Long-Term Supported Versions

    StratoVirt VFIO Instructions

    Device Passthrough Management

    With device passthrough, a virtualization platform can enable VMs to directly use hardware devices, improving VM performance. This chapter describes the device passthrough feature supported by StratoVirt.

    Prerequisites

    To use device passthrough, a host must meet the following requirements:

    1. Enable the Input/Output Memory Management Unit (IOMMU).

      The IOMMU enables PCI/PCIe resources to be directly allocated to VMs.

      Run the following command on the host to check whether the IOMMU is enabled:

      # dmesg | grep iommu
      

      If it is enabled, the following information is displayed:

      iommu: Default domain type: Translated
      hibmc-drm 0000:0a:00.0: Adding to iommu group 0
      ehci-pci 0000:7a:01.0: Adding to iommu group 1
      ehci-pci 0000:ba:01.0: Adding to iommu group 2
      ohci-pci 0000:7a:00.0: Adding to iommu group 3
      ohci-pci 0000:ba:00.0: Adding to iommu group 4
      xhci_hcd 0000:7a:02.0: Adding to iommu group 5
      ......
      

      If it is not enabled, no command output is displayed or only the following information is displayed:

      iommu: Default domain type: Translated
      

      Enable IOMMU:

      1. Add boot parameters for linux kernel: intel_iommu=on iommu=pt;

        vim /boot/grub2/grub.cfg
        linux /vmlinuz-5.15.0+ root=/dev/mapper/openeuler-root ro resume=/dev/mapper/openeuler-swap rd.lvm.lv=openeuler/root rd.lvm.lv=openeuler/swap crashkernel=512M intel_iommu=on iommu=pt
        
      2. Reboot Host OS;

    2. Load the vfio-pci kernel module.

      # modprobe vfio-pci
      # lsmod | grep vfio_pci
      

      If the vfio-pci module is successfully loaded, the following information is displayed:

      vfio_pci              327680  0
      vfio_virqfd           327680  1 vfio_pci
      vfio                  327680  2 vfio_iommu_type1,vfio_pci
      
    3. Unbind the PCI device from the host and bind it to the vfio-pci driver again.

      If Hi1822 NICs are directly connected through the Virtual Function I/O (VFIO), check the information about the PCI devices that correspond to the NICs first.

      # lspci -v | grep "Eth" | grep 1822
      03:00.0 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family (4*25GE) (rev 45)
      04:00.0 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family (4*25GE) (rev 45)
      05:00.0 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family (4*25GE) (rev 45)
      06:00.0 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family (4*25GE) (rev 45)
      

      Select the PCI device whose bus ID is 03, slot ID is 00, and function ID is 0, that is, 03:00.0. Unbind it from the host.

      # echo 0000:03:00.0 > /sys/bus/pci/devices/0000:03:00.0/driver/unbind
      

      Finally bind the PCI device to the vfio-pci driver.

      lspci -ns 0000:03:00.0 |awk -F':| ' '{print 5" "6}' > /sys/bus/pci/drivers/vfio-pci/new_id
      

      After the NIC is bound to the vfio-pci driver, the NIC information cannot be queried on the host. Only the PCI device information can be queried.

    VFIO Device Passthrough

    Introduction

    The VFIO is a user-mode device driver solution provided by the kernel. The VFIO driver can securely present capabilities such as device I/O, interrupt, and DMA to user space. After StratoVirt uses the VFIO device passthrough solution, the I/O performance of VMs is greatly improved.

    Using VFIO Passthrough

    StratoVirt interconnects with libvirt to enable you to manage and configure VMs by modifying corresponding XML files. The following describes how to enable VFIO passthrough by modifying the XML file of a VM.

    Step 1 Modify the XML file.

    (1) Run the following command on the host to query the CPU architecture information:

    # uname -m
    

    (2) For the AArch64 and x86_64 architectures, download the StratoVirt XML file stratovirt_aarch64.xml or stratovirtvirt_x86.xml and save it to any directory, for example, /home.

    # cp stratovirt/docs/stratovirt_$arch.xml /home
    

    (3) Modify the VFIO configuration in the XML file based on the site requirements. bus, slot, and function specify the PCI device bound to the vfio-pci driver. The related configurations are as follows:

    <!-- vfio -->
    <hostdev mode='subsystem' type='pci' managed='yes'>
    <driver name='vfio'/>
    <source>
        <address domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
    </source>
    </hostdev>
    

    In the preceding example, the device type is PCI, and managed='yes' indicates that libvirt unbinds the PCI device from the host and rebinds it to the vfio-pci driver. In thesource item, the domain, bus, slot, and function of the VFIO passthrough device are configured.

    Step 2 Create and log in to a VM using the libvirt command line.

    # virsh create stratovirt_$arch.xml
    # virsh list --all
    Id  Name   State
    --------------------
    1  StratoVirt  running
    # virsh console 1
    

    Step 3 View and use the VFIO passthrough NIC on the VM.

    (1) Check the NIC information before configuration.

    # ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
         valid_lft forever preferred_lft forever
    2: enp1s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
     link/ether 72:b8:51:9d:d1:27 brd ff:ff:ff:ff:ff:ff
    

    (2) Dynamically configure the IP address of the NIC.

    # dhclient
    

    (3) Check whether the IP address is configured successfully.

    # ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
    2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
     link/ether 72:b8:51:9d:d1:27 brd ff:ff:ff:ff:ff:ff
     inet 192.168.1.3/16 brd 192.168.255.255 scope global dynamic enp1s0
      valid_lft 86453sec preferred_lft 86453sec
    

    The preceding command output indicates that the IP address 192.168.1.3 is successfully assigned and the VM can directly use the configured NIC.

    Note: If the passthrough NIC is not connected to a physical network, network information cannot be obtained.

    Unbinding the VFIO Driver

    To unbind a passthrough NIC from a VM, log in to the host and run the following command to bind the NIC to the host again.hinic indicates the NIC driver type.

    # echo 0000:03:00.0 > /sys/bus/pci/drivers/vfio-pci/unbind
    # echo 0000:03:00.0 > /sys/bus/pci/drivers/hinic/bind
    

    Note: Before binding a VFIO driver, you can run the ethtool -i enp0 command on the host to obtain the NIC driver type.enp0 indicates the name of the corresponding NIC.

    SR-IOV Passthrough

    Introduction

    When VFIO passthrough is enabled, VMs can directly access hardware, but each device can be exclusively used by only one VM. The SR-IOV passthrough technology can virtualize a physical function (PF) into multiple virtual functions (VFs) and directly pass the VFs to different VMs. This technology increases the number of available devices.

    Procedure

    Step 1 Create multiple VFs.

    The sriov_numvfs file is used to describe the count of VFs provided by SR-IOV and is stored in /sys/bus/pci/devices/domain:bus:slot.function/. For example, for the device whose bus ID is 03, slot ID is 00, and function ID is 0 in the preceding example, you can run the following command to create four VFs:

    # echo 4 > /sys/bus/pci/devices/0000\:03\:00.0/sriov_numvfs
    

    Step 2 Verify that the VFs are successfully created.

    # lspci -v | grep "Eth" | grep 1822
    

    If the following information is displayed, four VFs 03:00.1, 03:00.2, 03:00.3, and 03:00.4 are successfully created:

    03:00.0 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family (4*25GE) (rev 45)
    03:00.1 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family Virtual Function (rev 45)
    03:00.2 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family Virtual Function (rev 45)
    03:00.3 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family Virtual Function (rev 45)
    03:00.4 Ethernet controller: Huawei Technologies Co., Ltd. Hi1822 Family Virtual Function (rev 45)
    

    Step 3 All the created VFs can be passed to VMs. The method for using an SR-IOV device is the same as that for using a common PCI device.

    Bug Catching

    Buggy Content

    Bug Description

    Submit As Issue

    It's a little complicated....

    I'd like to ask someone.

    PR

    Just a small problem.

    I can fix it online!

    Bug Type
    Specifications and Common Mistakes

    ● Misspellings or punctuation mistakes;

    ● Incorrect links, empty cells, or wrong formats;

    ● Chinese characters in English context;

    ● Minor inconsistencies between the UI and descriptions;

    ● Low writing fluency that does not affect understanding;

    ● Incorrect version numbers, including software package names and version numbers on the UI.

    Usability

    ● Incorrect or missing key steps;

    ● Missing prerequisites or precautions;

    ● Ambiguous figures, tables, or texts;

    ● Unclear logic, such as missing classifications, items, and steps.

    Correctness

    ● Technical principles, function descriptions, or specifications inconsistent with those of the software;

    ● Incorrect schematic or architecture diagrams;

    ● Incorrect commands or command parameters;

    ● Incorrect code;

    ● Commands inconsistent with the functions;

    ● Wrong screenshots.

    Risk Warnings

    ● Lack of risk warnings for operations that may damage the system or important data.

    Content Compliance

    ● Contents that may violate applicable laws and regulations or geo-cultural context-sensitive words and expressions;

    ● Copyright infringement.

    How satisfied are you with this document

    Not satisfied at all
    Very satisfied
    Submit
    Click to create an issue. An issue template will be automatically generated based on your feedback.
    Bug Catching
    编组 3备份