Commit fb4d1cb9 authored by Davanum Srinivas's avatar Davanum Srinivas Committed by David Johnson

Enable Host Pass through for best performance

This also allows us to use Nested KVM(s). See:
https://www.stratoscale.com/blog/openstack/nested-virtualization-openstack-part-2/Signed-off-by: default avatarDavanum Srinivas <davanum@gmail.com>
parent 920fc0b5
......@@ -189,6 +189,10 @@ class OSDynSliceManagerHelper(protogeniclientlib.DynSliceManagerHelper,
portal.ParameterType.BOOLEAN,False,advanced=True,
longDescription="Sometimes it can be easier to play with OpenStack if you do not have to mess around with security groups at all. This option selects a null security group driver, if set. This means security groups are enabled, but are not enforced (we set the firewall_driver neutron option to neutron.agent.firewall.NoopFirewallDriver to accomplish this).")
self.pc.defineParameter("enableHostPassthrough","Enable Host Passthrough",
portal.ParameterType.BOOLEAN,True,advanced=True,
longDescription="Signals KVM to pass through the host CPU with no modifications. The difference to host-model, instead of just matching feature flags, every last detail of the host CPU is matched. This gives the best performance but comes at a cost with respect to migration. The guest can only be migrated to a matching host CPU.")
self.pc.defineParameter("enableInboundSshAndIcmp","Enable Inbound SSH and ICMP",
portal.ParameterType.BOOLEAN,True,advanced=True,
longDescription="Enable inbound SSH and ICMP into your instances in the default security group, if you have security groups enabled.")
......@@ -946,7 +950,10 @@ class OSParameters(RSpec.Resource):
param = ET.SubElement(el,paramXML)
param.text = "ADMIN_PASS_HASH=''"
### pass
param = ET.SubElement(el,paramXML)
param.text = "ENABLE_HOST_PASSTHROUGH=%d" % (int(self.helper.params.enableHostPassthrough))
param = ET.SubElement(el,paramXML)
param.text = "ENABLE_NEW_SERIAL_SUPPORT=%d" % (int(self.helper.params.enableNewSerialSupport))
......
......@@ -177,6 +177,10 @@ pc.defineParameter("disableSecurityGroups","Disable Security Group Enforcement",
portal.ParameterType.BOOLEAN,False,advanced=True,
longDescription="Sometimes it can be easier to play with OpenStack if you do not have to mess around with security groups at all. This option selects a null security group driver, if set. This means security groups are enabled, but are not enforced (we set the firewall_driver neutron option to neutron.agent.firewall.NoopFirewallDriver to accomplish this).")
pc.defineParameter("enableHostPassthrough","Enable Host Passthrough",
portal.ParameterType.BOOLEAN,True,advanced=True,
longDescription="Signals KVM to pass through the host CPU with no modifications. The difference to host-model, instead of just matching feature flags, every last detail of the host CPU is matched. This gives the best performance but comes at a cost with respect to migration. The guest can only be migrated to a matching host CPU.")
pc.defineParameter("enableInboundSshAndIcmp","Enable Inbound SSH and ICMP",
portal.ParameterType.BOOLEAN,True,advanced=True,
longDescription="Enable inbound SSH and ICMP into your instances in the default security group, if you have security groups enabled.")
......@@ -958,7 +962,10 @@ class Parameters(RSpec.Resource):
param = ET.SubElement(el,paramXML)
param.text = "ADMIN_PASS_HASH=''"
### pass
param = ET.SubElement(el,paramXML)
param.text = "ENABLE_HOST_PASSTHROUGH=%d" % (int(params.enableHostPassthrough))
param = ET.SubElement(el,paramXML)
param.text = "ENABLE_NEW_SERIAL_SUPPORT=%d" % (int(params.enableNewSerialSupport))
......
......@@ -247,6 +247,16 @@ crudini --set /etc/nova/nova-compute.conf DEFAULT \
compute_driver libvirt.LibvirtDriver
crudini --set /etc/nova/nova-compute.conf libvirt virt_type kvm
if [ ${ENABLE_HOST_PASSTHROUGH} = 1 ]; then
# turn off MSR emulation
echo 1 > /sys/module/kvm/parameters/ignore_msrs
# persist the setting in case we reboot
echo "options kvm ignore_msrs=1" >> /etc/modprobe.d/qemu-system-x86.conf
# Set the "host-passthrough" mode for libvirt
crudini --set /etc/nova/nova-compute.conf libvirt cpu_mode host-passthrough
fi
if [ "$ARCH" = "aarch64" ] ; then
crudini --set /etc/nova/nova-compute.conf libvirt cpu_mode custom
crudini --set /etc/nova/nova-compute.conf libvirt cpu_model host
......
......@@ -91,6 +91,7 @@ DO_UBUNTU_CLOUDARCHIVE=0
DO_UBUNTU_CLOUDARCHIVE_STAGING=0
BUILD_AARCH64_FROM_CORE=0
DISABLE_SECURITY_GROUPS=0
ENABLE_HOST_PASSTHROUGH=0
DEFAULT_SECGROUP_ENABLE_SSH_ICMP=1
VERBOSE_LOGGING="False"
DEBUG_LOGGING="False"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment