SOFT CONTAINER TOWARDS 100% RESOURCE UTILIZATION ACCELA ZHAO, LAYNE - - PowerPoint PPT Presentation

SOFT CONTAINER

TOWARDS 100% RESOURCE UTILIZATION

WHO ARE THOSE GUYS …

• wner and a book author.

Mail: accela.zhao@emc.com Mail: layne.peng@emc.com Twitter: @layne_peng

WHAT IS RESOURCE UTILIZATION?

This is what we buy This is what we use A gap of $$$ wasted

ENERGY AND RESOURCE UTILIZATION

Energy-related costs 42% of total (including buy new machines) An idle server consumes even 70% as much energy as running in full- speed

Low resource utilization is energy inefficient Waste energy, waste money

Real world resource utilization is usually low: around 20% or less

A CLOSER LOOK TO CLOUD

The key advantage - cloud consolidation Less machines, more apps. Energy- efficient and saves money. Improved resource utilization

• Scheduling - choose the best resource placement

when app starts

– Examples: Green Cloud, Paragon. And the schedulers in Openstack, Kubernetes, Mesos, …

• Migration - continuously optimize the resource

placement when app is running

– Examples: Openstack Watcher, VMware DRS

• Soft Container - elastic, and dynamically adjust

resource constraints in response to co-located apps

– Related: Google Heracles

RESOURCE UTILIZATION ON CLOUD

Soft Container

RESOURCE UTILIZATION ON CLOUD

Scheduler Migration

Soft Container

RESOURCE UTILIZATION ON CLOUD

A battle of putting more apps in each host vs. guaranteed app SLA The key problem: resource interference

• What is resource interference?

– Apps co-located in one host share resources like CPU, cache, memory, … – They interfere with each other, result in poor performance compared to running standalone – Resource interference make SLA unenforceable

• Related readings

– Google Heracles: an analysis of resource interference – Paragon: resource interference-aware scheduling – Bubble-up: to measure resource interference

THE KEY PROBLEM: RESOURCE INTERFERENCE

RESOURCE INTERFERENCE: HOW IT LOOKS?

MySQL standalone running vs co-located with a CPU & disk hungry task

• Bubble-up

– The setup

• Run app co-located with resource benchmarks, each benchmark

– App tolerated resource interference

• Slowly increase resource benchmark stress until app fails its SLA.
• The critical point shows how much resource interference the app can

– App caused resource interference

• Run app at what its SLA requires.
• The stress it causes on each type of resource is the app’s caused

• Where to use it?

– Better resource utilization management – Scheduling, Migration, Soft Container, …

RESOURCE INTERFERENCE: HOW TO MEASURE?

RESOURCE INTERFERENCE: HOW TO MEASURE?

MySQL standalone running, vs co-located with CPU stress, vs disk stress. In my case, MySQL is much more sensitive to CPU interference.

• Motivations

– Increase resource utilization by co-locating more apps

• E.g. Business services is critical but may not use all resources on the
• host. Add the low priority hadoop batching tasks to fill what is left.

– Respond to the dynamic nature of time-varying workload

• E.g. Business service may become more idle at lunch time, hadoop

– Guarantee the SLA of critical apps

• E.g. When the business service suddenly requires more resource for

• Challenges

– Resource control and isolation of interference – Respond to dynamic workload change

INTRODUCING TO SOFT CONTAINER

• What does “Soft” mean?

– Varying container resources needs based upon neighbors and SLAs. (The container becomes elastic) – “Expanding” (bubble up) resources when idle resources exist – Shrinking resources on a specific container, when another critical app demands more resources

INTRODUCING TO SOFT CONTAINER

Container resource bubble

THE FEEDBACK CONTROL LOOP

Controller Watcher Limiter

Soft Container

RESOURCES TO LIMIT

• CPU

– Core – Time Quota – …

• Memory

– Size – Bandwidth – …

• Disk I/O

– IOPS – Throughput – …

RESOURCES TO LIMIT - MISSING

• CPU

– Core – Time Quota – …

• Cache

– LLC – …

• Memory

– Size – Bandwidth* – …

• GPU

– …

• Device*

– …

• Network

– Ulimit – Bandwidth – …

…

• Disk I/O

– IOPS – Throughput – …

Kernel 3.6, most supports can be found in the community…

ISOLATION THE RESOURCES - NAMESPACE

/proc/<pid>/ns:

• lrwxrwxrwx 1 root root 0 Jun 21 18:38 ipc -> ipc:[4026532509]
• lrwxrwxrwx 1 root root 0 Jun 21 18:38 mnt -> mnt:[4026532507]
• lrwxrwxrwx 1 root root 0 Jun 16 18:24 net -> net:[4026532512]
• lrwxrwxrwx 1 root root 0 Jun 21 18:38 pid -> pid:[4026532510]
• lrwxrwxrwx 1 root root 0 Jun 21 18:38 user -> user:[4026531837]
• lrwxrwxrwx 1 root root 0 Jun 21 18:38 uts -> uts:[4026532508]
• clone(): create a new process and attached to a new namespace
• unshare(): create a new namespace and attaches to a existed process
• setns(): Set a a process to a existing namespace
• security namespace
• security keys namespace
• device namespace
• time namespace

We are still waiting…

LIMIT THE RESOURCE - CGROUP

Task, Control Group & Hierarchy Subsystem – Control options

• blkio
• cpu
• cpuacct
• cpuset
• devices
• freezer
• memory
• net_cls
• net_prio
• ns

Create a cgroup subsystem Change the limitation… Usage

MISSING - NETWORK

Isolation, does not means resource controlling 10

Suppose two containers in a machine, totally 100Gbps b/w

80 100Gbps

MISSING - NETWORK

Isolation, does not means resource controlling 10

Suppose two containers in a machine, totally 100Gbps b/w

80 100Gbps 95 100Gbps

If the GREEN container consumes the majority of b/w, which may have a negative impact on the BLUE one… How we can avoid this case from happening?

MISSING - NETWORK

Community attempts:

Base on Traffic Control (tc)

Nightmare of the PaaS providers…

MISSING - NETWORK

Community attempts:

Base on Traffic Control (tc)

Nightmare of the PaaS providers…

MISSING - GPU

Nvidia’s efforts:

• a. GPU exposed as separated normal devices in /dev

• b. devices cgroup:
• Allow/Deny/List
• Access

• iii. M

MISSING - GPU

Nvidia’s efforts:

• a. GPU exposed as separated normal devices in /dev

• b. devices cgroup:
• Allow/Deny/List
• Access

• iii. M

• 1. Launch multiple jobs in parallel, each one us a subset of avaiable GPUs;
• 2. How about share GPU between Jobs with proper isolation? Can we share

MISSING - CACHE

Intel’s efforts:

• For an OS or VMM to indicate a software-

• To Monitor cache occupancy on a per RMID

• For an OS or VMM to read LLC occupancy for a

• The ability to enumerate the CAT capability and

• Interfaces for the OS/hypervisor to group

• Extension to CAT
• a new CPUID feature flag is added within the

MISSING – MEMORY BANDWIDTH

Monitor

• Mechanisms in hardware to monitor cache
• ccupancy and bandwidth statistics as

• Mechanisms for the OS or hypervisor to read

• ccupancy or Memory Bandwidth for a given

Control

MISSING – MEMORY BANDWIDTH

Monitor

• Mechanisms in hardware to monitor cache
• ccupancy and bandwidth statistics as

• Mechanisms for the OS or hypervisor to read

• ccupancy or Memory Bandwidth for a given

Control

• Latencies

– App request latency – Disk IO await – Network response time

• Queue length

– CPU load average – Disk request queue size – Network queue length

• Utilization

– CPU util rate – Disk util rate – Network util rate

WATCH THE WORKLOAD CHANGE

• Bandwidth

– DRAM bandwidth – CPU bandwidth – Disk bandwidth

• Request count

– App request count – Disk IOPS / req/s – Network IOPS / req/s

• Granularity

– Global level – Per container level

THE FEEDBACK CONTROL LOOP

Controller Watcher Limiter

Soft Container

THE FEEDBACK CONTROL LOOP

Controller Watcher Limiter

Soft Container

Immediate response

THE FEEDBACK CONTROL LOOP

Controller Watcher Limiter

Soft Container

Immediate response How to immediately resize the containers?

HOW WE LOOK AT RESIZE?

9527 /usr/sbin/httpd

Control Groups (cgroup):

• CPU time: 20
• System memory: 1G
• Disk bandwidth: 2000
• Network bandwidth: 100Mbs

Control Groups (cgroup):

• CPU time: 70
• System memory: 5G
• Disk bandwidth: 8000
• Network bandwidth: 1Gbs

IN CONTAINER’S WORLD…

9527 /usr/sbin/httpd

Control Groups (cgroup):

• CPU time: 20
• System memory: 1G
• Disk bandwidth: 2000
• Network bandwidth: 100Mbs

Control Groups (cgroup):

• CPU time: 70
• System memory: 5G
• Disk bandwidth: 8000
• Network bandwidth: 1Gbs

IN CONTAINER’S WORLD…

We need to take a fresh look at the resources management from Container’s perspective.

SOFT CONTAINER: IMPLEMENTATION

Controller

Watcher

Limiter

Container Repo

• Early version
• Support RunC and Docker containers
• A few controller algorithms which are effective
• Able to expand with more plugins

SOFT CONTAINER: CURRENT STATUS

Completely runnable!

Demo Time :-)

BENCHMARK RESULTS: BEFORE

If uncontrolled, MySQL workload is severely interfered by co-located low priority task

BENCHMARK RESULTS: BEFORE

The CPU utilization is far from saturation while workload varies by time (Although in my case, disk IO is highly utilized)

BENCHMARK RESULTS: SOFT CONTAINER

With Soft Container (green line), latency impact is controlled. (We can improve the algorithm to cope better with peak workload)

BENCHMARK RESULTS: SOFT CONTAINER

Soft Container helps improve CPU utilization by co-locating new tasks with MySQL

BENCHMARK RESULTS: SOFT CONTAINER

CPU utilization looks close to saturation, after adding in iowait time

• Soft Container monitors app resource needs and
• verall resource utilization in realtime
• Soft Container issues resource controls in realtime,

to guard app SLA and balance resource utilization

HOW DOES SOFT CONTAINER DID THIS?

BENCHMARK RESULTS: SOFT CONTAINER

How the resource bubble floats under the control of Soft Container. (The vibration threshold are made very sensitive to workload change)

Q&A