Sign in Subscribe
Amazon web services

AWS Nitro System

If you want to know more about AWS Nitro System read this blog.

Jisna C John

3 min read
AWS Nitro System

Why AWS Nitro System ?

Before the invention of the AWS Nitro system, there were several challenges and limitations that users faced in the realm of cloud computing. Major issues are ,

  • Traditional virtualization technologies used in cloud computing often suffered from limited hardware utilization.
  • The hypervisor layer introduced performance overhead due to the additional processing required for virtualization.
  • Traditional virtualization architectures often had shared networking and storage resources, which could become bottlenecks when multiple VMs competed for these resources and this leads to network and storage performance.
  • Traditional virtualization approaches creates some security risks, as any vulnerabilities in the hypervisor could potentially compromise all the VMs running on the server.

Many of these issues were resolved with the advent of the AWS Nitro system, which offloaded a number of virtualisation operations to Specialised hardware accelerators. This made it possible for resource allocation in AWS cloud instances to be done more effectively while also enhancing security and speed.

What is AWS Nitro System?

AWS introduced nitro system to learn more about the underlying architecture of an EC2 instances at the virtualisation level. It was introduced in 2017 as a part of continuous innovation of AWS. Initially it was introduced in C5 instance types. The nitro system essentially is the platform that powers the latest and greatest of the next generation EC2 instance types and it effectively operates as a cluster of components. It was launched back in 2017, and all-new instance types since then have been using the AWS Nitro System.

Since Nitro is only used by AWS, it is actually a combination of many parts that uses both custom hardware and software. In addition to being able to satisfy the demands of their customers, it was created to enable AWS to accelerate their rate of innovation.

Fig 1 : Architecture of Nitro System

Components of Nitro System

  1. Nitro cards
Fig 2 : Nitro Cards

AWS Nitro Cards, also known as AWS Nitro Acceleration Cards, are specialized hardware components developed by Amazon Web Services (AWS) as part of their Nitro system architecture. These cards are designed to offload specific tasks related to virtualization, networking, and storage, thereby improving the performance, security, and efficiency of AWS EC2 instances. There are 4 different type of nitro cards,

  • VPC Networking Nitro card
  • EBS Nitro Card
  • Instance Storage Nitro card
  • Nitro Card controller, or systems controller card
  1. Nitro Security Chips
Fig 3 : Nitro Security Chips

The Nitro Security Chip, the second essential part of the Nitro System, is a unique micro-controller that is physically affixed to the host's motherboard and is used to safeguard hardware resources and enforce the hardware root of trust.The chip itself can only be manipulated and written to by the Nitro card controller, not an instance, and it traps all I/O to non-volatile storage, stores system boot information to enable measurement and validation checks, and traps all I/O to non-volatile storage.  The security chip also needs to make sure that all hardware interfaces are being watched.

  1. Nitro Hypervisor
Fig 4 : Nitro Hypervisor

The Nitro Hypervisor which is KVM-based, and is the last key component of the Nitro system. The amount of work the data plane covers and controls, as well as the fact that they take on many of the virtualization responsibilities that a traditional hypervisor would typically handle, are two major advantages of these Nitro cards that I have just described.  AWS has been able to reduce the Nitro hypervisor to its essential elements, leaving only features and components that are absolutely necessary thanks to the transfer of responsibility to the Nitro cards.  As a result, the Nitro hypervisor is never active unless an instance requests it to act on the instance's behalf. As a result, the Hypervisor was created specifically for AWS for the Nitro system, and the work offloading to the Nitro cards has made the Nitro system more efficient.

Benefits of AWS System

The AWS Nitro system, which includes AWS Nitro Cards, provides several benefits for users of Amazon Web Services (AWS) EC2 instances. Some of the key benefits of AWS Nitro System are:

  • Enhanced Performance
  • Improved Security
  • Efficient Resource Utilization
  • Enhanced Network Performance
  • Accelerated Storage
  • Simplified Maintenance and Updates
  • Scalability and Agility