Allow ability to disable individual CPU flags
What?
---------
When using a custom CPU model, Nova currently allows enabling
individual CPU flags/features via the config attribute,
`cpu_model_
[libvirt]
cpu_mode=custom
cpu_
cpu_
The above only lets you enable the CPU features. This RFE is to also
allow _disabling_ individual CPU features.
Why?
--------
A couple of reasons:
- An Operator wants to generate a baseline CPU config (that facilates
live migration) across his Compute node pool. However, a certain
CPU flag is causing an inteolerable performance issue for their
guest workloads. If the Operator isolated the problem to _that_
specific CPU flag, then she would like to disable the flag.
- More importantly, a specific CPU flag might trigger a CPU
vulnerability. In such a case, the mitigation for it could be to
simply _disable_ the offending CPU flag.
Allowing disabling of individual CPU flags via Nova would enable the
above use cases.
How?
--------
By allowing the notion of '+' / '-' to indicate whether to enable to
disable a given CPU flag.
E.g. if you specify the below in 'nova.conf' (on the Compute nodes):
[libvirt]
cpu_mode=custom
cpu_
cpu_
Then, when you start an instance, Nova should generate the below XML:
<cpu match='exact'>
<model fallback=
<
<feature policy='require' name='pcid'/>
<feature policy='disable' name='mtrr'/>
<feature policy='require' name='ssbd'/>
</cpu>
Note that the requirement to specify '+' / '-' for individual flags
should be optional. If neither is specified, then we should assume '+',
and enable the feature (as shown above for the 'ssbd' flag).
Blueprint information
- Status:
- Complete
- Approver:
- Balazs Gibizer
- Priority:
- Undefined
- Drafter:
- Kashyap Chamarthy
- Direction:
- Approved
- Assignee:
- Kashyap Chamarthy
- Definition:
- Approved
- Series goal:
- Accepted for wallaby
- Implementation:
- Implemented
- Milestone target:
- wallaby-3
- Started by
- Balazs Gibizer
- Completed by
- Balazs Gibizer
Related branches
Related bugs
Bug #1852437: Allow ability to disable individual CPU features via `cpu_model_extra_flags` | Invalid |
Sprints
Whiteboard
[20210211 gibi]: Granted late approval on the nova meeting.
Implementation: https:/
[20210305 gibi]: the implementation has been merged to Wallaby