Difference between revisions of "StarlingX/IA Features"
(→New IA features for StarlingX) |
|||
| Line 28: | Line 28: | ||
=== New IA features for StarlingX === | === New IA features for StarlingX === | ||
| − | In general we want to wait for upstream communities to implement these features e.g. the kernel, OpenStack, Kubernetes and pick them up as we adopt newer versions of upstream packages. However some features may require StarlingX specific work and all features will require Testing in StarlingX. | + | In general we want to wait for upstream communities to implement these features e.g. the kernel, OpenStack, Kubernetes and pick them up as we adopt newer versions of upstream packages. However some features may require StarlingX specific work and all features will require Testing in StarlingX. The features below have not been reviewed or scoped or planned at all. |
{| class="wikitable" | {| class="wikitable" | ||
| Line 36: | Line 36: | ||
| Cache Allocation Technology (CAT) || Ability to isolate portions of cache for improved determinism || All SKUs starting with the Xeon E5 v4 family|| Isolating cache of critical VM from noisy neighbor to guarantee performance|| TBD || TBD|| TBD | | Cache Allocation Technology (CAT) || Ability to isolate portions of cache for improved determinism || All SKUs starting with the Xeon E5 v4 family|| Isolating cache of critical VM from noisy neighbor to guarantee performance|| TBD || TBD|| TBD | ||
|- | |- | ||
| − | | | + | | FPGA support || Enable guest access to platform FPGA || TBD || AI, ML, etc... || TBD || Work in progress for OpenStack upsteam for Rocky / Stein || TBD |
|- | |- | ||
| − | | | + | | Intel SGX || Software Guard Extensions - Intel® SGX protects selected code and data from disclosure or modification. Developers can partition their application into processor-hardened enclaves or protected areas of execution in memory that increase security even on compromised platforms. || 7th gen Intel Core || Security, privacy, DRM|| TBD || TBD || TBD |
| + | |- | ||
| + | | Intel EPID || Enhanced Privacy ID - for security, anonymity and ID revocation || TBD || TBD || TBD || TBD || TBD | ||
| + | |- | ||
| + | | Intel NEV SDK || Network Edge Virtualization - reference libraries and APIs for MEC (Mobile Edge Computing) || N/A || MEC || TBD || TBD || TBD | ||
|} | |} | ||
Revision as of 22:16, 24 October 2018
Contents
StarlingX IA Feature Sub-project
This project is for work items to enable Intel Architecture specific features.
Team Information
- Project Lead: TBD
- Technical Lead: TBD
- Core Reviewers: TBD
- Contributors: TBD
Team Objective / Priorities
- Validate that existing IA Features already supported in StarlingX are working correctly
- Address any defects in IA Feature support
- Add support for new IA features
Tags
All story board stories and launchpad bugs created for this team should use the tag "stx.ia"
Team Work Items
- Story Board
- Launchpad Bugs
- TBD
New IA features for StarlingX
In general we want to wait for upstream communities to implement these features e.g. the kernel, OpenStack, Kubernetes and pick them up as we adopt newer versions of upstream packages. However some features may require StarlingX specific work and all features will require Testing in StarlingX. The features below have not been reviewed or scoped or planned at all.
| Feature | Description | Baseline | Use Cases | Implementation | Dev Status | Testing Status |
|---|---|---|---|---|---|---|
| Cache Allocation Technology (CAT) | Ability to isolate portions of cache for improved determinism | All SKUs starting with the Xeon E5 v4 family | Isolating cache of critical VM from noisy neighbor to guarantee performance | TBD | TBD | TBD |
| FPGA support | Enable guest access to platform FPGA | TBD | AI, ML, etc... | TBD | Work in progress for OpenStack upsteam for Rocky / Stein | TBD |
| Intel SGX | Software Guard Extensions - Intel® SGX protects selected code and data from disclosure or modification. Developers can partition their application into processor-hardened enclaves or protected areas of execution in memory that increase security even on compromised platforms. | 7th gen Intel Core | Security, privacy, DRM | TBD | TBD | TBD |
| Intel EPID | Enhanced Privacy ID - for security, anonymity and ID revocation | TBD | TBD | TBD | TBD | TBD |
| Intel NEV SDK | Network Edge Virtualization - reference libraries and APIs for MEC (Mobile Edge Computing) | N/A | MEC | TBD | TBD | TBD |
IA Features in already in StarlingX
| Feature | Description | Baseline | Use Cases | Implementation | Testing Status |
|---|---|---|---|---|---|
| Vt-X | Accelerates virtual machines to near bare metal performance | Xeon / XeonD | Near native virtualized CPU performance | Performance enhancement of VMs, live migration from one Intel CPU generation to another | |
| Vt-D | Enables physical NICs and/or GPUs to be mapped directly to virtual machine | Xeon / XeonD | Native I/O performance | PCI Passthrough and SR-IOV support | |
| AVX-512 | Enables high performance vector workloads | Xeon Skylake, Xeon Scalable Processor | Telecom, AI, high performance storage, encryption and compression | Enhanced KVM performance, guest AVX-512 support | |
| Trusted Execution Technology | Used to attest system authenticity and state | TPM 2.0 | Secure boot and verified system state | Secure boot, TPM 2.0 storage of communication keys, vTPM 2.0 support in guests. | |
| AES-NI | Accelerates encryption/decryption | Xeon Westmere + | Full disk encryption and faster communications | Linux encryption performance enhancements | |
| UEFI Boot | Secure Boot | UEFI spec 2.6+ | Secure boot and faster boot | Secure boot and fast boot | |
| DPDK | Acceleration library for networking | Intel DPDK | High speed VM-to-VM networking | Optimized DPDK libraries | |
| QuickAssist | Hardware-based compression and encryption | Coleto Creek, VT-d | Exposing QuickAssist engine to VMs and virtualization of QuickAssist across VMs | Support PCI passthrough and SR-IOV access for VMs to QuickAssist accelerators | |
| Enhanced Platform Awareness (EPA) | Set of enabling features that take full advantage of Intel Architecture through OpenStack | N/A | Performance / determinism controls such as core pinning, NUMA awareness / controls, hyperthreading awareness / controls, CPU model selection | Suite of features that provide fine grained control for VMs. Can specify core pinning, NUMA affinity to vSwitch and NICs, split NUMA VMs, hyperthreading isolate or require, select CPU model to enable / disable CPU capabilities / instruction sets, huge page sizes. | |
| BMC / IMPI | Integration with BMCs for hardware monitoring | N/A | Discovery of and monitoring of hardware through BMC using IPMI | Integration with BMCs to discover and collect hardware sensor data with capability to alarm on the values. |
