assist迈拓kvm
迈拓kvm 时间:2021-01-23 阅读:()
ExtendingKVMModelsTowardHigh-PerformanceNFVJunNakajima,JamesTsai,MesutErgin,YangZhang,andWeiWang14October2014LegalDisclaimerINFORMATIONINTHISDOCUMENTISPROVIDEDINCONNECTIONWITHINTELPRODUCTS.
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
- assist迈拓kvm相关文档
- Size迈拓kvm
- manage迈拓kvm
- VGA迈拓kvm
- Memory迈拓kvm
- 文件迈拓kvm
- Console迈拓kvm
创梦云 香港沙田、长沙联通2核1G仅需29元一个月 挂机宝7元一个月
商家介绍:创梦云是来自国内的主机销售商,成立于2018年4月30日,创梦云前期主要从事免备案虚拟主机产品销售,现在将提供5元挂机宝、特惠挂机宝、香港云服务器、美国云服务器、低价挂机宝等产品销售。主打高性价比高稳定性挂机宝、香港云服务器、美国云服务器、香港虚拟主机、美国虚拟主机。官方网站:http://cmy0.vnetdns.com本次促销产品:地区CPU内存硬盘带宽价格购买地址香港特价云服务器1...
香港E3-1230v2 16GB 30M 326元/月 数脉科技
官方网站:https://www.shuhost.com/公司名:LucidaCloud Limited尊敬的新老客户:艰难的2021年即将结束,年终辞旧迎新之际,我们准备了持续优惠、及首月优惠,为中小企业及个人客户降低IT业务成本。我们将持续努力提供给客户更好的品质与服务,在新的一年期待与您有美好的合作。# 下列价钱首月八折优惠码: 20211280OFF (每客户限用1次) * 自助购买可复制...
ShockHosting日本机房VPS测试点评
这个月11号ShockHosting发了个新上日本东京机房的邮件,并且表示其他机房可以申请转移到日本,刚好赵容手里有个美国的也没数据就发工单申请新开了一个,这里做个简单的测试,方便大家参考。ShockHosting成立于2013年,目前提供的VPS主机可以选择11个数据中心,包括美国洛杉矶、芝加哥、达拉斯、杰克逊维尔、新泽西、澳大利亚、新加坡、日本、荷兰和英国等。官方网站:https://shoc...
迈拓kvm为你推荐
-
美团月付怎么关闭美团打车免密去付关掉了,怎么回复音乐播放器哪个好最好的音乐播放器是什么炒股软件哪个好请问有什么好用的免费股票软件?看书软件哪个好读书软件哪个好p图软件哪个好有什么P图工具比较好用美国国际东西方大学凭高考成绩可以申请哪些海外大学?51个人空间登录51个人空间怎么申请???willyunlee找一部关于摩托车的电影`dns服务器地址DNS服务地址dns服务器故障DNS服务器老是出错 如何从根本上解决??