Virtualization - Ask the Experts #1by Anand Lal Shimpi on July 22, 2010 9:00 AM EST
A couple of months ago we ran a webcast with Intel Fellow, Rich Uhlig, VMware Chief Platform Architect, Rich Brunner and myself. The goal was to talk about the past, present and future of virtualization. In preparation for the webcast we solicited questions from all of you, unfortunately we only had an hour during the webcast to address them. Rich Uhlig from Intel, Rich Brunner from VMware and our own Johan de Gelas all agreed to answer some of your questions in a 6 part series we're calling Ask the Experts. Each week we'll showcase three questions you guys asked about virtualization and provide answers from our panel of three experts. These responses haven't been edited and come straight from the experts.
If you'd like to see your question answered here leave it in the comments. While we can't guarantee we'll get to everything, we'll try to pick a few from the comments to answer as the weeks go on.
Question #1 by Andrew D.
How would you compare the product offering of VMWare to those of its key competitors, whit kind of performance hit can I expect running Windows from within a virtualized environment, are there any advantages/disadvantages for leveraging an Intel platform as opposed to an AMD one for a VMWare solution?
Answer #1 by Johan de Gelas, AnandTech Senior IT Editor
The performance hit depends of course on your application and your hardware. I am going to assume your server is a recent one, with support for hardware accelerated pages and hardware virtualization. You can get an idea of the performance hit by looking at perfmon and the taskmanager of Windows. In the performance tab of the task manager you can enable "show kernel times". The more time your application spends in the kernel, the higher performance hit. The performance hit also depends on the amount of I/O that you have going on.
If your app spends a lot of time in the kernel and has high amounts of I/O going on, the performance hit may be high (15-30%). But that does mean your application will have to suffer this performance hit. If you spend more time on optimizing (database buffering, jumbo frames) and if you use paravirtualized drivers (VMXnet, PVSCSI) the performance will get a lot smaller (5-10%). In short, performance hit can be high if you just throw your native application in a VM, but modern hypervisors are able to keep the performance hit very small if you make the right choices and you take some time to tune the app and the VM.
If your application is not I/O intensive, but mostly CPU intensive, the performance hit can be unnoticeable (1-2%).
AMD versus Intel: we have numerous articles on that on Anandtech. There are two areas where Intel has an objective advantage. The first one is licensing. The twelve-core AMD Opteron 6100 and six-core Xeon 5600 perform more or less the same. However if you like to buy VMware vSphere essentials (which is an interesting option if you can run your services on 3 servers) you get a license for 3 servers, 2 CPUs per servers and 6 cores per CPU. You have buy additional licences if you have more cores per CPU.
If your IT strategy involves buying servers with the best RAS capabilities out there, Intel has also an advantage. Servers based on the Xeon 7500 series have the best RAS features available in the x86 space and can also address the most memory. These servers need more power than typical x86 servers, but you can consolidate more VMs on them.
For all other cases, and that is probably 80-90% of the market, only one suggestion: read our comparisons in the IT section of Anandtech :-). The situation can quickly change.
Question #2 by Colin R.
How is the performance of virtualization of high throughput devices like networking and storage developing?
Answer #2 by Rich Uhlig, Intel Fellow
One trend is that new standards are being developed to make I/O devices more “virtualization friendly”. For example, the PCI-SIG has developed a specification for PCI-Express devices to make their resources more easily shareable among VMs. The specification – called “Single Root I/O Virtualization” (or SR-IOV for short) – defines a way for devices to expose multiple “virtual functions” (VFs) that can be independently and directly assigned to guest OSes running within VMs, and remove some of the overheads of virtualization in the process. As an example, Intel supports SR-IOV in our recent network adaptors. A big challenge with direct assignment of I/O devices is that it can complicate other important virtualization capabilities like VM migration, since exposing a physical I/O resource directly to a guest OS can make it harder to detach from the resource when moving VM state to another physical platform. We’ve been working with VMM vendors to tackle these issues so that we can get the performance benefits of direct I/O assignment through SR-IOV, while preserving the ability to do VM migration.
Question #3 by Bill L.
Are the days of bare metal OS installs numbered? If so, when should we expect to see ALL NEW servers ship with a hypervisor? Will hypervisors have virtual switches in them in the future or will network and storage traffic bypass the hypervisor all together using technologies such as SR-IOV, MR-IOV, VMDirectPath, etc.?
Answer #3 by Rich Brunner, VMware Chief Platform Architect
I do expect that at some point, bare metal hypervisor installs will reach a plateau in the enterprise and service provider environments, but I do not expect that embedded hypervisors will be the only alternative. There has been some industry buzz about PXE boot of hypervisors (this is much more than PXE boot of an installer) and a move toward a truly stateless model. I expect to see more of this; stay tuned. SMB may still want a turn-key solution which either has an installed hypervisor from the Server Manufacturer or an embedded hypervisor.
I do not expect that the network and storage control traffic will ever "bypass" the hypervisor; the hypervisor will always be involved in ensuring QoS, ACLs, and routing for this traffic. Even for SR-IOV, there is a fair amount of control required by the hypervisor to make this work. I can see that the actual data traffic can bypass the hypervisor to reduce CPU overhead provided that the hypervisor has sufficient audit control of this data. VMware and others are working to ensure that in the future for SR-IOV devices.
MR-IOV can be transparent to the hypervisor on a single system instance, but the load balancing is a perfect target for control by a centralized management agent across the multiple system images that share the resource (e.g. blades in a chassis share a high-performance NIC which is load-balanced by the management agent across the blades ).