Welcome!

Cloud Expo Authors: Martin Etmajer, Liz McMillan, Elizabeth White, John Grady, Colin Lacey

Related Topics: Virtualization, XML, SOA & WOA, AJAX & REA, Cloud Expo, Apache

Virtualization: Blog Feed Post

Bare Metal Blog: FPGAs - The Benefits and Risks

The use of FPGAs, the risks, trade-offs, and benefits to IT

I was talking with the team working on our yard – they’re putting in new sidewalks and a patio, amongst other things – and we got on the subject of gutters. When we bought this house, it came with no gutters, and that has, over time, caused some serious damage to the base of the house. Wood and plaster do not take it well when water pours down on them at the rate that, oh, say melting snow in the spring sends it down. So I had them get us an estimate for gutters on the entire house. Some of the work they’re estimating is running the gutters right to the storm drain, which is not normally cheap, but they had both the front and back yards all ripped up, so it is a good time to do it, both cheaper and less messy, since the mess is already there.

imageSo I told them to do it, because I don’t want the sod they’re going to lay to be ripped up in a year when we decide to put the gutters on, and certainly don’t want them to rip up the patio and sidewalks they’re putting in now just to lay pipe later – that would be nearly impossible.

And that, in a nutshell, is the same reason why FPGAs are used in a lot of high-tech firms. If the device is my yard/sidewalks, and I have to choose between a custom ASIC versus an FPGA, the custom ASIC would require me to rip up the yard later, while the FPGA is planning ahead for change.

Sidewalk with pipes under itLet me explain. With an FPGA, the circuits are programmed. Not like software, but code sets up the circuits, and then they are pretty equivalent to having them be hard-wired. With an ASIC, they really are hard-wired. So six months later, a change to the system – be it added functionality or fixes to existing logic – will be far easier with an FPGA than an ASIC. With an FPGA, the design file is opened, the changes made and tested, then the config is compiled and delivered to manufacturing. At that point, the devices produced with the new config file will have the new functionality. With ASICs, you change the design, send it to a manufacturing shop, wait for the shop to produce a small run (working it into their schedule that is), test the result, and then do a full production run. Then the new ASIC has to be put on the assembly line to replace the old ASIC. The difference is astronomical in terms of time required and even more so in terms of cost.

Of course there are some trade-offs. Every architectural choice results in trade-offs, and anyone who tells you differently is indeed trying to sell you something, and they don’t want to admit the trade-offs used to produce what they’re selling.

One of the big concerns out there about FPGAs is that they’re less secure. In the most vague, general sense, this is true. But in practical use scenarios, it most certainly isn’t. Here are the concerns, and why they’re over-rated (note that these notes are adapted from responses to my questions put to Clint Harames of F5<’s most excellent FPGA team, I cannot vouch for other production except to say the other teams I was involved with outside of F5 were similar):

  • It’s field programmable! What if it gets modified? In F5’s case, none of the programmability is accessible from the outside. There is no Ethernet or coding hack that can reprogram it, because that functionality is not accessible. Other vendors work to a differing standard, so definitely worth checking, though I would remind you that it is almost never going to be as easy to hack an FPGA as it is to hack software or COTS hardware.
  • Okay, but can’t it be erased and destroy the device? In theory yes (though erasing it is only effective until the next boot – non-destructive, so-to-speak), but if “modify” functionality is not accessible, then it can’t be erased easily. The caveat is that there is of course a reset pin on the chip, but if the ne’er-do-well has physical access to your device, time to disassemble the device, and a handy pinout for the FPGA chip you’re using, I’m going to guess you have bigger problems than whether they can reset your FPGA.
  • If it’s programmable, can’t the program be read out and modified? Again, that functionality can be enabled on the chip, and you can check with your device manufacturer to see if they leave it enabled for production devices. Remember, it is a twofold story here, in F5’s case, we don’t generally want to reprogram production devices and don’t want to make reverse engineering our product any easier than it has to be, while we want to protect you from someone modifying a production device. So when the design is done and meets all test criteria, we at F5 turn access to this functionality off completely before shipping product is produced. Definitely worth checking with your vendor to find out what they are doing.

Again, your vendor may do things differently, if, for some reason they need the ability to reprogram the FPGA in your device.

For you, the IT staffer, the benefits are pretty straight-forward. The device you purchase will be closer to “up to date” because of the time-to-market benefits of FPGAs, it will be cheaper because of the reduced up-front costs (note that like everything involving costs, economies of scale can change the “cheaper” part to be untrue, depending upon the costs involved), and the resulting device will be far, far faster than the equivalent processing done on a general purpose CPU. In the end, it is hardware doing the processing, and FPGAs have concurrency that general purpose CPUs can only match with a huge number of cores, even then since the OS handles the scheduling on a general purpose CPU, many cores does not normally make up the performance difference.

There are some who think the advent of virtualization and virtualized appliances should curb the use of FPGAs, as the virtual version has to include all the functionality. While this is, on the surface, a reasonable argument, it has a flaw. FPGAs are MUCH faster than software will ever be, let alone a VM running on a host with who-knows-how-many other VMs sharing its resources. So in cases like F5, where there is a hardware and a software version, the key is to be able to run in both. TMOS, F5’s OS for traffic management, uses hardware if available, software if not. This offers the best of both worlds – acceptable traffic management in a VM, and high-performance traffic management in hardware.

Next time I’ll delve into specific functionality that on our hardware platforms is implemented in FPGA, and how that helps you do your job in IT, today was more of a “what are the risks, what are the benefits” in a generic sense.

Read the original blog entry...

More Stories By Don MacVittie

Don MacVittie is Founder of Ingrained Technology, LLC, specializing in Development, Devops, and Cloud Strategy. Previously, he was a Technical Marketing Manager at F5 Networks. As an industry veteran, MacVittie has extensive programming experience along with project management, IT management, and systems/network administration expertise.

Prior to joining F5, MacVittie was a Senior Technology Editor at Network Computing, where he conducted product research and evaluated storage and server systems, as well as development and outsourcing solutions. He has authored numerous articles on a variety of topics aimed at IT professionals. MacVittie holds a B.S. in Computer Science from Northern Michigan University, and an M.S. in Computer Science from Nova Southeastern University.

@CloudExpo Stories
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
"SAP had made a big transition into the cloud as we believe it has significant value for our customers, drives innovation and is easy to consume. When you look at the SAP portfolio, SAP HANA is the underlying platform and it powers all of our platforms and all of our analytics," explained Thorsten Leiduck, VP ISVs & Digital Commerce at SAP, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"We help companies that are using a lot of Software as a Service. We help companies manage and gain visibility into what people are using inside the company and decide to secure them or use standards to lock down or to embrace the adoption of SaaS inside the company," explained Scott Kriz, Co-founder and CEO of Bitium, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
"Verizon offers public cloud, virtual private cloud as well as private cloud on-premises - many different alternatives. Verizon's deep knowledge in applications and the fact that we are responsible for applications that make call outs to other systems. Those systems and those resources may not be in Verizon Cloud, we understand at the end of the day it's going to be federated," explained Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, in this SYS-CON.tv interview at...
SYS-CON Media announced that Centrify, a provider of unified identity management across cloud, mobile and data center environments that delivers single sign-on (SSO) for users and a simplified identity infrastructure for IT, has launched an ad campaign on Cloud Computing Journal. The ads focus on security: how an organization can successfully control privilege for all of the organization’s identities to mitigate identity-related risk without slowing down the business, and how Centrify provides ...
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from ha...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
The 4th International DevOps Summit, co-located with16th International Cloud Expo – being held June 9-11, 2015, at the Javits Center in New York City, NY – announces that its Call for Papers is now open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's large...
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
We are all here because we are sold on the transformative promise of The Cloud. But what good is all of this ephemeral, on-demand infrastructure if your usage doesn't actually improve the agility and speed of your business? How must Operations adapt in order to avoid stifling your Cloud initiative? In his session at DevOps Summit, Damon Edwards, co-founder and managing partner of the DTO Solutions, will highlight the successful organizational, process, and tooling patterns of high-performing c...
Software-driven innovation is becoming a primary approach to how businesses create and deliver new value to customers. A survey of 400 business and IT executives by the IBM Institute for Business Value showed businesses that are more effective at software delivery are also more profitable than their peers nearly 70 percent of the time (1). DevOps provides a way for businesses to remain competitive, applying lean and agile principles to software development to speed the delivery of software that ...
Docker offers a new, lightweight approach to application portability. Applications are shipped using a common container format and managed with a high-level API. Their processes run within isolated namespaces that abstract the operating environment independently of the distribution, versions, network setup, and other details of this environment. This "containerization" has often been nicknamed "the new virtualization." But containers are more than lightweight virtual machines. Beyond their small...
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...