[b]Linux 2.6 sugli host[/b][/size]
Sei dei 20 server host sono ora in esecuzione sulla versione 2.6 del kernel Linux, con lo scheduler dei dischi CFQ fair-queuing.
Ora che è in funzione su alcuni box da un po' di tempo, ho un'idea abbastanza precisa delle sue prestazioni. Ho notato che la 2.6 è migliore per alcuni carichi di lavoro e un po' peggiore per altri, rispetto alla 2.4 (determinato confrontando l'output di mrtg e vmstats pre/post 2.6). Sono ottimista sul fatto che si possano ottenere ulteriori vantaggi con alcune delle opzioni di ottimizzazione delle macchine virtuali (/proc/sys/vm/*).
Nel complesso, ritengo che la 2.6 sia "una buona cosa" e che alla fine sposteremo il resto degli host alla 2.6.
[b]Il Disk I/O Thrashing non esiste più![/b][/size]
Il motivo principale per cui volevo passare alla versione 2.6 era il miglioramento delle prestazioni di I/O rispetto alla versione 2.4.
Linux è suscettibile a quello che definirei un "attacco Denial Of Service" quando c'è un alto tasso di richieste casuali di lettura/scrittura, che riempiono le code di richiesta. Questo causa problemi di latenza per le altre richieste e porta essenzialmente le cose a rallentare.
Questo è esattamente il tipo di carico di lavoro che si verifica quando un Linode sta continuamente sfruttando i suoi dispositivi di swap (lettura e scrittura rapida) e quando l'host è sotto pressione per scrivere le pagine sporche (cosa che avverrà sempre, dopo un po' di tempo). Purtroppo, la patch CFQ alla versione 2.6 non ha risolto questo problema. (Né lo fanno gli scheduler predefiniti anticipatori o a scadenza).
CFQ aiuta un po' con molti thread che eseguono I/O casuale (come durante i party di cron job), ma non elimina la possibilità che un Linode incastri l'intero host. Continuate a leggere per la soluzione...
[b]patch UML I/O Request Token-Limiter[/b][/size]
Ho implementato un semplice filtro/limitatore Token Bucket attorno al driver UBD async in UML. Il metodo del token-bucket è piuttosto pulito. Ecco come funziona: Ogni secondo, x token vengono aggiunti al bucket. Ogni richiesta di I/O richiede un token, quindi deve aspettare che il bucket abbia qualche token prima di poter eseguire l'I/O.
Questo metodo consente una velocità di erogazione non limitata fino a quando il secchio non è vuoto, e poi inizia a strozzarsi. Perfetto!
Collegamenti:
[url=http://www.theshore.net/~caker/patches/token-limiter-v1.patch]token-limiter-v1.patch[/url]
[url=http://www.theshore.net/~caker/patches/token-limiter-v1.README]token-limiter-v1.README[/url]
[b][color=darkred]Con questa patch, un singolo Linode non può più incastrare l'host![/color][/b]
Questo è un grosso problema, poiché l'unico metodo per correggere questo problema quando si verifica è che io intervenga e fermi il Linode incriminato.
La patch del limitatore è presente nel kernel 2.4.25-linode24-1um (il 2.6 seguirà a breve).
I valori predefiniti sono molto alti e dubito che qualcuno di voi ne risenta in condizioni di utilizzo normale. Posso modificare i valori di riempimento e di dimensione del secchio durante l'esecuzione, quindi sarò in grado di progettare un monitor per ogni host che cambia dinamicamente i profili a seconda del carico dell'host. È una cosa importante! 🙂
[b]Linux 2.6 per i Linodes[/b][/size]
Non ho ancora annunciato ufficialmente il kernel 2.6-um. Ci sono ancora alcuni bug e problemi di prestazioni da risolvere. Non raccomando ancora l'uso del kernel 2.6-um per la produzione, ma alcuni utenti avventurosi lo hanno testato e hanno segnalato alcune stranezze legate al suo funzionamento in ogni distro. Cercherò di compilare una guida per la migrazione alla 2.6 e la rilascerò quando il kernel sarà più stabile.
[b]Cosa c'è di nuovo nel mondo di UML?[/b][/size]
È da molto tempo che sono in attesa di nuove patch per UML. Credo che avremo una nuova release di UML (sia per la 2.4 che per la 2.6) entro le prossime due settimane o giù di lì.
Oltre alle solite correzioni di bug, so che Jeff ha lavorato al supporto AIO per il driver IO all'interno di UML. AIO è una nuova funzionalità implementata nella versione 2.6 (sugli host). Alcuni vantaggi sono:
[list][*] La possibilità di inviare più richieste di I/O con una singola chiamata di sistema.
[*] La possibilità di inviare una richiesta di I/O senza attendere il suo completamento e di sovrapporre la richiesta ad altre elaborazioni.
[*] Ottimizzazione dell'attività del disco da parte del kernel attraverso la combinazione o il riordino delle singole richieste di un I/O in batch.
[*] Miglioramento dell'utilizzo della CPU e del throughput del sistema grazie all'eliminazione dei thread extra e alla riduzione dei context switch.
[/elenco]
Ulteriori informazioni su AIO:
http://lse.sourceforge.net/io/aio.html
http://archive.linuxsymposium.org/ols2003/Proceedings/All-Reprints/Reprint-Pulavarty-OLS2003.pdf
-
Questo è tutto!
-Chris
Commenti (12)
This may be naive, but wouldn’t it help tremendously to have all the swap partitions for a given linode on a different drive?
[quote:9a75d3e3be=”diN0″]This may be naive, but wouldn’t it help tremendously to have all the swap partitions for a given linode on a different drive?[/quote]
It might, but that’s not the point, really. Before this patch, a single UML could consume all of the I/O (say, for a given device, like you suggested). It would still cause the same problem when other Linodes tried to access the device. The same effect can be had with “swap files” that exist on your filesystem (rather than actual ubd images) or heavy I/O on any filesystem.
With this patch, I am able to guarantee a minimum level of service. Previously that wasn’t possible.
-Chris
Great work chris, I genuinely can’t think of anything else you can improve upon! 😉
Chris,
I tried the 2.6 kernel of Redhat 9 (large) a few days ago. It failed to boot & I had to switch back to 2.4.
Another forum thread had the same problem.
dev/ubd/disc0: unknown partition table
/dev/ubd/disc1: unknown partition table
I am really excited about this. As you know I have been one of the most vocal proponents of some system of throttling disk I/O so that an overzealous Linode cannot DOS the host.
It sounds like this solution will require everyone to upgrade to a 2.6 kernel, which means that it cannot be applied until everyone is ready to go to 2.6 (and it will only be effective when *everyone* has upgraded to this fixed kernel). So I guess the solution is months away. But at least there is a plan in the works to solve this problem for good.
Great job man! Keep up the good work!
Just curious – why not solve this problem in the host kernel instead? Can the host kernel be patched to limit any one of its processes using the I/O token system that you have devised? Then the Linode themselves can run any kernel they want to and the host system will prevent any one from thrashing the disk.
Ideally this would be some kind of rlimit option, so that it could be applied just to the Linode processes themselves and not to the other processes of the host system.
I don’t know if the I/O layer that’s deeper in the kernel than the UML ubd driver is harder to work with though … perhaps it would be too complex to modify the fundamental Linux I/O code than it is to modify the ubd driver?
caker, thanks for all the hard work you’ve put in to keep the linode hosts in top shape.
It’s rather surprising that CFQ didn’t solve the I/O scheduling problem, though. The algorithm is supposed to be [i]completely fair[/i] towards each thread requesting I/O. 😛
[quote:52760ef410=”Quik”]Great work chris, I genuinely can’t think of anything else you can improve upon! :wink:[/quote]
Thanks Quik 🙂
[quote:52760ef410=”gmt”]Chris,
I tried the 2.6 kernel of Redhat 9 (large) a few days ago. It failed to boot & I had to switch back to 2.4.
Another forum thread had the same problem.
dev/ubd/disc0: unknown partition table
/dev/ubd/disc1: unknown partition table[/quote]
You can always ignore this warning message — it’s just telling you that the ubd devices are not partitioned. You’re using the entire block device as one giant ‘partition’.
To get 2.6 to work under RedHat, first rename /lib/tls to something else (since 2.6-um and NPTL don’t mix yet).
-Chris
[quote:2eaacf3890=”bji”]I am really excited about this. As you know I have been one of the most vocal proponents of some system of throttling disk I/O so that an overzealous Linode cannot DOS the host.
It sounds like this solution will require everyone to upgrade to a 2.6 kernel, which means that it cannot be applied until everyone is ready to go to 2.6[/quote]
Not sure where you read that from my post. I’ve already patched the 2.4.25-linode24-1um kernel with the token-limiter patch, and 2.6-um to follow shortly.
[quote:2eaacf3890=”bji”](and it will only be effective when *everyone* has upgraded to this fixed kernel). So I guess the solution is months away. But at least there is a plan in the works to solve this problem for good.[/quote]
Most/all of the repeat offenders have already been rebooted into the “linode24″ kernel (with the limiter patch). So the solution is in effect right now. But, you are correct — there are still many Linodes running un-limited.
[quote:2eaacf3890=”bji”]Great job man! Keep up the good work![/quote]
Thanks!
-Chris
[quote:f066e66db0=”bji”]Just curious – why not solve this problem in the host kernel instead? Can the host kernel be patched to limit any one of its processes using the I/O token system that you have devised? Then the Linode themselves can run any kernel they want to and the host system will prevent any one from thrashing the disk.
Ideally this would be some kind of rlimit option, so that it could be applied just to the Linode processes themselves and not to the other processes of the host system.
I don’t know if the I/O layer that’s deeper in the kernel than the UML ubd driver is harder to work with though … perhaps it would be too complex to modify the fundamental Linux I/O code than it is to modify the ubd driver?[/quote]
I agree — the correct solution is to get Linux fixed, or perhaps to get UML to use the host more efficiently. Some of the UML I/O rework is already under way (the AIO stuff), but that kind of thing *is* months away…
One interesting “feature” of the CFQ scheduler is an ionice priority level. But, I wasn’t able to get the syscalls working to test it.
-Chris
[quote:01c9cda963=”griffinn”]caker, thanks for all the hard work you’ve put in to keep the linode hosts in top shape.
It’s rather surprising that CFQ didn’t solve the I/O scheduling problem, though. The algorithm is supposed to be [i]completely fair[/i] towards each thread requesting I/O. :P[/quote]
I’m not sure where the bottleneck is — but as far as I can tell, CFQ and the standard scheduler in 2.4 appear equally (non)responsive in the worst-case scenario. Go figure…
One interesting thing is that UML uses the no-op elevator. Jeff and I got into a discussion about this, and he says there’s no point to UML doing any request merging, but I disagree. I’d rather have UML do some of it’s own request merging and reordering than force the host to do it all. Plus, it makes UML appear to the host as more of a streaming type load than a random load…
Think back to the last set of tiobench benchmark results you’ve seen — look how poorly the random-i/o results are compared to “streaming-read” and “streaming-write”…
So .. another hack to the UML code (one-liner) to test…
-Chris
Thanks, Caker. I have a tiny linode and I make almost no demands on the system, so far at least. However, fairness is part of what you sell. It sounds like the leaky bucket in the UM kernel solves most of the problem with a minimum of effort. I’ve been implementing fairness algorithms for at least 30 years, so I have a few theoretical observations and questions:
You appear to be issueing tokens independently to each process at an absolute rate, independent of the actual resource availability. This means that a UML may get limited even if nobody else wants the resource, yes? It might be better for the host kernel to issue tokens at an over-all rate to the UMLs.That way a particular UML can use the whole resource if nobody else wants it. since everybody’s buckets are full, the instant anyone else wants to use the resource the original user is instantly throttled to 50% as the tokens are returned equally to the two users, and so on as more users are added. That is, the main kernel returns tokens to each UML with a non-full bucket equally, but does not add tokens to a bucket that is already full. The host kernel should dyamically adjust its token generation rate to just keep the resource occupied. I’ve successfully done this in the past by watching the resource: if the resource goes idle when thre are any empty buckets, slightly increase the token rate. If the resource never goes idle, slightly decrease the token rate.
Next issue: Do you “oversubscribe” the host memory? That is, does the sum of the UML memory sizes exceed the size of the host’s real application space? If so, the host swapspace is used, causing disk activity at this level. This is independent of the swap activity within each UML as the user exceeds its “real” space and begins to use its swap partition. I’m guessing that host-level swapping does not count against any UML’s bucket. but that UML-level swapping does. This would be tha fair way to do this. However, host-level swapping will reduce the overall amount of IO resource that is available to the users. The algorithm above will account for this.
Next issue: Do we have fairness issues with network bandwidth? do you intend to add a token system to address this?
Again: I’m a happy camper. These are purely theoretical questions for me.