Recent Blog Posts

How to benchmark SSDs with FIO Visualizer

There are many ways and software tools available for benchmarking SSDs today. Many of them are consumer oriented with very nice looking interface, others are command line based, ugly looking, doing something strange. I’m not going to criticize none of these in this blog, I’ll share the approach we’re using at Solution Architecture team at Intel NVM Solutions Group.

 

There are two proven software tools for IO benchmark used there – Iometer (http://www.iometer.org) for Windows and FIO (http://freecode.com/projects/fio) for Linux OS. Both of them offer many advanced features for simulating different types of workloads. Unfortunately, FIO lacks of GUI interface, it’s only command based. Having an amazing feature set, simply was not enough to be used as a demo tool. That’s how an idea of a FIO Visualizer (http://01.org/fio-visualizer) appeared, developed at Intel and released to the Open Source.

 

What is FIO Visualizer? – It’s a GUI for the FIO. It parses console output in real-time, displays visual details for IOPS, bandwidth and latency of each device’s workload. The data is gathered from FIO console output at assigned time intervals and updates the graphs immediately. It is especially valuable for benchmarking SSDs, particularly those based on NVMe specifications.

 

Let’s have a quick look on the interface features:


  • Real time. Minimum interval is 1 second, can be adjusted to even lower value by simple FIO source code change.
  • Monitors IOPS, bandwidth, latency for reads, writes and unique QoS analytics.
  • Multithread / multi jobs support makes a value for NVMe SSD benchmarking.
  • Single GUI Windows, no overlap windows or complicated menus.
  • Customizable layout. User defines which parameter needs to be monitored.
  • Workload manager for FIO settings. Comes with base workload settings used in all Intel SSD datasheets.
  • Written on Python with QtGraph; uses third-party libraries to simplify GUI code.

 

fiovisualizer.pngFIO Visualizer GUI screen with an example of running workload.

 

Graph screen is divided for two vertical blocks corresponding for read / write statistic. It’s also divided for three horizontal segments displaying IOPS, bandwidth and latency. Every graph supports auto-scaling in both dimensions. Individual zoom is also supported for each graph. Once zoomed, it can roll back to auto-scaling by popup button. There is possibility to disable certain graphs and change the view for the control panel on the right.

 

multijob.PNG

This example demonstrates handling of multi-job workloads, which are executed by FIO in separate threads.

 

 

Running FIO Visualizer.

 

Having a GUI written in Python gives us great flexibility to make the changes and adopt the enhancements. However it uses few external python libraries, which are not the part of default installation.

This results in the OS compatibility/dependency:

 

Here are exact steps to make it running under CentOS 7:

 

  0. You should have python and PyQt installed with the OS

 

  1. Install pyqtgraph-develop (0.9.9 required) form http://www.pyqtgraph.org

        $ python setup.py install

 

  2. Install Cyphon from http://cython.org Version 0.21 or higher is required.

        $ python setup.py install

 

  3. Install Numpy from http://numpy.org

        $ python setup.py build

        $ python setup.py install

 

  4. Install FIO 2.1.14 (latest supported at the moment) from http://freecode.com/projects/fio

        # ./configure

        # make

        # make install

 

  5. Run Visualizer under root.

        # ./fio-visualizer.py

 

 

SSD Preconditioning.


Before running the benchmark you need to prepare the drive. This usually calls “SSD Preconditioning”, i.e. achieving sustained performance state on “fresh” drive. Here are basic steps to follow to get reliable results at the end:

 

  • Secure Erase SSD with vendor tools. For Intel® Data Center SSDs this tool called Intel® Solid-State Drive Data Center Tool.
  • Fill SSD with sequential data twice of it’s capacity. This will guarantee all available memory is filled with a data including factory provisioned area. DD is the easiest way to do so:

          dd if=/dev/zero bs=1024k of=/dev/”devicename”

  • If you’re running sequential workload to estimate the read or write throughput then skip the next step.
  • Fill the drive with 4k random data. The same rule, total amount of data is twice drive’s capacity.

          Use FIO for this purpose. Here is an example script for NVMe SSD:

      [global]

        name=4k random write 4 ios in the queue in 32 queues

        filename=/dev/nvme0n1

        ioengine=libaio

        direct=1

        bs=4k

        rw=randwrite

        iodepth=4

        numjobs=32

        size=100%

        loops=2   

        [job1]

  • Now you’re ready to run your workload. Usually measurements start after 5 minutes of runtime in order to let the SSD FW adapting to the workload. It will enter the drive into sustained performance state.

 


Workload manager.


Workload manager is a set of FIO settings grouped in files. It comes together with FIO Visualizer package. Each file represents specific workload. It can be loaded directly into FIO Visualizer tool. From where it starts FIO job automatically.

Typical workload scenarios are included in the package. These are basic datasheet workloads used for Intel® Data Center SSDs and some additional ones which simulate real use cases. These configuration files can be easy changes in any text editor. It’s great start point for the benchmarking.

 

workloadm.png

You see some workloads definitions have a prefix SATA, while others come with NVMe. There are few important reasons why they are separate. AHCI and NVME software stack are very different. SATA drives utilize single queue of 32 I/Os max (AHCI), while NVMe drives were architectured as massively paralleled devices. According to NVMe specification, these drives may support up to 64 thousands of queue of 64 thousands commands each.  On practice that means certain workloads such as small block random ones will have a benefits of executing them in parallel. That’s the reason, random workloads for NVMe drives use multiple FIO jobs at a time. Check it in the section “numjobs”. 

 

To learn more about NVMe, please see public IDF presentations explaining all details of this:

 

NVM Express*: Going Mainstream and What’s Next

 

Supercharge Your Data Transfers with NVM Express* based PCI Express* Solid-State Drives

Read more >

Rethinking Cybersecurity Strategy

Cybersecurity is a significant problem and it continues to grow.  Addressing symptoms will not achieve the desired results.  A holistic approach must be applied which involves improving the entire technology ecosystem.  Smarter security innovation, open collaboration, trustworthy practices, technology designed to be hardened against compromise, and comprehensive protections wherever data flows is required. 

The technology industry must change in order to meet ever growing cybersecurity demands.  It will not be easy, but technologists, security leaders, and end-users must work together to make the future of computing safer.

 

2015 CTO Forum - Security Transformation.jpg

 

I recently spoke at the CTO Forum Rethink Technology event on Feb 13 2015.  Presenting to an audience of thought-leading CTO’s and executives.  I was privileged to speak on a panel including Marcus Sachs (VP National Security Policy, Verizon), Eran Feigenbaum (Director of Security for Google for Work, Google), Rob Fry (Senior Information Security Architect, Netflix), and Rick Howard (CSO, Palo Alto Networks).  We all discussed the challenges facing the cybersecurity sector and what steps are required to help companies strengthen their security.

 

I focused on the cybersecurity reality we are in, how we all have contributed to the problem, and consequently how we must all work together to transform the high technology industry to become sustainably secure.


The complete panel video is available at the CTO Forum website http://www.ctoforum.org/

 

Twitter: @Matt_Rosenquist

IT Peer Network: My Previous Posts

LinkedIn: http://linkedin.com/in/matthewrosenquist

Read more >

Tablets Improve Engagements, Workflows

 

Mobility is expected to be a hot topic once again at HIMSS 2015 in Chicago. Tablets like the Surface and Windows-based versions of electronic health records (EHRs) from companies such as Allscripts are helping clinicians provide better care and be more efficient with their daily workflows.

 

The above video shows how the Surface and Allscripts’ Wand application are helping one cardiologist improve patient engagement while allowing more appointments throughout the day.  You can read more in this blog.

 

Watch the video and let us know what questions you have. How are you leveraging mobile technology in your facility?

Read more >

Família Intel Core, Sistema no Futuro Windows 10

  Ainda muitas pessoas se perguntam sobre as aplicações dos Processadores intel Core no Windows 10, porem a Microsoft garante que esta Trabalhando junto

com a intel para que não exista perca de desempenho e estabilidade no seu sistema operacional Windows 10, a pergunta que não quer calar: COMO ANDA A APLICAÇÃO

DOS PROCESSADORES INTEL CORE M em tablet’s com a vinda do WINDOWS 10 da microsoft?

 

ainda que possa especular ainda temos certeza que muito ainda virá acontecer.

Read more >

OpenStack® Kilo Release is Shaping Up to Be a Milestone for Enhanced Platform Awareness

By: Adrian Hoban

 

The performance needs of virtualized applications in the telecom network are distinctly different from those in the cloud or in the data center.  These NFV applications are implemented on a slice of a virtual server and yet need to match the performance that is delivered by a discrete appliance where the application is tightly tuned to the platform.

 

The Enhanced Platform Awareness initiative that I am a part of is a continuous program to enable fine-tuning of the platform for virtualized network functions. This is done by exposing the processor and platform capabilities through the management and orchestration layers. When a virtual network function is instantiated by an Enhanced Platform Awareness enabled orchestrator, the application requirements can be more efficiently matched with the platform capabilities.

 

Enhanced Platform Awareness is composed of several open source technologies that can be considered from the orchestration layers to be “tuning knobs” to adjust in order to meaningfully improve a range of packet-processing and application performance parameters.

 

These technologies have been developed and standardized through a two-year collaborative effort in the open source community.  We have worked with the ETSI NFV Performance Portability Working Group to refine these concepts.

 

At the same time, we have been working with developers to integrate the code into OpenStack®. Some of the features are available in the OpenStack Juno release, but I anticipate a more complete implementation will be a part of the Kilo release that is due in late April 2015.

 

How Enhanced Platform Awareness Helps NFV to Scale

In cloud environments, virtual application performance may often be increased by using a scaling out strategy such as by increasing the number of VMs the application can use. However, for virtualized telecom networks, applying a scaling out strategy to improve network performance may not achieve the desired results.

 

NFV scaling out will not ensure that improvement in all of the important aspects of the traffic characteristics (such as latency and jitter) will be achieved. And these are essential to providing the predictable service and application performance that network operators require. Using Enhanced Platform Awareness, we aim to address both performance and predictability requirements using technologies such as:

 

  • Single Root IO Virtualization (SR-IOV): SR-IOV divides a PCIe physical function into multiple virtual functions each with the capability to have their own bandwidth allocations. When virtual machines are assigned their own VF they gain a high-performance, low-latency data path to the NIC.
  • Non-Uniform Memory Architecture (NUMA): With a NUMA design, the memory allocation process for an application prioritizes the highest-performing memory, which is local to a processor core.  In the case of Enhanced Platform Awareness, OpenStack® will be able to configure VMs to use CPU cores from the same processor socket and choose the optimal socket based on the locality of the relevant NIC device that is providing the data connectivity for the VM.
  • CPU Pinning: In CPU pinning, a process or thread has an affinity configured with one or multiple cores. In a 1:1 pinning configuration between virtual CPUs and physical CPUs, some predictability is introduced into the system by preventing host and guest schedulers from moving workloads around. This facilitates other efficiencies such as improved cache hit rates.
  • Huge Page support: Provides up to 1-GB page table entry sizes to reduce I/O translation look-aside buffer (IOTLB) misses, improves networking performance, particularly for small packets.

 

A more detailed explanation of these technologies and how they work together can be found in a recently posted paper that I co-authored titled: A Path to Line-Rate-Capable NFV Deployments with Intel® Architecture and the OpenStack® Juno Release

 

 

Virtual BNG/BRAS Example

The whitepaper also has a detailed example of a simulation we conducted to demonstrate the impact of these technologies.

 

We created a VNF with the Intel® Data Plane Performance Demonstrator (DPPD) as a tool to benchmark platform performance under simulated traffic loads and to show the impact of adding Enhanced Platform Awareness technologies. The DPPD was developed to emulate many of the functions of a virtual broadband network gateway / broadband remote access server.

 

We used the Juno release of OpenStack® for the test, which was patched with huge page support. A number of manual steps were applied to simulate the capability that should be available in the Kilo release such as CPU pinning and I/O Aware NUMA scheduling.

 

The results shown in the figure below are the relative gains in data throughput as a percentage of 10Gpbs achieved through the use of these EPA technologies. Latency and packet delay variation are important characteristics for BNGs. Another study of this sample BNG includes some results related to these metrics: Network Function Virtualization: Quality of Service in Broadband Remote Access Servers with Linux* and Intel® Architecture®

 

Cumulative performance impact on Intel® Data Plane Performance Demonstrators (Intel® DPPD) from platform optimizations..PNG

Cumulative performance impact on Intel® Data Plane Performance Demonstrators (Intel® DPPD) from platform optimizations

 

 

The order in which the features were applied impacts the incremental gains so it is important to consider the results as a whole rather than infer relative value from the incremental increases. There are also a number of other procedures that you should read more about in the whitepaper.

 

The two years of hard work by the open source community has brought us to the verge of a very important and fundamental step forward for delivering carrier-class NFV performance. Be sure to check back here for more of my blogs on this topic, and you can also follow the progress of Kilo at the OpenStack Kilo Release Schedule website.

Read more >

Mobile – How technology can help win the talent tug of war

I wanted to share with you a series of insights into the Intel IT Business Review… my first is about employee devices.

 

The talent battleground has never been more cluttered and in the technology sector if you want the right person for the job you need the right IT solutions.

 

This is a subject explored in detail in the new Intel IT Business Review. Intel as a major international employer, knows how important it is to recruit and retain the best talent and  that technology sector employees require great technology experiences through mobility, ease of collaboration, and a choice of devices.

 

For example, recent college graduates don’t just want these technology experiences, they expect them. But whatever the level, employees have to be empowered  to choose the right devices for their jobs. To do this, then you need to offer a variety of devices, including lighter, more capable mobile devices with a long battery life, the latest operating systems, and touch capabilities. These devices can transform the workplace by providing employees with a greater ability to work in a more flexible manner with optimum mobility and a better user experience.

 

Intel studies confirm that “one size does not fit all” regarding computing devices across Intel’s varied work environments. About 80 percent of Intel employees currently use mobile computing devices in the workplace, and the majority of the PC fleet consists of Ultrabook™ devices or 2-in-1 devices. In response to increasing employee demand for touch capabilities, the deployment of touch-enabled business Ultrabook devices and applications was accelerated, which has improved employee productivity and increased job satisfaction.

 

In a recent piece of Intel research, facility technicians reported that the use of tablets increased productivity up to 17 percent based on the number of completed work orders. In addition, by using tablets to display online information, these technicians performed their jobs 30 percent faster. 80 percent of participants reported an increase in job flexibility and 57 percent reported an increase in productivity.

 

In 2015, Intel will continue to investigate how innovations in mobile computing can improve employee productivity and attract the best and brightest talent to help develop tomorrow’s technology. To read the Intel IT Business Review in full go to www.intel.com/ITAnnualReport

 

Read more >

Bring Your Own Device in EMEA – Part 2 – Finding the Balance

In my second blog focusing on Bring Your Own Device (BYOD) in EMEA I’ll be taking a look at the positives and negatives of introducing a BYOD culture into a healthcare organisation. All too often we hear of blanket bans on clinicians and administrators using their personal devices at work, but with the right security protocols in place and enhanced training there is a huge opportunity for BYOD to help solve many of the challenges facing healthcare.

 

Much of the negativity surrounding BYOD occurs because of the resulting impact to both patients (privacy) and healthcare organisations (business/financial) of data breaches in EMEA. While I’d agree that the headline numbers outlined in my first blog are alarming, they do need to be considered in the context of the size of the wider national healthcare systems.

 

A great example I’ve seen of an organisation seeking to operate a more efficient health service through the implementation of BYOD is the Madrid Community Health Department in Spain. Intel and security expert Stack Overflow assessed several mobile operating systems with a view to supporting BYOD for physicians in hospitals within their organisation. I highly recommend you read more about how Madrid Community Health Department is managing mobile with Microsoft Windows-based tablets.

 

 

The Upside of BYOD

There’s no doubt that BYOD is a fantastic enabler in modern healthcare systems. But why? We’ll look at some best practice tips in a later blog but suffice to say here that much of the list below should be underpinned by a robust but flexible BYOD policy, an enhanced level of staff training, and a holistic and multi-layered approach to security.

 

1) Reduces Cost of IT

Perhaps the most obvious benefit to healthcare organisations is a reduction in the cost of purchasing IT equipment. Not only that, it’s likely that employees will take greater care of their own devices than they would of a corporate device, thus reducing wastage and replacement costs.

 

2) Upgrade and Update

Product refresh rates are likely to be more rapid for personal devices, enabling employees to take advantage of the latest technologies such as enhanced encryption and improved processing power. And with personal devices we also expect individuals to update software/apps more regularly, ensuring that the latest security updates are installed.

 

3) Knowledge & Understanding

Training employees on new devices or software can be costly and a significant drain on time, notwithstanding being able to schedule in time with busy clinicians and healthcare administrators. I believe that allowing employees to use their personal everyday device, with which they are familiar, reduces the need for device-level training.  There may still be a requirement to have app-level training but that very much depends on the intuitiveness of the apps/services being used.

 

4) More Mobile Workforce

The holy grail of a modern healthcare organisation – a truly mobile workforce. My points above all lead to clinicians and administrators being equipped with the latest mobile technology to be able to work anytime and anywhere to deliver a fantastic patient experience.

 

 

The Downside of BYOD

As I’ve mentioned previously, much of the comment around BYOD is negative and very much driven by headline news of medical records lost or stolen, the ensuing privacy ramifications and significant fines for healthcare organisations following a data breach.

 

It would be remiss of me to ignore the flip-side of the BYOD story but I would hasten to add that much of the risk associated with the list below can be mitigated with a multi-layered approach that not only combines multiple technical safeguards but also recognises the need to apply these with a holistic approach including administrative safeguards such as policy, training, audit and compliance, as well as physical safeguards such as locks and secure use, transport and storage.


1)  Encourages a laissez-faire approach to security

We’ve all heard the phrase ‘familiarity breeds contempt’ and there’s a good argument to apply this to BYOD in healthcare. It’s all too easy for employees to use some of the same workarounds used in their personal life when it comes to handling sensitive health data on their personal device. The most obvious example is sharing via the multitude of wireless options available today.


2) Unauthorised sharing of information

Data held at rest on a personal devices is at a high risk of loss or theft and is consequently also at high risk of unauthorized access or breach. Consumers are increasingly adopting cloud services to store personal information including photos and documents.

 

When a clinician or healthcare administrator is in a pressured working situation with their focus primarily on the care of the patient there is a temptation to use a workaround – the most obvious being the use of a familiar and personal cloud-based file sharing service to transmit data. In most cases this is a breach of BYOD and wider data protection policies, and increases risk to the confidentiality of sensitive healthcare data.


3) Loss of Devices

The loss of a personal mobile device can be distressing for the owner but it’s likely that they’ll simply upgrade or purchase a new model. Loss of personal data is quickly forgotten but loss of healthcare data on a personal device can have far-reaching and costly consequences both for patients whose privacy is compromised and for the healthcare organisation employer of the healthcare worker. An effective BYOD policy should explicitly deal with loss of devices used by healthcare employees and their responsibilities in terms of securing such devices, responsible use, and timely reporting in the event of loss or theft of such devices.


4) Integration / Compatibility

I speak regularly with healthcare organisations and I know that IT managers see BYOD as a mixed blessing. On the one hand the cost-savings can be tremendous but on the other they are often left with having to integrate multiple devices and OS into the corporate IT environment. What I often see is a fragmented BYOD policy which excludes certain devices and OS, leaving some employees disgruntled and feeling left out. A side-effect of this is that it can lead to sharing of devices which can compromise audit and compliance controls and also brings us back to point 2 above.

 

These are just some of the positives and negatives around implementing BYOD in a healthcare setting. I firmly sit on the positive side of the fence when it comes to BYOD and here at Intel Security we have solutions to help you overcome the challenges in your organisation, such as Multi-Factor Authentication (MFA) and SSDs Solid State Drives including in-built encryption which complement the administrative and physical safeguards you use in your holistic approach to managing risk.

 

Don’t forget to check out the great example from the Madrid Community Health Department to see how our work is having a positive impact on healthcare in Spain. We’d love to hear your own views on BYOD so do leave us a comment below or if you have a question I’d be happy to answer it.

 

 

David Houlding, MSc, CISSP, CIPP is a Healthcare Privacy and Security lead at Intel and a frequent blog contributor.

Find him on LinkedIn

Keep up with him on Twitter (@davidhoulding)

Check out his previous posts

Read more >

Tackling Information Overload in Industrial IoT Environments

Feeling inundated by too much industrial IoT data? Well, you’re not alone. According to an Economist Intelligence Unit report, most manufacturers are experiencing  information overload due to the increasing volume of data generated by automated processes. Senior factory executives in … Read more >

The post Tackling Information Overload in Industrial IoT Environments appeared first on IoT@Intel.

Read more >

Ready, Set, Action. Enhanced Platform Awareness in OpenStack for Line Rate NFV

By: Frank Schapfel

 

One of challenges in deploying Network Functions Virtualization (NFV) is creating the right software management of the virtualized network.  There are differences between managing an IT Cloud and a Telco Cloud.  IT Cloud providers take advantage of centralized and standardized servers in large scale data centers.  IT Cloud architects aim to maximize the utilization (efficiency) of the servers and automate the operations management.  In contrast, Telco Cloud application workloads are different from IT Cloud workloads.  Telco Cloud application workloads have real-time constraints, government regulatory constraints, and network setup and teardown constraints.  New tools are needed to build a Telco Cloud to these requirements.

 

OpenStack is the open software community developing IT Cloud orchestration management since 2010.  The Telco service provider community of end users, telecomm equipment manufacturers (TEMs), and software vendors have rallied around adapting the OpenStack cloud orchestration for Telco Cloud.  Over the last few releases of OpenStack, the industry has been shaping and delivering Telco Cloud ready solutions. For now, let’s just focus on the real-time constraints. For IT Cloud, the data center is viewed as a large pool of compute resources that need to operate a maximum utilization, even to the point of over-subscription of the server resources. Waiting a few milliseconds is imperceptible to the end user.  On the other hand, a network is real-time sensitive – and therefore cannot tolerate over-subscription of resources.

 

To adapt OpenStack to be more Telco Cloud friendly, Intel contributed to the concept of “Enhanced Platform Awareness” to OpenStack. Enhanced Platform Awareness in OpenStack offers a fine-grained matching of virtualized network resources to the server platform capabilities.  Having a fine-grained view of the server platform allows the orchestration to accurately assign the Telco Cloud application workload to the best virtual resource.  The orchestrator needs NUMA (Non-Uniform Memory Architecture) awareness so that it can understand how the server resources are partitioned, and how CPUs, IO devices, and memory are attached to sockets.  For instance, when workloads need line rate bandwidth, high speed memory access is critical, and huge page access is the latest technology in the latest Intel® Xeon™ E5-2600 v3 processor.

 

Now in action at the Oracle Industry Connect event in Washington, DC, Oracle and Intel demonstrate the collaboration using Enhanced Platform Awareness in OpenStack.  The Oracle Communications Network Service Orchestration uses OpenStack Enhanced Platform Awareness to achieve carrier grade performance for Telco Cloud. Virtualized Network Functions are assigned based on the needs for huge page access and NUMA awareness.  Other cloud workloads, which are not network functions, are not assigned specific server resources.

 

The good news – the Enhanced Platform Awareness contributions are already up-streamed in the OpenStack repository, and will be in the OpenStack Kilo release later this year.  At Oracle Industry Connect this week, there is a keynote, panel discussions and demos to get even further “under the hood.”  And if you want even more details, there is a new Intel White Paper: A Path to Line-Rate-Capable NFV Deployments with Intel® Architecture and the OpenStack® Juno Release.

 

Adapting OpenStack for Telco Cloud is happening now. And Enhanced Platform Awareness is finding its way into a real, carrier-grade orchestration solution.

Read more >