I was looking through the documentation and it seems than it is not possible to isolate processes in Docker swarm to a specific core, like when you use numactl or cpuset--cpus. In docker run you do it like this (16 cpu machine, use 8 cpus on second socket from 8-15):
/usr/bin/docker run --detach --name myproc --cpus 8 --cpuset-cpus 8-15 --cpuset-mems 1 -- privateregistry:5000/myimage:v1 -c '/bin/myverycpuintensiveprocess.sh'
And I can confirm the processes do not jump from core to core but stay pinned on CPUS 8-15. Also they will use memory from socket 1 as well.
From the 'create service' documentation I see than the closest you have is '--reserve-cpu' and --reserve-memory' but that's only to control container placement.
Is this level of control banned from Docker Swarm? I was also looking at K8s and it seems to have the same limitations.
Thanks,
It is not supported at the moment, it is a issue on GitHub, people should vote for this feature.