assist迈拓kvm
迈拓kvm 时间:2021-01-23 阅读:()
ExtendingKVMModelsTowardHigh-PerformanceNFVJunNakajima,JamesTsai,MesutErgin,YangZhang,andWeiWang14October2014LegalDisclaimerINFORMATIONINTHISDOCUMENTISPROVIDEDINCONNECTIONWITHINTELPRODUCTS.
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
NOLICENSE,EXPRESSORIMPLIED,BYESTOPPELOROTHERWISE,TOANYINTELLECTUALPROPERTYRIGHTSISGRANTEDBYTHISDOCUMENT.
EXCEPTASPROVIDEDININTEL'STERMSANDCONDITIONSOFSALEFORSUCHPRODUCTS,INTELASSUMESNOLIABILITYWHATSOEVER,ANDINTELDISCLAIMSANYEXPRESSORIMPLIEDWARRANTY,RELATINGTOSALEAND/ORUSEOFINTELPRODUCTSINCLUDINGLIABILITYORWARRANTIESRELATINGTOFITNESSFORAPARTICULARPURPOSE,MERCHANTABILITY,ORINFRINGEMENTOFANYPATENT,COPYRIGHTOROTHERINTELLECTUALPROPERTYRIGHT.
INTELPRODUCTSARENOTINTENDEDFORUSEINMEDICAL,LIFESAVING,ORLIFESUSTAININGAPPLICATIONS.
Intelmaymakechangestospecificationsandproductdescriptionsatanytime,withoutnotice.
Allproducts,dates,andfiguresspecifiedarepreliminarybasedoncurrentexpectations,andaresubjecttochangewithoutnotice.
Intel,processors,chipsets,anddesktopboardsmaycontaindesigndefectsorerrorsknownaserrata,whichmaycausetheproducttodeviatefrompublishedspecifications.
Currentcharacterizederrataareavailableonrequest.
IntelandtheIntellogoaretrademarksorregisteredtrademarksofIntelCorporationoritssubsidiariesintheUnitedStatesandothercountries.
*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Copyright2014IntelCorporation.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary3Agenda4NFVVisionfromETSISource:http://portal.
etsi.
org/nfv/nfv_white_paper2.
pdfHighperformanceacrossallpacketsizes,includingsmallpackets(e.
g.
64B)Real-timeprocessing,includinglowlatencyandjitterRASSecurity.
.
.
5New/DifferentRequirementsforNFVComparedwithConventionalVirtualizationFocusonPerformanceTopicsTodayTheChallenge020,000,00040,000,00060,000,00080,000,000100,000,000120,000,000140,000,000160,000,000641281922563203844485125766407047688328969601024108811521216128013441408147210GbEPacketsPerSecond40GbEPacketsPerSecond100GbEPacketsPerSecond6.
72ns16.
8ns67.
2nsSaturationLineRate(MPPS)Source:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUADisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
425593164.
925505010015020025030020092010201120122013SystemLevelL3Performance(MPPS)*Othernamesandbrandsmaybeclaimedasthepropertyofothers.
Disclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
IntelDPDKPerformanceAsnapshotofondifferentarchitecturesIntegratedMemoryControllerPCI-EGen2DataDirectI/OIntegratedPCI-EGen3AVX(integer,128-bit)4x10GbENICsPlatformFeaturesSource:DPDKSummit,VenkyVenkatesan,"ApplicationPerformanceTuningandFutureOptimizationsinDPDK",September8,2014https://www.
youtube.
com/watchv=qpfwDySweUALinuxKernelVMorUserProcessKernel(virt.
I/O)VM1VT-d,SR-IOVMiddleBox(e.
g.
virtualswitch)KVMKernel(virt.
I/O)VM2.
.
.
8FocusAreasforNFVPerformanceonKVMRecall67.
2ns,16.
8ns,…FastandEfficientInter-VMCommunicationGeneric:NetworkI/O,NUMA,NUMA-I/O,Caching,Affinity,…MorecoresMoremiddleboxespersocket,perserverServicechainingonserverLowerlatencyInter-VM(i.
e.
intra-node)vs.
Inter-nodeHigherBandwidthMemory(orcache)vs.
PCIebus9WhyInter-VMCommunicationFigure1.
TheIntelXeonprocessorE5-2600V2productfamilyMicroarchitectureSource(Figure1.
):https://software.
intel.
com/en-us/articles/intel-xeon-processor-e5-2600-v2-product-family-technical-overviewNotificationsforqueuecontrolKick,DoorBellVirtualSwitchPacketTransmissionCopy,etc.
TransitionsUser-KernelGuest-Host10Inter-VMCommunicationonKVMHostOSRxVMtapTxVMtapswitchappapphypervisorStackdrvdevdevStackdrvSwitchingpathcanbeabigperformancebottleneckXYX0.
712Mpps*Y0.
717Mpps**Intelinternalmeasurements64Bpackets,virtio-net+vhost-netTSCCycles(Haswell3.
2GHz),RoundTrip*:UserKernel(SystemCall)inVM(onKVM)E.
g.
getppid():1300(≈400ns)GuestHost(HyperCall)E.
g.
NullHypercall:1500-1600(≈500ns)ToreachSaturationLineRate(10GbE):Ifsystemcall/Hypercallisusedforeach64Bpackettransmission,wewouldneed:>6-7Cores**40GbE:>24-28Cores11CostofTransitions/IsolationPerspectiveofCPUCycles**:400/67.
2=5.
9,500/67.
2=7.
4*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessinginhypercallsoverturnsgainofbatching.
TheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary12Agenda1.
Moveknowledgeandcontrolforinter-VMcommunicationtoVMs2.
AllowVMstoaccessotherVMstoshareoraccessmemoryinasafewayProvideVMswith"ProtectedMemoryView"Mappingitselfisprovidedbythehypervisor3.
AllowVMstouselow-latencynotificationmechanismsw/oVMexitsorinterruptsE.
g.
MONITOR/MWAIT,PostedInterrupt13Solutions:EmpowerGuestsinaSafeWayAvoidhypervisorinterventionsMotivation:WhydoesakernelmoduleneedtoknowaboutdatastructuresforPVdriversinguestsBecausewetrustkernelorkernelmodulesonly.
Whatifwetrustspecific(partof)guests…Vhost-netinguestcanavoidhypercallsifitcandirectlyaccessdestinationguests(virtqueue,etc.
)14Example:vhost-netFunctionalityinGuestsvhost-userisalreadythere15High-LevelArchitectureforFastInter-VMCommunication(w/oVT-d,SR-IOV)LinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathProtectedMemoryViewLow-LatencyNotification1.
DataTransmission2.
NotificationDirectAccesstoGuestsInProtectedMemoryViewVhost-netAPIFastPathcanworkwithvirtio-netorindependentlyvirtio-netvirtio-netLinuxKernelKVMVM1Kernelvirtio-netVM2Kernelvirtio-netSharedmemoryforsynchronizationFastPathFastPathMiddleBox(e.
g.
virtualswitch)VM0VT-d,SR-IOVFastPacketTransmissionSharedmemoryforsynchronization16High-LevelArchitectureforFastInter-VMCommunication(withVT-d,SR-IOV)FastPacketTransmissioncanbeinuser-levelVMFUNCinstructionwithEAX=0ValueinECXselectsanentryfromtheEPTP(Extended-Page-TablePointer)listAvailableinRing0-3,executedinguestNoVMexitCanbevirtualizedifnotavailable17IntroducingVMFunction0:EPTP*Switching…EPTP…ECX(index)EPTPlist(4KB)VMCS(perVCPU)*:Extended-Page-TablePointerEPTPSwitchingandTrampolineCodeGuestPhysicalPagesProtectedView(code,data)---DefaultEPTEPT:HostPhysicalPagesXWR18NoAccessTrampolinecodeforVMFUNCXWR-WRX-RX-RVMFUNCexecutedoutsideTrampolineCodewillcauseEPTviolationatnextinstructionHypervisorneedstorestoreDefaultEPTtodelivervirtualinterruptsEPTPswitchingDefaultViewAlternateViewstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}PageBoundaryTx(*packet){move_data();notify();}XWRstart_xmit(*skb,*dev){.
.
.
send(packets);}send(*packet){.
.
.
VMFUNC#0,EPTP;Tx(packets);VMFUNC#0,0}Tx(*packet){move_data();notify();}----WR-WRXWRXWRX-RX-REPTPerm.
ModifyqueuedescriptorsModifyqueuedescriptorsMoveDatabyTx()19MoreDetails:TransmittingPacketsDestinationVMSourceVMTrampolineCodeProtectedView24315DefaultViewAlternateViewPostedInterruptDelivervirtualinterruptsondestinationguestsw/oVMexits.
AlreadysupportedbyKVMStillrequiresVMexitonsourceguestMONITOR/MWAIT(Energy-EfficientPolling)betweenguestsThefeatureisnotadvertisedonKVMtodayUsevariablesonsharedmemorybetweensourceanddestinationPAUSELoop(Polling)betweenguestsLowestlatency,butnotenergyefficientInpractice,combineInterruptandPolling(likeNAPI)20Low-LatencyNotificationKnownmethodsMinimizeimpactofTLBmisses,cachemisses:Largepages(bothguest,EPT,VT-d),NUMA,IO-NUMA,DataDirectI/OE.
g.
LIFOmemorypoolZero-copyE.
g.
AddsourcebuffersmappingtoEPTofdestinationIfEPTPTEswerenotvalid,noINVEPTisrequired21PracticesforPerformanceGeneralDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
FrequencyofVMFUNCoperation:CostofVMFUNCisabout150TSCcycles(Haswell,3.
2GHz)*Around50ns,andsensitivetoTLB,cachesRecall67.
2ns,16.
8ns,…ToreachSaturationLineRate(10GbE):IfVMFUNCiscalledforeach64Bpackettransmission,we>1-2Cores(100nsforround-trip)40GbE:>4-8CoresThecostofVMFUNCwouldberelativelysmall,anditwouldprovidescalableperformance22PracticeforPerformanceEPTPSwitching*IntelinternalmeasurementsDisclaimer:SoftwareandworkloadsusedinperformancetestsmayhavebeenoptimizedforperformanceonlyonIntelmicroprocessors.
Performancetests,suchasSYSmarkandMobileMark,aremeasuredusingspecificcomputersystems,components,software,operationsandfunctions.
Anychangetoanyofthosefactorsmaycausetheresultstovary.
Youshouldconsultotherinformationandperformanceteststoassistyouinfullyevaluatingyourcontemplatedpurchases,includingtheperformanceofthatproductwhencombinedwithotherproducts.
getppid()inVM:1300(≈400ns)NullHypercall:1500-1600(≈500ns)Practically,thoseareratherlowerboundsbecausebatchingislimitedandactualpacketprocessingoverturnsgainofbatching.
TrampolineCodeisloadedbytheguest,buttheEPTpermission(X-R)issetbyKVMShouldbesignedtogetherwiththecodeintheProtectedViewinadvanceThesetofpages(inDestinationVM)accessedbycodeinProtectedViewneedtobecheckedandaddedbyKVMInaway,codeinProtectedViewisanextensionoftheKVM/hypervisorrunningincontrolledenvironment(stillinVXMnon-rootmode)23SecurityConsiderationTheChallengeArchitectureProposalsforNFVforKVMCurrentStatusandSummary24AgendaPoCinprogress:MeasuredcostofVMFUNC,memorybandwidthEnabledandmeasuredlatencyofMONITOR/MWAITinguestsMeasuringpathAWorkingonpathB25CurrentStatusPoCLinuxKernelKVMVM1Kernelvirto-netVM2Kernelvirto-netSharedmemoryforsynchronizationFastPathFastPathABvirtio-netvirtio-netBenefitsoftheArchitecture:ContainknowledgeandcontrolforInter-VMcommunicationinguestsAllowKVMtoenablemoreoptimizationandcustomizationforgueststohandlehighnetworkloadsefficientlyMoreefficientandscalablethanexistingonesWorkwithdirectI/OassignmentaswellNextStep:CompletePoCandgetmoredata26Summary27BackupCanoccuronlyinguest(vector20)SomeEPTviolationscangenerate#VEinsteadofVMexits(controlledbyhypervisor)Canvirtualizedifnotavailable#VE:VirtualizationException
- assist迈拓kvm相关文档
- Size迈拓kvm
- manage迈拓kvm
- VGA迈拓kvm
- Memory迈拓kvm
- 文件迈拓kvm
- Console迈拓kvm
亚洲云Asiayu,成都云服务器 4核4G 30M 120元一月
点击进入亚云官方网站(www.asiayun.com)公司名:上海玥悠悠云计算有限公司成都铂金宿主机IO测试图亚洲云Asiayun怎么样?亚洲云Asiayun好不好?亚云由亚云团队运营,拥有ICP/ISP/IDC/CDN等资质,亚云团队成立于2018年,经过多次品牌升级。主要销售主VPS服务器,提供云服务器和物理服务器,机房有成都、美国CERA、中国香港安畅和电信,香港提供CN2 GIA线路,CE...
inux国外美老牌PhotonVPS月$2.5 ,Linux系统首月半价
PhotonVPS 服务商我们是不是已经很久没有见过?曾经也是相当的火爆的,我们中文习惯称作为饭桶VPS主机商。翻看之前的文章,在2015年之前也有较多商家的活动分享的,这几年由于服务商太多,乃至于有一些老牌的服务商都逐渐淡忘。这不有看到PhotonVPS商家发布促销活动。PhotonVPS 商家七月份推出首月半价Linux系统VPS主机,首月低至2.5美元,有洛杉矶、达拉斯、阿什本机房,除提供普...
萤光云(16元/月)高防云服务器自带50G防御
螢光云官網萤光云成立于2002年,是一家自有IDC的云厂商,主打高防云服务器产品。在国内有福州、北京、上海、台湾、香港CN2节点,还有华盛顿、河内、曼谷等海外节点。萤光云的高防云服务器自带50G防御,适合高防建站、游戏高防等业务。本次萤光云中秋云活动简单无套路,直接在原有价格上砍了一大刀,最低价格16元/月,而且有没有账户限制,新老客户都可以买,就是直接满满的诚意给大家送优惠了!官网首页:www....
迈拓kvm为你推荐
-
桌面背景图片非主流哪里有比较个性的电脑桌面壁纸啊麒麟820和980哪个好麒麟980跟骁龙855哪个好一点?电视直播软件哪个好电视直播软件哪个好石英表和机械表哪个好手表是电子手表好还是机械手表好?清理手机垃圾软件哪个好手机垃圾清理软件哪个好视频软件哪个好安卓系统在线看视频软件哪个好美国国际东西方大学凭高考成绩可以申请哪些海外大学?qq空间登录电脑怎么用电脑登陆手机版QQ空间dns服务器地址如何知道自己的IP地址和DNS服务器地址?广东联通炫铃为什么广东联通的炫铃业务老是取消失败?退订失败?