Top
Author
Updated
7 Oct 2024Form Number
LP1768PDF size
12 pages, 763 KBSubscribed to LP1768.
Thank you for your feedback.
Table of Contents
- Tackling Performance, Latency and Security Issues in Hybrid Cloud Deployment
- Lenovo Solution
- Solution Components
- NVIDIA BlueField-2 DPU
- VMware vSphere Distributed Services Engine
- Lenovo ThinkAgile and ThinkSystem Servers with DPUs
- Lenovo XClarity Support for NVIDIA BlueField-2 DPU
- vSphere Distributed Services Engine (DSE)
Tackling Performance, Latency and Security Issues in Hybrid Cloud Deployment
The latest server technology and architecture enables organizations to achieve a higher consolidation ratio for virtual machines and containers for different workloads. The dramatic increase of hybrid cloud adoption has led to an increase in east-west and north-south traffic which brings added complexity to achieve zero-trust security. Introducing an additional layer of security solutions brings challenges in terms of architecture, deployment and management - and it requires more compute power. Though servers have high-speed processors, memory and storage, the networking and security processing consumes considerable hardware resources, and it impacts achieving more density per server without compromising performance and latency. Businesses need to offload and accelerate workloads without introducing additional complexities for deployment and operations of their infrastructure.
Lenovo Solution
Select Lenovo ThinkAgile hyperconverged systems and ThinkSystem servers support NVIDIA BlueField-2 DPU (Data Processing Unit - also known as SmartNIC) adapters and VMware vSphere Distributed Services Engine to offload management and network services from the CPU. Lenovo ThinkAgile VX650 V3 DPU and ThinkSystem SR650 V3 DPU servers based on 4th and 5th Generation Intel® Xeon® Scalable processors with Dual DPUs and VMware Cloud Foundation software stack is an ideal platform for developing and deploying many enterprise workloads. With VMware vSphere 8.0 U3 and NVIDIA BlueField-2 DPU adapters, these systems address performance, security, and latency challenges by offloading VMware NSX services to DPU. The DPU has up to 8 ARM cores and runs VMware vSphere Distributed Services Engine which isolates and offloads management and network services from workloads. These systems are validated, factory built and tested by Lenovo, VMware and NVIDIA engineering teams to simplify deployment and achieve efficiency through maximized workload performance.
Highlights
- Achieve higher throughput at lower latency and reduced CPU overhead
- Offload networking and NSX services to vSphere Distributed Services Engine
- Simplify cloud deployment with VCF and achieve higher consolidation ratio and double the throughput with dual DPU
- Achieve zero trust security by hardening at the DPU layer instead of the application layer
Solution Components
These Lenovo solutions are co-engineered with VMware and NVIDIA to ease deployment and the management lifecycle. Lenovo DPU servers provide scalability, improved performance, and higher consolidation for different workloads. Applications and situations where the servers would excel include:
- Mission Critical applications
- SAP HANA
- ERP and CRM applications
- Business Intelligence (BI)
- Databases and Data Warehouse
- Analytics
- Artificial Intelligence
- Server Consolidation
- Virtualization
ThinkAgile VX650 V3
ThinkSystem SR650 V3
ThinkAgile VX650 V2
ThinkSystem SR650 V2
NVIDIA BlueField-2 DPU
NVIDIA BlueField-2 data processing unit have more processing power, memory and high speed interconnects to support offloading workloads from high density Lenovo servers equipped with the latest Intel Xeon Scalable processors. The DPU is fully programmable and supports a wide range of storage and networking features.
- 8 ARMv8 A72 cores (64-bit), 1MB L2 cache per 2 cores, 6MB L3 cache
- 32GB of on-board DDR4
- 1GbE out-of-band management port
- PCIe Gen 4.0
- 2x 25GbE SFP56 ports
- Hardware acceleration for Regular Expressions and encryption secure boot
VMware vSphere Distributed Services Engine
vSphere Distributed Services Engine is a new way to architect the core infrastructure by orchestrating and managing infrastructure services with Data Processing Units (DPUs). The following advantages are achieved with DSE enabled Lenovo servers:
- Peak performance: by offloading network processing to the SmartNIC, we can improve network bandwidth and reduce latency and free up core CPU cycles for top application performance.
- Unified, consistent operations: Consistent operations across all apps. This includes dramatically simplified lifecycle management across VMware Cloud Foundation (VCF) deployments. All of which is designed to dramatically reduce OpEx.
- Zero-trust security model: by offloading network security functions to the SmartNIC, we can provide comprehensive application security capabilities without compromising application performance
Lenovo ThinkAgile and ThinkSystem Servers with DPUs
Lenovo supports Data Processing Units on ThinkSystem SR650 V3 and SR650 V2 servers and on vSAN-based ThinkAgile VX650 V3 and VX650 V2 hyperconverged systems.
Lenovo XClarity Support for NVIDIA BlueField-2 DPU
Lenovo XClarity supports firmware upgrades for NVIDIA BlueField-2 adapters. XClarity support deployment of an OS image to the ARM system and configuration of the UEFI settings and security.
- DPU firmware and driver updates will be available in best recipe release cycles. Updates can be done through vLCM (VMware vSphere Lifecycle Management) also.
- ThinkAgile VX V3 BIOS settings are applied in factory, and are available in the ThinkAgile VX Best Recipe
- The DPU ESXi DCUI/shell can be accessed through out of band serial console for troubleshooting
The following parts are available for Lenovo ThinkAgile and ThinkSystem DPU systems:
vSphere Distributed Services Engine (DSE)
The vSphere Distributed Services Engine is a feature in vSphere 8.0 and above, making it simple to include without adding new installation procedures. By integrating tightly with DPUs, vSphere Distributed Services Engine creates an alternate control fabric comprised of DPUs. The integration between ESXi on CPU and ESXi on DPU, NSX and vLCM are made easy for users to install and configure by leveraging existing tools and user experiences to preserve the existing Day 0, Day 1 and Day 2 operations.
Unified NSX Services Deployment on DPU
NSX edge services processing requirements vary from 2-16 vCPU depending on the edge size. Refer to NSX component sizing in the VMware Cloud Foundation Deployment Guide for ThinkAgile VX. With DPU integrated systems, the NSX edge services can be deployed on the DPU and it frees up CPU cycles to host more virtual machines and containers.
VMware Cloud Foundation Support for DPU
VMware Cloud Foundation supports installing NSX services directly on the DPU and this feature is available on SDDC Manager and can be finished in few clicks. Lenovo systems support NVIDIA BlueField-2 DPU adapters with 8 ARM cores. The adapters can provide enough capacity and performance to deploy many NSX services on cluster of nodes. When NSX services are running on DPU, it provides more isolation and security before the traffic reaches application workloads running on the CPU.
VMware Cloud Foundation 5.2 supports Dual DPU for Active-Standby or Active-Active configuration. Each DPU on the ESXi host operates independently to provide maximum throughput and dual DPU systems provide increased bandwidth capacity in Active-Active configuration and suitable for applications which need maximum throughput. The DPUs can be configured in Active-Standby mode on the vSphere Distributed Switch to provide high availability and mission critical applications can achieve maximum uptime and failover happens without disrupting services.
NSX Setup with DPU backed distributed switch
Dual-DPU Active-Standby Mode
Universal Passthrough Version 2 (UPT v2)
vSphere Distributed Services engine is designed with an enhanced data path to access the NIC driver directly instead of using vSwtich. The new design adopts the best of SRIOV passthrough and Enhanced Data Path implementation on VMXNET3 to provide better performance without losing features such as DRS (disaster recovery services), HA (high availability) and vMotion. Virtual machines can be deployed by enabling UPT which is available only for hosts with DPU configured.
This performance test from VMware shows the Redis cache transactions were consuming 12 CPU cores for networking alone. When offloaded while using DPU with UPT v2, it freed up 12 cores for application workloads. Refer to this VMware blog for more information.
Bill of Materials
Conclusion
Lenovo ThinkAgile VX650 V3 DPU and VX650 V2 DPU and ThinkSystem SR650 V3 DPU and SR650 V2 DPU with Nvidia BlueField-2 DPU adapters and VMware vSphere Distributed Services Engine are empowering next generation infrastructure with accelerators and unified management, deployment and lifecycle operations. These next generation engineered hardware and software solutions from Lenovo, Intel, VMware and NVIDIA are one stop scalable solutions for modern application development and hybrid cloud scenarios with reduced TCO.
Why Lenovo
Lenovo is a US$70 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day.
For More Information
To learn more about Lenovo workload solutions on ThinkAgile VX650 V3 and ThinkSystem SR650 V3 servers, contact your Lenovo Business Partner or visit: https://www.lenovo.com/systems/solutions
References:
Lenovo ThinkAgile VX650 V3 Integrated System and Certified Node: https://lenovopress.lenovo.com/lp1673
Lenovo ThinkSystem SR650 V3 server: https://lenovopress.lenovo.com/lp1601
Trademarks
Lenovo and the Lenovo logo are trademarks or registered trademarks of Lenovo in the United States, other countries, or both. A current list of Lenovo trademarks is available on the Web at https://www.lenovo.com/us/en/legal/copytrade/.
The following terms are trademarks of Lenovo in the United States, other countries, or both:
Lenovo®
AnyBay®
ThinkAgile®
ThinkSystem®
XClarity®
The following terms are trademarks of other companies:
Intel® and Xeon® are trademarks of Intel Corporation or its subsidiaries.
Other company, product, or service names may be trademarks or service marks of others.
Configure and Buy
Please select a locale
Full Change History
Course Detail
Employees Only Content
The content in this document with a is only visible to employees who are logged in. Logon using your Lenovo ITcode and password via Lenovo single-signon (SSO).
The author of the document has determined that this content is classified as Lenovo Internal and should not be normally be made available to people who are not employees or contractors. This includes partners, customers, and competitors. The reasons may vary and you should reach out to the authors of the document for clarification, if needed. Be cautious about sharing this content with others as it may contain sensitive information.
Any visitor to the Lenovo Press web site who is not logged on will not be able to see this employee-only content. This content is excluded from search engine indexes and will not appear in any search results.
For all users, including logged-in employees, this employee-only content does not appear in the PDF version of this document.
This functionality is cookie based. The web site will normally remember your login state between browser sessions, however, if you clear cookies at the end of a session or work in an Incognito/Private browser window, then you will need to log in each time.
If you have any questions about this feature of the Lenovo Press web, please email David Watts at dwatts@lenovo.com.
