Uploaded byLibbySchulze1
PDF, PPTX97 views

Deploying vn fs with kubernetes pods and vms

This document discusses deploying virtual network functions (VNFs) using Kubernetes pods and VMs. It covers using single root I/O virtualization (SR-IOV) and Open vSwitch with Data Plane Development Kit (OVS-DPDK) for high performance networking. SR-IOV allows VNFs direct access to network interface cards to bypass the hypervisor. OVS-DPDK processes packets in userspace using DPDK for accelerated performance compared to native Linux networking or SR-IOV for some workloads. The document provides configuration details for enabling SR-IOV and OVS-DPDK on the host and specifying network interfaces in KubeVirt virtual machine instances.

Embed presentation

Download as PDF, PPTX
Deploying VNFs with Kubernetes pods and VMs
Agenda VNF basics - What are VNFs? - Benefits of VNFs - Enhancing app performance SR-IOV apps - What is SR-IOV? - Host config for SR-IOV - VM deployment using KubeVirt OVS-DPDK apps - What is OVS? - What is DPDK? - Host config for OVS-DPDK - VM deployment using KubeVirt Demo
Virtual Network Functions
Network Function Virtualization NFV is a network architecture concept to abstract network functions from hardware. Architecture: ● Virtualized network functions (VNFs) ● Network functions virtualization infrastructure (NFVi) ● Management, automation and network orchestration (MANO)
What are VNFs? ● Virtualized network services that replace legacy network appliances on proprietary hardware ● VNFs are built on top of NFV infrastructure serving as a foundational technology for 5G or edge networks ● Often deployed as virtual machines (VMs) by various telecommunications providers ● Common VNF applications - routers, firewalls, WAN optimization, NAT, load balancers
Benefits of VNFs ● Improved network scalability ● Efficient use of network infrastructure ● Reduced power consumption ● Better security features ● Saves on physical space needed for hardware ● Reduced operational and capital expenditures
Enhancing VNF performance Heavy data traffic when running multiple VNF VMs on a host. Efficient memory access, task and resource allocations, network I/O. Faster packet processing than native Linux kernel network stack ● SR-IOV ● DPDK
SR-IOV
What is SR-IOV? Single Root I/O Virtualization allows the isolation of PCI Express resources for manageability and performance reasons. It allows VNFs to access NIC directly, bypassing hypervisor. Requires support in BIOS and at OS level. ● Physical functions (PFs) - full-featured PCIe functions ● Virtual functions (VFs) - “lightweight” PCIe functions
KubeVirt support ● SR-IOV device plugin ● SR-IOV CNI plugin ● Multus meta-plugin Ref: https://github.com/kubevirt/kubevirt/blob/main/docs/sriov.md https://kubevirt.io/user-guide/virtual_machines/interfaces_and_networks
SR-IOV host config ● Plug in SR-IOV capable NIC ● Enable SR-IOV in BIOS ● Configure kernel to enable IOMMU: ○ intel_iommu=on ○ pci=realloc ○ pci=assign-busses ● VFIO userspace driver to pass through PCI devices into qemu: ○ modprobe vfio-pci
KubeVirt VMI spec spec: domain: interfaces: - masquerade: {} name: default - name: sriov-net sriov: {} KubeVirt relies on VFIO userspace driver to pass PCI devices into VMI guest. networks: - name: default pod: {} - name: sriov-net multus: networkName: sriov-network-eno
OVS-DPDK
What is OVS? Open vSwitch: a production quality, multi-layer virtual switch Main components: ● Forwarding path: implemented in kernel space for high performance ● Vswitchd: main userspace program
What is DPDK? ● DPDK stands for Data Plane Development Kit ● Packet processing bypasses Linux kernel network stack ● Fast switching in user space using Poll mode drivers ● Open vSwitch can be combined with DPDK for accelerated performance ● For East-West traffic in same server, DPDK wins against SR-IOV
KubeVirt support ● Userspace CNI plugin ● Multus meta-plugin ● OVS built with DPDK support Pending Github PR - https://github.com/kubevirt/kubevirt/pull/3208 Ref: https://github.com/intel/userspace-cni-network-plugin https://telcocloudbridge.com/blog/dpdk-vs-sr-iov-for-nfv-why-a-wrong-deci sion-can-impact-performance/
OVS-DPDK host config ● Install DPDK and OVS packages on host(s) ● Configure hugepages using sysctl: vm.nr_hugepages ● Setup DPDK devices using VFIO-PCI: ○ driverctl set-override <pci-address> vfio-pci ● Bridge/Ports creation in OVS: ○ ovs-vsctl add-br br-dpdk0 -- set bridge br-dpdk0 datapath_type=netdev ○ ovs-vsctl add-port br-dpdk0 eno1 -- set Interface eno1 type=dpdk options:dpdk-devargs=0000:19:00.1
KubeVirt VMI spec spec: domain: interfaces: - masquerade: {} name: default - name: vhost-user-net-1 vhostuser: {} KubeVirt relies on VFIO userspace driver to pass PCI devices into VMI guest. networks: - name: default pod: {} - name: vhost-user-net-1 multus: networkName: net1
Demo…
Thank You!!

More Related Content

PDF
XPDDS17: Bring up PCI Passthrough on ARM - Julien Grall, ARM
byThe Linux Foundation
 
PDF
XPDDS17: PL011 UART Emulation in Xen on ARM - Bhupinder Thakur, Qualcomm Data...
byThe Linux Foundation
 
PDF
virtio
byzhaobrian
 
KEY
DIY InfiniBand networking
bySyoyo Fujita
 
ZIP
MicroServer + InfiniBand + ZFS
bySyoyo Fujita
 
PPTX
Denver VMUG nov 2011
byDan Brinkmann
 
PDF
Introduction to Open Mano
byvideos
 
PDF
I/O virtualization with InfiniBand and 40 Gigabit Ethernet
byMellanox Technologies
 
XPDDS17: Bring up PCI Passthrough on ARM - Julien Grall, ARM
byThe Linux Foundation
 
XPDDS17: PL011 UART Emulation in Xen on ARM - Bhupinder Thakur, Qualcomm Data...
byThe Linux Foundation
 
virtio
byzhaobrian
 
DIY InfiniBand networking
bySyoyo Fujita
 
MicroServer + InfiniBand + ZFS
bySyoyo Fujita
 
Denver VMUG nov 2011
byDan Brinkmann
 
Introduction to Open Mano
byvideos
 
I/O virtualization with InfiniBand and 40 Gigabit Ethernet
byMellanox Technologies
 

What's hot

PDF
Contrail integrated with Kubernetes and Openstack
byDaisuke Nakajima
 
ODP
xPaaS: The JBoss Way
byChristina Lin
 
PDF
Interop2018 contrail ContrailEnterpriseMulticloud
byDaisuke Nakajima
 
PPTX
Citrix Remote Access Solution Soup
byDan Brinkmann
 
PDF
Container network security
byDaisuke Nakajima
 
PDF
Openstack v4 0
bysprdd
 
PDF
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
byLinaro
 
ODP
Mastering kvm virtualization- A complete guide of KVM virtualization
byHumble Chirammal
 
PPTX
GNAT Pro for ARM processors
byAdaCore
 
PDF
Cisco usNIC: how it works, how it is used in Open MPI
byJeff Squyres
 
ODP
Kvm virtualization platform
byAhmad Hafeezi
 
PPT
Play With Android
byChamp Yen
 
ODP
Managing ceph through_oVirt_using_Cinder
byMaor Lipchuk
 
PDF
Open contrailmeetup
byDaisuke Nakajima
 
PPTX
RedHat Virtualization Manager
byRaz Tamir
 
PDF
Graphics virtualization
byThe Linux Foundation
 
PDF
Deploying Baremetal Instances with OpenStack
byEtsuji Nakai
 
PDF
2014년 오픈소스 기반 플랫폼 기술 세미나 - Let's Start NFV & SDN
byHongsik Choi
 
ODP
Gluster ovirt integration_gluster_meetup_pune_2015
byRamesh Nachimuthu
 
PPTX
Mellanox VXLAN Acceleration
byMellanox Technologies
 
Contrail integrated with Kubernetes and Openstack
byDaisuke Nakajima
 
xPaaS: The JBoss Way
byChristina Lin
 
Interop2018 contrail ContrailEnterpriseMulticloud
byDaisuke Nakajima
 
Citrix Remote Access Solution Soup
byDan Brinkmann
 
Container network security
byDaisuke Nakajima
 
Openstack v4 0
bysprdd
 
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
byLinaro
 
Mastering kvm virtualization- A complete guide of KVM virtualization
byHumble Chirammal
 
GNAT Pro for ARM processors
byAdaCore
 
Cisco usNIC: how it works, how it is used in Open MPI
byJeff Squyres
 
Kvm virtualization platform
byAhmad Hafeezi
 
Play With Android
byChamp Yen
 
Managing ceph through_oVirt_using_Cinder
byMaor Lipchuk
 
Open contrailmeetup
byDaisuke Nakajima
 
RedHat Virtualization Manager
byRaz Tamir
 
Graphics virtualization
byThe Linux Foundation
 
Deploying Baremetal Instances with OpenStack
byEtsuji Nakai
 
2014년 오픈소스 기반 플랫폼 기술 세미나 - Let's Start NFV & SDN
byHongsik Choi
 
Gluster ovirt integration_gluster_meetup_pune_2015
byRamesh Nachimuthu
 
Mellanox VXLAN Acceleration
byMellanox Technologies
 

Similar to Deploying vn fs with kubernetes pods and vms

PDF
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
byJim St. Leger
 
PDF
NFV features in kubernetes
byKuralamudhan Ramakrishnan
 
PDF
Achieving the ultimate performance with KVM
byShapeBlue
 
PDF
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
bykimw001
 
PDF
Achieving the Ultimate Performance with KVM
byDevOps.com
 
PPTX
Achieving Network Deployment Flexibility with Mirantis OpenStack
byEric Zhaohui Ji
 
PPTX
Enable DPDK and SR-IOV for containerized virtual network functions with zun
byheut2008
 
PDF
Network Function Virtualization Orchestration LI
byKrishnamoorthy Arvind
 
PPTX
Supporting Virtualized Telco Applications with OpenStack
byBruce Davie
 
PPTX
NFV Orchestration for Optimal Performance
bydfilppi
 
PPTX
Modern Networking Unit 3 Network Function virtualization
byeticket4403
 
PDF
An Introduce of OPNFV (Open Platform for NFV)
byMario Cho
 
PDF
Achieving the Ultimate Performance with KVM
bydata://disrupted®
 
PDF
N fv good
byBalasubramaniam Vadapalli
 
PPTX
Virtualized Network Services-An Overview of Alepo NFV Solutions
byAlepo
 
PDF
Operating OPNFV: Deploy it, test it, run it
byOPNFV
 
PDF
Enabling NFV features in kubernetes
byKuralamudhan Ramakrishnan
 
PDF
XPDS14 - Xen as High-Performance NFV Platform - Jun Nakajima, Intel
byThe Linux Foundation
 
PPTX
Operating OPNFV
byOPNFV
 
PPTX
Turning Virtual Machines Cloud-Native using KubeVirt
bySuman Chakraborty
 
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
byJim St. Leger
 
NFV features in kubernetes
byKuralamudhan Ramakrishnan
 
Achieving the ultimate performance with KVM
byShapeBlue
 
Red hat NFV Roadmap - OpenStack Summit 2016/Red Hat NFV Mini Summit
bykimw001
 
Achieving the Ultimate Performance with KVM
byDevOps.com
 
Achieving Network Deployment Flexibility with Mirantis OpenStack
byEric Zhaohui Ji
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
byheut2008
 
Network Function Virtualization Orchestration LI
byKrishnamoorthy Arvind
 
Supporting Virtualized Telco Applications with OpenStack
byBruce Davie
 
NFV Orchestration for Optimal Performance
bydfilppi
 
Modern Networking Unit 3 Network Function virtualization
byeticket4403
 
An Introduce of OPNFV (Open Platform for NFV)
byMario Cho
 
Achieving the Ultimate Performance with KVM
bydata://disrupted®
 
N fv good
byBalasubramaniam Vadapalli
 
Virtualized Network Services-An Overview of Alepo NFV Solutions
byAlepo
 
Operating OPNFV: Deploy it, test it, run it
byOPNFV
 
Enabling NFV features in kubernetes
byKuralamudhan Ramakrishnan
 
XPDS14 - Xen as High-Performance NFV Platform - Jun Nakajima, Intel
byThe Linux Foundation
 
Operating OPNFV
byOPNFV
 
Turning Virtual Machines Cloud-Native using KubeVirt
bySuman Chakraborty
 

More from LibbySchulze1

PPTX
How to think like a threat actor for Kubernetes.pptx
byLibbySchulze1
 
PPTX
CNCF Webinar June 20 _ McMahon v2.pptx
byLibbySchulze1
 
PDF
Kubernetes 1.27 Webinar.pdf
byLibbySchulze1
 
PDF
CNCF Live Webinar 2023, 12 Apr - Exploring Kubernetes Windows HostProcess Ins...
byLibbySchulze1
 
PDF
CNCF Webinar - Krius.pdf
byLibbySchulze1
 
PDF
TiDB operator in Action.pdf
byLibbySchulze1
 
PDF
Get started with gitops and flux
byLibbySchulze1
 
PDF
Deploy a full cncf based observability stack in under 5 minutes with tobs
byLibbySchulze1
 
PDF
Deploying vn fs with kubernetes pods and vms
byLibbySchulze1
 
PPTX
Akri cncf-jobs-webinar-final
byLibbySchulze1
 
PDF
Kubescape single pane of glass
byLibbySchulze1
 
PDF
Dynamic observability the quest for real time data in cloud-native applications
byLibbySchulze1
 
How to think like a threat actor for Kubernetes.pptx
byLibbySchulze1
 
CNCF Webinar June 20 _ McMahon v2.pptx
byLibbySchulze1
 
Kubernetes 1.27 Webinar.pdf
byLibbySchulze1
 
CNCF Live Webinar 2023, 12 Apr - Exploring Kubernetes Windows HostProcess Ins...
byLibbySchulze1
 
CNCF Webinar - Krius.pdf
byLibbySchulze1
 
TiDB operator in Action.pdf
byLibbySchulze1
 
Get started with gitops and flux
byLibbySchulze1
 
Deploy a full cncf based observability stack in under 5 minutes with tobs
byLibbySchulze1
 
Deploying vn fs with kubernetes pods and vms
byLibbySchulze1
 
Akri cncf-jobs-webinar-final
byLibbySchulze1
 
Kubescape single pane of glass
byLibbySchulze1
 
Dynamic observability the quest for real time data in cloud-native applications
byLibbySchulze1
 

Deploying vn fs with kubernetes pods and vms

  • 1.
  • 2.
    Agenda VNF basics - Whatare VNFs? - Benefits of VNFs - Enhancing app performance SR-IOV apps - What is SR-IOV? - Host config for SR-IOV - VM deployment using KubeVirt OVS-DPDK apps - What is OVS? - What is DPDK? - Host config for OVS-DPDK - VM deployment using KubeVirt Demo
  • 3.
  • 4.
    Network Function Virtualization NFVis a network architecture concept to abstract network functions from hardware. Architecture: ● Virtualized network functions (VNFs) ● Network functions virtualization infrastructure (NFVi) ● Management, automation and network orchestration (MANO)
  • 5.
    What are VNFs? ●Virtualized network services that replace legacy network appliances on proprietary hardware ● VNFs are built on top of NFV infrastructure serving as a foundational technology for 5G or edge networks ● Often deployed as virtual machines (VMs) by various telecommunications providers ● Common VNF applications - routers, firewalls, WAN optimization, NAT, load balancers
  • 6.
    Benefits of VNFs ●Improved network scalability ● Efficient use of network infrastructure ● Reduced power consumption ● Better security features ● Saves on physical space needed for hardware ● Reduced operational and capital expenditures
  • 7.
    Enhancing VNF performance Heavydata traffic when running multiple VNF VMs on a host. Efficient memory access, task and resource allocations, network I/O. Faster packet processing than native Linux kernel network stack ● SR-IOV ● DPDK
  • 8.
  • 9.
    What is SR-IOV? SingleRoot I/O Virtualization allows the isolation of PCI Express resources for manageability and performance reasons. It allows VNFs to access NIC directly, bypassing hypervisor. Requires support in BIOS and at OS level. ● Physical functions (PFs) - full-featured PCIe functions ● Virtual functions (VFs) - “lightweight” PCIe functions
  • 11.
    KubeVirt support ● SR-IOVdevice plugin ● SR-IOV CNI plugin ● Multus meta-plugin Ref: https://github.com/kubevirt/kubevirt/blob/main/docs/sriov.md https://kubevirt.io/user-guide/virtual_machines/interfaces_and_networks
  • 12.
    SR-IOV host config ●Plug in SR-IOV capable NIC ● Enable SR-IOV in BIOS ● Configure kernel to enable IOMMU: ○ intel_iommu=on ○ pci=realloc ○ pci=assign-busses ● VFIO userspace driver to pass through PCI devices into qemu: ○ modprobe vfio-pci
  • 13.
    KubeVirt VMI spec spec: domain: interfaces: -masquerade: {} name: default - name: sriov-net sriov: {} KubeVirt relies on VFIO userspace driver to pass PCI devices into VMI guest. networks: - name: default pod: {} - name: sriov-net multus: networkName: sriov-network-eno
  • 15.
  • 16.
    What is OVS? OpenvSwitch: a production quality, multi-layer virtual switch Main components: ● Forwarding path: implemented in kernel space for high performance ● Vswitchd: main userspace program
  • 17.
    What is DPDK? ●DPDK stands for Data Plane Development Kit ● Packet processing bypasses Linux kernel network stack ● Fast switching in user space using Poll mode drivers ● Open vSwitch can be combined with DPDK for accelerated performance ● For East-West traffic in same server, DPDK wins against SR-IOV
  • 19.
    KubeVirt support ● UserspaceCNI plugin ● Multus meta-plugin ● OVS built with DPDK support Pending Github PR - https://github.com/kubevirt/kubevirt/pull/3208 Ref: https://github.com/intel/userspace-cni-network-plugin https://telcocloudbridge.com/blog/dpdk-vs-sr-iov-for-nfv-why-a-wrong-deci sion-can-impact-performance/
  • 20.
    OVS-DPDK host config ●Install DPDK and OVS packages on host(s) ● Configure hugepages using sysctl: vm.nr_hugepages ● Setup DPDK devices using VFIO-PCI: ○ driverctl set-override <pci-address> vfio-pci ● Bridge/Ports creation in OVS: ○ ovs-vsctl add-br br-dpdk0 -- set bridge br-dpdk0 datapath_type=netdev ○ ovs-vsctl add-port br-dpdk0 eno1 -- set Interface eno1 type=dpdk options:dpdk-devargs=0000:19:00.1
  • 21.
    KubeVirt VMI spec spec: domain: interfaces: -masquerade: {} name: default - name: vhost-user-net-1 vhostuser: {} KubeVirt relies on VFIO userspace driver to pass PCI devices into VMI guest. networks: - name: default pod: {} - name: vhost-user-net-1 multus: networkName: net1
  • 23.
  • 24.