image image image image image image



On This Page

Created on Jun 8, 2020 by Boris Kovalev

Introduction

This document describes how to enable RoCE PVRDMA Namespace in VMware vSphere 7.0 with NVIDIA ConnectX network cards. 

This guide assumes the following software and drivers are installed:

  • VMware ESXi 7.0.0, build 15843807
  • vCenter 7.0.0, build 15952599
  • Distributed Switch 7.0.0
  • ConnectX® Ethernet Driver for VMware® ESXi Server 4.17.13.1-1vmw.670.2.48.13006603 
  • VM Guest OS: Redhat 8.3 or 7.5 with linux kernel 5.5 RDMA features
  • VM Hardware Version: 20

References

Solution Overview

Setup

 

Solution Logical Design

VMware RoCE Solution Logical Diagram

Bill of Materials


Solution Physical Network Wiring



Configuration

Network Configuration

This table provides details of the ESXi server names and their network configuration.

ESXi

Server

Server

Name

IP and NICs
High-Speed Ethernet Network

Management Network

192.168.1.0

ESXi-01sl01w01esx11noneeno0: From DHCP (reserved)
ESXi-02sl01w01esx12noneeno0: From DHCP (reserved)


This table provides details of the VM names and their network configuration.

VM

Server

Name

IP and NICs
High-Speed Ethernet Network

Management Network

192.168.1.0

VM-01pvrdma-ns-vm01192.168.11.51eno0: From DHCP (reserved)
VM-02pvrdma-ns-vm02192.168.11.52eno0: From DHCP (reserved)

ESXi Host Configuration

Prerequisites

To set up an SR-IOV environment, the following is required:

  1. SR-IOV must be enabled in the BIOS of the specific server. Each server has different BIOS configuration options for virtualization. As an example for BIOS configuration, please refer to HowTo Set Dell PowerEdge R730 BIOS parameters to support SR-IOV.
  2. Install Mellanox Firmware Tools (MFT) on ESXi server. That procedure is described in How-to: Install NVIDIA Firmware Tools (MFT) on VMware ESXi 6.7/7.0..
  3. Installer privileges: The installation requires administrator privileges on the target machine.

Checking Host Configurations

  1. Enable SSH Access to ESXi server.

  2. Log into ESXi vSphere Command-Line Interface with root permissions.

  3. Verify that the host is equipped with a NVIDIA adapter card/s. Run:

    ESXi Console
    ~ lspci | grep Mellanox
    
    Note: In this instance, NVIDIA card is using vmnic4,5,6 and 7.
  4. Verify that the logical RDMA devices are currently registered on the system. Run:

    ESXi Console
    ~ esxcli rdma device list
    

    Or verify that they are registered in the vSphere Web Client:

    1. Launch the vSphere Web Client and connect to a vCenter Server instance.

    2. Right-click the ESXi server from the Inventory Lists area, then click Configure > Networking > RDMA adapters.


Deployment

Before starting with the deployment process, we need to create a vSphere Distributed Switch (vDS)

Creating a vDS

To create a new vDS:

  1. Launch the vSphere Web Client and connect to a vCenter Server instance.
              
  2. On the vSphere Web Client home screen, select the vCenter object from the list on the left.
    Hover over the Distributed Switches from the Inventory Lists area, then click New Distributed Switch (see image below) to launch the New vDS creation wizard:

              

  3. Provide a name for the new distributed switch and select the location within the vCenter inventory where you would like to store the new vDS (a data center object or a folder). Click NEXT.

              

  4. Select the version of the vDS to create.

              

  5. Specify the number of uplink ports as 2, check the Create a default port group box and give a name to that group.

              

  6. Click Finish.

              
              

Adding Hosts to vDS

To add an ESXi host to an existing vDS:

  1. Launch the vSphere Web Client, and connect to a vCenter Server instance.
              
  2. Navigate to the list of distributed switches.
              
  3. Right-click the new distributed switch in the list of objects and select Add and Manage Hosts from the Actions menu.

                        

  4. Select the Add hosts button and click Next.

                        

  5. Click the New hosts green plus icon to add an ESXi host. This opens the Select New Host dialog box.
                         

  6. From the list of new hosts, tick the boxes with the names of each ESXi host you want to add to the vDS.

                         

    Click OK when you are done, and then click NEXT to continue.

                                                                  

  7. In the next Manage physical adapters screen Configure vmnic4 in each ESXi host as an Uplink 1 for vDS and click NEXT.

                                         

  8. In the next Manage VMkernel adapters and Migrate VM networking screen click NEXT to continue.


                        

  9. Click FINISH.

                        

                     

Create and Attach the VMkernel Adapter

To create and attach the VMkernel adapter to vDS port group:

  1. In the vSphere Web Client, navigate to the host.
                        
  2. In the Configure tab, expand the Networking subheading.
                        
  3. Go to VMkernel adapters section.
                        
  4. Click the Add Networking... button to create a new VMkernel adapter vmk1.

                        

  5. In the Select connection type screen, select VMkernel Network Adapter. Click NEXT.

                        

  6. In the next Select target device screen, click the Select an existing networking option, click BROWSE ... and select sl01w01vds01-NS-PG port group. Click OK.

                        

  7. NEXT to continue.

                        

  8. In the next Port Properties screen select vMotion, click NEXT.

                        

  9. Provide an IPv4 address and Subnet mask for the VMkernel adapter vmk1:

                        

  10. Click NEXT and FINISH.

                        

  11. Repeat the Create and attach the VMkernel adapter steps for the second ESXi host.
              
                    

Configure an ESXi Host for PVRDMA Namespace

To use PVRDMA in vSphere 7.0, your environment must meet several configuration requirements.

To configure an ESXi host for PVRDMA, follow the below steps.

Tag a VMkernel Adapter for PVRDMA

To tag a VMkernel adapter, select it and enable it for PVRDMA Namespace communication by following these steps:

  1. In the vSphere Web Client, navigate to the host.
              
  2. On the Configure tab, expand the System subheading and click Advanced System Settings.
              
  3. Locate Net.PVRDMAvmknic and click Edit.

                        

  4. Enter the value of the VMkernel adapter that you want to use (for this example we used vmk1) and click OK

                        

    Optional: 

    You can use ESXI CLI to Tag a vmknic created on DVS that the VRDMA will use for TCP channel by running the following command line:

    ESXi Console
    esxcli system settings advanced set -o /Net/PVRDMAVmknic -s vmk1

                        
                        

Enable Firewall Rule for PVRDMA

To enable the firewall rule for PVRDMA in the security profile of the ESXi host follow these steps:

  1. In the vSphere Web Client, navigate to the host.
              
  2. In the Configure tab, expand the System subheading.
              
  3. Go to Firewall section and click Edit.

                        

  4. Scroll to the pvrdma rule and check the relevant box next to it:

                        

  5. Click OK to finish.

    Optional: 

    You can use ESXI CLI to enable the pvrdma firewall rule with the following command line:

    ESXi Console
    esxcli network firewall ruleset set -e true -r pvrdma

                        

  6. Enter Maintenance Mode the ESXi host.
                        

  7. Download and Install Mellanox Firmware Tools (MFT) by following the procedure described in How-to: Install NVIDIA Firmware Tools (MFT) on VMware ESXi 6.7/7.0..

    You can use MFT tools version 4.14.2 for ESXi 7.0.

                        

  8. Update FW and Driver by following the procedures described in How-to: Firmware update for NVIDIA ConnectX-5/6 adapter on VMware ESXi 6.5 and above. and How-to: NVIDIA ConnectX driver upgrade on VMware ESXi 6.7/7.0 and above.

    You can use FW version 16.27.2008 and Driver version 4.19.70.1 and above.

                        

  9. Print the current status of NVIDIA devices.

    ESXi Console
    /opt/mellanox/bin/mst status

    Example output:

                        

  10. Set MKEY_BY_NAME flag with 1 using MFT on ConnectX adapter on both ESXi.

    No need to set the MKEY_BY_NAME flag with 1 from Linux kernel 5.9+ as there was a kernel patch that added support for it.

    ESXi Console
    /opt/mellanox/bin/mlxconfig -d mt4119_pciconf0 set MKEY_BY_NAME=1

    Setting MKEY_BY_NAME=1 will cause PCI passthru of the NIC or any VFs to be unusable, as the Linux driver does not recognize the firmware option.

                        

  11. Open VF using module parameters. Firmware and BIOS must be configured for SR-IOV.

    ESXi Console
    esxcli system module parameters set -m nmlx5_core -p "max_vfs=2,2"

              

    For more information about VFs enabling, SR-IOV please see following document: How-to: Configure NVIDIA ConnectX-5/6 adapter in SR-IOV mode on VMware ESXi 6.7/7.0 and above.

                        

  12. Reboot ESXi host.
                        
  13. Get the opened VFs by running the following command in the CLI:

    ESXi Console
    esxcli hardware pci pcipassthru list

    Example:

    Or, if using the vSphere Web Client:

    1. Navigate to the host.
    2. In the Configure tab, expand the Hardware subheading.
    3. Go to PCI Devices section.

                          

  14. Move the opened VF from user space to kernel space by running the following commands in the CLI. We need to move a minimum of two VF (required by vMotion).

    ESXi Console
    esxcli hardware pci pcipassthru set -d 0000:13:00.2 -e 0 -a
    esxcli hardware pci pcipassthru set -d 0000:13:00.3 -e 0 -a

    Or, if using the vSphere Web Client:

    1. Navigate to the host.
    2. In the Configure tab, expand the Hardware subheading.
    3. Go to PCI Devices section.
    4. In the top corner click on "CONFIGURE PASSTHROUGH", and uncheck VFs to move ownership to the VMkernel.

                                    

  15. Exit from Maintenance Mode the ESXi host.

                        
                        

Assign PVRDMA Adapter to Virtual Machine

To enable a virtual machine to exchange data using RDMA, you must associate the VM with a PVRDMA network adapter. To do so:

  1. Locate the VM in the vSphere Web Client.
              
  2. Select a data center, folder, cluster, resource pool, or a host and click on the VMs tab.
              
  3. Click Virtual Machines and double-click the VM from the list.
              
  4. Power off the VM.
              
  5. In the Summary tab of the VM, expand the VM Hardware subheading and click Edit Settings.
              
  6. Click ADD NEW DEVICE in the Virtual Hardware tab, select Network Adapter from the list, and click OK.

                        

  7. Expand the New Network* section and connect the VM to a distributed port group. Click on Browse to select the port group.

                        

  8. Select PVRDMA as the Adapter Type.

                        

  9. Expand the Memory section, check the box next to Reserve all guest memory (All locked).

                        

  10. Click OK to close the dialog window.
                        
  11. Power on the virtual machine
                        


Configure Guest OS for PVRDMA

This step assumes a procedure to assign a PVRDMA Adapter to a Virtual Machine with Red Hat/CentOS 7.5 or later only.

In our lab, Red Hat installation includes an Infrastructure Server with following add-ons: Debugging Tools, Infiniband Support, Development Tools, and System Administration Tools.

To configure a guest OS for PVRDMA, you need to install a PVRDMA driver. The installation process depends on the ESXi version, VM tools and guest OS version: 

Guest OS: CentOS 7.5 and later
VM hardware version 17
ESXi v7.0.0
  1. Create a VM with VM compatibility version 17 and install CentOS version 7.5 or later.
  2. Add PVRDMA adapter over DVS portgroup from the vCenter.
  3. The InfiniBand packages are part of linux kernel 5.5 RDMA features.
  4. Verify:The logs must contain this line : vmw_pvrdma 0000:13:00.1: device version 20, driver version 20.
Guest OS: Ubuntu 18.04 and later
VM hardware version 17
ESXi v7.0.0
  1. Create a VM with VM compatibility version 17 and install Ubuntu version 18.04 or later.
  2. Add PVRDMA adapter over DVS portgroup from the vCenter.
  3. The InfiniBand packages are part of linux kernel 5.5 RDMA features.
  4. Verify:The logs must contain this line : vmw_pvrdma 0000:13:00.1: device version 20, driver version 20.

Verification

On ESXi Host

ESXi Console
[root@sl01w01esx11:~] vsish
/> cd /vmkModules/vrdma/pvrdmaDevices/
/vmkModules/vrdma/pvrdmaDevices/> dir
2114737_0/
/vmkModules/vrdma/pvrdmaDevices/> cat /vmkModules/vrdma/pvrdmaDevices/2114737_0/properties
/> cat /vmkModules/vrdma/pvrdmaDevices/2114737_0/properties
PVRDMA Device Properties {
VMM leader ID of VM:2114737
adapter index:0
MAC address:00:50:56:a1:50:19
Physical HCA available:1
Namespace allocated:1
SRQ support enabled:1
MR Key extension enabled:1
Phys handles enabled:1
Prefer RoCE v1 over v2:0
RoCE version:2
Active MTU:1024

Namespace allocated:1 must be 1.

On VM

VM Console
dmesg
...

[176904.512175] vmw_pvrdma 0000:13:00.1: device version 20, driver version 20
[176904.512239] vmw[root@localhost ~]# dmesg_pvrdma 0000:13:00.1: paired device to ens224f0
[176904.512333] vmw_pvrdma 0000:13:00.1: irq 70 for MSI/MSI-X
[176904.512358] vmw_pvrdma 0000:13:00.1: irq 71 for MSI/MSI-X
[176904.512383] vmw_pvrdma 0000:13:00.1: irq 72 for MSI/MSI-X
[176904.582977] vmw_pvrdma 0000:13:00.1: attached to device

The logs must contain this line:

vmw_pvrdma 0000:13:00.1: device version 20, driver version 20.

Deployment Verification

Ttest the communication using PVRDMA, we will use a PerftestThis is a collection of tests written over uverbs intended for use as a performance micro-benchmark.

The tests may be used for hardware or software tuning as well as for functional testing.

To install and run the benchmark:

  1. Install Perftest:

    VM Console
    cd 
    wget https://github.com/linux-rdma/perftest/archive/master.zip
    unzip master.zip
    cd perftest-master/
    ./autogen.sh
    ./configure
    make 
    
    
    modprobe ib_core
    modprobe ib_uverbs
    modprobe ib_cm
    modprobe rdma_cm
    modprobe rdma_ucm

    The InfiniBand packages aren't part of linux kernel 5.4. In this case you need to install following packages before you install perftest:

    • rdma-core

    • libtool
    • libibverbs-dev
    • librdmacm-dev
    • libibumad-dev
    • libpci-dev

                    

  2. Check the network interface name:

    VM Console
    ifconfig
    ...
    ens224f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

                        

  3. Add Static IP configuration to the network interface. Modify /etc/sysconfig/network-scripts/ifcfg-ens224f0.

    Add to file
    DEVICE=ens224f0
    BOOTPROTO=none
    ONBOOT=yes
    PREFIX=24
    IPADDR=192.168.11.51

Repeat steps 1-3 for the second VM.

On the first VM ("Server"), run the following:

VM01 "Server" Console
systemctl disable firewall
systemctl stop firewalld
systemctl disable firewalld
firewall-cmd --state
./ib_write_bw -x 0 -d vmw_pvrdma0 --report_gbits

On second VM ("Client"), run the following:

VM02 "Client" Console
./ib_write_bw -x 0 -F 192.168.11.51 -d vmw_pvrdma0 --report_gbits
************************************

* Waiting for client to connect... *
************************************
-------------------------------------------------------------------------------- -------
RDMA_Write BW Test
Dual-port : OFF Device : vmw_pvrdma0
Number of qps : 1 Transport type : IB
Connection type : RC Using SRQ : OFF
CQ Moderation : 100
Mtu : 1024[B]
Link type : Ethernet
GID index : 0
Max inline data : 0[B]
rdma_cm QPs : OFF
Data ex. method : Ethernet
-------------------------------------------------------------------------------- -------
local address: LID 0000 QPN 0x0004 PSN 0xfb9486 RKey 0x000005 VAddr 0x007f68c62 a1000
GID: 254:128:00:00:00:00:00:00:02:80:86:255:254:170:101:146
remote address: LID 0000 QPN 0x0002 PSN 0xe72165 RKey 0x000003 VAddr 0x007f2ab4 361000
GID: 254:128:00:00:00:00:00:00:02:80:86:255:254:170:58:174
-------------------------------------------------------------------------------- -------
#bytes #iterations BW peak[Gb/sec] BW average[Gb/sec] MsgRate[Mpps]
65536  5000          90.56           90.39            0.172405
-------------------------------------------------------------------------------- -------

                    

Done!


About Author


Boris Kovalev

Boris Kovalev has worked for the past several years as a Solutions Architect, focusing on NVIDIA Networking/Mellanox technology, and is responsible for complex machine learning, Big Data and advanced VMware-based cloud research and design. Boris previously spent more than 20 years as a senior consultant and solutions architect at multiple companies, most recently at VMware. He has written multiple reference designs covering VMware, machine learning, Kubernetes, and container solutions which are available at the Mellanox Documents website.




Notice

This document is provided for information purposes only and shall not be regarded as a warranty of a certain functionality, condition, or quality of a product. Neither NVIDIA Corporation nor any of its direct or indirect subsidiaries and affiliates (collectively: “NVIDIA”) make any representations or warranties, expressed or implied, as to the accuracy or completeness of the information contained in this document and assumes no responsibility for any errors contained herein. NVIDIA shall have no liability for the consequences or use of such information or for any infringement of patents or other rights of third parties that may result from its use. This document is not a commitment to develop, release, or deliver any Material (defined below), code, or functionality.
NVIDIA reserves the right to make corrections, modifications, enhancements, improvements, and any other changes to this document, at any time without notice.
Customer should obtain the latest relevant information before placing orders and should verify that such information is current and complete.
NVIDIA products are sold subject to the NVIDIA standard terms and conditions of sale supplied at the time of order acknowledgement, unless otherwise agreed in an individual sales agreement signed by authorized representatives of NVIDIA and customer (“Terms of Sale”). NVIDIA hereby expressly objects to applying any customer general terms and conditions with regards to the purchase of the NVIDIA product referenced in this document. No contractual obligations are formed either directly or indirectly by this document.
NVIDIA products are not designed, authorized, or warranted to be suitable for use in medical, military, aircraft, space, or life support equipment, nor in applications where failure or malfunction of the NVIDIA product can reasonably be expected to result in personal injury, death, or property or environmental damage. NVIDIA accepts no liability for inclusion and/or use of NVIDIA products in such equipment or applications and therefore such inclusion and/or use is at customer’s own risk.
NVIDIA makes no representation or warranty that products based on this document will be suitable for any specified use. Testing of all parameters of each product is not necessarily performed by NVIDIA. It is customer’s sole responsibility to evaluate and determine the applicability of any information contained in this document, ensure the product is suitable and fit for the application planned by customer, and perform the necessary testing for the application in order to avoid a default of the application or the product. Weaknesses in customer’s product designs may affect the quality and reliability of the NVIDIA product and may result in additional or different conditions and/or requirements beyond those contained in this document. NVIDIA accepts no liability related to any default, damage, costs, or problem which may be based on or attributable to: (i) the use of the NVIDIA product in any manner that is contrary to this document or (ii) customer product designs.
No license, either expressed or implied, is granted under any NVIDIA patent right, copyright, or other NVIDIA intellectual property right under this document. Information published by NVIDIA regarding third-party products or services does not constitute a license from NVIDIA to use such products or services or a warranty or endorsement thereof. Use of such information may require a license from a third party under the patents or other intellectual property rights of the third party, or a license from NVIDIA under the patents or other intellectual property rights of NVIDIA.
Reproduction of information in this document is permissible only if approved in advance by NVIDIA in writing, reproduced without alteration and in full compliance with all applicable export laws and regulations, and accompanied by all associated conditions, limitations, and notices.
THIS DOCUMENT AND ALL NVIDIA DESIGN SPECIFICATIONS, REFERENCE BOARDS, FILES, DRAWINGS, DIAGNOSTICS, LISTS, AND OTHER DOCUMENTS (TOGETHER AND SEPARATELY, “MATERIALS”) ARE BEING PROVIDED “AS IS.” NVIDIA MAKES NO WARRANTIES, EXPRESSED, IMPLIED, STATUTORY, OR OTHERWISE WITH RESPECT TO THE MATERIALS, AND EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES OF NONINFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL NVIDIA BE LIABLE FOR ANY DAMAGES, INCLUDING WITHOUT LIMITATION ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF ANY USE OF THIS DOCUMENT, EVEN IF NVIDIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. Notwithstanding any damages that customer might incur for any reason whatsoever, NVIDIA’s aggregate and cumulative liability towards customer for the products described herein shall be limited in accordance with the Terms of Sale for the product.

Trademarks
NVIDIA, the NVIDIA logo, and Mellanox are trademarks and/or registered trademarks of NVIDIA Corporation and/or Mellanox Technologies Ltd. in the U.S. and in other countries. Other company and product names may be trademarks of the respective companies with which they are associated.

Copyright
© 2022 NVIDIA Corporation & affiliates. All Rights Reserved.