第10章 Configuring CPU feature flags for instances

You can enable or disable CPU feature flags for an instance without changing the settings on the host Compute node and rebooting the Compute node. By configuring the standard set of CPU feature flags that are applied to instances, you are helping to achieve live migration compatibility across Compute nodes. You are also helping to manage the performance and security of the instances, by disabling flags that have a negative impact on the security or performance of the instances with a particular CPU model, or enabling flags that provide mitigation from a security problem or alleviates performance problems.

10.1. Prerequisites

  • The CPU model and feature flags must be supported by the hardware and software of the host Compute node:

    • To check the hardware your host supports, enter the following command on the Compute node:

      $ cat /proc/cpuinfo
    • To check the CPU models supported on your host, enter the following command on the Compute node:

      $ sudo podman exec -it nova_libvirt virsh cpu-models <arch>

      Replace <arch> with the name of the architecture, for example, x86_64.