assist迈拓kvm
迈拓kvm 时间:2021-01-23 阅读:()
ExtendingKVMModelsTowardHigh-PerformanceNFVJunNakajima,JamesTsai,MesutErgin,YangZhang,andWeiWang14October2014LegalDisclaimerINFORMATIONINTHISDOCUMENTISPROVIDEDINCONNECTIONWITHINTELPRODUCTS.
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
- assist迈拓kvm相关文档
- Size迈拓kvm
- manage迈拓kvm
- VGA迈拓kvm
- Memory迈拓kvm
- 文件迈拓kvm
- Console迈拓kvm
香港云服务器最便宜价格是多少钱一个月、一年?
香港云服务器最便宜价格是多少钱一个月/一年?无论香港云服务器推出什么类型的配置和活动,价格都会一直吸引我们,那么就来说说香港最便宜的云服务器类型和香港最低的云服务器价格吧。香港云服务器最便宜最低价的价格是多少?香港云服务器只是服务器中最受欢迎的产品。香港云服务器有多种配置类型,如1核1G、2核2G、2核4G、8到16核32G等。这些配置可以满足大多数用户的需求,无论是电商站、视频还是游戏、小说等。...
georgedatacenter39美元/月$20/年/洛杉矶独立服务器美国VPS/可选洛杉矶/芝加哥/纽约/达拉斯机房/
georgedatacenter这次其实是两个促销,一是促销一款特价洛杉矶E3-1220 V5独服,性价比其实最高;另外还促销三款特价vps,georgedatacenter是一家成立于2019年的美国VPS商家,主营美国洛杉矶、芝加哥、达拉斯、新泽西、西雅图机房的VPS、邮件服务器和托管独立服务器业务。georgedatacenter的VPS采用KVM和VMware虚拟化,可以选择windows...
VirMach:$27.3/月-E3-1240v1/16GB/1TB/10TB/洛杉矶等多机房
上次部落分享过VirMach提供的End of Life Plans系列的VPS主机,最近他们又发布了DEDICATED MIGRATION SPECIALS产品,并提供6.5-7.5折优惠码,优惠后最低每月27.3美元起。同样的这些机器现在订购,将在2021年9月30日至2022年4月30日之间迁移,目前这些等待迁移机器可以在洛杉矶、达拉斯、亚特兰大、纽约、芝加哥等5个地区机房开设,未来迁移的时...
迈拓kvm为你推荐
-
美团月付怎么关闭美团外卖如何关闭快捷支付方式传奇类手游哪个好传奇哪个版本比较好玩 最好玩的传奇手游排行榜机械表和石英表哪个好手表中,石英表和机械表的区别和优缺点无纺布和熔喷布口罩哪个好活性碳口罩和无纺布口罩有什么不同?电陶炉和电磁炉哪个好电陶炉和电磁炉哪个好尼康和佳能单反哪个好请问佳能和尼康的单反哪个好?oppo和vivo哪个好vivo好还是oppo手机好呢?清理手机垃圾软件哪个好手机垃圾清理软件哪个好群空间登录怎样进入群空间YunOS手机显示yunos停止运行是什么意思