container performance analysis
play

Container Performance Analysis Brendan Gregg bgregg@neIlix.com - PowerPoint PPT Presentation

Oct 27, 2022 •368 likes •1.07k views

Container Performance Analysis Brendan Gregg bgregg@neIlix.com October 29November 3, 2017 | San Francisco, CA www.usenix.org/lisa17 #lisa17 Take Aways IdenNfy boPlenecks: 1. In the host vs container, using system metrics 2. In

  1. Container Performance Analysis Brendan Gregg bgregg@neIlix.com October 29–November 3, 2017 | San Francisco, CA www.usenix.org/lisa17 #lisa17

  2. Take Aways IdenNfy boPlenecks: 1. In the host vs container, using system metrics 2. In applicaNon code on containers, using CPU flame graphs 3. Deeper in the kernel, using tracing tools Focus of this talk is how containers work in Linux (will demo on Linux 4.9)

  4. Containers at NeIlix: summary slides from the Titus team. 1. TITUS

  5. Titus • Cloud runNme plaIorm for container jobs • Scheduling – Service & batch job management Service Batch – Advanced resource management across Job Management elasNc shared resource pool • Container ExecuNon Resource Management & OpNmizaNon – Docker and AWS EC2 IntegraNon • Adds VPC, security groups, EC2 Container ExecuNon metadata, IAM roles, S3 logs, … IntegraNon – IntegraNon with NeIlix infrastructure • In depth: hPp://techblog.neIlix.com/2017/04/the-evoluNon-of-container-usage-at.html

  6. Current Titus Scale • Used for ad hoc reporNng, media encoding, stream processing, … • Over 2,500 instances (Mostly m4.16xls & r3.8xls) across three regions • Over a week period launched over 1,000,000 containers

  7. Container Performance @NeIlix • Ability to scale and balance workloads with EC2 and Titus • Performance needs: – ApplicaNon analysis : using CPU flame graphs with containers – Host tuning : file system, networking, sysctl's, … – Container analysis and tuning : cgroups, GPUs, … – Capacity planning : reduce over provisioning

  8. And Strategy 2. CONTAINER BACKGROUND

  9. Namespaces: RestricNng Visibility Current Namespaces: PID namespaces • cgroup Host • ipc PID 1 • mnt PID namespace 1 1237 • net 1 (1238) • pid 2 (1241) … • user • uts Kernel

  10. Control Groups: RestricNng Usage Current cgroups: CPU cgroups • blkio • cpu,cpuacct container container container • cpuset 1 2 3 • devices • hugetlb cpu • memory … 2 … 3 cgroup 1 • net_cls,net_prio • pids … CPUs • …

  11. Linux Containers Container = combinaNon of namespaces & cgroups Host Container 1 Container 2 Container 3 (namespaces) (namespaces) (namespaces) … cgroups cgroups cgroups Kernel

  12. cgroup v1 cpu,cpuacct: Docker: cap CPU usage (hard limit). e.g. 1.5 CPUs. • --cpus (1.13) --cpu-shares CPU shares . e.g. 100 shares. • usage staNsNcs (cpuacct) • memory: limit and kmem limit (maximum bytes) • --memory --kernel-memory --oom-kill-disable OOM control : enable/disable • usage staNsNcs • blkio (block I/O): weights (like shares) • IOPS/tput caps per storage device • staNsNcs •

  13. CPU Shares container's shares Container's CPU limit = 100% x total busy shares This lets a container use other tenant's idle CPU (aka "bursNng"), when available. container's shares Container's minimum CPU limit = 100% x total allocated shares Can make analysis tricky. Why did perf regress? Less bursNng available?

  14. cgroup v2 • Major rewrite has been happening: cgroups v2 – Supports nested groups, bePer organizaNon and consistency – Some already merged, some not yet (e.g. CPU) • See docs/talks by maintainer Tejun Heo (Facebook) • References: – hPps://www.kernel.org/doc/DocumentaNon/cgroup-v2.txt – hPps://lwn.net/ArNcles/679786/

  15. Container OS ConfiguraNon File systems Containers may be setup with aufs/overlay on top of another FS • See "in pracNce" pages and their performance secNons from • hPps://docs.docker.com/engine/userguide/storagedriver/ Networking With Docker, can be bridge, host, or overlay networks • Overlay networks have come with significant performance cost •

  16. Analysis Strategy Performance analysis with containers: • One kernel • Two perspecNves • Namespaces • cgroups Methodologies: • USE Method • Workload characterizaNon • Checklists • Event tracing

  17. USE Method For every resource, check: 1. UNlizaNon 2. SaturaNon Resource Utilization 3. Errors X (%) For example, CPUs: UNlizaNon: Nme busy • SaturaNon: run queue length or latency • Errors: ECC errors, etc. • Can be applied to hardware resources and sotware resources (cgroups)

  18. And Container Awareness 3. HOST TOOLS

  19. Host Analysis Challenges • PIDs in host don't match those seen in containers • Symbol files aren't where tools expect them • The kernel currently doesn't have a container ID

  20. 3.1. Host Physical Resources A refresher of basics... Not container specific. This will, however, solve many issues! Containers are oten not the problem. I will demo CLI tools. GUIs source the same metrics.

  21. Linux Perf Tools Where can we begin?

  22. Host Perf Analysis in 60s 1. uptime load averages 2. dmesg | tail kernel errors 3. vmstat 1 overall stats by Nme 4. mpstat -P ALL 1 CPU balance 5. pidstat 1 process usage 6. iostat -xz 1 disk I/O 7. free -m memory usage 8. sar -n DEV 1 network I/O 9. sar -n TCP,ETCP 1 TCP stats 10. top check overview hPp://techblog.neIlix.com/2015/11/linux-performance-analysis-in-60s.html

  23. USE Method: Host Resources Resource Utilization Saturation Errors mpstat -P ALL 1 , CPU vmstat 1 , "r" perf sum non-idle fields Memory free –m , vmstat 1 , "si"+"so" ; dmesg Capacity "used"/"total" demsg | grep killed Storage I/O iostat –xz 1 , iostat –xnz 1 , /sys/ … /ioerr_cnt; "%util" "avgqu-sz" > 1 smartctl Network nicstat , "%Util" ifconfig , "overrunns" ; ifconfig , netstat –s "retrans…" "errors" These should be in your monitoring GUI. Can do other resources too (busses, ...)

  24. Event Tracing: e.g. iosnoop Disk I/O events with latency (from perf-tools; also in bcc/BPF as biosnoop) # ./iosnoop Tracing block I/O... Ctrl-C to end. COMM PID TYPE DEV BLOCK BYTES LATms supervise 1809 W 202,1 17039968 4096 1.32 supervise 1809 W 202,1 17039976 4096 1.30 tar 14794 RM 202,1 8457608 4096 7.53 tar 14794 RM 202,1 8470336 4096 14.90 tar 14794 RM 202,1 8470368 4096 0.27 tar 14794 RM 202,1 8470784 4096 7.74 tar 14794 RM 202,1 8470360 4096 0.25 tar 14794 RM 202,1 8469968 4096 0.24 tar 14794 RM 202,1 8470240 4096 0.24 tar 14794 RM 202,1 8470392 4096 0.23

  25. Event Tracing: e.g. zfsslower # /usr/share/bcc/tools/zfsslower 1 Tracing ZFS operations slower than 1 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 23:44:40 java 31386 O 0 0 8.02 solrFeatures.txt 23:44:53 java 31386 W 8190 1812222 36.24 solrFeatures.txt 23:44:59 java 31386 W 8192 1826302 20.28 solrFeatures.txt 23:44:59 java 31386 W 8191 1826846 28.15 solrFeatures.txt 23:45:00 java 31386 W 8192 1831015 32.17 solrFeatures.txt 23:45:15 java 31386 O 0 0 27.44 solrFeatures.txt 23:45:56 dockerd 3599 S 0 0 1.03 .tmp-a66ce9aad… 23:46:16 java 31386 W 31 0 36.28 solrFeatures.txt • This is from our producNon Titus system (Docker). • File system latency is a bePer pain indicator than disk latency. • zfsslower (and btrfs*, etc) are in bcc/BPF. Can exonerate FS/disks.

  26. Latency Histogram: e.g. btrfsdist # ./btrfsdist From a test Tracing btrfs operation latency... Hit Ctrl-C to end. Titus system ^C operation = 'read' usecs : count distribution 0 -> 1 : 192529 |****************************************| 2 -> 3 : 72337 |*************** | probably 4 -> 7 : 5620 |* | 8 -> 15 : 1026 | | cache reads 16 -> 31 : 369 | | 32 -> 63 : 239 | | 64 -> 127 : 53 | | 128 -> 255 : 975 | | 256 -> 511 : 524 | | probably cache misses 512 -> 1023 : 128 | | (flash reads) 1024 -> 2047 : 16 | | 2048 -> 4095 : 7 | | […] Histograms show modes, outliers. Also in bcc/BPF (with other FSes). • Latency heat maps: hPp://queue.acm.org/detail.cfm?id=1809426 •

  27. 3.2. Host Containers & cgroups InspecNng containers from the host

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Brendan Gregg Sr. Performance Architect, Netflix Take Aways Identify bottlenecks: 1. In the

Brendan Gregg Sr. Performance Architect, Netflix Take Aways Identify bottlenecks: 1. In the

Container Performance Analysis Brendan Gregg Sr. Performance Architect, Netflix Take Aways Identify bottlenecks: 1. In the host vs container, using system metrics 2. In application code on containers, using CPU flame graphs 3. Deeper in the

898 views • 75 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Introduction Container Library Container Tools FUSE Container File System Evaluation Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene Michael Kuhn Parallele und Verteilte Systeme Institut f ur

353 views • 22 slides
Verification Verification, Performance Performance Analysis Performance Performance Analysis

Verification Verification, Performance Performance Analysis Performance Performance Analysis

Verification Verification, Performance Performance Analysis Performance Performance Analysis Analysis and Analysis and Synthesis Synthesis of Embedd f E E b dd d S b dded Sys ystems t ems Kim G. Larsen Kim G. Larsen Aalborg

1.44k views • 116 slides
Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Plastic Bags Ban and Container Deposits The story so far, and why doesn t everyone do this? Container Deposit Legislation Remember 1975? Source: Adelaide Now Adelaide Oval Cricket test 1973 Football Grand Final 1973Adelaide Cans

658 views • 18 slides
Chemical composition analysis for X-ray transport container scans. A. Zelenaya 1 , M. Zelenyi 1 ,

Chemical composition analysis for X-ray transport container scans. A. Zelenaya 1 , M. Zelenyi 1 ,

Chemical composition analysis for X-ray transport container scans. A. Zelenaya 1 , M. Zelenyi 1 , 2 , A.A.Turinge 1 , V.G. Nedorezov 1 1 Institute for Nuclear Research RAS 2 Moscow Institute of Physics and Technology (SU) October 10, 2018

299 views • 17 slides
A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the speakers and team Follow along - @sargun @tomaszbak_ca @fabiokung @aspyker @amit_joshee @anwleung 2 Netflixs container management platform

808 views • 44 slides
Introduction to Performance Analysis Visualization and Analysis of Performance on Large-scale

Introduction to Performance Analysis Visualization and Analysis of Performance on Large-scale

Introduction to Performance Analysis Visualization and Analysis of Performance on Large-scale Software VAPLS 2013 Todd Gamblin Katherine Isaacs UC Davis, LLNL LLNL Why does my code run slowly? Bad algorithm 1. Poor computational

2.17k views • 12 slides
High Performance Systems EuroMPI 2015 Objectives Yet another performance analysis tool

High Performance Systems EuroMPI 2015 Objectives Yet another performance analysis tool

Tutorial 1: Performance analysis for High Performance Systems EuroMPI 2015 Objectives Yet another performance analysis tool Developping performance analysis features for your application/library 2 EuroMPI 2015 Performance analysis for

632 views • 30 slides
eBPF Based Container Networking A Network Performance Comparison Nick de Bruijn July 4, 2017

eBPF Based Container Networking A Network Performance Comparison Nick de Bruijn July 4, 2017

eBPF Based Container Networking A Network Performance Comparison Nick de Bruijn July 4, 2017 University of Amsterdam Introduction Figure 1: Microservices and Containers 1 1

309 views • 30 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley

Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley

Mini-Bulk/IBC Pesticide Container Collection Program EPA Sponsored California San Joaquin Valley Jim Bise Director of Sales Myers Container/CMS jbise@myerscontainer.com 1 Myers Container Myers Container Myers Container, LLC has been

635 views • 8 slides
Invitation: the performer-interpreter employs tools of the body, emotion, and audience,

Invitation: the performer-interpreter employs tools of the body, emotion, and audience,

7/3/20 Introduction sarahagnew.com.au Embodied Performance. Mutuality, Embrace, and the Letter to Rome Embodied Performance Analysis: method for interpretation embodied performance: lived enactment 1 2 Embodied Performance Analysis

336 views • 5 slides
Performance Measurement Performance Analysis Paper and pencil. Dont need a working computer

Performance Measurement Performance Analysis Paper and pencil. Dont need a working computer

Performance Measurement Performance Analysis Paper and pencil. Dont need a working computer program or even a computer. Some Uses Of Performance Analysis Limitations of Analysis Doesnt account for constant factors. determine

406 views • 5 slides
Performance Analysis of Performance Analysis of Voice Communication in a Voice Communication in

Performance Analysis of Performance Analysis of Voice Communication in a Voice Communication in

Project Presentation for ENSC 835 Performance Analysis of Performance Analysis of Voice Communication in a Voice Communication in a Private 802.11 Network Private 802.11 Network Presented by: Edwin Chan November 18, 2003 (ecchan@sfu.ca)

387 views • 23 slides
System Performance Analysis Methodologies Brendan Gregg Senior Performance Architect Apollo

System Performance Analysis Methodologies Brendan Gregg Senior Performance Architect Apollo

EuroBSDcon 2017 System Performance Analysis Methodologies Brendan Gregg Senior Performance Architect Apollo Lunar Module Guidance Computer performance analysis CORE SET AREA VAC SETS ERASABLE MEMORY FIXED MEMORY Background History

798 views • 65 slides
Nmap: Scanning the Internet by Fyodor Black Hat Briefings USA August 6, 2008; 10AM Defcon 16

Nmap: Scanning the Internet by Fyodor Black Hat Briefings USA August 6, 2008; 10AM Defcon 16

Insecure.Org Insecure.Org Nmap: Scanning the Internet by Fyodor Black Hat Briefings USA August 6, 2008; 10AM Defcon 16 August 8, 2008; 4PM Insecure.Org Insecure.Org Scan Goals Collect empirical data and use it to enhance Nmap

558 views • 45 slides
Networking for Containerized Clouds Daehyeok Kim Tianlong Yu 1 , Hongqiang Liu 3 , Yibo Zhu 4 ,

Networking for Containerized Clouds Daehyeok Kim Tianlong Yu 1 , Hongqiang Liu 3 , Yibo Zhu 4 ,

FreeFlow: Software-based Virtual RDMA Networking for Containerized Clouds Daehyeok Kim Tianlong Yu 1 , Hongqiang Liu 3 , Yibo Zhu 4 , Jitu Padhye 2 , Shachar Raindel 2 Chuanxiong Guo 4 , Vyas Sekar 1 , Srinivasan Seshan 1 Carnegie Mellon

835 views • 25 slides
Trickle ICE Incremental Provisioning of Candidates for the Interactive Connectivity Establishment

Trickle ICE Incremental Provisioning of Candidates for the Interactive Connectivity Establishment

Trickle ICE Incremental Provisioning of Candidates for the Interactive Connectivity Establishment (ICE) Protocol draft-ivov-mmusic-trickle-ice Eric Rescorla Justin Uberti Emil Ivov draft-ivov-mmusic-trickle-ice 1/16 E. Rescorla, J. Uberti,

460 views • 16 slides
RV-IOV: Tethering RISC-V Processors via Scalable I/O Virtualization Luis Vega and Michael B.

RV-IOV: Tethering RISC-V Processors via Scalable I/O Virtualization Luis Vega and Michael B.

RV-IOV: Tethering RISC-V Processors via Scalable I/O Virtualization Luis Vega and Michael B. Taylor Bespoke Silicon Group University of Washington 1 Berkeleys Tethered Rocket core The host system provide support for: Rocket Core

1.24k views • 16 slides
DKOM 3.0 Hiding and Hooking with Windows Extension Hosts Alex Ionescu @aionescu Infiltrate

DKOM 3.0 Hiding and Hooking with Windows Extension Hosts Alex Ionescu @aionescu Infiltrate

DKOM 3.0 Hiding and Hooking with Windows Extension Hosts Alex Ionescu @aionescu Infiltrate Gabrielle Viala @pwissenlit 2019 Yarden Shafir @yarden_shafir About Yarden Shafir Software Engineer at CrowdStrike Circusing most of

776 views • 42 slides
Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking

Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking

Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking Benjamin E. Ujcich 1 , Samuel Jero 2 , Richard Skowyra 2 , Steven R. Gomez 2 , Adam Bates 1 , William H. Sanders 1 , and Hamed Okhravi 2 1 University

605 views • 46 slides
CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu

CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu

CS6 Practical System Skills Fall 2019 edition Leonhard Spiegelberg lspiegel@cs.brown.edu Recap Last lecture: - bash scripting - exit codes / status codes / return codes 0 success, else failure - && and II - [ and test -

1.24k views • 58 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub: tima Twitter: appnelgroup THE ANSIBLE WAY 2 COMPLEXITY KILLS PRODUCTIVITY That's not just a marketing slogan. We really mean it and believe that.

922 views • 38 slides

More recommend