I am trying to restrict the CPU usage (and power consumption) of an OPNsense VM on PVE, but the CPU limit adjustment isn't producing the results I'd expect. Setting the CPU limit to a low value does reduce the percent load of the guest VM process on the host relative to the number of assigned cores, but it cripples the performance of OPNsense--far more than just limiting the overall CPU frequency of the host itself using something like
It's probably easier to explain with some numbers. The configurations below were tested using the Speedtest CLI benchmark on a 1 Gbps internet connection. The CPU on the PVE host is an Intel Pentium Gold G5420T with 2 cores and 4 threads. I have 2 cores assigned to the OPNsense VM.
Power consumption is almost the same whether I'm reducing the host clock frequency or limiting the CPU on the VM, but the performance is much different. The CPU-limited VM can only push about a quarter of the bandwidth. This is obviously because the
I don't mind using
Is there another way I should be approaching this situation?
cpupower.It's probably easier to explain with some numbers. The configurations below were tested using the Speedtest CLI benchmark on a 1 Gbps internet connection. The CPU on the PVE host is an Intel Pentium Gold G5420T with 2 cores and 4 threads. I have 2 cores assigned to the OPNsense VM.
PVE host metric | Default settings | All cores reduced to 800 MHz with cpupower | CPU limit = 0.50 on PVE VM (clock speed set back to default) |
|---|---|---|---|
kvm process | 32-34% | 32-34% | 10-12% |
| Clock speed | 3200 MHz | 800 MHz | 3200 MHz |
| Network throughput | 950 Mbps | 950 Mbps | 270 Mbps |
| Power consumption | 29 W | 19 W | 20 W |
Power consumption is almost the same whether I'm reducing the host clock frequency or limiting the CPU on the VM, but the performance is much different. The CPU-limited VM can only push about a quarter of the bandwidth. This is obviously because the
kvm CPU time is reduced, but even at full clock speed (3200 MHz) it's slower than just downclocking the host.I don't mind using
cpupower, but this has the side effect of reducing the overall performance capability of the entire PVE server and will affect other VMs and CTs. I tried pinning two of the cores on the OPNsense VM and using cpupower to limit the frequency of just those cores, but the CPU didn't honor the setting and would ramp up to 3200 MHz again. (Playing with the intel_pstate driver modes didn't help either, so I presume you can't set different core speeds on the same CPU die.)Is there another way I should be approaching this situation?
