device assignment for vms in kubernetes
play

Device Assignment for VMs in Kubernetes Martin Polednik - PowerPoint PPT Presentation

Sep 29, 2023 •284 likes •706 views

Device Assignment for VMs in Kubernetes Martin Polednik (@mpolednik) Software Engineer @ Red Hat $ whoami Golang, Python engineer working on oVirt and KubeVirt node/host management level virtualization tech device assignment w/

  1. Device Assignment for VMs in Kubernetes Martin Polednik (@mpolednik) Software Engineer @ Red Hat

  2. $ whoami • Golang, Python engineer • working on oVirt and KubeVirt • node/host management level virtualization tech • device assignment w/ VFIO, (v)GPU, SR-IOV • NUMA, hugepages, CPU architectures • https://mpolednik.github.io/

  3. The Stack • VM device assignment (VFIO) • libvirt • Docker • Kubernetes • KubeVirt

  4. Devices & Virtualization

  5. What even is a device? • many memory regions! • /sys/bus/pci/${device_address}/... • /dev/...

  6. VFIO 101 • PCI driver • devices bound to it can be used in VMs • IOMMU groups based on DMA isolation • explained in Slicing a (v)GPU talk at DevConf.cz • https://www.youtube.com/watch?v=G8b9jlFN-nk

  7. IOMMU Groups • group contains 1-N devices • assignment granularity at group level • e.g. GPU + HDMI sound card • accessed at /dev/vfio/${N}

  9. libvirt • daemon & library for single-node VM management • abstracts QEMU cmdline interface by XML • refers to devices by their PCI address

  10. libvirt ... <devices> ... <hostdev managed="no" mode="subsystem" type="pci"> <source> <address bus="7" domain="0" function="0" slot="0" /> </source> </hostdev> ... </devices> ...

  11. Devices in Containers

  12. Overview • no special driver needed • device path exposed to container • --device, --volume (?), --privileged (?!) • DRI, toolkits, any required endpoints • also sets up cgroups

  13. Overview • sufficient unless orchestration is needed • ... in that case, building block for Kubernetes device assignment

  14. Devices in Kubernetes

  15. Kubernetes 101 • orchestrate containers (in declarative way) • pod = several containers • pod, container, node etc. are just resources • the talk will show resources in YAMLs

  16. NVIDIA GPUs • vendor-specific feature since 1.3 • `accelerators` FeatureGate • request N GPUs

  17. NVIDIA GPUs spec: containers: - name: demo ... resources: requests: alpha.kubernetes.io/nvidia-gpu: 2

  18. NVIDIA GPUs • deprecated by device plugins

  19. Device Plugins • since Kubernetes 1.8 • shortened to DPI(s) • gated behind `DevicePlugins` FeatureGate • gRPC server(s) that exposes available resources • Register, Allocate, ListAndWatch

  20. Device Plugins • one gRPC server per tracked resource

  22. fancy starting 50+ gRPC servers?

  23. $ sh kubectl.sh get nodes --show-all -o json | grep -A 10 alloca "allocatable": { "cpu": "4", "hugepages-1Gi": "0", "hugepages-2Mi": "0", "memory": "12181600Ki", "mpolednik.github.io/102b_0522": "1", "mpolednik.github.io/111d_8018": "3", "mpolednik.github.io/8086_10c9": "2", "mpolednik.github.io/8086_10e8": "4", "mpolednik.github.io/8086_244e": "1", "mpolednik.github.io/8086_2c70": "1", ...

  24. apiVersion: v1 kind: Pod metadata: name: nginx-apparmor spec: containers: - name: nginx image: nginx resources: requests: mpolednik.github.io/8086_10e8: 1 limits: mpolednik.github.io/8086_10e8: 1

  25. Device Plugins • flexible • allows the node to advertise any resource • /dev/kvm is a device too! • and mount it into a container (not pod!) • still in development • Deallocate gRPC endpoint?

  26. KubeVirt

  27. KubeVirt • (not only) pet VMs in Kubernetes • uses CRD (custom resource definition) • and several custom services • based on libvirt

  30. Devices in KubeVirt • mix of both worlds • Kubernetes assignment for devices • VFIO within the (docker) container • requires custom DPI • + VM spec to POD spec translation

  31. VFIO DPI https://github.com/kubevirt/kubernetes-device-plugins (WIP)

  32. VFIO DPI • ensure vfio-pci is loaded • enumerates /sys/bus/pci/devices • for each device found • get vendor ID, device ID, IOMMU group • report it back to Kubelet (via gRPC API)

  33. VFIO DPI • the missing parts: • IOMMU group awareness (report conflicting groups as unhealthy? + DPI topology) • device deallocation (inotify VFIO endpoint?) • edge case handling (Kubelet dies, device plugin dies)

  34. Bridging VMs and pods

  35. What We Have (idea) spec: domain: devices: ... passthrough: - type: pci vendor: 1000 device: 1000 ... memory:

  36. What We Need (reality) spec: containers: - name: demo ... resources: requests: mpolednik.github.io/1000_1000: 1 limits: mpolednik.github.io/1000_1000: 1

  37. VFIO Initializer https://github.com/mpolednik/k8s-vfio-initializer-plugin (WIP) • • transform VM requirements to pod • in Kubernetes-native way • probably not needed after all

  38. That's it!* * almost

  39. Is that really all? • which devices inside pod belong to the VM? • remember libvirt addressing? • mount • /sys • /sys/bus/pci/devices/${device_address} • something else?

  40. Devices in KubeVirt • proposal @ https://github.com/kubevirt/kubevirt/pull/593 • DPI @ https://github.com/kubevirt/kubernetes-device-plugins • Initializer @ https://github.com/mpolednik/k8s-vfio-initializer-plugin • comments & suggestions welcome!

  41. Summary • VMs in Kubernetes are real! • and so is device assignment

  42. Questions? Thank you! Slides & Blog @ https://mpolednik.github.io/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes

Airflow on Kubernetes: Containerizing your Workflows By Michael Hewitt Agenda Kubernetes Overview 1 Airflows integration with Kubernetes 2 Deployment of Airflow on Kubernetes 3 Kubernetes Pod Operator and its benefits 4 DAG Development

2.79k views • 14 slides
Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like -

Continuous Kubernetes Security @sublimino and @controlplaneio Im: - Andy - Dev-like - Sec-ish - Ops-y Is this Kubernetes cluster secure? EPIC FAIL GIF How secure is Kubernetes? What this Kubernetes talk is about Common Pwns

1.18k views • 113 slides
Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source

Kubernetes Matthias Haeussler Mirna Alaisami Overview Overview Kubernetes is an open-source platform designed to automate deploying , scaling , and operating application containers . Kubernetes v1.0 was released in 2015. It utilizes

916 views • 52 slides
K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi

K8s or Die! You must do Kubernetes. Or should you? If so when, where, why? How?! Marco Ceppi @marcoceppi Ryan Beisner @ryanbeisner Why Kubernetes Computing in the modern age Virtual Process Machines Containers Traditional Container

516 views • 24 slides
From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang

From Laptop to the World With Kubernetes @saturnism @googlecloud #kubernetes Ray Tsang Developer Advocate Google Cloud Platform @saturnism | +RayTsang @saturnism @googlecloud #kubernetes Ray Tsang Developer Architect Traveler

1.29k views • 65 slides
Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes

Contributing to kubernetes Who am I? Senior Software Engineer at Gojek Organizer at Kubernetes &amp; Cloud Native Meetups in Jakarta and Bandung https://www.meetup.com/jakarta-kubernetes/ https://www.meetup.com/Microservice-JKT/ You can find

709 views • 47 slides
Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes?

@MELANIECEBULA / MARCH 2019 / CON LONDON Developing Kubernetes Services at Airbnb Scale @MELANIECEBULA What is kubernetes? @MELANIECEBULA Who am I? A BRIEF HISTORY @MELANIECEBULA Why Microservices? 4000000 3000000 2000000 MONOLITH

1.74k views • 111 slides
Assignment #3 Which is something you may wish to do since it is Assignment #3 So You Want to

Assignment #3 Which is something you may wish to do since it is Assignment #3 So You Want to

Assignment #3 Which is something you may wish to do since it is Assignment #3 So You Want to Write some Procedural Shaders In fact Assignment #3 Assignments Goal is to be able to produce something nicer than Some advice:

92 views • 5 slides
Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes

Kubernetes Networking and Istio Apurva Bhandari $whoami SRE / DevOps Docker &amp; Kubernetes Enthusiast Speaker at Meetups Email: apurvbhandari@gmail.com LinkedIn: https://www.linkedin.com/in/apurvabhandari-linux GitHub:

2.16k views • 28 slides
Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software

Kubernetes APIs Under the Hood @pwittrock Who Am I? Phillip Wittrock (@pwittrock) Software Engineer at Google working on GKE and OSS Kubernetes My mission is to make using Kubernetes simple and enjoyable You might have come across me

1.12k views • 27 slides
Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes

Stateful workloads on kubernetes with ceph Agenda CaaS Kubernetes Ceph Storage Operation NVRAMOS 2019 10/28/2019 Cloud Service Model On Premises IaaS CaaS PaaS SaaS Applications Applications

660 views • 36 slides
Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd.

Kubernetes Administration from Zero to (junior) Hero Lszl Budai Component Soft Ltd. Agenda 1.Introduction 2.Accessing the kubernetes API 3.Kubernetes workloads 4.Accessing applications 5.Volumes and persistent storage 2 (c) 2018

1.17k views • 57 slides
OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com)

OpenStack on Kubernetes: Make OpenStack and Kubernetes Fail-Safe Seungkyu Ahn (ahnsk@sk.com) Jaesuk Ahn (jay.ahn@sk.com) Open System Lab Network IT Convergence R&amp;D Center SK Telecom Wil Reichert (wil@solinea.com) Solinea What will

1.26k views • 46 slides
Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie

Lessons learnt building Kubernetes controllers David Cheney - Heptio gday Craig McLuckie and Joe Beda 2/3rds of a pod Connaissez-vous Kubernetes? Kubernetes is an open-source system for automating deployment, scaling, and

747 views • 63 slides
Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4

Kubernetes on ARM64 Kubernetes on ARM64 Raspberry PI 4 Kubernetes cloud for a Raspberry PI 4 Kubernetes cloud for a few Euros! few Euros! Jean-Frederic Clere Jean-Frederic Clere @jfclere @jfclere Fosdem 2020 Feb. 1-2, 2020 TM Who am I?

529 views • 26 slides
Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline

Lecture 3: Kubernetes AC295 AC295 Advanced Practical Data Science Pavlos Protopapas Outline 1: Communications 2: Recap 3: Introduction to Kubernetes 4: Creating and Running Containers | Review 5: Anatomy of a Kubernetes Cluster 6:

820 views • 38 slides
Sierpiski carpet as a Martin boundary Stefan Kohl 6th Cornell Conference on Analysis,

Sierpiski carpet as a Martin boundary Stefan Kohl 6th Cornell Conference on Analysis,

Previous approaches to a Laplacian Martin boundary theory SC as Martin boundary harm. fct. on SC Sierpiski carpet as a Martin boundary Stefan Kohl 6th Cornell Conference on Analysis, Probability, and Mathematical Physics on Fractals June

498 views • 26 slides
On the sample complexity of graph selection: Practical methods and fundamental limits Martin

On the sample complexity of graph selection: Practical methods and fundamental limits Martin

On the sample complexity of graph selection: Practical methods and fundamental limits Martin Wainwright UC Berkeley Departments of Statistics, and EECS Based on joint work with: John Lafferty (CMU) Pradeep Ravikumar (UT Austin) Prasad

1.37k views • 60 slides
This Unit CPU performance equation App App App Clock vs CPI System software CIS 371

This Unit CPU performance equation App App App Clock vs CPI System software CIS 371

This Unit CPU performance equation App App App Clock vs CPI System software CIS 371 Performance metrics Mem CPU I/O Benchmarking Computer Organization and Design Unit 7: Performance Metrics Based on slides by Prof. Amir

219 views • 6 slides
What, Why, and Who of Alternative Credentials Martin Kurzweil May 7, 2019 EWA National

What, Why, and Who of Alternative Credentials Martin Kurzweil May 7, 2019 EWA National

What, Why, and Who of Alternative Credentials Martin Kurzweil May 7, 2019 EWA National Conference Baltimore, MD Certificates awarded at end of period of study; credit and non- credit Certifications/licenses awarded based on

232 views • 12 slides
NoSQL Source: Pramod J. Sadalage and Martin Fowler NoSQL Distilled: A Brief Guide to the

NoSQL Source: Pramod J. Sadalage and Martin Fowler NoSQL Distilled: A Brief Guide to the

NoSQL Source: Pramod J. Sadalage and Martin Fowler NoSQL Distilled: A Brief Guide to the Emerging World of Polyglot Persistence , Pearson Education, 2013 Objectives Introduce some key concepts behind the NoSQL family of databases Why NoSQL?

919 views • 19 slides
Jason Martin, EdD Associate Dean, Walker Library Middle Tennessee State University

Jason Martin, EdD Associate Dean, Walker Library Middle Tennessee State University

Jason Martin, EdD Associate Dean, Walker Library Middle Tennessee State University jason.martin@mtsu.edu Professional and Research Interests Emotional Intelligence Publication Associate Dean, MTSU Assessment Professional Development

775 views • 63 slides
Wasserstein GAN Martin Arjovsky, Soumith Chintala, Lon Bottou, ICML 2017 Presented by Yaochen

Wasserstein GAN Martin Arjovsky, Soumith Chintala, Lon Bottou, ICML 2017 Presented by Yaochen

Wasserstein GAN Martin Arjovsky, Soumith Chintala, Lon Bottou, ICML 2017 Presented by Yaochen Xie 12-222017 Contents GAN and its applications [1] GAN vs. Variational Auto-Encoder [2] Whats wrong with GAN [3], [4] JS

829 views • 27 slides
Welcome! Assistance Animals in Public Accommodations &amp; Housing will begin at 2:00 p.m.

Welcome! Assistance Animals in Public Accommodations &amp; Housing will begin at 2:00 p.m.

8/11/2014 Welcome! Assistance Animals in Public Accommodations &amp; Housing will begin at 2:00 p.m. Eastern Time 1 Listening to the Webinar Online: Please make sure your computer speakers are turned on or your headphones are plugged in

518 views • 28 slides

More recommend