AWS新发布的一系列EC2新实例较以往的产品在性能上有了极大的提升,例如C5实例较C4实例提供了更高的内存与 vCPU 比率,并且性价比提高了25%,对于某些应用程序更是提高了50% 以上的效率。而让人印象较深的是,C5n.18xlarge提供了高达 100Gbps 的网络吞吐量。
如此巨大的提升后面隐藏着怎样的黑科技呢,今年的中国上AWS峰会谜底得以揭晓了——AWS Nitro系统,AWS下一代EC2实例的底层平台。
Nitro系统是AWS2017年发布的一项最新的底层虚拟化技术。目前已经被应用于EC2 M5、C5、R5、T3、I3、A1等实例型号,也将是AWS下一代EC2实例的主要底层平台。
作为公有云技术领头羊的AWS为何会选择了Nitro技术为核心底层技术呢?Nitro系统有哪些神奇之处呢?
为了说明这个问题,我们有必要首先介绍一下AWS虚拟化技术的发展历史。
在发布Nitro系统之前,AWS使用的是Xen虚拟化技术。
Xen 实现了CPU 和内存的虚拟化,但是虚拟机的I/O 访问是通过前端模块和 DOM0 中的后端模块通信,然后由DOM0 中的后端模块通过设备驱动实现的。结果是业务虚拟机的资源被抢占,I0性能降低。
Nitro技术有效的解决了这些问题。AWS使用基于KVM的Nitro Hypervisor 替换了Xen,将存储、网络和安全等功能卸载到专用的Nitro卡上,取消了DOM0。
Nitro系统使得虚拟实例几乎可以获得服务器的所有资源,在提升性能的同时,有效的降低了成本。
Nitro系统包括以下内容:
NITRO卡
Nitro卡是一组硬件卡,可以卸载和加速IO的功能,最终提高整个系统的性能。主要的卡包括Nitro Card for VPC, Nitro Card for EBS, Nitro Card for Instance Storage以及Nitro卡控制器。
NITRO安全芯片
Nitro安全芯片整合到宿主机主板中,控制对所有非易失性存储的访问,持续监控和保护硬件资源。Nitro提供在系统启动时的固件验证。
NITRO Hypervisor
Nitro管理程序是一个轻量级Hypervisor程序,它管理内存和CPU分配,并提供与裸机无异的性能。
总之,Nitro系统提供了密钥、网络、服务器、安全、固件补丁和监控等功能支持,极大的释放底层服务资源供客户的虚拟机使用,从而有效的提升性能的同时,降低了成本。
Nitro系统是一个丰富的构建块集合,可以用许多不同的方式进行组装,使AWS能够灵活地设计和快速交付EC2实例类型,据AWS官网报道:"使用Nitro系统,我们在2018年的出货量几乎是前一年的三倍。"由此可见,Nitro技术是近年来AWS在底层虚拟技术上的重大创新。
关于Nitro技术的更多内容请参见AWS官网:AWS Nitro System
AWS's newly released series of EC2 instances have seen significant performance improvements compared to previous products. For example, C5 instances provide a higher memory-to-vCPU ratio compared to C4 instances, with a 25% improvement in price-performance ratio, and over 50% efficiency improvement for certain applications. Impressively, C5n.18xlarge provides up to 100Gbps network throughput.
What revolutionary technology lies behind such huge improvements? This year's AWS Summit in China revealed the answer — the AWS Nitro System, the underlying platform for AWS's next-generation EC2 instances.
The Nitro System is a cutting-edge underlying virtualization technology released by AWS in 2017. It has been applied to EC2 M5, C5, R5, T3, I3, A1 and other instance types, and will be the primary underlying platform for AWS's next-generation EC2 instances.
Why did AWS, as the public cloud technology leader, choose Nitro technology as its core underlying technology? What makes the Nitro System so special?
To explain this, we first need to introduce the history of AWS virtualization technology development.
Before releasing the Nitro System, AWS used Xen virtualization technology.
Xen implemented CPU and memory virtualization, but VM I/O access was achieved through communication between frontend modules and backend modules in DOM0, which then implemented access through device drivers. The result was that business VM resources were preempted, and I/O performance was reduced.
Nitro technology effectively solves these problems. AWS replaced Xen with the KVM-based Nitro Hypervisor, offloading storage, network, and security functions to dedicated Nitro cards, eliminating DOM0.
The Nitro System enables virtual instances to access almost all server resources, improving performance while effectively reducing costs.
The Nitro System includes the following components:
NITRO CARDS
Nitro Cards are a set of hardware cards that can offload and accelerate I/O functions, ultimately improving overall system performance. The main cards include Nitro Card for VPC, Nitro Card for EBS, Nitro Card for Instance Storage, and the Nitro Card Controller.
NITRO SECURITY CHIP
The Nitro Security Chip is integrated into the host motherboard, controlling access to all non-volatile storage, continuously monitoring and protecting hardware resources. Nitro provides firmware verification during system boot.
NITRO HYPERVISOR
The Nitro Hypervisor is a lightweight hypervisor that manages memory and CPU allocation, providing performance indistinguishable from bare metal.
In summary, the Nitro System provides key, network, server, security, firmware patch, and monitoring function support, greatly freeing up underlying server resources for customer VM use, effectively improving performance while reducing costs.
The Nitro System is a rich collection of building blocks that can be assembled in many different ways, enabling AWS to flexibly design and rapidly deliver EC2 instance types. According to AWS's official website: "Using the Nitro System, our shipments in 2018 were almost three times that of the previous year." This shows that Nitro technology is a major innovation in AWS's underlying virtualization technology in recent years.
For more information about Nitro technology, see the AWS website: AWS Nitro System