container is mounted read only.
You cannot write to the container. If an existing app is writing to the container, it will need to write to a tmpfs(RAM) for temporary data, or to a separate mounted volume for persistent data.Options that relax security, such as --previledged, cannot be used.
Docker images cannot be pulled from an external container registry directly from within the camera. The required docker images must be pulled and built on the development PC and included in the Container AdamApp(ext file).
2.3.3 Restrictions on using ADAM API
If Container AdamApp contains multiple containers, the ADAM API can only be used from the main container, not from sub containers.
...
Data storage
By mounting a volume, application can write data to the flash memory inside the camera. Since there is a limit to the number of times data can be written to flash memory,
Please use SD card for storing data if application needs to write frequently.
It is also possible to create a database SQLite on the SD card. This is implemented in the sample app sqlite_app.
2.3.3 About our security policy
Followings are important points when porting. For more information on Container AdamApp's security policy, please see here.
Containers cannot be run with root privileges. The app runs in the camera with user privileges of uid 1000, gid 1000.
The container is mounted read only.
You cannot write to the container. If an existing app is writing to the container, it will need to write to a tmpfs(RAM) for temporary data, or to a separate mounted volume for persistent data.Options that relax security, such as --previledged, cannot be used.
Docker images cannot be pulled from an external container registry directly from within the camera. The required docker images must be pulled and built on the development PC and included in the Container AdamApp(ext file).
| Info |
|---|
Impact of mounting data directories as read only in containers For the ADAM API, ADAM_GetAppDataDirPath is provided as an API that returns the path of the data directory on the flash ROM. For the Container AdamApp, this directory is read-only and cannot be written to. If you want to write data, use a volume. |
2.3.4 Restrictions on using ADAM API
2.3.4.1 Containers that can use the ADAM API
If Container AdamApp contains multiple containers, the ADAM API can only be used from the main container, not from sub containers.
It is better that main image has feature related to camera functions and sub images have features not related to camera functions. Chapter 3.4 shows how to share the data between main and sub images.
2.3.4.2 Directory path that can be obtained with ADAM API
The various directory paths that can be obtained by AdamApp, Container AdamAPp, and Container AdamApp for Azure IoT are shown in the table below. As mentioned in Chapter 2.3.3, in Container AdamApp, the paths that can be obtained by ADAM_GetAppTmpDirPath are read-only areas. In addition, the directories that can be obtained by ADAM_GetAppTmpDirPath are shared with the host side (camera body). Therefore, when temporarily storing data that you do not want to be accessed from the host side, please use the area defined in the tmpfs section of docker-compose.yaml.
| AdamApp | Container AdamApp | Container AdamApp for Azure IoT |
|---|---|---|---|
ADAM_GetAppTmpDirPath | /dev/shm/Adamapp/[App-specific ID] | /dev/shm/Adamapp/[App-specific ID] | /tmp/local/appdata |
ADAM_GetAppDataDirPath | /app/data | /app/data | /ai_data |
3. Development Procedure
3.1 Create a project
...