Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Docker Performance on Web Application

Avatar for Yuuki Tsubouchi (yuuk1) Yuuki Tsubouchi (yuuk1)
January 17, 2015
Technology
130k
7

Docker Performance on Web Application

Docker Meetup Tokyo #4

Avatar for Yuuki Tsubouchi (yuuk1)

Yuuki Tsubouchi (yuuk1)

January 17, 2015

More Decks by Yuuki Tsubouchi (yuuk1)

See All by Yuuki Tsubouchi (yuuk1)
SAKURAONE: An Open Ethernet-based AI HPC System And Its Observed Workload Dynamics in a Single-Tenant LLM Development Environment
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
1
330
AIスーパーコンピュータにおけるLLM学習処理性能の計測と可観測性 / AI Supercomputer LLM Benchmarking and Observability
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
1
930
SREはサイバネティクスの夢をみるか? / Do SREs Dream of Cybernetics?
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
3
520
SREのためのテレメトリー技術の探究 / Telemetry for SRE
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
13
3.6k
AIスパコン「さくらONE」の
オブザーバビリティ / Observability for AI Supercomputer SAKURAONE
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
2
1.5k
AIスパコン「さくらONE」のLLM学習ベンチマークによる性能評価 / SAKURAONE LLM Training Benchmarking
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
2
1.1k
とあるSREの博士「過程」 / A Certain SRE’s Ph.D. Journey
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
11
7k
eBPFを用いたAIネットワーク監視システム論文の実装 / eBPF Japan Meetup #4
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
3
1.8k
クラウドのテレメトリーシステム研究動向2025年
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
4
1.2k

Other Decks in Technology

See All in Technology
2026TECHFRESH畢業分享會 - AI 時代的人生存檔點
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.1k
失敗を資産に変えるClaude Code
Avatar for Shinya Saita shinyasaita
0
680
いまさら聞けない「仕様駆動開発入門」 〜AI活用時代の開発プロセスを考える〜
Avatar for ファインディ株式会社(イベント資料アップ用) findy_eventslides
2
130
フィジカル版Github Onshapeの紹介
Avatar for shiba_8ro shiba_8ro
0
260
【2026年版】 ベクトル検索䛸 Embedding最前線
Avatar for Tomoko Uchida mocobeta
2
220
MUSUBI 田中裕一『AIと共に行う「しごとのリデザイン」- スモールバックオフィス編』AI Ops Lab #4
Avatar for MUSUBI musubi
0
200
Agent Skills設計で柔軟性と硬さのバランスが難しい話
Avatar for nassy nassy20
0
130
AIはどのように 組織のアジリティを変えるのか?
Avatar for J.K junki
4
940
あなたの知らないPDFのアクセシビリティ
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
200
SONiC Scale-Up Working Group から探る Scale-UpやUltraEthernet機能の実装方法
Avatar for ebiken ebiken
PRO
2
350
SONiCで構築・運用する生成AI向けパブリッククラウドネットワーク ~実装編~
Avatar for SONiC Users Group Japan sonic
0
220
プロダクト開発から業務改善コンサルまで。事業全体へ「染み出す」ことで広がるエンジニアの可能性
Avatar for ham ham0215
0
130

Featured

See All Featured
How to Talk to Developers About Accessibility
Avatar for Jason CranfordTeague jct
2
230
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
Avatar for Sophie Logan marketingsoph
0
170
Docker and Python
Avatar for Tania Allard trallard
47
3.9k
The SEO Collaboration Effect
Avatar for Kristina Bergwall kristinabergwall1
1
490
Side Projects
Avatar for Sacha Greif sachag
455
43k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
356
21k
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
65
55k
WENDY [Excerpt]
Avatar for Tessa Abrams tessaabrams
11
38k
The browser strikes back
Avatar for Jono Alderson jonoalderson
0
1.2k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
Avatar for konakalab konakalab
0
460
Groundhog Day: Seeking Process in Gaming for Health
Avatar for Sebastian Deterding codingconduct
0
210

Transcript

  1. Docker Performance on Web Application JEZ@VVLJ %PDLFS.FFUVQ5PLZP

  2. id:y_uuki ӡ༻ @y_uuk1

  3. Docker Engine্Ͱɹ ΞϓϦέʔγϣϯΛɹ ಈ͔ͯ͠ੑೳྼԽ ͠ͳ͍ͷʁ

  4. None

  5. 1 DockerͷύϑΥʔϚϯεʹ ͓͍ͯॏཁͳ͜ͱ͸ͳʹ͔

  6. Linux Containers

  7. /FUXPSL /BNFTQBDF *1$ /BNFTQBDF 654 /BNFTQBDF .PVOU /BNFTQBDF 6TFS /BNFTQBDF

    1*% /BNFTQBDF

  8. /FUXPSL /BNFTQBDF *1$ /BNFTQBDF 654 /BNFTQBDF .PVOU /BNFTQBDF 6TFS /BNFTQBDF

    1*% /BNFTQBDF -JOVYΧʔωϧͷ໊લۭؒػೳͷ ू·Γ

  9. Linux Containers Χʔωϧͷ֤ϦιʔεΛ໊લۭؒͰִ཭͠ ۭͨؒͰϓϩηεΛ࣮ߦ͢Δͱ͍͏Ϟσϧ ϑΝΠϧγεςϜɼϢʔβɼϓϩηεςʔ ϒϧɼωοτϫʔΫ… etc LXC ͸ Linux

    Containers ͷϑϩϯτΤϯυ

  10. Linux Containers Overhead ୯ମͷLinux ΧʔωϧͰ׬݁͢ΔͷͰ ΦϒδΣΫτͷڞ༗ޮ཰͕Α͍ Hypervisor ͷΑ͏ʹ֤ϦιʔεΛɹɹ ೋॏॲཧ͠ͳͯ͘Α͍

  11. example/packet receive /*$ ,FSOFM 6TFSMBOE $PQZ $PQZ 4JOHMF ,FSOFM

  12. example/packet receive /*$ ,FSOFM 6TFSMBOE $PQZ $PQZ /*$ ,FSOFM ,FSOFM

    $PQZ $PQZ 4JOHMF ,FSOFM )ZQFSWJTPS 9FO ,7. 6TFSMBOE $PQZ ˞ 43*07ͳͲ)ZQFSWJTPSͰ΋ύέοτίϐʔΦʔόϔουΛগͳ͘ ͢Δ࣮૷͸͋Δ

  13. Linux Containers ͩͱ Single Kernel Ͱ଎͍

  14. Docker Filesystem -JOVY$POUBJOFST

  15. UNION Filesystem -JOVY$POUBJOFST %PDLFS'JMFTZTUFN

  16. IUUQTEPDTEPDLFSDPNUFSNTJNBHFTEPDLFSpMFTZTUFNTNVMUJMBZFSQOH UNION Filesystem Image

  17. 8SJUF*0 3FBE*0 ADBUFUDEFCJBO@WFSTJPOA

  18. 8SJUF*0 3FBE*0 8SJUF*0͸࠷্૚΁ॻ͖ࠐΈ 3FBE*0͸֘౰ϑΝΠϧΛ ֨ೲ͢Δ૚Λ୳ࡧ

  19. UNION Filesystem • AUFS, Btrfs, OverlayFS … ͳͲΛ࢖࣮ͬͯݱ • Copy

    On Write: ݪຊΛෳ੡ͨ͠;ΓΛͯ͠ ͓͍ͯ৽نॻ͖ࠐΈ͕͋ͬͨΒෳ੡Λ࡞Δ • LinuxΧʔωϧඪ४ͷ Device MapperΛ࢖ͬ ͯ΋࣮ݱͰ͖Δ

  20. Storage drivers -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN

  21. EFWJDFNBQQFS BVGT CUSGT PWFSMBZGT

  22. EFWJDFNBQQFS BVGT CUSGT PWFSMBZGT 6OJPO'4ͷ࣮૷Λબ୒Ͱ͖Δ

  23. Storage drivers devicemapper, aufs, btrfs, overrayfs (vfs) Χʔωϧඪ४ͳͨΊRHELܥͰͷɹɹ σϑΥϧτ͸ devicemapper

  24. Device Mapper ϒϩοΫσόΠε΁ͷI/Oʹ༷ʑͳม׵ΛՃ͑Δ͜ͱ͕ Ͱ͖Δ (҉߸ԽɺετϥΠϓɺϛϥʔ ͳͲ) ϒϩοΫσόΠευϥΠόϨϕϧͷ࣮૷ͳͷͰɹɹɹɹ ಛఆͷϑΝΠϧγεςϜʹґଘ͠ͳ͍ LVMͳͲͰ࢖ΘΕ͍ͯΔ docker

    commit ͕૸ΔͱsnapshotσόΠεΛ࡞੒ͯ͠Π ϝʔδ૚ͱ͢Δ

  25. Volume -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST

  26. Volume ίϯςφؒͰσΟϨΫτϦΛڞ༗͢ΔͨΊͷ΋ͷ ίϯςφ͝ͱͰ͸ͳ͘DockerάϩʔόϧͳྖҬʹ֨ ೲ͞ΕΔ ࢦఆͨ͠σΟϨΫτϦҎԼͷΠϝʔδ૚ΛόΠύε͠ ͯΞΫηε I/Oཁٻ͕Union FS෦෼Λ௨Βͳ͍ͷͰΦʔόϔου ͕গͳ͍

  27. howto/Volume EPDLFSSVOWWBSMJCNZTRMNZTRM 70-6.&WBSMJCNZTRM EPDLFSSVONZTRM %PDLFSpMF 4IFMM 4IFMM PS

  28. Docker Network -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF

  29. Portmapper -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL

  30. Portmapper ίϯςφؒ௨৴΍ίϯςφɾϗετؒ௨৴͸ϗετଆ ͷ iptables ͰNAT ! iptables͕ͳ͍؀ڥͩͱಠࣗͷϢʔβϥϯυͷϓϩη ε(docker-proxy)Ͱίϯςφؒ௨৴ "%0$,&3JEPDLFSQUDQNUDQŠEQPSUK%/"5 ŠUPEFTUJOBUJPO

    EPDLFSQSPYZQSPUPUDQIPTUJQIPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSU

  31. Host Networking -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL 1PSUNBQQFS

  32. Host Networking ίϯςφ༻ͷNetwork NamespaceΛ࡞Β ͣʹϗετͷωοτϫʔΫΛͦͷ··࢖͏ ίϯςφ͸ϗετଆͷportΛlisten͢Δ iptables΍docker-proxyΛܦ༝͠ͳͯ͘Α ͘ͳΓɺΦʔόϔου͕খ͘͞ͳΔ

  33. howto/Host Networking ! ŠFYFDESJWFSOBUJWF PS -9$Ҏ্ͰŠFYFDESJWFSMYD ͕ඞཁ EPDLFSSVOŠOFUIPTUNZTRM

  34. -JOVY$POUBJOFST %PDLFS'JMFTZTUFN 6/*0/'JMFTZTUFN 4UPSBHF%SJWFST 7PMVNF %PDLFS/FUXPSL 1PSUNBQQFS )PTU/FUXPSLJOH DockerͷύϑΥʔϚϯεʹ ͓͍ͯॏཁͳ͜ͱ͸ͳʹ͔

  35. 2 DockerԽͨ͠ ISUCONΞϓϦέʔγϣϯ ͷϕϯνϚʔΫ

  36. ISUCON *JLBOKJOJ4QFFE6Q$0/UFTU

  37. /HJOY CFODI NBSLFS .Z42- "QQ .FNDBDIFE ISUCON4 ༧બ

  38. Machine & Software Spec instance type: m3.xlarge CPU: Xeon E5-2670

    v2 @ 2.50GHz 4 vCPU Memory: 16GB RAM Storage: Magnetic volume OS: Ubuntu 14.04 LTS Kernel 3.18.0 Docker: 1.4.1 (latest) MySQL: 5.5.40, memcached: 1.4.14, Nginx:1.4.6

  39. νϡʔχϯά಺༰ • είΞ 38446 (໿ 3000 req/s) • ࢼߦ͝ͱʹ +-1000

    είΞఔ౓ͷޡࠩ • ༧બಥഁϨϕϧ • σʔλ͸શ෦ϝϞϦʹ৐Δ • ηογϣϯ৘ใͳͲ͸ memcached • Nginx Ͱ੩తϑΝΠϧΛฦ͢ • ωοτϫʔΫελοΫɺNginx, MySQL ͸ී௨ͷ νϡʔχϯά

  40. Evaluation

  41. • Nginx ͱ MySQL ΛͦΕͧΕDockerԽ • ҎԼͷ֤ํࣜΛnative(default)ͱൺֱ • Nginx͚ͩDockerԽ •

    —net=host ͱ —net=bridge • MySQL͚ͩDockerԽ • storage-driver=devicemapper ͱ storage-driver=overlayfs • Volume ͷ ON/OFF

  42. Result

  43. EFGBVMU /HJOY OFUCSJEHF /HJOY OFUIPTU   

  44. /HJOYʹύέοτ͕ू໿͢Δ /"15͢ΔΦʔόϔου͕ߴ͍

  45. EFGBVMU .Z42- EFWJDFNBQQFS WPMVNFP⒎ .Z42- EFWJDFNBQQFS WPMVNFPO .Z42- PWFSMBZGT WPMVNFP⒎

    .Z42- PWFSMBZGT WPMVNFPO     

  46. 7PMVNFͷ0/0''ͱ TUPSBHFESJWFSʹΑΔ ੑೳྼԽͳ͠

  47. 7PMVNF0''ͰมΘΒͳ͍ 3FBE*0͸ϝϞϦʹશ෦ͷΔ 8SJUF*0͸࠷্૚͚ͩ

  48. NAPTͷߴ଎Խ

  49. -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j

    DOCKER

  50. -A OUTPUT E -m addrtype --dst-type LOCAL -j DOCKER

  51. 127.0.0.1Ѽͩͱiptablesͷ DockerνΣʔϯʹೖΒͳ͍

  52. docker-proxy EPDLFSQSPYZQSPUPUDQIPTUJQ IPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSUA

  53. docker-proxy EPDLFSQSPYZQSPUPUDQIPTUJQ IPTUQPSU DPOUBJOFSJQDPOUBJOFSQPSUA CPU 50%

  54. benchmarker bench --host 172.31.8.235 --init ~/init.sh --workload 8

  55. 32172 37931

  56. ͳͥ userland ͷ proxy ͕͍Δͷ͔

  57. IUUQTHJUIVCDPNEPDLFSEPDLFSQVMM

  58. Hairpin NAT

  59. )PTU $POUBJOFS EPDLFS  -*45&/ FUI FUI MP FUI FUI

  60. ETU MP FUI FUI )PTU $POUBJOFS EPDLFS  -*45&/ FUI

    FUI

  61. ETU "%0$,&3JEPDLFSQUDQNUDQEQPSU K%/"5UPEFTUJOBUJPO )PTU $POUBJOFS MP FUI FUI EPDLFS 

    -*45&/ FUI FUI

  62. ETU "%0$,&3JEPDLFSQUDQNUDQEQPSU K%/"5UPEFTUJOBUJPO )PTU $POUBJOFS MP FUI FUI EPDLFS 

    -*45&/ -*45&/ Ծ૝bridge(docker0)Λ Hairpin NAT modeʹ͠ͳ͍ͱ NAT͞Εͳ͍

  63. FDIPTZTDMBTTOFUCSCSJGFUIIBJSQJO@NPEF

  64. IUUQTHJUIVCDPNEPDLFSEPDLFSQVMM

  65. None

  66. 3)&-BOE$FOU04 SFBEPOMZTZT

  67. 1. DockerͷύϑΥʔϚϯεʹ͍ͭͯ ॏཁͳࣄ͸ͳʹ͔ 2. DockerԽͨ͠ISUCONΞϓϦέʔ γϣϯͷϕϯνϚʔΫ

  68. Linux Containers Docker Filesystem UNION Filesystem Storage drivers Volume Docker

    Network Portmapper Host Networking

  69. Linux Containers Docker Filesystem UNION Filesystem Storage drivers Volume Docker

    Network Portmapper (Performance issue) Host Networking
  70. None

  71. IUUQIBUFOBDPSQKQSFDSVJUDBSFFSTBMFTFOHJOFFS ηʔϧεΤϯδχΞ৬

  72. ! 8FCΦϖϨʔγϣϯΤϯδχΞ Λืू͓ͯ͠Γ·͢