Tweet
Tweet

Slide 1

Slide 1 text

Docker Performance on Web Application JEZ@VVLJ %PDLFS.FFUVQ5PLZP

Slide 2

Slide 2 text

id:y_uuki ӡ༻ @y_uuk1

Slide 3

Slide 3 text

Docker Engine্Ͱɹ ΞϓϦέʔγϣϯΛɹ ಈ͔ͯ͠ੑೳྼԽ ͠ͳ͍ͷʁ

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

1 DockerͷύϑΥʔϚϯεʹ ͓͍ͯॏཁͳ͜ͱ͸ͳʹ͔

Slide 6

Slide 6 text

Linux Containers

Slide 7

Slide 7 text

/FUXPSL /BNFTQBDF *1$ /BNFTQBDF 654 /BNFTQBDF .PVOU /BNFTQBDF 6TFS /BNFTQBDF 1*% /BNFTQBDF

Slide 8

Slide 8 text

/FUXPSL /BNFTQBDF *1$ /BNFTQBDF 654 /BNFTQBDF .PVOU /BNFTQBDF 6TFS /BNFTQBDF 1*% /BNFTQBDF -JOVYΧʔωϧͷ໊લۭؒػೳͷ ू·Γ

Slide 9

Slide 9 text

Linux Containers Χʔωϧͷ֤ϦιʔεΛ໊લۭؒͰִ཭͠ ۭͨؒͰϓϩηεΛ࣮ߦ͢Δͱ͍͏Ϟσϧ ϑΝΠϧγεςϜɼϢʔβɼϓϩηεςʔ ϒϧɼωοτϫʔΫ… etc LXC ͸ Linux Containers ͷϑϩϯτΤϯυ

Slide 10

Slide 10 text

Linux Containers Overhead ୯ମͷLinux ΧʔωϧͰ׬݁͢ΔͷͰ ΦϒδΣΫτͷڞ༗ޮ཰͕Α͍ Hypervisor ͷΑ͏ʹ֤ϦιʔεΛɹɹ ೋॏॲཧ͠ͳͯ͘Α͍

Slide 11

Slide 11 text

example/packet receive /*$ ,FSOFM 6TFSMBOE $PQZ $PQZ 4JOHMF ,FSOFM

Slide 12

Slide 12 text

example/packet receive /*$ ,FSOFM 6TFSMBOE $PQZ $PQZ /*$ ,FSOFM ,FSOFM $PQZ $PQZ 4JOHMF ,FSOFM )ZQFSWJTPS 9FO ,7. 6TFSMBOE $PQZ ˞ 43*07ͳͲ)ZQFSWJTPSͰ΋ύέοτίϐʔΦʔόϔουΛগͳ͘ ͢Δ࣮૷͸͋Δ

Slide 13

Slide 13 text

Linux Containers ͩͱ Single Kernel Ͱ଎͍

Slide 14

Slide 14 text

Docker Filesystem -JOVY$POUBJOFST

Slide 15

Slide 15 text

UNION Filesystem -JOVY$POUBJOFST %PDLFS'JMFTZTUFN

Slide 16

Slide 16 text

IUUQTEPDTEPDLFSDPNUFSNTJNBHFTEPDLFSpMFTZTUFNTNVMUJMBZFSQOH UNION Filesystem Image

Slide 17

Slide 17 text

8SJUF*0 3FBE*0 ADBUFUDEFCJBO@WFSTJPOA

Slide 18

Slide 18 text

8SJUF*0 3FBE*0 8SJUF*0͸࠷্૚΁ॻ͖ࠐΈ 3FBE*0͸֘౰ϑΝΠϧΛ ֨ೲ͢Δ૚Λ୳ࡧ

Slide 19

Slide 19 text

UNION Filesystem • AUFS, Btrfs, OverlayFS … ͳͲΛ࢖࣮ͬͯݱ • Copy On Write: ݪຊΛෳ੡ͨ͠;ΓΛͯ͠ ͓͍ͯ৽نॻ͖ࠐΈ͕͋ͬͨΒෳ੡Λ࡞Δ • LinuxΧʔωϧඪ४ͷ Device MapperΛ࢖ͬ ͯ΋࣮ݱͰ͖Δ

Slide 20

Slide 20 text

Storage drivers -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN

Slide 21

Slide 21 text

EFWJDFNBQQFS BVGT CUSGT PWFSMBZGT

Slide 22

Slide 22 text

EFWJDFNBQQFS BVGT CUSGT PWFSMBZGT 6OJPO'4ͷ࣮૷Λબ୒Ͱ͖Δ

Slide 23

Slide 23 text

Storage drivers devicemapper, aufs, btrfs, overrayfs (vfs) Χʔωϧඪ४ͳͨΊRHELܥͰͷɹɹ σϑΥϧτ͸ devicemapper

Slide 24

Slide 24 text

Device Mapper ϒϩοΫσόΠε΁ͷI/Oʹ༷ʑͳม׵ΛՃ͑Δ͜ͱ͕ Ͱ͖Δ (҉߸ԽɺετϥΠϓɺϛϥʔ ͳͲ) ϒϩοΫσόΠευϥΠόϨϕϧͷ࣮૷ͳͷͰɹɹɹɹ ಛఆͷϑΝΠϧγεςϜʹґଘ͠ͳ͍ LVMͳͲͰ࢖ΘΕ͍ͯΔ docker commit ͕૸ΔͱsnapshotσόΠεΛ࡞੒ͯ͠Π ϝʔδ૚ͱ͢Δ

Slide 25

Slide 25 text

Volume -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST

Slide 26

Slide 26 text

Volume ίϯςφؒͰσΟϨΫτϦΛڞ༗͢ΔͨΊͷ΋ͷ ίϯςφ͝ͱͰ͸ͳ͘DockerάϩʔόϧͳྖҬʹ֨ ೲ͞ΕΔ ࢦఆͨ͠σΟϨΫτϦҎԼͷΠϝʔδ૚ΛόΠύε͠ ͯΞΫηε I/Oཁٻ͕Union FS෦෼Λ௨Βͳ͍ͷͰΦʔόϔου ͕গͳ͍

Slide 27

Slide 27 text

howto/Volume EPDLFSSVOWWBSMJCNZTRMNZTRM 70-6.&WBSMJCNZTRM EPDLFSSVONZTRM %PDLFSpMF 4IFMM 4IFMM PS

Slide 28

Slide 28 text

Docker Network -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF

Slide 29

Slide 29 text

Portmapper -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL

Slide 30

Slide 30 text

Portmapper ίϯςφؒ௨৴΍ίϯςφɾϗετؒ௨৴͸ϗετଆ ͷ iptables ͰNAT ! iptables͕ͳ͍؀ڥͩͱಠࣗͷϢʔβϥϯυͷϓϩη ε(docker-proxy)Ͱίϯςφؒ௨৴ "%0$,&3JEPDLFSQUDQNUDQŠEQPSUK%/"5 ŠUPEFTUJOBUJPO EPDLFSQSPYZQSPUPUDQIPTUJQIPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSU

Slide 31

Slide 31 text

Host Networking -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL 1PSUNBQQFS

Slide 32

Slide 32 text

Host Networking ίϯςφ༻ͷNetwork NamespaceΛ࡞Β ͣʹϗετͷωοτϫʔΫΛͦͷ··࢖͏ ίϯςφ͸ϗετଆͷportΛlisten͢Δ iptables΍docker-proxyΛܦ༝͠ͳͯ͘Α ͘ͳΓɺΦʔόϔου͕খ͘͞ͳΔ

Slide 33

Slide 33 text

howto/Host Networking ! ŠFYFDESJWFSOBUJWF PS -9$Ҏ্ͰŠFYFDESJWFSMYD ͕ඞཁ EPDLFSSVOŠOFUIPTUNZTRM

Slide 34

Slide 34 text

-JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL 1PSUNBQQFS )PTU/FUXPSLJOH DockerͷύϑΥʔϚϯεʹ ͓͍ͯॏཁͳ͜ͱ͸ͳʹ͔

Slide 35

Slide 35 text

2 DockerԽͨ͠ ISUCONΞϓϦέʔγϣϯ ͷϕϯνϚʔΫ

Slide 36

Slide 36 text

ISUCON *JLBOKJOJ4QFFE6Q$0/UFTU

Slide 37

Slide 37 text

/HJOY CFODI NBSLFS .Z42- "QQ .FNDBDIFE ISUCON4 ༧બ

Slide 38

Slide 38 text

Machine & Software Spec instance type: m3.xlarge CPU: Xeon E5-2670 v2 @ 2.50GHz 4 vCPU Memory: 16GB RAM Storage: Magnetic volume OS: Ubuntu 14.04 LTS Kernel 3.18.0 Docker: 1.4.1 (latest) MySQL: 5.5.40, memcached: 1.4.14, Nginx:1.4.6

Slide 39

Slide 39 text

νϡʔχϯά಺༰ • είΞ 38446 (໿ 3000 req/s) • ࢼߦ͝ͱʹ +-1000 είΞఔ౓ͷޡࠩ • ༧બಥഁϨϕϧ • σʔλ͸શ෦ϝϞϦʹ৐Δ • ηογϣϯ৘ใͳͲ͸ memcached • Nginx Ͱ੩తϑΝΠϧΛฦ͢ • ωοτϫʔΫελοΫɺNginx, MySQL ͸ී௨ͷ νϡʔχϯά

Slide 40

Slide 40 text

Evaluation

Slide 41

Slide 41 text

• Nginx ͱ MySQL ΛͦΕͧΕDockerԽ • ҎԼͷ֤ํࣜΛnative(default)ͱൺֱ • Nginx͚ͩDockerԽ • —net=host ͱ —net=bridge • MySQL͚ͩDockerԽ • storage-driver=devicemapper ͱ storage-driver=overlayfs • Volume ͷ ON/OFF

Slide 42

Slide 42 text

Result

Slide 43

Slide 43 text

EFGBVMU /HJOY OFUCSJEHF /HJOY OFUIPTU

Slide 44

Slide 44 text

/HJOYʹύέοτ͕ू໿͢Δ /"15͢ΔΦʔόϔου͕ߴ͍

Slide 45

Slide 45 text

EFGBVMU .Z42- EFWJDFNBQQFS WPMVNFP⒎ .Z42- EFWJDFNBQQFS WPMVNFPO .Z42- PWFSMBZGT WPMVNFP⒎ .Z42- PWFSMBZGT WPMVNFPO

Slide 46

Slide 46 text

7PMVNFͷ0/0''ͱ TUPSBHFESJWFSʹΑΔ ੑೳྼԽͳ͠

Slide 47

Slide 47 text

7PMVNF0''ͰมΘΒͳ͍ 3FBE*0͸ϝϞϦʹશ෦ͷΔ 8SJUF*0͸࠷্૚͚ͩ

Slide 48

Slide 48 text

NAPTͷߴ଎Խ

Slide 49

Slide 49 text

-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER

Slide 50

Slide 50 text

-A OUTPUT E -m addrtype --dst-type LOCAL -j DOCKER

Slide 51

Slide 51 text

127.0.0.1Ѽͩͱiptablesͷ DockerνΣʔϯʹೖΒͳ͍

Slide 52

Slide 52 text

docker-proxy EPDLFSQSPYZQSPUPUDQIPTUJQ IPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSUA

Slide 53

Slide 53 text

docker-proxy EPDLFSQSPYZQSPUPUDQIPTUJQ IPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSUA CPU 50%

Slide 54

Slide 54 text

benchmarker bench --host 172.31.8.235 --init ~/init.sh --workload 8

Slide 55

Slide 55 text

32172 37931

Slide 56

Slide 56 text

ͳͥ userland ͷ proxy ͕͍Δͷ͔

Slide 57

Slide 57 text

IUUQTHJUIVCDPNEPDLFSEPDLFSQVMM

Slide 58

Slide 58 text

Hairpin NAT

Slide 59

Slide 59 text

)PTU $POUBJOFS EPDLFS -*45&/ FUI FUI MP FUI FUI

Slide 60

Slide 60 text

ETU MP FUI FUI )PTU $POUBJOFS EPDLFS -*45&/ FUI FUI

Slide 61

Slide 61 text

ETU "%0$,&3JEPDLFSQUDQNUDQEQPSU K%/"5UPEFTUJOBUJPO )PTU $POUBJOFS MP FUI FUI EPDLFS -*45&/ FUI FUI

Slide 62

Slide 62 text

ETU "%0$,&3JEPDLFSQUDQNUDQEQPSU K%/"5UPEFTUJOBUJPO )PTU $POUBJOFS MP FUI FUI EPDLFS -*45&/ -*45&/ Ծ૝bridge(docker0)Λ Hairpin NAT modeʹ͠ͳ͍ͱ NAT͞Εͳ͍

Slide 63

Slide 63 text

FDIPTZTDMBTTOFUCSCSJGFUIIBJSQJO@NPEF

Slide 64

Slide 64 text

IUUQTHJUIVCDPNEPDLFSEPDLFSQVMM

Slide 65

Slide 65 text

No content

Slide 66

Slide 66 text

3)&-BOE$FOU04 SFBEPOMZTZT

Slide 67

Slide 67 text

1. DockerͷύϑΥʔϚϯεʹ͍ͭͯ ॏཁͳࣄ͸ͳʹ͔ 2. DockerԽͨ͠ISUCONΞϓϦέʔ γϣϯͷϕϯνϚʔΫ

Slide 68

Slide 68 text

Linux Containers Docker Filesystem UNION Filesystem Storage drivers Volume Docker Network Portmapper Host Networking

Slide 69

Slide 69 text

Linux Containers Docker Filesystem UNION Filesystem Storage drivers Volume Docker Network Portmapper (Performance issue) Host Networking

Slide 70

Slide 70 text

No content

Slide 71

Slide 71 text

IUUQIBUFOBDPSQKQSFDSVJUDBSFFSTBMFTFOHJOFFS ηʔϧεΤϯδχΞ৬

Slide 72

Slide 72 text

! 8FCΦϖϨʔγϣϯΤϯδχΞ Λืू͓ͯ͠Γ·͢