Add ability to configure extra CPU flags for CPU models
The recent "Meltdown" CVE fixes, while protecting you from the CVE itself, have resulted in critical performance penalty. I.e. assume an Operator has applied all the "Meltdown" CVE fixes the following way: update 'microcode', host and guest kernels, libvirt, and QEMU packages, followed by a cold reboot (explicit stop & start) of guests. Now if any guests that are booted with certain named virtual CPU models, e.g. "IvyBridge", or "Westmere", they (the guests) now will incur severe performance degradation. To alleviate this performance degradation, it is now important to specify (for the virtual CPU models that don't already provide it) an obscure CPU feature flag, called "PCID". To that end, this Blueprint will let Nova to allow specifying individual CPU feature flags via a new configuration attribute, 'cpu_model_
Blueprint information
- Status:
- Complete
- Approver:
- melanie witt
- Priority:
- High
- Drafter:
- Kashyap Chamarthy
- Direction:
- Approved
- Assignee:
- Kashyap Chamarthy
- Definition:
- Approved
- Series goal:
- Accepted for rocky
- Implementation:
- Implemented
- Milestone target:
- rocky-3
- Started by
- Matt Riedemann
- Completed by
- Matt Riedemann
Related branches
Related bugs
Bug #1750829: RFE: libvirt: Add ability to configure extra CPU flags for named CPU models | Fix Released |
Sprints
Whiteboard
https:/
Gerrit topic: https:/
Addressed by: https:/
libvirt: Allow to specify granular CPU feature flags
We discussed this on IRC in #openstack-nova today and agreed on an approach where the backportable version of the implementation (first patch) has a single choice 'pcid' for the 'cpu_model_
Since the "libvirt: Allow to specify granular CPU feature flags" is merged and backported, lift the restriction for 'cpu_model_
Addressed by: https:/
libvirt: Allow to specify granular CPU feature flags
Addressed by: https:/
libvirt: Allow to specify granular CPU feature flags
Gerrit topic: https:/
Addressed by: https:/
libvirt: Lift the restriction of choices for `cpu_model_
Gerrit topic: https:/
Gerrit topic: https:/
Addressed by: https:/
libvirt: Make `cpu_model_
Addressed by: https:/
libvirt: Lift the restriction of choices for `cpu_model_
From kashyap: "About that blueprint, it has one item pending: to allow to explcitly _remove_ CPU flags too. But that can wait and be handled separately; and you can mark it as complete."
-- mriedem 20180622