'Dirty Page Logs' coming to future vSphere release

New Xeon bits make virtual machines more reliable, secure

VMware will add support for Intel's Page Modification Logging (PML, aka Dirty Page Logs) in a future version of vSphere, according to the product's chief platform architect Richard Brunner.

Speaking to The Register, Brunner said VMware “worked closely with Intel on the definition of PML back in 2012.” The problem both were trying to solve is caused by fast multi-core CPUs, which lend themselves to the creation of many virtual CPUs. When multiple vCPUS are in operation, “you have multiple threads in VCPUs all trying to do shared writes,” Brunner says. " Coupled with all the writes that can occur anyway in a multi-CPU VM, it is very tricky to track its dirty pages efficiently."

PML debuted in this year's “Broadwell” Xeons and provides a faster mechanism for a hypervisor to monitor all the memory pages that a guest VM modifies, in order to improve working page set analysis, checkpointing, and even VM migration.

The technology means the hypervisor becomes more aware of memory worthy of checkpointing, with two outcomes.

Firstly, reliability improves, which is why PML will be used for future fault-tolerance enhancements to vSphere. Understanding which pages of a fault tolerant VM are modified with the faster mechanism that PML provides helps when contemplating fault-tolerant checkpointing and vMotion – VMware's term for moving workload from one machine and/or location to another. vMotion, across data centres, campuses or oceans, is a big plank of VMware's resilience story. Secondly, PML can boost vSphere performance by for fault-tolerant VMs a couple of points, further reducing the already-small overhead that virtualisation imposes on workloads.

PML is “not currently in the product,” Brunner said, declining to say if it is in the current vSphere beta. VMware's non-disclosure agreement works - El Reg's virtualisation desk knows several participants in that test and they're all keeping mum. But Brunner did tell The Register that PML will appear in a future vSphere edition.

Another new virtualisation-friendly feature in this year's Xeons is supervisor mode access protection (SMAP), a technology that makes it harder for privileged OS code to accidentally access an application’s user-mode memory. It’s a good thing for some hypervisors because it reduces the chances of an attack spreading from guest to host. VMware’s hypervisor does not require SMAP but makes it available to VMs.

vSphere's supported SMAP since version 6.0, indeed before SMAP appeared in commercially-available silicon. Citrix recently blogged that it was first to implement SMAP in Xen Server, a contention Brunner laughed off.

Both companies are thick as thieves with Intel on this stuff anyway: Chipzilla consults with partners to ensure its future silicon does useful things that will benefit software vendors, Intel and end-users. Indeed, Brunner said VMware's already aware of features most Reg readers won't see on sale until 2019 or 2020. ®

Similar topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022