Virtualization and IaaS
Reaching "EPYC" Virtualization Performance
Case Study: Tuning VMs for Best Performance on AMD EPYC 7002 Series Based Servers
Virtualization brings many advantages, but what about the overhead it introduces? What about performance? This talk will show how great virtualization performance can be achieved, if proper tuning is applied to all the components of the system: hypervisor, host and guests, for both Xen and KVM. As a case study, we will describe how we tuned our OS in order to be able to reach, inside VMs, close to baremetal performance, on a server powered by a CPU from the AMD EPYC 7002 (codename "Rome") series. We will, of course, show the benchmarks proving that (run on KVM), even when memory encryption is used.
Virtualization is great because it decouples the software from the hardware on top of which it runs, and this brings benefits in terms of flexibility, security, reliability and cost savings. But what about the overhead that this, unavoidably, introduces?
Well, often enough, a virtualized system is really able to fulfill its goals with an acceptable quality of service, efficient exploitation of HW resources, satisfactory user experience, etc., only if all the components are configured properly. This is not entirely new, as baremetal systems need tuning too, but in a virtualized environment one has to take care of tuning both the the host and the guests. And beware that the interactions between all the different components may not always be straightforward, especially on a large server with complex CPU architecture, such anything based on the AMD EPYC 7002 (codename "Rome") series of processors.
This talk will go over some of the typical virtualization “tuning tricks” (for both Xen and KVM). Then, as a case study, we will illustrate how we managed to reach, inside Virtual Machines, a performance level that almost matches the one of the host, on a server powered by a CPU from the AMD EPYC 7002 series. In fact, we will show the results of running CPU and memory intensive benchmarks (on KVM) with and without the suggested tuning. Last (but not least :-D), we will show the impact that the Secure Encrypted Virtualization (SEV) technology has on performance.
Additional information
| Type | devroom |
|---|
More sessions
| 2/2/20 |
A tribute, from the FOSDEM Virtualization & IaaS Devroom, to the memory of Lars Kurth Please note that this is a late addition to the schedule, and the program will now be starting 10 minutes earlier than originally scheduled.
|
| 2/2/20 |
Because virtualization is everywhere, new challenges in the IT world are revealing that this crucial component has to be improved on a regular basis. This requires a lot of coordination between Open Source projects as well as intense research and development efforts. NVMe storage performance revealing hidden bottlenecks, Intel CPU flaws changing the security landscape regarding isolation, increasing complexity of stacks requiring more and more components working together, hardware ...
|
| 2/2/20 |
A whole bunch of CPU vulnerabilities were revealed in the past few years: Meltdown and Spectre, SSB, L1TF and MDS -- and there's little hope that we've seen them all. Every time there is a new vulnerability released, big cloud provides on day 1 claim that their hosts were updated and that their users are secure. Is this so or do we also need to do something inside our Linux guests to mitigate these vulnerabilities? And, do we have the required tools to actually do the mitigations? Are all of ...
|
| 2/2/20 |
This talk covers the new virtio-fs shared file system that allows a host directory tree to be shared with guests. Sharing files with the guest is required by several use cases including container VMs, File-System-as-a-Service, and traditional virtualization. virtio-fs goes further than previous attempts by taking advantage of the co-location of the guest and host using DAX to share the host page cache. This presentation explains how to use virtio-fs, a bit about how it works internally, and the ...
|
| 2/2/20 |
iouring is a new kernel asynchronous I/O processing mechanism proposed as a much faster alternative for conventional Linux AIO. Patches were merged in Linux 5.1 and gave a promised performance boost. We decided to integrate it into QEMU to make virtualized storage devices work more efficiently. Let's take a look at how iouring works in QEMU.
|
| 2/2/20 |
Running applications in the Cloud has changed the way users develop and ship their code. Quite recently, the community has given rise to microservices-based approaches, towards solutions that follow the paradigm of Platform-, Software-, and Function-as-a-Service (PaaS, SaaS, and FaaS respectively). To accommodate user demands, while maintaining security and isolation, Cloud vendors have adopted a hybrid approach where user workloads are being executed in lightweight sandboxed environments, where ...
|
| 2/2/20 |
LXD is most known as a system container manager, offering a simple user experience and images for most Linux distributions. It also offers a simple REST API, network and storage management, project views and easy clustering to dozen of hosts. Over the past few months, LXD has now grown the ability to run virtual machines alongside containers, using the exact same REST API and configuration. This presentation will cover that new feature, why it was done, where it's at now and where we're going ...
|
