Welcome to Edera

Customer training for authorized users only

Only users with authorized email domains can access this portal.
Contact support@edera.dev if you need assistance.

Zones and Resource Management

Zones are Edera’s abstraction for resource allocation and workload placement. Think of them as resource pools with specific characteristics.

What Are Zones?

A Zone is a logical grouping of resources on a node with:

  • Dedicated CPU cores
  • Memory allocation
  • Network bandwidth
  • Storage quotas
  • Optional GPU assignment

Why Zones Matter

Zones enable:

  • Performance isolation: Noisy neighbors can’t steal your CPU
  • QoS guarantees: Critical workloads get dedicated resources
  • GPU sharing: Multiple workloads sharing GPUs safely
  • Multi-tenancy: Customer A and Customer B in separate zones

Resource Allocation

CPU Management

CPU Pinning:

  • Exclusive: Dedicated cores, no sharing
  • Shared: Cores shared among VMs in zone
  • Best-effort: Use whatever’s available

NUMA Awareness:

  • Allocate memory and CPUs from same NUMA node
  • Reduces latency, improves performance

Memory Management

Memory Modes:

  • Reserved: Pre-allocated, guaranteed
  • Limit: Maximum allowed
  • Ballooning: Dynamic adjustment

GPU Virtualization

Edera supports GPU isolation:

Physical GPU
    ↓
SR-IOV / vGPU
    ↓
Per-MicroVM Assignment
    ↓
Isolated GPU Access

Benefits:

  • Each microVM gets dedicated GPU slice
  • Memory isolated between VMs
  • No data leakage between tenants

Module 3 Summary

Key Takeaways:

  1. Architecture: Layered design from Kubernetes to Xen
  2. Protect: Xen control plane for VM lifecycle
  3. Styrolite: CRI runtime bridging K8s and Xen
  4. OpenPaX: Kernel hardening for defense in depth
  5. am-i-isolated: Verification tool
  6. Zones: Resource pools for QoS and isolation

Congratulations! You’ve completed the architecture and concepts section of Edera 101.

You now understand:

  • Why traditional containers are insecure
  • How Edera’s Xen-based architecture provides hardware-enforced isolation
  • The components that make up the Edera stack

Next Steps:

Additional training modules covering hands-on installation and troubleshooting coming soon!

Last updated on
Core Components Deep Dive