Off-Prem

SaaS

AWS adopts home-brewed KVM as new hypervisor

Out with Xen, in with 'core KVM technology' for new C5 instances and future VMs too


AWS has revealed it has created a new hypervisor based on KVM, not the Xen hypervisor on which it has relied for years.

The new hypervisor was unveiled as a virtual footnote in news of new EC2 instance type called the "C5" powered by Intel's Skylake Xeons. AWS's FAQ about the new instances notes "C5 instances use a new EC2 hypervisor that is based on core KVM technology."

That's explosive news, because AWS has long-championed the Xen hypervisor. The Xen Project has drawn strength from the fact the mightiest public cloud uses its open-source wares. Citrix makes much of its Xen Server running a close cousin of AWS's hypervisor.

More interesting still is AWS's news that “going forward, we’ll use this hypervisor to power other instance types.” The internet giant's post teases us with plans to “share additional technical details in a set of AWS re:Invent sessions.”

Which sounds a lot like AWS is giving Xen the flick.

The new hypervisor goes a long way towards explaining why AWS is the last of the big clouds to run Intel's new Skylake Xeon CPUs, because AWS has also revealed the new C5 instances run on what it describes as “a custom processor, optimized for EC2.”

Intel and AWS both say this is a custom 3.0 GHz Xeon Platinum 8000-series processor. Chipzilla has offered a few press-release-grade details of the CPU, saying it worked with AWS on "optimized AI/deep learning engines with the latest version of the Intel Math Kernel Library" and that "MXNet and other deep learning frameworks are highly optimized to run on Amazon EC2 C5 instances."

Intel's done custom Xeons before, offering them to Oracle, among others. AWS buys CPUs by the boatload so it is no surprise Intel's done so again.

The move to KVM is more surprising, but AWS does whatever is needed to tune its cloud for optimal performance. If that means building a hypervisor and making sure it hooks into custom Xeons, so be it.

Whatever it reveals in three weeks, AWS is now saying the C5 instances and their new hypervisor are all about faster throughput, as the new VMs beat its previous best for network and bandwidth connecting to the cloudy concern's elastic block store (EBS).

Here's what AWS has to say in the FAQ:

The new hypervisor for Amazon EC2, introduced with the launch of C5 instances, is a component that primarily provides CPU and memory isolation for C5 instances. VPC networking and EBS storage resources are implemented by dedicated hardware components that are part of all current generation EC2 instance families.

It is built on core Linux Kernel-based Virtual Machine (KVM) technology, but does not include general purpose operating system components.

In other words, network and storage is done elsewhere, rather than in the hypervisor, which concentrates on carving up CPU and memory resources:

The new EC2 hypervisor provides consistent performance and increased compute and memory resources for EC2 virtualized instances by removing host system software components ... This hardware enables the new hypervisor to be very small and uninvolved in data processing tasks for networking and storage.

Eventually all new instance types will use the new EC2 hypervisor, but in the near term, some new instance types will use Xen depending on the requirements of the platform.

Instances running on the new EC2 hypervisor support a maximum of 27 additional PCI devices for EBS volumes and VPC ENIs. Each EBS volume or VPC ENI uses a PCI device. For example, if you attach 3 additional network interfaces to an instance that uses the new EC2 hypervisor, you can attach up to 24 EBS volumes to that instance.

All the public facing APIs for interacting with EC2 instances that run using the new EC2 hypervisor will remain the same. For example, the “hypervisor” field of the DescribeInstances response, which will continue to report “xen” for all EC2 instances, even those running under the new hypervisor. This field may be removed in a future revision of the EC2 API.

You should check the FAQ for the full impact of AWS moving to its new hypervisor. Here's the stats-fest for the new KVM-based C5 instances:

Instance Name vCPUs RAM in GiB EBS* Bandwidth Network Bandwidth
c5.large 2 4 Up to 2.25 Gbps Up to 10 Gbps
c5.xlarge 4 8 Up to 2.25 Gbps Up to 10 Gbps
c5.2xlarge 8 16 Up to 2.25 Gbps Up to 10 Gbps
c5.4xlarge 16 32 2.25 Gbps Up to 10 Gbps
c5.9xlarge 36 72 4.5 Gbps 10 Gbps
c5.18xlarge 72 144 9 Gbps 25 Gbps

Each vCPU is a single thread on the physical CPU Amazon's acquired.

C5 instances are available now in AWS's US East, US West (Oregon), and EU regions, as on-demand or spot servers. The biz promises additional regions will offer them soon. ®

Send us news
10 Comments

DEF CON offers beginner-level Spot the Fed this year: He'll be on stage giving a keynote

Plus: Microsoft responds to another NTLM relay attack technique, and more

In brief DEF CON's 'Spot the Fed' game is going to be a little easier than usual this year: the head of the US government's Homeland Security is giving a keynote.

On Friday, the infosec conference organizers confirmed Alejandro Mayorkas will give a talk on Friday, August 6. The news has left some DEF CON veterans perturbed.

Continue reading

Pentagon grounds own report that said China's DJI drones are safe

Someone seems to have leaked a draft document that represented a radical reversal

The United States Department of Defence (DoD) has re-iterated that it thinks drones made by Chinese firm DJI represent a security risk, after an internal document suggesting the opposite leaked to the press.

The Pentagon expressed concerns about DJI's drones in 2019 – and with good reason. The firm's wares chat to servers in China, contain basic flaws and deceptively bypass curated app stores.

DJI found itself in further strife in 2020, when it was added to the USA's lists of entities with which commerce and trade were forbidden. At least the company wasn't entirely alone: in 2018 the US banned the procurement of commercial off-the-shelf drones by US government agencies, regardless of where they were made.

Continue reading

China sets goal of running single-stack IPv6 network by 2030, orders upgrade blitz

All levels of industry and government told to get moving, consumers encouraged to buy new Wi-Fi routers

China's Central Cyberspace Affairs Commission and Cyberspace Administration have set out a plan for massive adoption of IPv6.

A Notice on Accelerating the Large-scale Deployment and Application of IPv6 posted last Friday calls for China to have 700 million active IPv6 users by 2023, plus 200 million Internet of Things devices using the protocol.

Also by 2023, home wireless routers will be required to enable and fully support IPv6 by default, with 30 per cent of the national fleet using the protocol. Other consumer devices will be required to bake in IPv6. Half of mobile traffic will use the newer protocol and 15 per cent of metropolitan area network traffic will be routed by IPv6.

Continue reading

Cloudflare slams AWS egress fees to convince web giant to join its discount data club

Lower your prices and play nicer, CDN goliath suggests

Cloudflare on Friday accused competitor Amazon Web Services of massive markups and hindering customer data portability, even as it invited the cloud services giant to join its discount data initiative known as the Bandwidth Alliance.

"AWS’s bandwidth pricing is bonkers," said CEO Matthew Prince, via Twitter. "And they stand alone in the industry not discounting when their customers send traffic to peered networks."

Prince and Nitin Rao, SVP of global infrastructure at Cloudflare, elaborated on that claim in a blog post that argues AWS is charging customers orders of magnitude more than its costs and makes a mockery of its parent company's mission statement that Amazon strives "to offer our customers the lowest possible prices…"

Continue reading

With Alphabet's legendary commitment to products, we can't wait to see what its robotics biz Intrinsic achieves

Google parent hopes to inject AI into factory machines

Alphabet today launched its latest tech startup, Intrinsic, which aims to build commercial software that will power industrial robots.

Intrinsic will focus on developing software control tools for industrial robots used in manufacturing, we're told. Its pitch is that the days of humans having to manually program and adjust a robot's every move are over, and that mechanical bots should be more autonomous and smart, thanks to advances in artificial intelligence and leaps in training techniques.

This could make robots easier to direct – give them a task, and they'll figure out the specifics – and more efficient – the AI can work out the best way to achieve its goal.

Continue reading

Google fixes 'Chromebork' one-character code typo that prevented Chrome OS logins

Programming blunder is the second such snafu this month

Bug of the week Google has fixed a bug in Chrome OS version 91.0.4472.165 that surfaced on Monday and prevented some users from being able to login to their systems.

Chrome OS downloads updates automatically but doesn't apply them until reboot, so only those who restarted their Chromebooks to ingest the force-fed broken update were affected.

Earlier this week, the internet titan on its Google Workplace status page said, "Our engineering team has identified an issue on Chrome OS 91.0.4472.165. The rollout of this version was halted."

Continue reading

Rackspace literally decimates workforce: One in ten staffers let go this week

85% of those jobs will be rehired, just in cheaper countries

Updated Around 10 per cent of Rackspace staff, predominantly in the US it seems, got an unwelcome email this week informing them they were being let go.

Not that the work they do isn't needed. In an paperwork submitted to the SEC on Wednesday, Rackspace disclosed that 85 per cent of the positions being cut will be backfilled by workers in "offshore service centers." That'll be where wages are lower and labor laws more lax, presumably.

"The rebalance in workforce is a component of a broader strategic review of the Company’s operations that is intended to more effectively align the Company’s resources with its business priorities in high growth areas," Rackspace said.

Continue reading

Punchy Italian kartist gets 15-year ban for trackside rampage... and other stories

An unexpectedly vehicular collection of chaos and confusion for your consideration

Welcome back for another compendium of tomfoolery from this week for those who enjoy a bit of light-hearted piffle. And let's face it, who doesn't?

Continue reading

Latest Windows 11 Preview a well-rounded update – literally

What else is round? Oh yes, holes

While the Windows of today may have more holes in it than a 20-year-old pair of underpants, Microsoft has continued plugging away at previews for the upcoming iteration, Windows 11.

Having got the excitement of integrated Teams chat out the way earlier this week, it was business as usual for build 22000.100, released to Dev Channel Insiders last night.

This week's modifications are all about soothing users whose nerves have likely been shredded by the recent arrival of HiveNightmare.

Continue reading

Apologetic Audacity rewrites privacy policy after 'significant lapse in communication'

Of course kids are allowed. Whatever gave you the impression they weren't?

Open-source audio editor Audacity this week posted an apology on GitHub in response to the entirely predictable furore over the platform's privacy policy.

An updated privacy policy accompanied the apology, in which the team insisted it had just been misunderstood, and that a look at the source would have shown its intentions.

"We are deeply sorry for the significant lapse in communication caused by the original privacy policy document," it said. The fact that it didn't regret the actual document itself seemed to alarm a good many users.

Continue reading

eBay cyberstalking victims sue internet tat bazaar over former staff members' campaign of harassment

We endured enormous cruelty and abuse and feared for our lives, say couple

A couple from the US who run a small ecommerce publication have launched legal action against eBay accusing the company of a "coordinated effort to intimidate, threaten to kill, torture, terrorize, stalk and silence" them to muzzle their coverage.

The allegations – made in a complaint lodged in the US District Court of Massachusetts this week – are the latest chapter in a long-running case that has already resulted in guilty pleas from a number of former employees in what has become known as the "eBay cyberstalking case".

Lawyers acting on behalf of the owners of EcommerceBytes – an online trade publication that covers the ecommerce industry run by journalists Ina and David Steiner - said the intimidation was so bad they were in fear for their lives.

Continue reading