• Stars
    star
    915
  • Rank 49,917 (Top 1.0 %)
  • Language
    C
  • License
    Other
  • Created over 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

ARCHIVED: Modern Hypervisor for the Cloud. See https://github.com/cloud-hypervisor/cloud-hypervisor instead

Archived

NEMU is no longer active and is archived. Cloud Hypervisor is the successor https://github.com/cloud-hypervisor/cloud-hypervisor

NEMU, a cloud hypervisor

NEMU is an open source hypervisor specifically built and designed to run modern cloud workloads on modern 64-bit Intel and ARM CPUs.

Rationale

Modern guest operating systems that host cloud workloads run on virtual hardware platforms that do not require any legacy hardware. Additonally modern CPUs used in data centers have advanced virtualization features that have eliminated the need for most CPU emulation.

There currently is no open source hypervisor solutions with a clear and narrow focus on running cloud specific workloads on modern CPUs. All available solutions have evolved over time and try to be fairly generic. They attempt to support a wide range of virtual hardware architectures and run on hardware that has varying degree of hardware virtualization support. This results in a need to provide a large set of legacy platforms and device models requiring CPU, device and platform emulation. As a consequence they are built on top of large and complex code bases.

NEMU on the other hand aims to leverage KVM, be narrow focused on exclusively running modern, cloud native workloads, on top of a limited set of hardware architectures and platforms. It assumes fairly recent CPUs and KVM allowing for the the elimination of most emulation logic.

This will allow for smaller code base, lower complexity and a reduced attack surface compared to existing solutions. It also gives more space for providing cloud specific optimizations and building a more performant hypervisor for the cloud. Reducing the size and complexity of the code allows for easier review, fuzz testing, modularization and future innovation.

QEMU base

QEMU is the current de facto standard open source cloud hypervisor. It has a rich set of features that have been developed and tested over time. This includes features such as live migration, PCI, Memory, NVDIMM and CPU hotplug, VFIO, mediated device passthrough and vhost-user. QEMU also has been the code base on which significant effort and innovation has been invested to create multiple performant I/O models

It also comes with a very large support for legacy features, for platforms and devices and is capable of running on a large number of hardware platforms. It also allows for cross platform emulation. One of its fundamental goal is about being as generic as possible and run on a large set of hardware and host a diversity of workloads. QEMU needed emulation support to be build into the code as hardware lacked critical virtualization features.

QEMU allows for build time configuration of some of its rich feature set. However there is quite a large amount of the code base that cannot be compiled out as the emulated platforms make assumptions about certain legacy devices being always present. QEMU also has abstractions within the code to support all of these legacy features.

NEMU

NEMU is based off QEMU and leverage its rich feature set, but with a much narrower focus. It leverages the performant, robust and stable QEMU codebase without the need to supporting the myriad of features, platforms and hardware that are not relevant for the cloud.

The goal of NEMU is to retain the absolute minimal subset of the QEMU codebase that is required for the feature set described below. The QEMU code base will also be simplified to reduce the number of generic abstractions.

Requirements

NEMU provides a PCI virtio platform with support for vfio based device direct assigment and mediated device assigment support. It also aims to retain support for live migration, vhost-user and a build time configurable device hotplug support for PCI, memory, NVDIMM and CPU. NEMU will need to emulate a small subset of features including PCI host brige.

NEMU also introduces a new QEMU x86-64 machine type: virt. It is a purely virtual platform, that does not try to emulate any existing x86 chipset or legacy bus (ISA, SMBUS, etc) and offloads as many features to KVM as possible. This is a similar approach as the already existing AArch64 virt machine type and NEMU will only support the two virt machine types.

Below is a list of QEMU features that NEMU will retain and add.

High Level

  • KVM and KVM only based
  • Minimal emulation
  • Low latency
  • Low memory footprint
  • Low complexity
  • Small attack surface
  • 64-bit support only
  • Optional and build time configurable CPU, memory, PCI and NVDIMM hotplug
  • Machine to machine migration

Architectures

NEMU only supports two 64-bit CPU architectures:

  • x86-64
  • AArch64

Guest OS

  • 64-bit Linux

Guest Platforms

  • virt (x86-64) QEMU x86-64 virtual machine
  • virt (AArch64) QEMU AArch64 virtual machine

Host Platforms

  • Linux

Firmware and boot

  • UEFI
  • ACPI
    • Hardware Reduced ACPI
    • Optional hotplug support
      • CPU
      • Memory
      • NVDIMM
      • PCI devices
      • VFIO
      • vhost-user

Boot methods

  • UEFI boot

Memory

  • QEMU allocated memory
  • File mapped memory
  • Huge pages
  • Memory pinning

Devices

Models

  • virtio
    • blk
    • console
    • crypto
    • pci-net
    • rng-pci
    • scsi
      • virtio
      • vhost
    • 9pfs
    • vhost-user-scsi
    • vhost-user-net
    • vhost-user-blk
    • vhost-vsock-pci
  • vfio
    • network
    • mediated device
    • storage
    • rdma
  • NVDIMM
  • TPM
    • vTPM
    • Host TPM passthrough
  • SCSI controller
  • PCI controller (pci-lite)

Block

  • cdrom
  • nvme
  • ceph/rbd

Guest Image Formats

  • QCOW2
  • RAW
  • VHD

Migration

  • Network based over TLS
  • File based (Local migration)

Monitoring

  • QMP
  • QAPI

To be discussed

  • 64-bit Windows Server (headless)
  • qboot
  • Graphic Console
  • virtio-block-crypto
  • QEMU client support as modules
    • iscsi
    • nbd
    • nfs
    • gluster
  • RDMA live migration
  • SLIRP
  • Guest agent

More Repositories

1

hyperscan

High-performance regular expression matching library
C++
4,478
star
2

acat

Assistive Context-Aware Toolkit (ACAT)
C#
3,191
star
3

haxm

Intel® Hardware Accelerated Execution Manager (Intel® HAXM)
C
3,029
star
4

appframework

The definitive HTML5 mobile javascript framework
CSS
2,435
star
5

neural-compressor

SOTA low-bit LLM quantization (INT8/FP8/INT4/FP4/NF4) & sparsity; leading model compression techniques on TensorFlow, PyTorch, and ONNX Runtime
Python
2,182
star
6

intel-extension-for-transformers

⚡ Build your chatbot within minutes on your favorite device; offer SOTA compression techniques for LLMs; run LLMs efficiently on Intel Platforms⚡
Python
2,122
star
7

pcm

Intel® Performance Counter Monitor (Intel® PCM)
C++
2,083
star
8

intel-extension-for-pytorch

A Python package for extending the official PyTorch that can easily obtain performance on Intel platform
Python
1,203
star
9

linux-sgx

Intel SGX for Linux*
C++
1,180
star
10

scikit-learn-intelex

Intel(R) Extension for Scikit-learn is a seamless way to speed up your Scikit-learn application
Python
954
star
11

llvm

Intel staging area for llvm.org contribution. Home for Intel LLVM-based projects.
918
star
12

compute-runtime

Intel® Graphics Compute Runtime for oneAPI Level Zero and OpenCL™ Driver
C++
912
star
13

caffe

This fork of BVLC/Caffe is dedicated to improving performance of this deep learning framework when running on CPU, in particular Intel® Xeon processors.
C++
850
star
14

isa-l

Intelligent Storage Acceleration Library
C
816
star
15

media-driver

C
783
star
16

cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Python
721
star
17

intel-cmt-cat

User space software for Intel(R) Resource Director Technology
C
630
star
18

fastuidraw

C++
603
star
19

optimization-manual

Contains the source code examples described in the "Intel® 64 and IA-32 Architectures Optimization Reference Manual"
Assembly
602
star
20

libipt

libipt - an Intel(R) Processor Trace decoder library
C
594
star
21

libxcam

libXCam is a project for extended camera(not limited in camera) features and focus on image quality improvement and video analysis. There are lots features supported in image pre-processing, image post-processing and smart analysis. This library makes GPU/CPU/ISP working together to improve image quality. OpenCL is used to improve performance in different platforms.
C++
590
star
22

clDNN

Compute Library for Deep Neural Networks (clDNN)
C++
573
star
23

libva

Libva is an implementation for VA-API (Video Acceleration API)
C
558
star
24

intel-graphics-compiler

C++
503
star
25

wds

Wireless Display Software For Linux OS (WDS)
C++
496
star
26

thermal_daemon

Thermal daemon for IA
C++
485
star
27

x86-simd-sort

C++ header file library for high performance SIMD based sorting algorithms for primitive datatypes
C++
485
star
28

Intel-Linux-Processor-Microcode-Data-Files

466
star
29

gvt-linux

C
463
star
30

kernel-fuzzer-for-xen-project

Kernel Fuzzer for Xen Project (KF/x) - Hypervisor-based fuzzing using Xen VM forking, VMI & AFL
C
441
star
31

tinycbor

Concise Binary Object Representation (CBOR) Library
C
432
star
32

openfl

An open framework for Federated Learning.
Python
427
star
33

cc-oci-runtime

OCI (Open Containers Initiative) compatible runtime for Intel® Architecture
C
415
star
34

tinycrypt

tinycrypt is a library of cryptographic algorithms with a focus on small, simple implementation.
C
373
star
35

compile-time-init-build

C++ library for composing modular firmware at compile-time.
C++
372
star
36

ARM_NEON_2_x86_SSE

The platform independent header allowing to compile any C/C++ code containing ARM NEON intrinsic functions for x86 target systems using SIMD up to SSE4 intrinsic functions
C
369
star
37

yarpgen

Yet Another Random Program Generator
C++
357
star
38

intel-device-plugins-for-kubernetes

Collection of Intel device plugins for Kubernetes
Go
356
star
39

QAT_Engine

Intel QuickAssist Technology( QAT) OpenSSL Engine (an OpenSSL Plug-In Engine) which provides cryptographic acceleration for both hardware and optimized software using Intel QuickAssist Technology enabled Intel platforms. https://developer.intel.com/quickassist
C
356
star
40

linux-sgx-driver

Intel SGX Linux* Driver
C
334
star
41

safestringlib

C
328
star
42

xess

C
313
star
43

idlf

Intel® Deep Learning Framework
C++
311
star
44

ad-rss-lib

Library implementing the Responsibility Sensitive Safety model (RSS) for Autonomous Vehicles
C++
298
star
45

intel-vaapi-driver

VA-API user mode driver for Intel GEN Graphics family
C
289
star
46

ipp-crypto

C
269
star
47

rohd

The Rapid Open Hardware Development (ROHD) framework is a framework for describing and verifying hardware in the Dart programming language. ROHD enables you to build and traverse a graph of connectivity between module objects using unrestricted software.
Dart
256
star
48

opencl-intercept-layer

Intercept Layer for Debugging and Analyzing OpenCL Applications
C++
255
star
49

FSP

Intel(R) Firmware Support Package (FSP)
C
244
star
50

dffml

The easiest way to use Machine Learning. Mix and match underlying ML libraries and data set sources. Generate new datasets or modify existing ones with ease.
Python
244
star
51

userspace-cni-network-plugin

Go
242
star
52

intel-ipsec-mb

Intel(R) Multi-Buffer Crypto for IPSec
C
238
star
53

isa-l_crypto

Assembly
232
star
54

confidential-computing-zoo

Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
CMake
229
star
55

bmap-tools

BMAP Tools
Python
227
star
56

intel-extension-for-tensorflow

Intel® Extension for TensorFlow*
C++
226
star
57

ozone-wayland

Wayland implementation for Chromium Ozone classes
C++
214
star
58

intel-qs

High-performance simulator of quantum circuits
C++
202
star
59

SGXDataCenterAttestationPrimitives

C++
202
star
60

intel-sgx-ssl

Intel® Software Guard Extensions SSL
C
197
star
61

msr-tools

C
195
star
62

depth-camera-web-demo

JavaScript
194
star
63

rmd

Go
189
star
64

CPU-Manager-for-Kubernetes

Kubernetes Core Manager for NFV workloads
Python
187
star
65

asynch_mode_nginx

C
186
star
66

hexl

Intel®️ Homomorphic Encryption Acceleration Library accelerates modular arithmetic operations used in homomorphic encryption
C++
181
star
67

ros_object_analytics

C++
177
star
68

zephyr.js

JavaScript* Runtime for Zephyr* OS
C
176
star
69

generic-sensor-demos

HTML
175
star
70

ipmctl

C
172
star
71

sgx-ra-sample

C++
171
star
72

lmbench

C
171
star
73

cri-resource-manager

Kubernetes Container Runtime Interface proxy service with hardware resource aware workload placement policies
Go
170
star
74

platform-aware-scheduling

Enabling Kubernetes to make pod placement decisions with platform intelligence.
Go
165
star
75

virtual-storage-manager

Python
165
star
76

PerfSpect

System performance characterization tool based on linux perf
Python
164
star
77

he-transformer

nGraph-HE: Deep learning with Homomorphic Encryption (HE) through Intel nGraph
C++
163
star
78

systemc-compiler

This tool translates synthesizable SystemC code to synthesizable SystemVerilog.
C++
155
star
79

webml-polyfill

Deprecated, the Web Neural Network Polyfill project has been moved to https://github.com/webmachinelearning/webnn-polyfill
Python
153
star
80

pmem-csi

Persistent Memory Container Storage Interface Driver
Go
151
star
81

libyami

Yet Another Media Infrastructure. it is core part of media codec with hardware acceleration, it is yummy to your video experience on Linux like platform.
C++
148
star
82

ros_openvino_toolkit

C++
147
star
83

rib

Rapid Interface Builder (RIB) is a browser-based design tool for quickly prototyping and creating the user interface for web applications. Layout your UI by dropping widgets onto a canvas. Run the UI in an interactive "Preview mode". Export the generated HTML and Javascript. It's that simple!
JavaScript
147
star
84

ideep

Intel® Optimization for Chainer*, a Chainer module providing numpy like API and DNN acceleration using MKL-DNN.
C++
145
star
85

libva-utils

Libva-utils is a collection of tests for VA-API (VIdeo Acceleration API)
C
144
star
86

gmmlib

C++
141
star
87

numatop

NumaTOP is an observation tool for runtime memory locality characterization and analysis of processes and threads running on a NUMA system.
C
139
star
88

ros2_grasp_library

C++
138
star
89

XBB

C++
133
star
90

tdx-tools

Cloud Stack and Tools for Intel TDX (Trust Domain Extension)
C
131
star
91

ros2_intel_realsense

This project is deprecated and no more maintained. Please visit https://github.com/IntelRealSense/realsense-ros for ROS2 wrapper.
C++
131
star
92

linux-intel-lts

C
131
star
93

CeTune

Python
130
star
94

cm-compiler

C++
130
star
95

pti-gpu

Profiling Tools Interfaces for GPU (PTI for GPU) is a set of Getting Started Documentation and Tools Library to start performance analysis on Intel(R) Processor Graphics easily
C++
129
star
96

fMBT

Free Model Based tool
Python
129
star
97

zlib

C
128
star
98

ros_intel_movidius_ncs

C++
126
star
99

mpi-benchmarks

C
125
star
100

mOS

C
124
star