By Hu Yoshida, Vice President and Chief Technology Officer for Hitachi Data Systems
Among the many enhancements that Intel has announced with the new Xeon E5v3 processor, is a feature aimed at improving performance of nested Virtual Machine Managers (VMMs - also known as hypervisors), that is, the ability for a root VMM to support guest VMMs. Although this has been technically possible in previous Xeon generations, it was limited in practicality because of the high performance overhead involved. In the Xeon E5v3 Intel has removed the performance barrier by virtualizing the VM Control Structure (VMCS), creating a VMCS Shadow, which reduces the virtualization latencies.
As part of our long term partnership with Intel, Hitachi was an early collaborator on the VMCS shadowing extension and Hitachi engineers have been closely engaged with Intel in the development of this new feature.
Why would anyone want to run nested hypervisors?
As we talked with Hitachi customers we found three main use cases for nested hypervisors, which address today’s business IT needs:
- Reduce the cost to support development and test environments in virtualized datacenters. As virtualized environments become ubiquitous so do updates, patches and other maintenance needs. Running test or development VMMs on the same hardware shares cost and provides true compatibility with production environments.
- VMMs as a service: Service providers are graduating from providing single VMs, and are being asked to provision complete, manageable, VMM environments. With nested VMMs, these can be provided on shared hardware at lower cost.
- Support for legacy applications, which have been left behind by advanced technology. Nested VMMs allow simultaneous use of both new and older VMMs to support older OS’s and applications – extending application life and postponing rewrite costs.
How does it work?
Although it was feasible to run nested hypervisors on previous Xeon processors, the software overhead of VM reads and VM writes between the root Hypervisor and the guest hypervisor had a major impact on performance, which made its use impractical in many cases. The new Xeon E5v3 architecture eliminates the majority of these VM exits and entries by executing these against a VMCS shadow structure as shown below. Nested hypervisors can now run with minimal performance penalty and realize the business benefits listed above.
Nested VMMs and Hitachi LPAR
Unlike blade servers from other vendors, Hitachi’s x86 blade servers support Logical Partitioning (LPAR) - a technology originally developed for the mainframe by IBM and separately developed by Hitachi Data Systems when we were in the IBM compatible mainframe business. LPAR provides server virtualization at the firmware level with very low overhead and is used to divide hardware resources into multiple partitions, which appear as independent “bare metal” servers - increasing utilization and reducing licensing costs.
Although the performance latency of a software VMM running inside an LPAR is much lower than running inside another software VMM, Hitachi still chose to limit sales to a few selected customers where the benefits of the functionality outweighed any performance concerns. Now with the VMCS Shadowing capability in Xeon E5v3, we will be able to run nested VMMs, and VMMs on LPAR, with up to 2x the previous performance and offer the resulting improved flexibility in meeting business requirements to a broader market.
The hardware partitioning of LPAR provides some additional benefits in shared VMM environments:.
- In multi-tenancy environments LPARs allow application isolation and high security by running each clients’ VMM in its own hardware LPAR.
- LPARs also make it possible to run different versions of VMM – or even different vendors VMMs - on the same hardware, for migration, development or production.
- Customers can mix VMMs with bare metal OSs such as Windows Server OS or Linux on the same hardware for an optimum combination of performance and flexibility.
We are delighted to see this important feature come to life as a direct result of our close co-operation with Intel. Our existing nested VMM customers in Japan are excited to experience the increased performance that this feature will deliver, and with it we look forward to being able to deliver even better on our promise of Business Defined IT.
The new VMCS Shadowing support in Xeon E5v3 announced by Intel enables Hitachi Data Systems to leverage their unique x86 LPAR capability in virtual machine environments to provide increased availability, security and scalability for private and hybrid cloud environments