openstack/nova
Code Issues Proposed changes
d27d8e44a3
nova/releasenotes/notes/libvirt-cpu-model-extra-flags-a23085f58bd22d27.yaml
Kashyap Chamarthy cc27a2007f libvirt: Lift the restriction of choices for cpu_model_extra_flags 
Commit 6b601b7 (libvirt: Allow to specify granular CPU feature flags)
added support for allowing to specify individual CPU feature flags, but
restricted the options only to "PCID" (refer to its commit message for
why).

In this change we lift the restriction of choices, and allow to specify
multiple CPU feature flags for all three CPU modes for the libvirt
driver: 'custom', 'host-model', and 'host-passthrough'.

For example:

     [libvirt]
     cpu_mode = custom
     cpu_model = IvyBridge
     cpu_model_extra_flags = pcid, vmx, pdpe1gb

This will allow additional use cases such as:

  - Ability to use 1GB huge pages with models that don't provide it
    (such as Intel "Haswell" variants) as one use case for extra flags:

        cpu_mode = custom
        cpu_model = Haswell-noTSX-IBRS
        cpu_model_extra_flags = pdpe1gb

  - Nested Virtualization -- an operator can specify the Intel 'vmx' (or
    AMD 'svm') flags for the level-1 Nova guest CPU models.  (Assuming
    the 'nested' flag is enabled on the level-0 / bare-metal kernel.)

(A future Nova patch will also allow ability to remove CPU flags.)

Change-Id: I9a862619f379057bb48cb85a84dfc50d763030a6
Signed-off-by: Kashyap Chamarthy <kchamart@redhat.com>
BluePrint: libvirt-cpu-model-extra-flags
2018-05-01 11:47:18 -04:00

24 lines
1.2 KiB
YAML
Raw Blame History

---
features:
- |
The libvirt driver now allows specifying individual CPU feature
flags for guests, via a new configuration attribute
``[libvirt]/cpu_model_extra_flags`` -- this is valid in combination
with all the three possible values for ``[libvirt]/cpu_mode``:
``custom``, ``host-model``, or ``host-passthrough``. The
``cpu_model_extra_flags`` also allows specifying multiple CPU flags.
Refer to its documentation in ``nova.conf`` for usage details.
One of the motivations for this is to alleviate the performance
degradation (caused as a result of applying the "Meltdown" CVE
fixes) for guests running with certain Intel-based virtual CPU
models. This guest performance impact is reduced by exposing the
CPU feature flag 'PCID' ("Process-Context ID") to the *guest* CPU,
assuming that it is available in the physical hardware itself.
Note that besides ``custom``, Nova's libvirt driver has two other
CPU modes: ``host-model`` (which is the default), and
``host-passthrough``. Refer to the
``[libvirt]/cpu_model_extra_flags`` documentation for what to do
when you are using either of those CPU modes in context of 'PCID'.
View Git Blame Copy Permalink