What is SR-IOV and how can it be deployed on a virtualized server?
Single-root I/O virtualization (SR-IOV) is actually the core technology that underlies I/O and connectivity virtualization by allowing a single I/O resource to be shared efficiently between multiple virtual machines. In effect, SR-IOV allows a single "root device" (such as an Ethernet controller) to appear as multiple devices which can then be managed and provisioned to different virtual workloads. SR-IOV is so important to virtualization that it has actually been embraced as an extension to the PCI Express (PCIe) specification.
SR-IOV basically works by defining a series of physical and virtual functions on the network adapter. The network adapter’s physical function (PF) defines the device and its SR-IOV abilities and is related to the hypervisor. Each virtual function (VF) then shares the device’s resources, such as local memory and the network port, with other VFs. The idea is that the PF and each VF receive unique PCI Express requester IDs (PCIe RIDs) which the hypervisor can use to differentiate network traffic and handle interrupts. This allows traffic to flow from each virtual machine through the unique VF to the underlying root PF without having any impact on other VFs. Virtual machine traffic is isolated and can share the NIC without disrupting one another. And network traffic bypasses the hypervisor’s software switch layer which reduces I/O overhead and improves performance.
Deploying SR-IOV requires a supporting hypervisor such as Hyper-V or ESXi along with a suitable network adapter and server. The server requires BIOS support for SR-IOV along with a NIC with a SR-IOV-compliant network chip such as Intel’s 82599EB dual 10 GigE controller. Older servers may require a firmware update to provide adequate SR-IOV support. Drivers will be required to interface the operating system to the NIC. For example, Windows Server 2012 provides native SR-IOV drivers including Emulex 10 GigE OneConnect, Broadcom 10 GigE 57712, and Intel 10 GigE X520 controllers. Other suitable drivers may also be available directly from the network adapter vendor.
Dig Deeper on Network virtualization
Related Q&A from Stephen J. Bigelow
Microsoft Hyper-V on Windows comes with advanced protection schemes, including several virtualization-based security features the company introduced ... Continue Reading
The BitLocker encryption technology continues to evolve from its roots as a Windows Vista feature to protect resources both in the local data center ... Continue Reading
Some enterprises avoid the public cloud due to its multi-tenant nature and data security concerns. Learn what data separation is and how it can keep ... Continue Reading