Jakub Piotr Cłapa
April 27, 2022
The SocketCAN package is an implementation of CAN protocols for Linux. Generally speaking, CAN is a networking technology that has widespread use in automation, embedded devices, and automotive fields. While there have been other CAN implementations for Linux, SocketCAN uses the Berkeley socket API, the Linux network stack, and implements the CAN device drivers as network interfaces, often making it the first choice for a CAN implementation.
Recently, we worked on a project where we used Kubernetes to control and automate deployments and updates. One component of our workflow required the availability of a CAN interface inside the Kubernetes Pod; to our surprise, such support didn't exist. Fast forward to today, and SocketCAN support is now available in the form of a Kubernetes SocketCAN device plugin!
vcaninterface allows processes inside a pod to communicate with each other using the full Linux SocketCAN API.
Assuming you have a microk8s Kubernetes cluster configured, you can install the SocketCAN plugin (if you are using
k3s you should replace
microk8s kubectl apply -f https://raw.githubusercontent.com/Collabora/k8s-socketcan/main/k8s-socketcan-daemonset.yaml microk8s kubectl wait --for=condition=ready pod -l name=k8s-socketcan
Next, you can create a simple Pod that has two
vcan interfaces enabled:
microk8s kubectl apply -f https://raw.githubusercontent.com/Collabora/k8s-socketcan/main/k8s-socketcan-client-example.yaml microk8s kubectl wait --for=condition=ready pod k8s-socketcan-client-example
Afterwards, you can run these two commands in two separate terminals to verify it's working correctly:
microk8s kubectl exec -it k8s-socketcan-client-example -- candump vcan0 microk8s kubectl exec -it k8s-socketcan-client-example -- cansend vcan0 5A1#11.2233.44556677.88
Finally, you should see this:
NOTE: We support Azure AKS, microk8s, and k3s out-of-the-box. Using it with other Kubernetes providers should require minimal adjustments to the YAML file.
SocketCAN let's you do CAN communication on Linux in the same way you do networking. Its benefits include familiar socket API, transparent support for any hardware device, and a flexible in-kernel filtering capability (think of a network firewall). It also allows you to create virtual CAN buses that are great for Continuous Integration testing of your software components without the hardware.
We also asked an AI what it thinks about our SocketCAN Kubernetes plugin and below was it's answer... We are still trying to figure out, what's with all the lighthouses???
Kubernetes provides a streamlined way to run containers (Docker) on other people's computers (also known as the Cloud). It's especially great for testing (notably CI systems) since it allows you to easily run as many instances as you need without manually provisioning virtual machines (VMs).
It can be also useful for embedded systems where it can help keep your containers configured and updated automatically (check out k3s for some examples).
This is all very nice but there is a little bit of a problem – Kubernetes only supports TCP/IP natively. You cannot use hardware CAN devices and you also cannot create new virtual CAN buses unless you break encapsulation and security and use privileged pods.
Fortunately, there is a way to extend Kubernetes with device plugins. With k8s-socketcan you can allocate virtual CAN buses to your workloads in the exact same way you would allocate GPUs:
resources: limits: k8s.collabora.com/vcan: 1
Or you can configure the plugin (see https://github.com/Collabora/k8s-socketcan#hardware-can-interfaces) to move a real hardware-backed CAN bus into a Kubernetes Pod and securely isolate it from other devices in the system.
This way you can easily test your CAN components in the cloud and deploy them onto your embedded devices. :)
Less than a day away, May 18th looks to be a very busy time. With Live Embedded Event and Embedded Vision Summit taking place almost simultaneously,…
Over the last two years, Bluetooth® audio support has steadily grown in PipeWire and has become a featureful, stable, conformant, open source…
Looking to use hardware-backed and virtual SocketCAN interfaces inside your Kubernetes Pods? A new device plugin now allows processes inside…