Scheduling for VNF Microservice Architecture
Moving NFs from specialized hardware to VNFs running on commodity servers comes with several challenges. One key challenge among many others is to achieve the same level of packet processing performance as that of the specialized hardware.
The most used programming model for developing VNFs is poll-mode, i.e., VNFs continuously poll the NIC for incoming packets. Poll-mode VNF development has gained popularity in the last few years because it is simple to implement and incurs lower I/O overhead compared to a traditional interrupt driven model. However, one caveat of this model is that the VNFs always utilize 100% CPU due to the continuous polling, even when there are no packets to process. Another drawback of existing kernel schedulers is that there is no interface to specify the desired processing order of VNFs.
We address the problem of scheduling poll-mode VNFs on shared CPU cores in a way such that we maximize the number of VNFs on a shared CPU core, while maintaining high packet processing performance. Solutions exists but are intrusive, i.e., requires modifications to the VNFs to make them compatible with the scheduler, thus limiting the type of VNFs that can work properly with the scheduler. In our work, we propose UNiS: a User-space Non-intrusive Workflow-aware VNF Scheduler that is: (i) user-space: works at the user-space and does not require any kernel modification; (ii) non-intrusive: does not require VNFs to be built with any UNiS specific library or to implement any specific scheduling logic; and (iii) workflow-aware: maintains SFC processing order while scheduling VNFs. We compare UNiS with an intrusive co-operative VNF scheduler using both synthetic and real traffic load on a testbed.
High performance software-based monitoring probes:
With network softwarization, customizable software-based monitoring probes can be deployed. However, the capabilities of the latter are highly dependent of the programming language they rely on. With de facto SDN OpenFlow standard, only stateless monitoring is possible and so does not fit the current monitoring needs. In previous work under the context of the PhD thesis of Paul Chaignon, we particularily focused at enabling stateful operations for monitoring in software-based switches. Using eBPF (extended Berkiley Packet Filter). In a follow-up work, we research on the offloading of security (monitoring) functions to the software switch. So security functions can be programmed using eBPF. The porting to eBPF is not the core issue (except there are language-based limitations). While it offers some safety guarantees because this approach breaks the isolation provided by usual virtualisation technologies. However, the major remaining problem is the fairness share of the CPU due to the run-to-completion model which imposes to fully process a packet before handling another one. We thus define a dedicated scheduler for BPF programs. Unlike the previous work (UNIs) that integrates a CPU cycle estimator, this work does not assume a priori knowledge about the network function CPU consumption per packet.
