Bare metal platform solution for Infrastructure-as-a-Service
Napatech Link-Virtualization™ Software
Solution Description
Napatech’s SmartNIC solutions maximize the performance of bare metal platforms for Infrastructure-as-a-Service
By leveraging servers configured with Napatech Smart Network Interface Card (SmartNIC) solutions, data center operators can deliver virtualized, cost-effective bare metal cloud platforms:
• Achieving a level of performance that would otherwise require more expensive severs with higher-end CPUs;
• Boosting their networking performance without consuming server CPU resources;
• Optimizing the provisioning and performance of both singletenant and multi-tenant configurations;
• Ensuring the deployment agility and scalability normally associated with Virtual Server Instances (VSIs).
Foundational NICs constrain the capabilities of Infrastructure-as-a-Service platforms
Data center operators seeking to deliver Infrastructure-as-a-Service (IaaS) platforms to their enterprise customers have traditionally been forced to select between two architecture approaches.
By dedicating an entire physical server to a single tenant, they can guarantee the maximum compute performance available from that server’s CPU, together with fully-deterministic operation and full isolation from all other data center tenants. However it can take the operator several hours to provision a server for this true “bare metal” experience, during which time the server is unused and generating no revenue.
The physical provisioning process also limits the operator’s ability to respond quickly to new customer orders or dynamically-changing requirements, while the scalability of the customer’s configuration is inherently limited. All-in-all, using physical servers to deliver IaaS platforms results in a less-than-ideal OPEX model for the operator.
Standard server running Virtual Server Instance
The traditional alternative is to provision the platform as a “Virtual Server Instance” or “VSI” running on a standard server configured with a foundational Network Interface Card (NIC), so that customers access Virtual Machines (VMs) rather than physical CPU cores, under the control of a hypervisor. (Typically, a “Type 1” bare metal hypervisor is used for IaaS applications, rather than a “Type 2” hypervisor which runs on top of an operating system.)
The advantages of a VSI deployment are that provisioning is quick (typically only minutes or even seconds) which minimizes server downtime, while the platform is highly scalable and customizable as customers’ needs change.
There are however some important downsides to the VSI approach. A significant fraction of the CPU cores are required for running infrastructure services such as the hypervisor and virtual switch (vSwitch), which limits the number of CPU cores available for VMs. A 16-core CPU, for example, might only deliver the performance of a 12-core. Since tenants are unable to access the whole CPU, this architecture does not constitute a true bare metal cloud. There is a security risk if either the hypervisor or vSwitch is compromised in a cyber-attack, while there is no way to ensure full isolation between tenant workloads.
Finally, this approach delivers limited networking performance since a foundational NIC lacks the capability to accelerate packet processing and/or security functions by offloading them from the CPU.
SmartNIC offload for high-performance bare metal clouds
The best approach for delivering IaaS is to use an Infrastructure Processing Unit (IPU) Smart Network Interface Card (SmartNIC) instead of a foundational NIC. An IPU SmartNIC comprises an FPGA to execute data plane functions as well as a general-purpose CPU for control plane workloads such as the hypervisor.
The infrastructure services such as the hypervisor and vSwitch can be completely offloaded to the SmartNIC, so that all the CPU cores are available for running tenant VMs, guaranteeing maximum compute performance. In this example, the 16-core CPU truly runs like a 16-core.
This architecture enables the deployment of virtualized, multi-tenant bare metal clouds in support of an IaaS business model, with fully-deterministic performance for each tenant and no risk of jitter due to “noisy neighbors”.
In a multi-tenant scenario, compute resources can be split and allocated dynamically based on the specific needs of each tenant, with a finer level of granularity and faster provisioning compared to VSIs.
At the same time, the SmartNIC ensures maximum networking performance, by offloading all the necessary packet processing and security functions that were performed on the server CPU in the VSI scenario.
This SmartNIC platform architecture supports a highly-agile deployment model that enables data center operators to maximize the ROI from their IaaS offerings. As in the VSI scenario, provisioning is quick (typically only minutes or even seconds) which minimizes server downtime, while the platform is highly scalable and customizable as customers’ needs change. In addition, the infrastructure services are fully upgradable in software, so there is no risk of hardware lock-in, which maximizes the effective lifetime of both the server and the SmartNIC.
Napatech’s technology for full infrastructure offload
Napatech offers complete SmartNIC solutions for IaaS clouds, comprising the Link-VirtualizationTM software in addition to an IPU SmartNIC.
Link-Virtualization is a production-grade software package that fully offloads Open vSwitch (OVS), hypervisor and high-performance networking functions from the host CPU to an IPU SmartNIC.
It’s fully compatible with the virtio networking interface and applicable industry standard APIs like DPDK, so no changes are required to guest applications in order to leverage the performance improvements delivered by the Napatech solution.
Besides delivering industry-leading OVS performance, Link-Virtualization also supports virtual data path acceleration (vDPA), enabling the live migration of tenant VMs.
Other key functions supported by Link-Virtualization include:
• VLAN and VxLAN encapsulation/decapsulation;
• Port mirroring;
• Cybersecurity;
• Network Performance Monitoring (NPM);
• Application Performance Monitoring (APM);
• Extensive set of additional networking functions.
The platform enables the deployment of both single-tenant and multi-tenant clouds with full isolation, protecting and preserving the network management model and topology.
The FPGA and CPU ensure that the complete functionality of the platform can be updated after deployment, whether to modify an existing service, to add new functions or to finetune specific performance parameters. This reprogramming can be performed purely as a software upgrade within the existing server environment, with no need to disconnect, remove or replace any hardware.
(Note that Napatech also provides a portfolio of FPGA-only SmartNICs which are ideal for embedded use-cases and support 20G, 40G, 50G, 100G and 200G configurations.)
Industry-leading performance
Leveraging Napatech’s highly-optimized FPGA firmware, the Link-Virtualization software delivers an aggregate OVS switching capacity of 123 million packets per second (Mpps) per core with 64-byte packets. On a dual-25G port IPU SmartNIC, line rate is delivered for packet sizes greater than 128 bytes. This represents a 15x performance improvement compared to a pure software implementation of OVS-DPDK, which achieves 8Mpps per core with up to 128 byte packets. (These results were measured on a Dell R740 server with 2.30GHz Intel® Xeon® Gold 6230 CPU and 128G DRAM, running CentOS 8.3 and DPDK 18.11.2, configured with an IPU SmartNIC with dual 25Gbps ports, running Link-Virtualization v4.0.5.)
In addition, Link-Virtualization implements the standard virtual Data Path Acceleration (vDPA) kernel framework, which enables full support for the live migration of guest workloads while retaining the high performance and low latency of Single Root I/O Virtualization (SR-IOV).
Summary
Napatech’s IPU SmartNIC solutions deliver compelling business benefits for both consumers and providers of virtualized IaaS platforms:
• End-users of bare metal clouds see their services deployed in minutes after their order is placed (compared to hours for physical server provisioning), while leveraging maximum compute and networking performance for their applications, along with guaranteed fully deterministic operation and complete isolation from other tenants.
• Data center operators achieve fast, agile, scalable deployments of their IaaS platforms, maximizing both server utilization and data center energy efficiency with no risk of hardware lock-in, while delivering maximum compute and networking performance at reduced server cost, all leading to improved ROI and greater customer satisfaction.
• Server vendors boost revenues by delivering servers that meet or exceed the compute performance of competing products with higher-end CPUs, while also providing industry-leading networking performance.
For more information, visit: Napatech at:
https://www.napatech.com/products/link-virtualization-software/