Search

CN-121979614-A - LXC container-based industrial real-time task hierarchical isolation scheduling method and system

CN121979614ACN 121979614 ACN121979614 ACN 121979614ACN-121979614-A

Abstract

The invention discloses an LXC container-based industrial real-time task hierarchical isolation scheduling method and system, which relate to the technical field of industrial real-time operation systems and comprise the following steps of S1, carrying out NUMA (non-uniform memory access) aware resource division on physical hardware, isolating CPU (central processing unit) cores according to task key levels, reserving memory bandwidth channels and carrying out direct control on real-time equipment; S2, creating a customized LXC runtime environment, constructing a real-time naming space, building a security isolation domain through forced access control, and optimizing container context switching overhead. According to the industrial real-time task hierarchical isolation scheduling method and system, the efficiency and the reliability of industrial real-time task scheduling are remarkably improved through an innovative resource dividing and managing mechanism, task resources of different key levels are effectively isolated, resource competition is reduced, real-time response capability of high-priority tasks is ensured, resource utilization rate is improved, and adaptability and stability of the system are enhanced.

Inventors

  • SUI ZHENLI
  • YU HAIBO
  • WANG YANFEI

Assignees

  • 道莅智远科技(青岛)有限公司

Dates

Publication Date
20260505
Application Date
20251231

Claims (10)

  1. 1. The LXC container-based industrial real-time task hierarchical isolation scheduling method is characterized by comprising the following steps of: s1, carrying out NUMA perceived resource division on physical hardware, isolating a CPU core according to a task key level, reserving a memory bandwidth channel, and carrying out direct control on real-time equipment; S2, creating a customized LXC runtime environment, constructing a real-time naming space, building a security isolation domain through forced access control, and optimizing container context switching overhead; s3, loading a key level, a deadline and a resource requirement in task metadata, and initializing a basic weight of a dynamic priority algorithm; s4, acquiring task execution indexes in real time, calculating dynamic correction weight of the emergency factor, implementing weight reduction penalty on the overrun task, and dynamically distributing standby computing resources for the high-priority task through the CREM module; S5, periodically collecting the system state through a monitoring unit of the CREM module, generating a resource allocation scheme by matching a decision unit of the CREM module with a preset strategy template, and updating a container resource quota by an execution unit of the CREM module through atomization operation; And S6, feeding back the task execution state to the scheduling layer in real time, triggering abnormal migration or policy reconfiguration, and continuously optimizing the scheduling policy by combining the historical data.
  2. 2. The LXC container-based industrial real-time task hierarchical isolation scheduling method according to claim 1, wherein in step S1, said NUMA-aware resource partitioning of physical hardware specifically comprises: Identifying the non-uniform memory access architecture characteristic of a physical server, dividing a physical CPU computing core into different resource partitions according to the key level of a task, and scheduling the task of the same key level to the core in the same NUMA node for operation; Reserving a special memory bandwidth access channel for a time-sensitive critical task, and limiting contention of a non-critical task for a memory bandwidth through memory controller configuration; And configuring a PCIe device pass-through mode for the real-time input and output devices needing deterministic access, and enabling the critical task container to exclusively access the physical device.
  3. 3. The LXC container-based industrial real-time task hierarchical isolation scheduling method according to claim 1, wherein in step S2, said creating a customized LXC runtime environment specifically comprises: Constructing a real-time naming space based on LXC container technology, wherein time scheduling parameters in the naming space are independent of a host machine and other container naming spaces and are used for deploying time-sensitive tasks; establishing a security isolation domain based on SMACK mandatory access control mechanism, and limiting unauthorized process communication and resource access among containers; The method comprises the steps of optimizing a container runtime environment, simplifying container context switching overhead, and performing low-delay optimization on a switching path of a real-time task container, wherein the low-delay optimization comprises the steps of reducing kernel lock contention and optimizing a process state saving and recovering mechanism.
  4. 4. The LXC container-based industrial real-time task hierarchical isolation scheduling method according to claim 1, wherein the specific operations of the dynamic priority algorithm in steps S3 and S4 comprise: When a task is started, initializing basic scheduling weight of the task according to a predefined key level, a predefined deadline requirement and a resource demand parameter in the task metadata; in the task execution process, acquiring actual execution time, residual deadline and resource occupancy rate indexes of a task in real time, calculating a task urgency factor, and dynamically correcting the current scheduling weight of the task; executing scheduling weight reduction penalty on the detected execution overrun task; When the system detects that the high-priority task can not meet the deadline due to insufficient resources, the CREM module makes a decision and performs instant allocation of standby resources.
  5. 5. The LXC container-based industrial real-time task hierarchical isolation scheduling method according to claim 1, wherein in step S5, the specific operation procedure of the CREM module comprises: the monitoring unit periodically collects system state data in a configurable period within a range of 1 to 100 microseconds, wherein the system state data comprises CPU utilization rate, memory bandwidth occupation, task queue length and expiration foot states of each container task; The decision unit receives the monitoring data, matches and evaluates the monitoring data with a built-in preset scheduling strategy template, and selects or combines the monitoring data according to the current system load characteristics and the task criticality requirements to generate a resource allocation scheme; The execution unit receives the resource allocation instruction sent by the decision unit, and updates the resource quota configuration of the target container in an atomization operation mode, wherein the resource quota configuration comprises a CPU time slice limit, a CPU core binding relation and a memory bandwidth limit value.
  6. 6. The LXC container-based industrial real-time task hierarchical isolation scheduling method according to claim 1, wherein in step S6, said feedback optimization mechanism specifically comprises: The key state information of task execution, including the task completion condition, the actual execution time, whether the deadline is missed, the resource use condition and the abnormal event, is fed back to a dynamic priority scheduler and a CREM module of the scheduling layer in real time; When detecting the abnormal state of task continuous overrun, resource serious conflict or hardware fault, triggering the abnormal migration or strategy reconfiguration flow of the task among different containers in the physical host, and selecting a migration target or generating a new resource allocation scheme by the CREM module according to the abnormal type; And a decision unit of the CREM module is combined with the historically collected system state data and the dispatching result data to continuously evaluate and parameter tune the dispatching strategy template.
  7. 7. An LXC container-based industrial real-time task hierarchical isolation scheduling system is characterized by comprising a hardware abstraction layer, a virtualization layer and a scheduling layer, wherein the hardware abstraction layer, the virtualization layer and the scheduling layer are used for realizing the LXC container-based industrial real-time task hierarchical isolation scheduling method according to any one of claims 1 to 6; The hardware abstraction layer is used for managing and distributing physical hardware resources and providing an isolated hardware execution environment for an upper layer, and comprises a CPU core binding module, a memory bandwidth control unit and a PCIe device through component; The virtualization layer is used for constructing a runtime environment on the basis of a lightweight LXC container based on the environment provided by the hardware abstraction layer and bearing task instances with different key levels, and comprises a real-time naming space, a security isolation domain and a lightweight context manager; the scheduling layer dynamically coordinates task priorities and decides a resource allocation strategy based on task states operated by the virtualization layer according to task key levels and system real-time states, and comprises a dynamic priority scheduler and a CREM module; the hardware abstraction layer, the virtualization layer and the scheduling layer are sequentially connected and work cooperatively.
  8. 8. The LXC container-based industrial real-time task hierarchical isolation scheduling system according to claim 7, wherein said hardware abstraction layer specifically comprises: the CPU core binding module executes resource partitioning operation perceived by the non-uniform memory access architecture, and divides and binds the physical CPU cores according to the task key level; The memory bandwidth control unit is used for configuring and managing the allocation and reservation of the memory bandwidth and setting the memory bandwidth access upper limit or the guaranteed bandwidth for the critical task container; the PCIe device pass-through component manages access control of the peripheral cache devices, assigning specific real-time input-output devices to designated critical task containers in pass-through mode.
  9. 9. The LXC container based industrial real time task hierarchical isolation scheduling system according to claim 7, wherein said virtualization layer specifically comprises: The real-time naming space is constructed based on a customized LXC runtime environment, and an independent time scheduling environment is provided for the time-sensitive task; The security isolation domain is realized based on SMACK forced access control mechanism, and fine-grained inter-process communication and resource access control strategies are forced to be executed at a container level; the lightweight context manager optimizes the task switching process in the container environment, and saves and restores the mechanism by simplifying the kernel switching path and optimizing the process state.
  10. 10. The LXC container based industrial real time task hierarchical isolation scheduling system according to claim 7, wherein said CREM module in said scheduling layer specifically comprises: the real-time monitoring unit is used for collecting system running state data, including container-level resource use indexes and task execution states, in a configurable period of 1 to 100 microseconds; the strategy decision unit is used for storing and managing a preset scheduling strategy template and matching or generating a resource allocation decision according to the data input by the monitoring unit; and the resource allocation execution unit converts the output of the decision unit into specific container resource control group configuration parameters and applies the configuration update to the container runtime environment in an atomic operation mode.

Description

LXC container-based industrial real-time task hierarchical isolation scheduling method and system Technical Field The invention relates to the technical field of industrial real-time operation systems, in particular to an LXC container-based industrial real-time task hierarchical isolation scheduling method and system. Background The real-time task scheduling is a core support for guaranteeing stable operation of an industrial production system, and particularly in a mixed critical-level task scene which simultaneously bears requirements of hard real time (response time delay is less than or equal to 100 mu s) and soft real time (response time delay is more than or equal to 1 ms), the certainty of task execution, the effectiveness of resource isolation and the flexibility of dynamic adjustment are directly related to the continuity and reliability of a production flow. With the development of lightweight virtualization technology, containers gradually become the preferred carrier for industrial real-time task deployment due to the characteristics of low resource overhead and high deployment efficiency. However, in practical application, how to realize accurate isolation of tasks with different key levels, dynamic adaptation of resources and efficient management and control of priorities in a container environment so as to meet the severe requirements of industrial scenes on instantaneity and stability still remains a technical difficulty to be broken through. The prior container technology has a plurality of to-be-optimized parts in the industrial real-time task scheduling practice, wherein the prior container scheme lacks a targeted time isolation design, resource competition among tasks with different priorities is difficult to effectively avoid, high-priority tasks are possibly interfered by low-priority tasks to influence real-time response performance, the resource allocation is in a static configuration mode and cannot be dynamically adjusted according to task load fluctuation, so that the fluctuation of the utilization rate of hardware resources is large, the hardware potential is difficult to fully release, and when the tasks with multiple levels share resources, a priority coordination mechanism is not perfect enough, task deadline matching deviation easily occurs, and the overall stability of the system is adversely affected. These problems limit to some extent the deep application of lightweight containers in industrial real-time task scheduling scenarios. In this regard, we propose an LXC container-based hierarchical isolation scheduling method and system for industrial real-time tasks. Disclosure of Invention In order to solve the technical problems, the technical scheme provides the industrial real-time task hierarchical isolation scheduling method and system based on the LXC container, and solves the problems that the industrial real-time task scheduling is insufficient in targeted time isolation design, high-priority tasks are easily interfered by low-priority task resource competition, resource allocation is mainly static configuration and is difficult to adjust along with load fluctuation, the utilization rate fluctuation is large, priority coordination is imperfect when the multi-level tasks share resources, deadline matching deviation easily occurs, and the deep application of the tasks in the scene is limited. In order to achieve the above purpose, the invention adopts the following technical scheme: an LXC container-based industrial real-time task hierarchical isolation scheduling method comprises the following steps: s1, carrying out NUMA perceived resource division on physical hardware, isolating a CPU core according to a task key level, reserving a memory bandwidth channel, and carrying out direct control on real-time equipment; S2, creating a customized LXC runtime environment, constructing a real-time naming space, building a security isolation domain through forced access control, and optimizing container context switching overhead; s3, loading a key level, a deadline and a resource requirement in task metadata, and initializing a basic weight of a dynamic priority algorithm; s4, acquiring task execution indexes in real time, calculating dynamic correction weight of the emergency factor, implementing weight reduction penalty on the overrun task, and dynamically distributing standby computing resources for the high-priority task through the CREM module; S5, periodically collecting the system state through a monitoring unit of the CREM module, generating a resource allocation scheme by matching a decision unit of the CREM module with a preset strategy template, and updating a container resource quota by an execution unit of the CREM module through atomization operation; And S6, feeding back the task execution state to the scheduling layer in real time, triggering abnormal migration or policy reconfiguration, and continuously optimizing the scheduling policy by combining the histori