Comparison of Virtual Machines and Bare Metal for CNFs at Resource-Constrained Network Edge

A growing number of network functions built to run on commodity compute infrastructure, are increasingly adopting cloud native principles, and therefore often run inside containers. Containerised Network Functions (CNFs) can be hosted directly on the server’s host OS- Bare Metal (BM)- or can run inside a Virtual Machine (VM). The choice of BM or VM to host containers depends on many factors linked to security, tenant isolation, available resources and performance. This paper explores this important consideration by conducting comparative tests in a specific domain, namely at the network edge where resources are tightly constrained. Using a small form-factor micro server, we demonstrate how BM can clearly out-perform the use of a VM but that this occurs when there are distinct set-up dependencies around small fixed frame sizes and very stringent packet loss constraints. The performance margin is notably shrunk however, when a more realistic traffic load is used and non-zero packet loss permitted: the VM performance reaches within 89% of the BM throughput, while also achieving an average latency 14% lower than the BM setup. These results emphasise it is not simply a clear-cut case of BM always being “better”, with many other factors requiring attention including security and tenant isolation. We use the insights gleaned from lab testing alongside qualitative criteria to better inform design decisions around using VMs or BM to host CNFs.