KVM VIRTUALIZATION: LEVERAGING I/O VIRTUALIZATION ON QorIQ PLATFORMS .
KVM VIRTUALIZATION: LEVERAGINGI/O VIRTUALIZATION ON QorIQPLATFORMS FOR VNFSBHARAT BHUSHANPRINCIPAL STAFF ENGINEERDIANA CRĂCIUNSOFTWARE ENGINEERFTF-NET-N1844MAY 2016PUBLIC USE
Software Products and ServicesDevelopment ToolsVisit us in the Tech Lab – #247Runtime Products CodeWarriorSolutionsReference IOTGateway OpenWRT VortiQa SoftwareSolutionsIntegrationServices SecurityConsulting HardenedLinuxAccelerate CustomerTime-to-MarketDeliver CommercialSoftware, Support,Services and SolutionsSimplify SoftwareEngagement with NXPCreate Success!Linux Services CommercialSupport1EXTERNAL USEFind us online at www.nxp.com/networking-services Performance Tuning
AGENDA Virtualization Overview I/O Virtualization Direct Assignment VirtIO Conclusions2PUBLIC USE#NXPFTF2PUBLIC USE#NXPFTF
VIRTUALIZATIONOVERVIEW3PUBLIC USE#NXPFTF
NFV and VNFsVNF3VNF2VNF1Guest OSGuest OSGuest OSUser spaceUser spaceUser spacekernelkernelkernelVirtual network infrastructure(Virtual Switch, Service Chain)Management&OrchestrationKVM, Docker, CephHost OS (Standard Linux distro)VirtualizationMemoryI/O deviceHardware4PUBLIC USE#NXPFTFCPUIOMMUAccelerators
NXP virtualization solutionsOS VirtualizationKVM Linux Hypervisor Lightweight Overhead Resource Virtualization/oversubscription Isolation and Resource Control in Linux Open source Decreased Isolation (Kernel sharing) Qemu user space emulation usedVMAppVMCont core HardwarePUBLIC USEAppOSOSLinux5Cont CAppAppAppCont B#NXPFTFMulticore HardwareDocker
KVM/QEMUVirtual Machine 1Virtual Machine 2QEMUQEMUAppAppAppKVMMulticoreHardware6PUBLIC USEKVM/QEMU– open source virtualization technology basedon the Linux kernel KVM is a Linux kernel module QEMU is a user space emulator that uses KVM foracceleration Run virtual machines alongside Linux applications No or minimal OS changes required Virtual I/O capabilities Direct/pass thru I/O – assign I/O devices to VMsOSOSLinux #NXPFTF
Linux ContainersContainer 1AppContainer 2AppLinuxApp OS level virtualization / process level virtualization Single kernel for host and guests, virtualized userspaceinstances – OS appears isolated Low overhead, lightweight, secure partitioning of Linuxapplications into different domains Per domain resource utilization control – CPU, memory, I/Obandwidth Multiple resource instances – namespacesMulticoreHardware 7PUBLIC USE#NXPFTF Process – process trees Network – network stack (netdevs, socket families, FDBs)Based on a collection of technologies including kernelcomponents (cgroups, namespaces), and user space tools(LXC, libvirt, Docker)
I/O VIRTUALIZATION8PUBLIC USE#NXPFTF
Device Usage in Virtual EnvironmentsDirect Access Fastest native performance Direct access to hardwareOSOSDriverHardware support Hardware partitioned One hardware blockFull emulation Driver in Hypervisor Emulation in Hypervisor Unmodified Drivers lized Driver in Hypervisor Modified Drivers software accessHypercallsTraps9PUBLIC USE#NXPFTF
Device Usage in KVM/LinuxVMVMGuest OSGuest OSDevice driverVirtio elMMUHardwareIOMMUI/O deviceVFIO (simplified view)10PUBLIC USE#NXPFTFVirtio backendUser-spaceDMAIRQI/O deviceHardwareVirtio (simplified view)
Device Usage in Containers Each container (userspace instance) has a net namespace HostC1C2Netns 1 Each netdev belongs to a net namespace The netdev can be:Netns 2 ethnivethvlanmacvlanbridgeNetdevsgeneric ifaceDPNIDPMACDrivers11PUBLIC USE#NXPFTFMultiple containers can share the same netns Physical: has an associated HW device or abstraction Virtual: entirely SW (veth, vlan, bridge, etc.)Virtual netdev overhead is low – differences arise fromtechnology specifics Bridge: kernel switching MACVLAN: MAC level VLAN VETH: IP level SW pairsDPMUX Mix and match
DIRECT ASSIGNMENT12PUBLIC USE#NXPFTF
Introduction to VFIO QEMUVFIO (Virtual Function IO)VM Linuxuser space driverinfrastructure Enforces IOMMU protection VFIO ProvidesI/O Device DriversQEMU VFIOKVMVFIOUser-space Deviceaccess (mmap() deviceMMIO regions) IOMMU programming interface High performance interruptsupport Bus support PCI,KernelHardwareVM MemoryIOMMUI/O Device (PCI, Platform, LS2-MC Bus)platform devices, LS2 MCMMIOIRQDMAbusControl13PUBLIC USE#NXPFTF
PCI Device Direct Assignment to VMQEMUVMPCI Device DriverQEMU VFIO(PCI Emulation)PCI Bus DriverControlUser-spaceKVMVFIO PCIKernelHardwareVM MemorySMMUVFVFVF(Virtual Function)14PUBLIC USEMMIOIRQDMA#NXPFTFPCI-SRIOVPF(Physical Function)
DPAA2 Enables Secure Direct AssignmentICID Management Complex (MC) is optimized forresource assignment to various softwarecontexts through Management ComplexGPPDPAA 2 Linux MC bus Resource management tool DPAA secured with Authorization TablesMemoryICID (StreamID) MC bus integration with VFIO Device resetICIDICIDICID AuthorizeIOMMU translation and protection for userspace (DPDK and QEMU)MMUPIDPIDPIDQ/BMan ICIDICIDICIDIOMMUACCICID15PUBLIC USE#NXPFTFICID ICIDICID ICID
DPAA2 Device Direct Assignment to VMQEMUVMDPAA2Crypto-DriverEth DriverDPAA2QEMU VFIO(FSL MC Emulation)FSL MC Bus DriverUser-spaceVFIO FSL-MCKVMKernelHardwareVM MemoryLS2-MC (DPAA2.0)16PUBLIC USE#NXPFTFSMMUMMIOIRQDMAControl
DPAA2 Device Pass-through to DPDK in VMVMDPDKQEMUDPDK applicationsDPAA DriversUser-spaceKernelVFIO FSL-MCQEMU VFIO(FSL MC Emulation)FSL MC BusDriverControlUser-spaceKVMVFIO FSL-MCKernelHardwareVM MemoryLS2-MC (DPAA2.0)17PUBLIC USE#NXPFTFMMIOIRQDMASMMU
Platform devices direct assignmentQEMUVMI/O Device DriversQEMU reVM MemoryIOMMUI/O device18PUBLIC USE#NXPFTF
VIRTIO DETAILS19PUBLIC USE#NXPFTF
Virtual I/O DeviceVirtio family of devices Found in virtual environments By design they look like physical devices Use guest standard drivers and discovery mechanisms Specification defined by OASIS technical ioconsoleGuestvirtiotransportvirtio back-end driverHostVirtio specification purpose Straightforward - use normal bus mechanisms of interrupts and DMA Efficient - rings of descriptors for both input and output, laid out to avoid cache effects Standard - makes no assumptions about guest environment beyond supporting MMIO, Channel I/O or PCI bus transports. Extensible - devices contain feature bits acknowledged by the guest OSVirtio device facilities Device status field Feature bits Device Configuration space One or more virtqueues20PUBLIC USE#NXPFTF
Virtio-net: Vhost back-end in user spaceVMNetwork Applicationvhost-user application(s)User-spaceKernelDPDK/ODPNetworking Stackvhost-uservirtio-net DriversHost User-spaceHost kernel spaceKVMVFIOHardwareDPAA21PUBLIC USE#NXPFTFDPAA Drivers
Virtio-net: DPDK-OVS backendVMNetwork erNetworking Stackvirtio-net DriversHost User-spaceHost kernel spaceKVMVFIOHardwareDPAA Drivers22PUBLIC USE#NXPFTFDPAA Drivers
Virtio-net: DPDK in guest using virtio-netVMDPDK Network ApplicationIFIFDPDK/ODPUser-spacevirtio-net DriversOVSKernelvhost-userHost User-spaceHost kernel spaceKVMVFIOHardwareDPAA Drivers23PUBLIC USE#NXPFTFDPAA Drivers
Virtio-block dataplaneQEMUVMVFSFrontend driverIO Thread 2IO Thread 1libaioHost User-spaceHost kernel spaceBlock layerHardwareBlock device 124PUBLIC USE#NXPFTFBlock device 2
CONCLUSIONS25PUBLIC USE#NXPFTF
Conclusions 26Efficiency, performance and flexibility in I/O virtualization solutions are importantingredients for network function virtualizationKVM provides VirtIO and direct assignment offering NFV system designers thepossibility to choose the best suited solution for their applications.PUBLIC USE#NXPFTF
ATTRIBUTION STATEMENTNXP, the NXP logo, NXP SECURE CONNECTIONS FOR A SMARTER WORLD, CoolFlux, EMBRACE, GREENCHIP, HITAG, I2C BUS, ICODE, JCOP, LIFE VIBES, MIFARE, MIFARE Classic, MIFAREDESFire, MIFARE Plus, MIFARE FleX, MANTIS, MIFARE ULTRALIGHT, MIFARE4MOBILE, MIGLO, NTAG, ROADLINK, SMARTLX, SMARTMX, STARPLUG, TOPFET, TrenchMOS, UCODE, Freescale,the Freescale logo, AltiVec, C 5, CodeTEST, CodeWarrior, ColdFire, ColdFire , C Ware, the Energy Efficient Solutions logo, Kinetis, Layerscape, MagniV, mobileGT, PEG, PowerQUICC, Processor Expert,QorIQ, QorIQ Qonverge, Ready Play, SafeAssure, the SafeAssure logo, StarCore, Symphony, VortiQa, Vybrid, Airfast, BeeKit, BeeStack, CoreNet, Flexis, MXC, Platform in a Package, QUICC Engine,SMARTMOS, Tower, TurboLink, and UMEMS are trademarks of NXP B.V. All other product or service names are the property of their respective owners. ARM, AMBA, ARM Powered, Artisan, Cortex,Jazelle, Keil, SecurCore, Thumb, TrustZone, and μVision are registered trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. ARM7, ARM9, ARM11, big.LITTLE, CoreLink,CoreSight, DesignStart, Mali, mbed, NEON, POP, Sensinode, Socrates, ULINK and Versatile are trademarks of ARM Limited (or its subsidiaries) in the EU and/or elsewhere. All rights reserved. Oracle andJava are registered trademarks of Oracle and/or its affiliates. The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service markslicensed by Power.org. 2015–2016 NXP B.V.28PUBLIC USE#NXPFTF
6 PUBLIC USE #NXPFTF KVM/QEMU Multicore Hardware Linux KVM App Virtual Machine 1 QEMU App OS Virtual Machine 2 QEMU App OS KVM/QEMU-open source virtualization technology based on the Linux kernel KVM is a Linux kernel module QEMU is a user space emulator that uses KVM for acceleration Run virtual machines alongside Linux applications No or minimal OS changes required
KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko. .
Sep 06, 2011 · 2. Install the KVM Switch unit into the rack cabinet. Figure 9. DKVM-440 Front Panel D. Plug in the power adapter for each level Slave KVM Switch and connect Slave KVM switch to computers. E. The power on sequence should be: 1. Master KVM Switch 2. Second level Slave KVM Switch (connec
KVM/ARM Optimization #2 VM Kernel EL0 App App EL1 EL2 Host App App Linux KVM Legacy KVM/ARM design enabled/disabled virtualization features on every transition Virtual/Physical interrupts Stage 2 memory translation KVM Lowvisor Disable traps Enable traps
Perf AoA-CPU KVM Execute code Open event Notify event Stop KVM Sync Start KVM time Fig. 3. Overview of instruction counting mechanism counting mechanism based on Linux perf and the ARM PMU was implemented. QuantumSync is described in Section III-B. During execution of the VP, the AoA-CPU run loop is triggered for every simulation quantum. KVM .
Texts of Wow Rosh Hashana II 5780 - Congregation Shearith Israel, Atlanta Georgia Wow ׳ג ׳א:׳א תישארב (א) ׃ץרֶָֽאָּהָּ תאֵֵ֥וְּ םִימִַׁ֖שַָּה תאֵֵ֥ םיקִִ֑לֹאֱ ארָָּ֣ Îָּ תישִִׁ֖ארֵ Îְּ(ב) חַורְָּ֣ו ם
TU Dresden, 2009-12-01 MOS - Virtualization Slide 6 von 58 Virtualization – a hype A lot of interest in the research community within the last years, e.g.: SOSP 03: Xen and the Art of Virtualization EuroSys 07: a whole session on virtualization Many virtualization products: VMware, QEmu, VirtualBox, KVM
Apr 30, 2009 · KVM over IP User Manual Page 6 of 109 1. Product Overview 1.1 Introduction Opengear’s KVM-over-IP switch (referred to generically in this manual as the IP-KVM) redirects local keyboard,
argue that classical social theory is primarily a theory of modernity and that the classical tradition of modern social theory raised fundamental questions concerning the nature, structure, and historical trajectories of modern societies. By putting modern societies in broad historical perspective, by emphasizing the linkages between their differentiated social institutions, and by expressing .
