Service containers are applications that can be hosted directly on Cisco IOS XE routing platforms. The applications use the Linux aspects of the IOS XE operating system to host both Linux virtual containers (LXCs) and kernel virtual machines (KVMs) on Cisco 4000-Series Integrated Services Routers (ISR), Cisco ASR 1000-Series Aggregation Services Routers, and Cisco Cloud Services Routers 1000V.
The Cisco IOS XE 16.3 release provides a rich command line interface for installing, debugging, and managing open service container applications. The command syntax for show, debug, and configuration commands begins with the virtualservice keyword.
Container connectivity is described in the image below. The VirtualPortGroup interface connects the application hosting network to the IOS routing domain. The Layer-3 interface of the application receives routed traffic from IOS. The VirtualPortGroup interface connects through the SVC Bridge to the container/application interface. IOx is responsible for the gateway (VirtualPortGroup interface), IP address, and unique MAC address assignment for each vNIC in the container.
To support application hosting capabilities on the Cisco Catalyst 9000-series switches, the switch provides hardware resources where applications can reside and execute. Cisco IOS XE running on the Cisco Catalyst 9000 series switches reserves dedicated memory and CPU resources for application hosting, to provide a separate execution space for user applications without compromising the integrity and performance of the switch.
The Cisco IOS XE 16.12.1 release introduced native Docker container support on Catalyst 9000-series switches. The ThousandEyes Enterprise Agent leverages this capability to run a Docker container hosted on internal flash storage (if no SSD is available).
Container connectivity is described in the image below. Containers can be connected via the management interface and front panel data ports. The management interface connects to the container interface via the management bridge, and the IP address of the container will be on the same subnet as the management interface. Virtual network interface cards (vNICs) inside containers are seen as standard Ethernet interfaces (eth0, eth1, etc.).
The ThousandEyes agent for Catalyst 9000 platform can be found in two different deployment options: standard and embedded. Use the table below to decide which to use: