Amazon EC2 performance evolution and implementation - Amazon EC2 Overview and Networking Introduction for Telecom Companies

Amazon EC2 performance evolution and implementation

AWS has evolved its Amazon EC2 platform from the early days of cc2 instances, which used the Xen hypervisor and paravirtualization with up to 10 Gbps of throughput, to the current Nitro-based family, which scale up to 400 Gbps (and millions of pps) for the largest instance types, such as c5n.

In order to improve performance in a virtualized environment, SR-IOV technology was used to bypass the hypervisor, resulting in the first version of enhanced networking, which provided improved performance, and lowered jitter and latency. The C3 instance family was the first to introduce the Enhanced Networking concept, and more than halved the latency of its predecessor, CC2. The first release of Enhanced Networking used Intel-based chipsets (ixgbevf); the later release was based on an in-house based solution called Enhanced Network Adapter (ENA). This is the reason why the references are made to two variants of enhanced networking:

  • Enhanced networking using Intel-based chipsets.

  • Enhanced networking using AWS ENA, fully in-house developed Network Interface Card (NIC).

The C4 generation saw the introduction of the Annapurna Labs-based chipset, which replaced Intel. This instance family provides both networking and storage-optimized performance. The overall performance limit is 10 Gbps; however, workloads requiring both storage and network optimized performance were able to take advantage of this type of optimization and architecture.

AWS Nitro-powered C5 instances was another major step to improve the performance further. The AWS Nitro System delivers high-speed networking with hardware offload, high-speed EBS storage with hardware offload, NVMe local storage, hardware protection/firmware verification for bare metal instances, and all business logic required to control EC2 instances. In more simplified terms, the Nitro System is a lightweight hypervisor combined with the Nitro Security Chip, and Nitro Card for storage and networking. The switch from Intel to ENA has allowed us to deliver much better performance due to increased number of queues (8 instead of 6 with Intel-based chipsets). C5 family delivers performance of up to 25 Gbps and this limit goes to millions of pps and ~100 Gbps with the largest C5n, network optimized instances.

The AWS Graviton2 processor-based C6g family of instances deliver 40% better price performance than C5 instances. C6G provides up to 38 Gbps EBS bandwidth, which is more than two times more compared to C5n instances Graviton2 processor provides enhanced security through features like always-on 256-bit DRAM encryption and by supporting encrypted EBS storage volumes by default. It supports 50% faster per core encryption performance compared to first-generation AWS Graviton. It is important to note that chipsets are future proof to deliver performance of up to 400 Gbps.

Finally, the culmination of the performance evolution resulted in release of AWS Graviton3-powered C7 instances. C7 instances deliver the best price performance in Amazon EC2 for compute-intensive applications, and are the first in the cloud to feature DDR5 memory, which provides 50% higher memory bandwidth compared to DDR4 memory to enable high-speed access to data in memory. C7g instances deliver 20% higher enhanced networking bandwidth compared to C6g instances for network intensive applications, such as network appliances. These instances are ideal for high-compute telecom workloads like video encoding, machine learning, and distributed analytics.

AWS Nitro Enclaves enables customers to create isolated compute environments to further protect and securely process highly sensitive data such as personally identifiable information (PII), financial, and intellectual property data within their Amazon EC2 instances. Nitro Enclaves uses the same Nitro Hypervisor technology that provides CPU and memory isolation for EC2 instances. Enclaves offers an isolated, hardened, and highly constrained environment to host security-critical applications. Nitro Enclaves can help telecom customer address their confidential computing requirement as it includes cryptographic attestation for customer software, so that customer can be sure that only authorized code is running, as well as integration with the AWS Key Management Service (AWS KMS), so that only your enclaves can access sensitive material.