Dataplane Networking journey in Containers Gary Loughnane – gary.loughnane@intel.com Kuralamudhan Ramakrishnan – kuralamudhan.ramakrishnan@intel.com DPDK Summit Userspace - Dublin- 2017
Discussion topics Container Deployment Models Container Bare Metal Reference Architecture Container Unified Infrastructure Reference Architecture 2
Network Cloudification Multiple Deployment Models CLOUD NATIVE COMPUTING FOUNDATION VNFs NFV Orchestration vEPC vNAT vIMS vRouter vGGSN vFirewall vCPE vRNC vHLR vSGSN vMME vIDS NFVi- Network SR-IOV VM Containers VM Containers VM Containers Bare Metal Unified Hybrid 3
Network Cloudification Multiple Deployment Models – Today Discussion Focus CLOUD NATIVE COMPUTING FOUNDATION VNFs NFV Orchestration vEPC vNAT vIMS vRouter vGGSN vFirewall vCPE vRNC vHLR vSGSN vMME vIDS NFVi- Network SR-IOV Bare metal Unified VM VM Containers Containers 4
Address Container Networking Industry Gaps Intel Containers NFV Reference Architectures (Experience Kits ) Identified Gaps Resolve, Integrate Communicate Containers Container BM Container UI SW Contributions Compute & Ref. Architecture Ref. Architecture Existing Solution Demo Integration Networking Rel. 1 Oct. 2017 Rel. 1 Feb 2017 MULTUS Multi-network Support Best Practice Guidelines Open Source Projects Experience kits (Examples) SR-IOV CNI PLUGIN Resource Isolation VNF MULTUS Data Plane Scale DPDK CNI PLUGIN SW Data Plane Support NODE FEATURE DISCOVERY Data Center Heterogeneity CPU MANAGER for K8s EPA - CMK Kuryr CPU Core Pinning SW NEW SOLUTIONS: WIP RESOURCE MANAGMENT NUMA Awareness Huge pages QAT 5 5
Network Cloudification Multiple Deployment Models – Today Discussion Focus VNFs NFV Orchestration vEPC vNAT vIMS vRouter vGGSN vFirewall vCPE vRNC vHLR vSGSN vMME vIDS NFVi- Network SR-IOV Bare metal Unified VM VM Containers Containers 6
Industry challenges in containers Bare Metal Multiple network interfaces for VNFs SR-IOV Support for high performance Data Plane (N-S) VHOST USER Support for high performance Data Plane(E-W) Node Feature Ability to request/allocate platform capabilities Discovery CPU Manager for Support for CPU Core-Pinning for K8s pods Kubernetes Native Huge page Dynamic Huge Page allocation support for Kubernetes 7 7
Kubernetes networks via Container Network Interface (CNI) Container Orchestration Engines Management Container Runtime Containers Node - Container Network Interface Environment Container Network Interface Plugins 8
Kubernetes networks via Container Network Interface (CNI) Container Orchestration Engines Management Container Runtime Open Source Containers Projects Container Network Interface Node - Container Network Interface Environment Container Network Interface Plugins SR-IOV Can “mix and match” with CNI as the API 9
DPDK - SRIOV CNI Plugin Kubernetes Pod PROBLEM Container Lack of support for physical platform resource isolation VNF Application No guaranteed network IO performance DPDK No support for Data Plane Networking SOLUTION Allows SRIOV support in Kubernetes via a CNI plugin Kernel Intel contributor and maintainer of SR-IOV CNI plugin uio_pci_generic/igb_uio/vfio-pci Supports two modes of operation: SR-IOV : SR-IOV VFs are allocated to pod network namespace VF VF VF DPDK : SR-IOV VFs are bounded to DPDK drivers in the userspace SR-IOV Enabled Network Interface REFERENCE https://github.com/Intel-Corp/sriov-cni 10 10
Vhost user CNI Plugin Kubernetes Pod Container PROBLEM VNF Application No Container Networking with software acceleration for NFV particularly for East – West Traffic DPDK virtio_user SOLUTION Virtio_user/ vhost_user gives boosted performance than VETH pairs vhostuser Support VPP as well as DPDK OVS Vhost_user CNI plugin enables K8s to leverage data plane OVS- DPDK / VPP acceleration eth0 REFERENCE https://github.com/intel/vhost-user-net-plugin NIC 11 11
Network Cloudification Multiple Deployment Models – Today Discussion Focus CLOUD NATIVE COMPUTING FOUNDATION VNFs NFV Orchestration vEPC vNAT vIMS vRouter vGGSN vFirewall vCPE vRNC vHLR vSGSN vMME vIDS NFVi- Network SR-IOV Bare metal Unified VM VM Containers Containers 12
Industry challenges in Nested Containers Kuryr- Network performance penalties for Container in VM Kubernetes MASTER VM Scaling Data plane networking Multiple network interfaces for VNFs CPU Manager for Support for CPU Core-Pinning for K8s pods Kubernetes 13 13
Master VM For Containers Enabling DPDK in Nested Containers OBJECTIVES DPDK Pod Non DPDK Pod Virtual One Virtual Machine to many Containers Machine Target: 1k Containers per VM Socket App Container Data Plane performance Network Appliance BSD Sockets API USE CASE Elasticity and scalability of containerized VNF application Layer 4 in VM Layer 3 Kubernetes Layer 2 Virt Virt I/O I/O BENEFITS • VT-x ring de-privileging to move the VM and Container into Nova userspace, making it accessible to the userspace vSwitch with just a single copy. • Standard Virtio interface that supports both interrupt and poll modes, VNF and Cloud based applications. • Standard Vhost shared memory interface between DPDK vSwitch and VNF. SOLUTIONS • Enabling DPDK in containers using VIRTIO Neutron • Using Kuryr – Kurbernetes, orchestrate the Dataplane networking – DPDK workload using the vSwitch Master VM: Co-existence of Containers and Virtual Machines 14 14 DPDK based vSwitch, independent method to accelerate the Container Data Plane.
Kuryr – Kurbernetes with Dataplane Networking with DPDK based vSwitch Virtual Machine PROBLEM (Current Status) No support for Data Plane Networking for Kubernetes Pod nested containers in Unified Infrastructure RA Container VNF Application SOLUTION (WIP) DPDK Working on the PoC for the development of DPDK net plugin support in kuryr CNI DPDK: Virtio are bounded to DPDK drivers in the userspace Kernel uio_pci_generic/igb_uio/vfio-pci REFERENCE https://blueprints.launchpad.net/kuryr- kubernetes/+spec/nested-dpdk-support virtio virtio virtio Neutron 15 15
Gary Loughnane gary.loughnane@intel.com Questions? Kuralamudhan Ramakrishnan kuralamudhan.ramakrishnan@intel.com
Recommend
More recommend
