Recently, the Linux organization announced the establishment of an open source project Io Visor, which focuses on input/output request tasks for the Linux kernel. The project sounds very esoteric, and in fact the project is very relevant to the Internet. The IO visor can create a topology of the entire network without the use of network hardware.
In practical scenarios, IO visor can effectively improve the performance of network components such as virtual switches by increasing the number of components running in the Linux kernel. The issue was discussed at the Open vswitch conference hosted by VMware last year, when it revolved around "is it better to move some packet processing out of the Linux kernel?" To expand the discussion.
The IO Visor project was supported by a number of companies in the industry, including Barefoot Networks, Broadcom, Canonical, Cavium, Cisco, Huawei, Intel, PLUMgrid, and SuSE. Where PLUMgrid is the core member, the initial code is contributed to the IO visor project.
Compared to the Openstack,io visor, which involves the entire cloud, the kernel uses the input/output request from the core as the central nervous device to connect to the hardware. Jim Zemlin, executive director of the Linux organization, argues that there is a lot of code development and Innovation research work both in the kernel and on the upper core. and the relevant equipment vendors are trying to do the work collectively.
As shown, other open network projects may be deeper into the stack, especially open computing projects, which have gone down to the hardware level, but the IO visor project is one of the most esoteric.
The challenge for IO visor is that the Linux kernel is not virtualized, because the Linux kernel directly talks to hardware components such as memory, CPU, and its performance is much better than Linux user space. But without virtualization, it means that the Linux kernel can handle only one request at a time. To accommodate a new request-a new IO module-the kernel needs to be recompiled.
IO Visor wants the virtual machine to be automatically added to the kernel space, which requires modifying the Berkeley Packet Filter (BPF) in the kernel. As the name implies, BPF is setting up a filter that only allows determining the type of data passed.
As a result, network function virtualization (NFV) can be impacted. You can run multiple virtual network functions (VNFS) in one kernel and run a complete service chain in the kernel to enjoy the corresponding performance benefits. Also affected by security applications, imagine that virtual firewalls and security defenses can run automatically in the kernel and do not need to be re-compiled. Lauren Cooney, senior director of Cisco's software strategy, said, "with the help of Io visor, real-time processing can be achieved, not startup-shutdown-restart." ”
If the size is large enough, you can create a complete virtual network with multiple compute nodes with IO visor, which is responsible for all the processing at the data plane. The mechanism for doing this is called the IO visor engine, and the main work of the IO Visor project is to develop such engines, the plug-ins and development tools that are associated with them.
plumgrid
PLUMgrid has been delving into the problem, and in fact many developers have been attracted to the idea of PLUMgrid to join the company.
This article is reproduced from Sdnlab , the original link: http://www.sdnlab.com/13144.html
IO Visor: Another open source project was born