Parallelizing Packet Processing in Container Overlay Networks
View/ Open
Date
2021-04-26Author
Lei, Jiaxin
Munikar, Manish
Suo, Kun
Lu, Hui
Rao, Jia
Metadata
Show full item recordAbstract
Container networking, which provides connectivity among
containers on multiple hosts, is crucial to building and scaling container-based microservices. While overlay networks
are widely adopted in production systems, they cause significant performance degradation in both throughput and
latency compared to physical networks. This paper seeks to
understand the bottlenecks of in-kernel networking when
running container overlay networks. Through profiling and
code analysis, we find that a prolonged data path, due to
packet transformation in overlay networks, is the culprit of
performance loss. Furthermore, existing scaling techniques
in the Linux network stack are ineffective for parallelizing
the prolonged data path of a single network flow.
We propose Falcon, a fast and balanced container networking approach to scale the packet processing pipeline
in overlay networks. Falcon pipelines software interrupts
associated with different network devices of a single flow on
multiple cores, thereby preventing execution serialization
of excessive software interrupts from overloading a single
core. Falcon further supports multiple network flows by
effectively multiplexing and balancing software interrupts
of different flows among available cores. We have developed
a prototype of Falcon in Linux. Our evaluation with both
micro-benchmarks and real-world applications demonstrates
the effectiveness of Falcon, with significantly improved performance (by 300% for web serving) and reduced tail latency
(by 53% for data caching).