Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On June 2, 2015, 12:57 a.m., Chi Zhang wrote: Cong, is this the patch the requires code from 3.2.26 for the first time? If so, should we add a compile-time flag to config.ac? That way Paul can safely back off the code for the stat string conversion from the other patch you commented on. Cong Wang wrote: No, https://reviews.apache.org/r/31503/ this one should be the first commit requires 3.2.26. Chi Zhang wrote: hmm looks like both are committed? could you submit a fix for that please? Done: https://issues.apache.org/jira/browse/MESOS-2803 . Feel free to take it if you have time. - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review86133 --- On June 1, 2015, 10:45 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated June 1, 2015, 10:45 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 4ce8acb7040f2ed8ec3834dd7702a20f5316c20f src/linux/routing/filter/filter.hpp aaca57fbe80e3ffa3dd2c2bbed93849013b7a382 src/linux/routing/filter/icmp.cpp 76877fb94a1c1e79133b8975419d2ea7d0300650 src/linux/routing/filter/ip.hpp 9645f9488938c55fec253b36d9fa30eae72a8ca2 src/linux/routing/filter/ip.cpp 0f3b856bd04f6a881e35452a24399715cd8a174f src/slave/containerizer/isolators/network/port_mapping.hpp 6579286b779882bec493a8e0f10486adc316dc6e src/slave/containerizer/isolators/network/port_mapping.cpp 843e52d6f9923d0ee0a0297cd5c464b8b72f5de3 Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated June 1, 2015, 10:45 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Changes --- Rebase the patch per dicussion with Jie. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs (updated) - src/linux/routing/filter/basic.cpp 4ce8acb7040f2ed8ec3834dd7702a20f5316c20f src/linux/routing/filter/filter.hpp aaca57fbe80e3ffa3dd2c2bbed93849013b7a382 src/linux/routing/filter/icmp.cpp 76877fb94a1c1e79133b8975419d2ea7d0300650 src/linux/routing/filter/ip.hpp 9645f9488938c55fec253b36d9fa30eae72a8ca2 src/linux/routing/filter/ip.cpp 0f3b856bd04f6a881e35452a24399715cd8a174f src/slave/containerizer/isolators/network/port_mapping.hpp 6579286b779882bec493a8e0f10486adc316dc6e src/slave/containerizer/isolators/network/port_mapping.cpp 843e52d6f9923d0ee0a0297cd5c464b8b72f5de3 Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On June 2, 2015, 12:57 a.m., Chi Zhang wrote: Cong, is this the patch the requires code from 3.2.26 for the first time? If so, should we add a compile-time flag to config.ac? That way Paul can safely back off the code for the stat string conversion from the other patch you commented on. No, https://reviews.apache.org/r/31503/ this one should be the first commit requires 3.2.26. - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review86133 --- On June 1, 2015, 10:45 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated June 1, 2015, 10:45 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 4ce8acb7040f2ed8ec3834dd7702a20f5316c20f src/linux/routing/filter/filter.hpp aaca57fbe80e3ffa3dd2c2bbed93849013b7a382 src/linux/routing/filter/icmp.cpp 76877fb94a1c1e79133b8975419d2ea7d0300650 src/linux/routing/filter/ip.hpp 9645f9488938c55fec253b36d9fa30eae72a8ca2 src/linux/routing/filter/ip.cpp 0f3b856bd04f6a881e35452a24399715cd8a174f src/slave/containerizer/isolators/network/port_mapping.hpp 6579286b779882bec493a8e0f10486adc316dc6e src/slave/containerizer/isolators/network/port_mapping.cpp 843e52d6f9923d0ee0a0297cd5c464b8b72f5de3 Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review86155 --- Ship it! I added the slave flag for you. Please follow up with tests: https://issues.apache.org/jira/browse/MESOS-2799 - Jie Yu On June 1, 2015, 10:45 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated June 1, 2015, 10:45 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 4ce8acb7040f2ed8ec3834dd7702a20f5316c20f src/linux/routing/filter/filter.hpp aaca57fbe80e3ffa3dd2c2bbed93849013b7a382 src/linux/routing/filter/icmp.cpp 76877fb94a1c1e79133b8975419d2ea7d0300650 src/linux/routing/filter/ip.hpp 9645f9488938c55fec253b36d9fa30eae72a8ca2 src/linux/routing/filter/ip.cpp 0f3b856bd04f6a881e35452a24399715cd8a174f src/slave/containerizer/isolators/network/port_mapping.hpp 6579286b779882bec493a8e0f10486adc316dc6e src/slave/containerizer/isolators/network/port_mapping.cpp 843e52d6f9923d0ee0a0297cd5c464b8b72f5de3 Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review86133 --- Cong, is this the patch the requires code from 3.2.26 for the first time? If so, should we add a compile-time flag to config.ac? That way Paul can safely back off the code for the stat string conversion from the other patch you commented on. - Chi Zhang On June 1, 2015, 10:45 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated June 1, 2015, 10:45 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 4ce8acb7040f2ed8ec3834dd7702a20f5316c20f src/linux/routing/filter/filter.hpp aaca57fbe80e3ffa3dd2c2bbed93849013b7a382 src/linux/routing/filter/icmp.cpp 76877fb94a1c1e79133b8975419d2ea7d0300650 src/linux/routing/filter/ip.hpp 9645f9488938c55fec253b36d9fa30eae72a8ca2 src/linux/routing/filter/ip.cpp 0f3b856bd04f6a881e35452a24399715cd8a174f src/slave/containerizer/isolators/network/port_mapping.hpp 6579286b779882bec493a8e0f10486adc316dc6e src/slave/containerizer/isolators/network/port_mapping.cpp 843e52d6f9923d0ee0a0297cd5c464b8b72f5de3 Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 22, 2015, 10:09 p.m., Jie Yu wrote: Two high level comments: 1) We need a slave flag to control if turning on this feature or not 2) Do you think we should at least add some unit test for this? For example, verify that the filters are properly set up? Jie Yu wrote: Ping. Did you see these two comments? Seems that the new diff hasn't resolved these two issues. Cong Wang wrote: Yes. 1) I think we all agree on not adding a new flag in case of inconsistent behavior; 2) We already have a test case, FqCodelClassifier. Jie Yu wrote: For 1), I think we need a flag so that we can slowly roll out this feature. Otherwise, if there's a bug, all slave needs to be rebooted. For 2), I mean we need to add an integration test in port_mapping_tests.cpp to exercise the code path in the isolator. The test you mentioned is a unit test for the routing library stuff. Cong Wang wrote: 1) That depends on what is our fallback solution in case of bugs, potentially every line of new code needs a flag if not reverting to an old binary. :) So generally speaking, what is our solution when we hit some bug during deloyment? If it is reverting to the old version, then adding a flag just for deloyment is useless. Or if it is turning off some flag, then as I said every new code would potentially need a flag and some new code can't have a flag, that means this way doesn't scale. 2) In src/tests/port_mapping_tests.cpp, it calls PortMappingIsolatorProcess::create() which should cover these new code too, no? For 1), if the fallback solution is to just to restart the slave, then we usually don't require a new flag. However, in this case, we will leave filters on host eth0, and a simple restart of the slave won't clean up those filters. For 2), Yes, we exercise the code of creating those filters, but do we have ASSERT or EXPECT to check if those filters are properly setup? AFAICT, even if the filters are not properly setup, the existing tests will still finish, no? - Jie --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review84998 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 22, 2015, 10:09 p.m., Jie Yu wrote: Two high level comments: 1) We need a slave flag to control if turning on this feature or not 2) Do you think we should at least add some unit test for this? For example, verify that the filters are properly set up? Jie Yu wrote: Ping. Did you see these two comments? Seems that the new diff hasn't resolved these two issues. Yes. 1) I think we all agree on not adding a new flag in case of inconsistent behavior; 2) We already have a test case, FqCodelClassifier. - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review84998 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 22, 2015, 10:09 p.m., Jie Yu wrote: Two high level comments: 1) We need a slave flag to control if turning on this feature or not 2) Do you think we should at least add some unit test for this? For example, verify that the filters are properly set up? Jie Yu wrote: Ping. Did you see these two comments? Seems that the new diff hasn't resolved these two issues. Cong Wang wrote: Yes. 1) I think we all agree on not adding a new flag in case of inconsistent behavior; 2) We already have a test case, FqCodelClassifier. For 1), I think we need a flag so that we can slowly roll out this feature. Otherwise, if there's a bug, all slave needs to be rebooted. For 2), I mean we need to add an integration test in port_mapping_tests.cpp to exercise the code path in the isolator. The test you mentioned is a unit test for the routing library stuff. - Jie --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review84998 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 22, 2015, 10:09 p.m., Jie Yu wrote: Two high level comments: 1) We need a slave flag to control if turning on this feature or not 2) Do you think we should at least add some unit test for this? For example, verify that the filters are properly set up? Ping. Did you see these two comments? Seems that the new diff hasn't resolved these two issues. - Jie --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review84998 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 22, 2015, 10:09 p.m., Jie Yu wrote: Two high level comments: 1) We need a slave flag to control if turning on this feature or not 2) Do you think we should at least add some unit test for this? For example, verify that the filters are properly set up? Jie Yu wrote: Ping. Did you see these two comments? Seems that the new diff hasn't resolved these two issues. Cong Wang wrote: Yes. 1) I think we all agree on not adding a new flag in case of inconsistent behavior; 2) We already have a test case, FqCodelClassifier. Jie Yu wrote: For 1), I think we need a flag so that we can slowly roll out this feature. Otherwise, if there's a bug, all slave needs to be rebooted. For 2), I mean we need to add an integration test in port_mapping_tests.cpp to exercise the code path in the isolator. The test you mentioned is a unit test for the routing library stuff. Cong Wang wrote: 1) That depends on what is our fallback solution in case of bugs, potentially every line of new code needs a flag if not reverting to an old binary. :) So generally speaking, what is our solution when we hit some bug during deloyment? If it is reverting to the old version, then adding a flag just for deloyment is useless. Or if it is turning off some flag, then as I said every new code would potentially need a flag and some new code can't have a flag, that means this way doesn't scale. 2) In src/tests/port_mapping_tests.cpp, it calls PortMappingIsolatorProcess::create() which should cover these new code too, no? Jie Yu wrote: For 1), if the fallback solution is to just to restart the slave, then we usually don't require a new flag. However, in this case, we will leave filters on host eth0, and a simple restart of the slave won't clean up those filters. For 2), Yes, we exercise the code of creating those filters, but do we have ASSERT or EXPECT to check if those filters are properly setup? AFAICT, even if the filters are not properly setup, the existing tests will still finish, no? 1) We only leave the default filters, which is used to catch all non-matched packets (essentially a kenrel issue as mentioned in comments), so nothing harms here. 2) Test cases like ContainerICMPExternal check the return value of ::create() and ::isolate(), so if any of these filters fails to setup, then they should fail, right? I mean: // Isolate the forked child. AWAIT_READY(isolator.get()-isolate(containerId, pid.get())); Even if not, we should fix these test cases rather adding a new one? Since they are supposed to catch all tc setup failures? - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review84998 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Changes --- Address review comments Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs (updated) - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review85268 --- src/slave/containerizer/isolators/network/port_mapping.cpp https://reviews.apache.org/r/31505/#comment136803 this could also happen if we are recovering a container not using this feature right? - Chi Zhang On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 26, 2015, 9:54 p.m., Chi Zhang wrote: src/slave/containerizer/isolators/network/port_mapping.cpp, lines 1843-1850 https://reviews.apache.org/r/31505/diff/8/?file=972152#file972152line1843 this could also happen if we are recovering a container not using this feature right? Probably. It hard to mention all the cases in comments. - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review85268 --- On May 26, 2015, 8:41 p.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 26, 2015, 8:41 p.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/linux/routing/filter/basic.cpp 755be7de5c43c2f3b336af6cb47af9c97a21218c src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/icmp.cpp 60703e727ecab9557911ab0562773771db51db90 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp 49e983edab598e2ac487bb488fdd12840a9e7dfc Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31505/#review84998
---
Two high level comments:
1) We need a slave flag to control if turning on this feature or not
2) Do you think we should at least add some unit test for this? For example,
verify that the filters are properly set up?
src/linux/routing/filter/filter.hpp
https://reviews.apache.org/r/31505/#comment136460
These two can be merged since `classid` is already Optional. So please
remove the first constructor and change the callsites accordingly.
src/linux/routing/filter/filter.hpp
https://reviews.apache.org/r/31505/#comment136461
These two can be merged too. Remove the latter and updates the callsites.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136470
Please add a NOTE: prefix here for the comments.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136465
We should call it flowIds:
```
flowIds[sourcePorts.get()] = classid.get().secondary();
```
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136468
s/classid/flowId/
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136466
'classid' here could be None, right? It'll cause classid.get() to crash. So
please move it to the end of this function:
```
if (flowId.isSome()) {
info-flowId = flowId.get();
freeFlowIds.erase(flowId.get());
}
```
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136469
Kill this blank line.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136476
Rest of the host packets...
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136480
Could you please move this right above `setstring targets` and add a LOG
as well?
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136482
s/Host/host/
We use camelCase for varibles. Please fix it here and everywhere else.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment136481
Please add a blank line above.
- Jie Yu
On May 17, 2015, 12:27 a.m., Cong Wang wrote:
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31505/
---
(Updated May 17, 2015, 12:27 a.m.)
Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu.
Bugs: MESOS-2422
https://issues.apache.org/jira/browse/MESOS-2422
Repository: mesos
Description
---
Currently we do nothing on the host egress side. By default, kernel uses its
own hash function to classify the packets to different TX queues (if the
hardware interface supports multiqueue). So packets coming out of different
containers could end up queueing in the same TX queue, in this case we saw
buffer bloat on some TX queue caused packet drops.
We need to isolation the egress traffic so that containers will not have
interference with each other. The number of hardware TX queues is limited by
hardware interface, usually not enough to map our container in 1:1 way,
therefore we need some software solution. We choose fq_codel and use tc
filters to classify packets coming out of different containers to different
fq_codel flows, and the codel algorithm on each flow could also help us to
reduce the buffer bloat. Note when the packets leave fq_codel, they still
share the physical TX queue(s), this is however (almost) beyond what we can
control, we have to rely on the kernel behavior.
TODO: get some performance numbers
Diffs
-
src/linux/routing/filter/filter.hpp
024582cf8274da2e5b4ebd00fcf83d6930e2
src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76
src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa
src/slave/containerizer/isolators/network/port_mapping.hpp
c72fb47f60f40cda8d84a10497b9133f83cf018e
src/slave/containerizer/isolators/network/port_mapping.cpp
a4abaff30bb4646b1b1edfdbbc243c9e3f6851df
Diff: https://reviews.apache.org/r/31505/diff/
Testing
---
Manually start two mesos containers with netperf running side.
Thanks,
Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 17, 2015, 12:27 a.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Changes --- Set terminal flag for u32 filters. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs (updated) - src/linux/routing/filter/filter.hpp 024582cf8274da2e5b4ebd00fcf83d6930e2 src/linux/routing/filter/ip.hpp 62bb5f89d35fc9622fca303aa01a789fcfbf2f76 src/linux/routing/filter/ip.cpp 0d25e2d4f0ac4c3f151ad40e796dbdbc54dba9fa src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp a4abaff30bb4646b1b1edfdbbc243c9e3f6851df Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/31505/#review83690
---
src/slave/containerizer/isolators/network/port_mapping.hpp
https://reviews.apache.org/r/31505/#comment134860
Please add some comments about what this is. Consider using hashset instead
of std::set.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134858
Could you please add some comments about what this is? For example, what is
container min flowid? What is host flowid? Why ICMP and ARP are sharing the
same flowid?
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134733
What does that mean? What do you want to revise? You probably want to
restructure the TODO like the following:
```
TODO(cwang): Maybe we can continue See details in MESOS-2370.
```
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134859
The comments here is a little confusing. The flowIDs here is actually
freeFlowIds, right? How about just calling it freeFlowIds?
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134863
We define variables when we want to use them. So you don't have to declare
this variable here.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134866
Can you move this code block after getting the vethClassifiers?
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134862
No need to use `filter::` prefix for `filter::Filter` as it's already
included.
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134864
s/flowClassifiers/eth0EgressFilters/
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134865
s/classifiers/vethIngressClassifiers/
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134875
You probably also want to do some sanity check here to make sure all port
ranges from a container points to the same flow on eth0 egress. Also, PortRange
supports hashing, so you can probably pre-create a hashmapPortRange, classid
mapping and lookup the hashmap later:
```
// Construct a port range to classid mapping from host eth0 egress.
// TODO: Consider moving the following to a common place so that we
// don't duplicate this logic for each container.
ResultvectorFilterip::Classifier eth0EgressFilters =
ip::filters(eth0, fq_codel::HANDLE);
...
hashmapPortRange, uint16_t classids;
foreach (const Filterip::Classifier filter, eth0EgressFilters.get()) {
const OptionPortRange sourcePorts = filter.classifier().sourcePorts();
const Optionuint16_t classid = filter.classifier().classid();
if (sourcePorts.isNone()) {
return Error(Missing source ports for filters on egress of + eth0);
}
if (classid.isNone()) {
return Error(Missing classid for filters on egress of + eth0);
}
if (classids.contains(range) {
return Error(
Duplicated port range + stringify(range) +
detected on egress of + eth0);
}
classids[range.get()] = classid.get();
}
...
IntervalSetuint16_t nonEphemeralPorts;
IntervalSetuint16_t ephemeralPorts;
Optionuint16_t classid;
foreach (...) {
...
if (classids.contains(sourcePorts.get()) {
if (classid.isNone()) {
classid = classids.get(sourcePorts.get());
} else if (classid != classids.get(sourcePorts.get())) {
return Error(A container is associated with multiple flows on eth0
egress);
}
} else if (classid.isSome()) {
// This is the case where some port range of a container is assigned
// to a flow while some isn't. This could happen if slave crashes
// while those filters are created. However, this is OK for us because
// ...
LOG(WARNING) ...;
}
...
}
```
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134885
info-flowId = getNextFlowId();
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134886
s/flowId/info-flowId/
src/slave/containerizer/isolators/network/port_mapping.cpp
https://reviews.apache.org/r/31505/#comment134889
Please passing in flowId and make 'addHostIPFilters' accept an
Optionuint16_t flowId.
src/slave/containerizer/isolators/network/port_mapping.cpp
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 14, 2015, 7:44 p.m., Jie Yu wrote: src/slave/containerizer/isolators/network/port_mapping.hpp, line 329 https://reviews.apache.org/r/31505/diff/5/?file=955871#file955871line329 Please add some comments about what this is. Consider using hashset instead of std::set. We don't need a hash here, we only need to get an unused ID from this set. - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review83690 --- On May 12, 2015, 12:14 a.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 12, 2015, 12:14 a.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp a4abaff30bb4646b1b1edfdbbc243c9e3f6851df Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
On May 14, 2015, 7:44 p.m., Jie Yu wrote: src/slave/containerizer/isolators/network/port_mapping.cpp, line 1767 https://reviews.apache.org/r/31505/diff/5/?file=955872#file955872line1767 No need to use `filter::` prefix for `filter::Filter` as it's already included. Without it I get: ../../src/slave/containerizer/isolators/network/port_mapping.cpp: In member function 'Trymesos::internal::slave::PortMappingIsolatorProcess::Info* mesos::internal::slave::PortMappingIsolatorProcess::_recover(pid_t)': ../../src/slave/containerizer/isolators/network/port_mapping.cpp:1766:38: error: template argument 1 is invalid ResultvectorFilterip::Classifier eth0EgressFilters = - Cong --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/#review83690 --- On May 12, 2015, 12:14 a.m., Cong Wang wrote: --- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 12, 2015, 12:14 a.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs - src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp a4abaff30bb4646b1b1edfdbbc243c9e3f6851df Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
Re: Review Request 31505: Add flow classifiers for fq_codel on egress
--- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/31505/ --- (Updated May 12, 2015, 12:14 a.m.) Review request for mesos, Chi Zhang, Ian Downes, and Jie Yu. Changes --- Move to new API's Bugs: MESOS-2422 https://issues.apache.org/jira/browse/MESOS-2422 Repository: mesos Description --- Currently we do nothing on the host egress side. By default, kernel uses its own hash function to classify the packets to different TX queues (if the hardware interface supports multiqueue). So packets coming out of different containers could end up queueing in the same TX queue, in this case we saw buffer bloat on some TX queue caused packet drops. We need to isolation the egress traffic so that containers will not have interference with each other. The number of hardware TX queues is limited by hardware interface, usually not enough to map our container in 1:1 way, therefore we need some software solution. We choose fq_codel and use tc filters to classify packets coming out of different containers to different fq_codel flows, and the codel algorithm on each flow could also help us to reduce the buffer bloat. Note when the packets leave fq_codel, they still share the physical TX queue(s), this is however (almost) beyond what we can control, we have to rely on the kernel behavior. TODO: get some performance numbers Diffs (updated) - src/slave/containerizer/isolators/network/port_mapping.hpp c72fb47f60f40cda8d84a10497b9133f83cf018e src/slave/containerizer/isolators/network/port_mapping.cpp a4abaff30bb4646b1b1edfdbbc243c9e3f6851df Diff: https://reviews.apache.org/r/31505/diff/ Testing --- Manually start two mesos containers with netperf running side. Thanks, Cong Wang
