Bug 1398343

Summary: RFE: add ability to configure extra CPU flags for named CPU models
Product: Red Hat OpenStack Reporter: Daniel Berrangé <berrange>
Component: openstack-novaAssignee: Kashyap Chamarthy <kchamart>
Status: CLOSED ERRATA QA Contact: Joe H. Rahme <jhakimra>
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: berrange, dasmith, eglynn, jamsmith, kchamart, lyarwood, rhos-docs, sbauza, sgordon, srevivo, vromanso
Target Milestone: Upstream M2Keywords: FutureFeature, Triaged
Target Release: 14.0 (Rocky)   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openstack-nova-18.0.0-0.20180710150340.8469fa7 Doc Type: If docs needed, set a value
Doc Text:
Nova's libvirt driver now allows the specification of granular CPU feature flags when configuring guest CPU models. For example, this feature allows to mitigate guests from performance degradation that is caused by running certain Intel-based virtual CPU models after application of the "Meltdown" CVE fixes. This guest performance impact is reduced by exposing the CPU feature flag 'PCID' ("Process-Context ID") to the guest CPU, assuming that the PCID flag is available in the physical hardware itself. For more details on how to specify granular CPU flags, refer to the documentation of ``[libvirt]/cpu_model_extra_flags`` in ``nova.conf`` for usage details.
 Story Points: ---
Clone Of: 1398116
: 1547954 1570610 1570611 1570614 1570617 (view as bug list) Environment:
Last Closed: 2019-01-11 11:47:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1547954, 1570610, 1570611, 1570614, 1570617, 1571741, 1571744, 1571750, 1571756, 1732855, 1800566, 1800679    

Comment 1 Daniel Berrangé 2016-11-24 13:48:39 UTC 
Cloned specifically to track possible future nova.conf enhancement to support CPU flags specification. eg ability to set something like this:

  cpu_model=Haswell
  cpu_model_extra_flags="pdpe1gb"

to enable use of 1GB huge pages with Haswell model as one use case for extra flags.
Comment 2 Daniel Berrangé 2018-01-19 15:12:54 UTC 
This RFE has much greater urgency/severity given the Meltdown fixes. People running Westmere, SandyBridge, IvyBridge named CPU models have a critical performance need to be able to set  cpu_model_extra_flags="+pcid"
Comment 3 Kashyap Chamarthy 2018-02-21 09:24:07 UTC 
(In reply to Daniel Berrange from comment #2)
> This RFE has much greater urgency/severity given the Meltdown fixes. People
> running Westmere, SandyBridge, IvyBridge named CPU models have a critical
> performance need to be able to set  cpu_model_extra_flags="+pcid"

I recall some discussion that not all Intel Westmere CPUs have PCID.  Do we know for sure which models contain the PCID feature and which doesn't?

From here[*], there are five variants of 'Westmere': Arrandale, Clarksdale, Gulftown, Westmere-EP and Westmere-EX.


[*] https://software.intel.com/en-us/articles/intel-architecture-and-processor-identification-with-cpuid-model-and-family-numbers
Comment 4 Daniel Berrangé 2018-02-21 09:28:42 UTC 
I don't recall which variants have pcid and which don't but it doesn't really matter from POV of fixing this. It is upto admin to decide whether to enable the pcid feature. They may not want to enable it, even if they have it on some hosts, in order to maintain migrate compat across hosts.
Comment 5 Kashyap Chamarthy 2018-04-12 16:42:27 UTC 
The first part of this, to addressed the "Meltdown" performance degradation is merged upstream (Git master, Pike, and Queens):

https://review.openstack.org/#/q/topic:bug/1750829+(status:open+OR+status:merged)

http://git.openstack.org/cgit/openstack/nova/commit/?id=6b601b7&h=stable%2Fqueens

The second part would be to lift this restriction, so that broader set of CPU flags are allowed.
Comment 7 Kashyap Chamarthy 2018-05-30 15:42:44 UTC 
Test procedure to verify this is written up here:

    https://bugzilla.redhat.com/show_bug.cgi?id=1570605#c5
Comment 12 errata-xmlrpc 2019-01-11 11:47:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:0045