by Barak Perlman
There is an increasing need for flexible cloud-based infrastructure and orchestration solutions to allow for dynamic placement of functions where and when they are needed. When it comes to the Telco edge, the gold standard for OpenStack-based virtualization software platforms is Wind River Titanium Cloud. Titanium Cloud is an ultrareliable deployment-ready cloud platform, capable of handling the rigorous demands of telecommunications and critical infrastructure networks.
Ethernity Networks and Wind River have worked closely together to show that Ethernity’s ACE-NIC100 FPGA SmartNIC can easily integrate with the Titanium Cloud virtualization framework. Titanium Cloud provides an edge-optimized all-in-one installation that runs an operating system with a hypervisor that enables the use of virtual machines (VMs) for network functions that are both lightweight and optimized for Telco.
The results: The ACE-NIC100 can accelerate any VNF on Titanium Cloud using Ethernity’s Router-on-NIC capabilities, with very little required effort toward integration. With the ACE-NIC using standard DPDK API calls for the ENET Flow Processor embedded on the FPGA, an Intel XL710 controller, and well-known i40e drivers, integration is seamless.
The ACE-NIC100 can be a separately managed entity. The ACE-NIC features the ENET Flow Processor, which runs on an FPGA on the ACE-NIC card and can be configured as a full router. This enables the ACE-NIC100 to provide both standard Intel-based Ethernet controller and router functions, achieving a true “Router-on-NIC.” As a Router-on-NIC, the ACE-NIC can provide a wide variety of Telco features through hardware implementation.
The ENET Flow Processor is configured using the Ethernity SDK (Software Development Kit). The Ethernity SDK for ACE-NIC100 configuration is on-boarded on the Titanium Cloud controller, which is then used to configure policing, classification, and TAG/Tunnel editing. Two Linux virtual machines are instantiated with DPDK, each running the open-source TRex packet generator to emulate realistic traffic flow and provide per-stream statistics.
The integration demonstrates three distinct test configurations:
- PCI-Passthrough + DPDK
In this scenario, both of the ACE-NIC100’s 40GbE interfaces are configured with PCI-Passthrough, binding to DPDK drivers in the virtual machine.
- SR-IOV + DPDK
In this configuration, both of the ACE-NIC100’s 40GbE interfaces are configured with SR-IOV and a VLAN-based provider network, binding to DPDK drivers in the virtual machine. The traffic is run and validated twice – once at full rate, and once when the ACE-NIC100 is configured with per-flow rate-limiting policies using MEA CLI.
- SR-IOV + DPDK + QoS
In this scenario, one ACE-NIC100 40GbE interface is configured with SR-IOV, and the second 40GbE interface is configured as a data interface using Wind River’s Accelerated Virtual Switch (AVS). Wind River’s AVS ports connect a virtual machine to the AVS bound to the DPDK-AVP drivers in the VM. The traffic is validated twice, once at full rate and once when the ACE-NIC100 is configured with per-flow rate-limiting policies and VLAN-based provider networks defined for both interfaces.
The test emulates 40Gbps traffic with high diversity generated by multiple guest instances, connected to multiple virtual functions. The result is that the ACE-NIC100 easily couples with the Wind River AVS and enables cross-VM connectivity, while enforcing the rate-limit policy and other functions based on the virtual function traffic. In fact, the ACE-NIC100 is capable of fully offloading the VMs with high networking load to the FPGA, saving CPU cycles on Titanium Cloud.
The ACE-NIC introduces a router entity to the virtualization environment that allows Access Network traffic to enter Titanium Clouds’ virtual networks (for example, termination of PPPoE traffic or GTP tunnels), provides traffic management toward the external network, and adds VxLAN termination and translation to VLAN. And yet, the Router-on-NIC can be managed as a standalone managed entity, and the FPGA is transparent to the applications unless configured otherwise.
Moreover, by using SR-IOV for flows that do not run through the AVS, Ethernity has overcome the difficulty of supporting container-based virtualization. By instantiating multiple containers within a single VM, Ethernity was able to achieve per-container provisioning in hardware based on classification of the different flows arriving to the containers based on MAC address or VLAN, while applying per-flow policies. Ethernity can enable provisioning per container by providing logic through the FPGA SmartNIC.
Furthermore, Ethernity was able to overcome the limitations of SR-IOV in terms of number of virtual functions. The FPGA SmartNIC can enable scalability to thousands of virtual functions (and therefore thousands of containers) within a single VM – classified, provisioned, and with policy application per-flow in the hardware.
“Service providers are seeking validated and market-ready end-to-end cloud solutions. To address this need, collaboration across the ecosystem is vital. We are working with innovators such as Ethernity Networks to create optimized, interoperable solutions for service providers and TEMs. By leveraging pre-validated virtual network elements, service providers can quickly achieve their goals such as reducing OPEX while accelerating the introduction of new high-value services,” noted Paul Miller, vice president of Telecommunications at Wind River.
By integrating Wind River AVS with the FPGA-based ACE-NIC100, Ethernity can deliver an approach capable of achieving efficient, scalable, high performance virtualized networking.
By working smoothly with Titanium Cloud, the ACE-NIC100 accelerates VNFs and adds routing functionality with very little required effort.
By Barak Perlman, CTO Ethernity Networks
Wind River is a global leader in delivering software for the intelligent edge. The company’s technology has been powering the safest, most secure devices in the world since 1981, and is found in more than 2 billion products. Wind River offers a comprehensive portfolio supported by world-class global professional services and support and a broad partner ecosystem. Wind River software and expertise are accelerating digital transformation of critical infrastructure systems that demand the highest levels of safety, security, performance, and reliability. To learn more, visit Wind River at www.windriver.com.