Cisco
Login
Search
Software Secure Workload
Activity Configure

Deploy Software Agents on Workloads Deploy Software Agents Install Linux Agents for Deep Visibility and Enforcement Supported Methods to Install Linux Agents Agent Support for NVIDIA Bluefield Networking Platform

Last updated: Jun 09, 2025

Agent Support for NVIDIA Bluefield Networking Platform

A data processing unit (DPU) is a programmable processor that is designed to manage data-centric tasks, including but not limited to data transfer, power optimization, security, compression, analytics, and encryption.

The NVIDIA DPU is a smart network interface card (SmartNic) with excellent network performance. It delivers a high-speed Ethernet NIC capability and it enables the execution of software directly on the NIC itself, allowing for interception, monitoring, and manipulation of network traffic passing through the NIC.

NVIDIA facilitates the functionality through the provision of the DOCA SDK. Leveraging virtualization technology based on PCIe Single Root I/O Virtualization (SR-IOV), the DPU establishes a mechanism for virtual machines (VMs) to communicate directly without hypervisor involvement. The DPU incorporates an OpenVSwitch-based hardware-accelerated eSwitch for network control, enhancing overall efficiency.

Requirements and Prerequisites

  • Ensure that Ubuntu 22.04-based DOCA is installed on the BlueField networking platform.

  • Set up the DPU card network to enable an agent's connection to the cluster through one of the out-of-band interfaces. Options include oob_net0, tmfifo_net0, or the in-band connection through enp3s0f0s0.

Agent Installation

The installation follows a Linux-like process.

  1. Navigate to Agent Installation Methods:

    • If you are a first-time user, launch the Quick Start wizard and click Install Agents.

    • From the navigation pane, choose Manage > Workloads > Agents.

  2. Under the Installer tab, click Agent Script Installer.

  3. From the Select Platform drop-down list, choose Linux.

    To view the supported Linux platforms, click Show Supported Platforms.


     

    Secure Workload Agent is only supported on the Ubuntu 22-based DOCA SDK.

  4. Choose the tenant to install the agents.


     

    Selecting a tenant is not required for Secure Workload SaaS clusters.

  5. (Optional) If you want to assign labels to the workload, choose the label keys and enter label values.

  6. If an HTTP proxy is required to communicate with Secure Workload, click Yes, and then enter a valid proxy.

  7. In the Installer expiration section, select one of the available options:

    • No expiration: The installer script can be used multiple times.

    • One time: The installer script can be used only once.

    • Time-bound: You can set the number of days for which the installer script can be used.

    • Number of deployments: You can set the number of times the installer script can be used.

  8. Click Download to download the Linux installer script on to DPU using one of the network devices.

  9. Run the installer script. For more information, see Install Linux Agent using the Agent Script Installer Method.

    Figure 1: Install Script

Choose Software Agents > Agent List and click a Hostname. Under Interfaces, you can view the current mapping of interfaces with the associated IP addresses.

Figure 2: Interface Mapping

Choose Investigate > Traffic to monitor the network traffic between virtual machines (VMs) when those are utilizing the SR_IOV virtual network interfaces provided by the DPU. The agent on the DPU enables the segmentation of network traffic between these virtual network interfaces.

Previous topic Install Linux Agent Using the Agent Script Installer Method Next topic Verify Linux Agent Installation