Gerald Rogers
June 20, 2018
2
Original ETSI NFV Goals
• Improved CAPEX via COTS (instead of
dedicated hardware)
• Flexibility in assigning VNFs to hardware
• Rapid service innovation
• Improved OPEX from automation
• Reduced power usage by migrating workloads
(so unused hardware can be powered down)
• Standardized and open interfaces between
VNF and NFVI (to enable multi-vendor
solutions)
In the beginning….
VNF 1 VNF 2 VNF 3
NFVI
NFVI Hardware
NFVI Software
Adapted from: http://www.etsi.org/deliver/etsi_gs/nfv/001_099/002/01.01.01_60/gs_nfv002v010101p.pdf
MANO
3
Cloud Native Impact
Decomposed
Stateless
Rapid Lifecycle
Scaleable
Lightweight
Portable
Infrastructure
Applications
Custom HW
Proprietary
Framework
4
Physical to Cloud Native
Service
COTS
VM
Proprietary
Framework
Service
COTS
Containers/Pods
Open Framework
Micro
Service
Micro
Service
Micro
Service
Micro
Service
COTS
Container or VM
Mixed
Framework
Service
Physical NFV Cloud Ready Cloud Native
Vendor Open
Computer A
POD
Service Mesh Concepts:
Service A
Framework
Platform Infrastructure
Protocol Stack
Sidecar
Service
Proxy
Computer B
Platform Infrastructure
Protocol Stack
Service B
Framework
Sidecar
Service
Proxy
Service A
Framework
Service B
Framework
POD
Native DPDK
Applications
DPDK view of Cloud Native
6
Runtime Dynamic Orchestration
Support both VM and Container
Sidecar, VM or Native Host
applications have access to HW
Sidecar is trusted and provides to
other containers/VM services
(switching, accelerator, etc.)
Orchestration
Hardware Devices
Linux Kernel
DPDK
Host and/or containers
“Trusted Sidecar”
Native DPDK
Applications
DPDK
Host and/or containers
“Trusted Sidecar”
DPDK
Host and/or containers
“Trusted Sidecar”
Application
Containers or VM’s
Applications are able
to bypass sidecar to
HW
I/O to HW or virtual devices
SR-IOV, SIOV, memif, VirtIO, …
DPDK Trusted Sidecar I/O Container
7
Trusted Sidecar
DPDK
NICs
Intel®
QAT vEth memif VirtIO
Software Patch Panel
Sidecar detail view
Trusted Sidecar
Sidecar functional view
Application Containers
VirtIO, vCH, memif, …
Direct access to
hardware is supported
Ether
PMD
Crypto
PMD
Compress
PMD
mDev Device
Class PMDs
Raw
PMD
Device PMDs
DPDK provides abstraction of devices, removing need for application to
be device aware.
Interconnectivity between containers, VM, and accelerator via standard
interfaces.
DPDK Runtime Coordination
8
DPDK
DPDKRuntimeCoordination
(librte_drc)
Applications
ethdev cryptodev rawdev eventdev
FUSE
Filesystem
External
Orchestration
Layer
xyzdev compressdev
Service
chain
1
• DPDK coordination library provides the connection between the FUSE filesystem and DPDK
• Each DPDK instance has it own filesystem path and configuration/information files
• The external or orchestration agents interact with the FUSE filesystem to Get/Set
information/configuration at runtime
• Librte_drc access/configures DPDK/system via standard dev APIs and/or new APIs in these dev layers
• Providing an API for applications to add to the FUSE file system for configuration
Service
chain
2
Service
chain
3
….
Service
chain
N
Standard
Applications
Applications
Service: Application Abstraction Layer
Building a hardware/software application abstraction layer
9
DPDK
DPDKOrchestrationlibrary
(librte_drc)
ethdev cryptodev rawdev eventdev
FUSE
Filesystem
External
Orchestration
Layer
xyzdev compressdev
Service
chain
1
• New DPDK library librte_aal (optional for applications)
• Providing a higher layer abstraction for applications using standard DPDK APIs
• Giving the application developer a simpler set of APIs, which helps hide some of the more
complexed APIs in DPDK and/or structures, but still able to use DPDK APIs
• Hiding the nature of the hardware or software under the hood allowing the AAL layer to
decide which type to use and when
Service
chain
2
Standard
Applications
….
Service
chain
N
DPDK
Applications
Service: Application Abstraction Layer (librte_aal)
10
Software Patch Panel
DPDK resource manager
Centralizes DPDK platform resource control.
Utilizes an inter-process via sockets to
configure and assign resources to an
application
Provides an API component that DPDK
applications interface via inter-process to
provide resource assignment.
Enhancements to include DPDK runtime
coordinator for file system configuration.
Trusted Sidecar
DPDK
NICs
Intel®
QAT vCH memif VirtIO
Software Patch Panel
Sidecar detail view
Ether
PMD
Crypto
PMD
Compress
PMD
Raw
PMD
11
Summary
• Cloud Native emerging as solution space
• DPDK foundation was set for NFV acceleration
• Build on NFV work to Improve DPDK for Cloud Native
• New API’s (Fuse file system, service abstraction layer)
• Cloud Native sidecar to facilitate container interaction with physical devices
• “Trusted” proxy for containers and VM to interact with other containers.
12
Legal Disclaimers
No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document.
Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability,
fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course
of dealing, or usage in trade.
This document contains information on products, services and/or processes in development. All information provided here
is subject to change without notice. Contact your Intel representative to obtain the latest forecast, schedule, specifications
and roadmaps.
The products and services described may contain defects or errors known as errata which may cause deviations from
published specifications. Current characterized errata are available on request.
Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-
548-4725 or by visiting www.intel.com/design/literature.htm.
Intel, the Intel logo and Intel® QuickAssist Technology (Intel® QAT) are trademarks of Intel Corporation in the U.S. and/or
other countries.
*Other names and brands may be claimed as the property of others
Copyright © 2018 Intel Corporation. All rights reserved.

DPDK & Cloud Native

  • 1.
  • 2.
    2 Original ETSI NFVGoals • Improved CAPEX via COTS (instead of dedicated hardware) • Flexibility in assigning VNFs to hardware • Rapid service innovation • Improved OPEX from automation • Reduced power usage by migrating workloads (so unused hardware can be powered down) • Standardized and open interfaces between VNF and NFVI (to enable multi-vendor solutions) In the beginning…. VNF 1 VNF 2 VNF 3 NFVI NFVI Hardware NFVI Software Adapted from: http://www.etsi.org/deliver/etsi_gs/nfv/001_099/002/01.01.01_60/gs_nfv002v010101p.pdf MANO
  • 3.
    3 Cloud Native Impact Decomposed Stateless RapidLifecycle Scaleable Lightweight Portable Infrastructure Applications
  • 4.
    Custom HW Proprietary Framework 4 Physical toCloud Native Service COTS VM Proprietary Framework Service COTS Containers/Pods Open Framework Micro Service Micro Service Micro Service Micro Service COTS Container or VM Mixed Framework Service Physical NFV Cloud Ready Cloud Native Vendor Open
  • 5.
    Computer A POD Service MeshConcepts: Service A Framework Platform Infrastructure Protocol Stack Sidecar Service Proxy Computer B Platform Infrastructure Protocol Stack Service B Framework Sidecar Service Proxy Service A Framework Service B Framework POD
  • 6.
    Native DPDK Applications DPDK viewof Cloud Native 6 Runtime Dynamic Orchestration Support both VM and Container Sidecar, VM or Native Host applications have access to HW Sidecar is trusted and provides to other containers/VM services (switching, accelerator, etc.) Orchestration Hardware Devices Linux Kernel DPDK Host and/or containers “Trusted Sidecar” Native DPDK Applications DPDK Host and/or containers “Trusted Sidecar” DPDK Host and/or containers “Trusted Sidecar” Application Containers or VM’s Applications are able to bypass sidecar to HW
  • 7.
    I/O to HWor virtual devices SR-IOV, SIOV, memif, VirtIO, … DPDK Trusted Sidecar I/O Container 7 Trusted Sidecar DPDK NICs Intel® QAT vEth memif VirtIO Software Patch Panel Sidecar detail view Trusted Sidecar Sidecar functional view Application Containers VirtIO, vCH, memif, … Direct access to hardware is supported Ether PMD Crypto PMD Compress PMD mDev Device Class PMDs Raw PMD Device PMDs DPDK provides abstraction of devices, removing need for application to be device aware. Interconnectivity between containers, VM, and accelerator via standard interfaces.
  • 8.
    DPDK Runtime Coordination 8 DPDK DPDKRuntimeCoordination (librte_drc) Applications ethdevcryptodev rawdev eventdev FUSE Filesystem External Orchestration Layer xyzdev compressdev Service chain 1 • DPDK coordination library provides the connection between the FUSE filesystem and DPDK • Each DPDK instance has it own filesystem path and configuration/information files • The external or orchestration agents interact with the FUSE filesystem to Get/Set information/configuration at runtime • Librte_drc access/configures DPDK/system via standard dev APIs and/or new APIs in these dev layers • Providing an API for applications to add to the FUSE file system for configuration Service chain 2 Service chain 3 …. Service chain N Standard Applications
  • 9.
    Applications Service: Application AbstractionLayer Building a hardware/software application abstraction layer 9 DPDK DPDKOrchestrationlibrary (librte_drc) ethdev cryptodev rawdev eventdev FUSE Filesystem External Orchestration Layer xyzdev compressdev Service chain 1 • New DPDK library librte_aal (optional for applications) • Providing a higher layer abstraction for applications using standard DPDK APIs • Giving the application developer a simpler set of APIs, which helps hide some of the more complexed APIs in DPDK and/or structures, but still able to use DPDK APIs • Hiding the nature of the hardware or software under the hood allowing the AAL layer to decide which type to use and when Service chain 2 Standard Applications …. Service chain N DPDK Applications Service: Application Abstraction Layer (librte_aal)
  • 10.
    10 Software Patch Panel DPDKresource manager Centralizes DPDK platform resource control. Utilizes an inter-process via sockets to configure and assign resources to an application Provides an API component that DPDK applications interface via inter-process to provide resource assignment. Enhancements to include DPDK runtime coordinator for file system configuration. Trusted Sidecar DPDK NICs Intel® QAT vCH memif VirtIO Software Patch Panel Sidecar detail view Ether PMD Crypto PMD Compress PMD Raw PMD
  • 11.
    11 Summary • Cloud Nativeemerging as solution space • DPDK foundation was set for NFV acceleration • Build on NFV work to Improve DPDK for Cloud Native • New API’s (Fuse file system, service abstraction layer) • Cloud Native sidecar to facilitate container interaction with physical devices • “Trusted” proxy for containers and VM to interact with other containers.
  • 12.
    12 Legal Disclaimers No license(express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade. This document contains information on products, services and/or processes in development. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest forecast, schedule, specifications and roadmaps. The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request. Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800- 548-4725 or by visiting www.intel.com/design/literature.htm. Intel, the Intel logo and Intel® QuickAssist Technology (Intel® QAT) are trademarks of Intel Corporation in the U.S. and/or other countries. *Other names and brands may be claimed as the property of others Copyright © 2018 Intel Corporation. All rights reserved.