Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Transtracer: 分散システムにおけるTCP/UDP通信の終端点の監視によるプロセス...

Yuuki Tsubouchi (yuuk1)
December 06, 2019
Research
8
2.3k

Transtracer: 分散システムにおけるTCP/UDP通信の終端点の監視によるプロセス間依存関係の自動追跡

情報処理学会 第12回インターネットと運用技術シンポジウム(IOTS)2019
論文: https://yuuk.io/papers/transtracer_iots2019.pdf
OSS: https://github.com/yuuki/transtracer

Yuuki Tsubouchi (yuuk1)

December 06, 2019
Tweet

More Decks by Yuuki Tsubouchi (yuuk1)

See All by Yuuki Tsubouchi (yuuk1)
クラウドのテレメトリーシステム研究動向2025年
yuukit
3
830
博士論文公聴会: Scaling Telemetry Workloads in Cloud Applications: Techniques for Instrumentation, Storage, and Mining / PhD Defence
yuukit
1
120
博士学位論文予備審査 / Scaling Telemetry Workloads in Cloud Applications: Techniques for Instrumentation, Storage, and Mining
yuukit
1
1.8k
MetricSifter:クラウドアプリケーションにおける故障箇所特定の効率化のための多変量時系列データの特徴量削減 / FIT 2024
yuukit
2
230
工学としてのSRE再訪 / Revisiting SRE as Engineering
yuukit
19
13k
Cloudless Computingの論文紹介
yuukit
2
510
#SRE論文紹介 Detection is Better Than Cure: A Cloud Incidents Perspective
V. Ganatra et. al., ESEC/FSE’23
yuukit
3
1.9k
エンジニアのためのSRE論文への招待 / Introduction to SRE Papers for Engineers
yuukit
2
11k
博士課程での研究まとめ 2023年1月版 / Summary of my research in the PhD course
yuukit
1
300

Other Decks in Research

See All in Research
Weekly AI Agents News! 12月号 論文のアーカイブ
masatoto
0
290
NeurIPS 2024 参加報告 & 論文紹介 (SACPO, Ctrl-G)
reisato12345
0
420
Ad-DS Paper Circle #1
ykaneko1992
0
4.1k
Pix2Poly: A Sequence Prediction Method for End-to-end Polygonal Building Footprint Extraction from Remote Sensing Imagery
satai
3
270
DeepSeek-R1の論文から読み解く背景技術
personabb
3
550
3D Gaussian Splattingによる高効率な新規視点合成技術とその応用
muskie82
0
450
SkySense : A Multi-Modal Remote Sensing Foundation Model Towards Universal Interpretation for Earth Observation Imagery
satai
3
130
Data-centric AI勉強会 「ロボットにおけるData-centric AI」
haraduka
0
560
[輪講] Transformer Layers as Painters
nk35jk
4
750
Dynamic World, Near real-time global 10 m land use land cover mapping
satai
3
210
JSAI NeurIPS 2024 参加報告会(AI アライメント)
akifumi_wachi
5
950
請求書仕分け自動化での物体検知モデル活用 / Utilization of Object Detection Models in Automated Invoice Sorting
sansan_randd
0
160

Featured

See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
349
20k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.8k
Automating Front-end Workflow
addyosmani
1369
200k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
45
9.5k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Why Our Code Smells
bkeepers
PRO
336
57k
Building Adaptive Systems
keathley
41
2.5k
Build The Right Thing And Hit Your Dates
maggiecrowley
35
2.6k
The Pragmatic Product Professional
lauravandoore
33
6.5k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
32
5.4k
What's in a price? How to price your products and services
michaelherold
245
12k

Transcript

  1. ͘͞ΒΠϯλʔωοτ גࣜձࣾ (C) Copyright 1996-2019 SAKURA internet Inc ͘͞ΒΠϯλʔωοτ ݚڀॴ

    Transtracer: ෼ࢄγεςϜʹ͓͚ΔTCP/UDP௨৴ͷ ऴ୺఺ͷ؂ࢹʹΑΔϓϩηεؒґଘؔ܎ͷࣗಈ௥੻ ৘ใॲཧֶձ ୈ12ճΠϯλʔωοτͱӡ༻ٕज़γϯϙδ΢Ϝ(IOTS)2019 2019.12.6 ௶಺༎थ*1, ݹ઒խେ*2, দຊ྄հ*1 *1) ͘͞ΒΠϯλʔωοτ, *2) ͸ͯͳ

  2. 2 1. എܠͱ໨త 2. ෼ࢄγεςϜ಺ͷґଘؔ܎ͷ௥੻ٕज़ 3. ఏҊख๏ 4. ࣮ݧͱߟ࡯ 5.

    ·ͱΊͱࠓޙͷల๬ ໨࣍

  3. 1. എܠͱ໨త

  4. 4 WebαʔϏε಺ͷґଘؔ܎ͷෳࡶԽͷഎܠ ௕ظؒͷαʔϏεఏڙத ͷػೳ௥Ճ Ϣʔβʔ͔ΒͷΞΫηε ૿Ճ ୯ҰͷαʔϏεࣄۀऀ͕ ෳ਺ͷαʔϏεΛఏڙ (SNS,ECαΠτͳͲ) ༻్ಛԽͷϛυϧ΢ΣΞͷ௥Ճ

    ৽چγεςϜͷࠞ߹ঢ়ଶ εέʔϧΞ΢τʹΑΔϗετ਺ ͷ૿Ճ ෳ਺ͷαʔϏεͷҰ෦Λڞ༗ (Ϣʔβʔೝূج൫ͳͲ) ϚΠΫϩαʔϏεԽ

  5. 5 ɾෳࡶͳґଘؔ܎ʹΑΓɼγεςϜʹมߋΛՃ͑ͨ࣌ʹ໰୊͕͋ͬͨ ৔߹ɼ༧૝ΑΓେ͖ͳো֐ʹͭͳ͕Δ͜ͱ΋͋Δ ɾো֐ൃੜΛڪΕͯɼௐࠪʹ࣌ؒΛཁ͠ɼ݁Ռతʹมߋ଎౓͕௿Լ ɾґଘؔ܎͸γεςϜͷՔಇதʹมߋ͞Ε͍ͯͨ͘ΊɼखಈͰυΩϡ ϝϯτΛߋ৽͠ଓ͚Δख͕ؒେ͖͍ ґଘؔ܎ͷෳࡶԽʹΑΓੜ·ΕΔ໰୊ҙࣝ มߋͷӨڹൣғΛ༧ଌ͢ΔͨΊʹ γεςϜ؅ཧऀʹͱͬͯະ஌ͷϓϩηεͷґଘؔ܎Λ ࣗಈͰ௥੻͢Δඞཁ͕͋Δ

  6. 6 ɾLinuxͷύέοτϑΟϧλϩάΛར༻ͯ͠L4઀ଓͷঢ়ଶΛऔಘ ɾLinuxΧʔωϧͷ௨৴ػߏΛར༻͢ΔݶΓɼOSϓϩηεʹରͯ͠ಁ աతʹ௥੻Մೳ ɾ஗ԆΦʔόϔου: ύέοτϑΟϧλॲཧͷΦʔόϔου ɾِӄੑ: ϦιʔεফඅΛ཈͑ΔͨΊʹɼύέοτΛແ࡞ҝʹαϯϓϦ ϯά͢ΔͨΊɼݕ஌࿙ΕͷՄೳੑ͕͋Δ طଘͷࣗಈ௥੻ٕज़

    [1] [1] J. K. Clawson, Service Dependency Analysis via TCP/UDP Port Tracing, Master’s thesis, Brigham Young University-Provo 2015.

  7. 7 ݚڀ໨త: ະ஌ͷϓϩηεΛ௿ෛՙͰ௥੻ Linux OS Kernel Process Process TCP/UDP Flows

    … . . . User ιέοτ Λ؂ࢹ TCP/UDP઀ଓͷऴ୺఺Ͱ͋ΔιέοτΛ؂ࢹ͠઀ଓΛࣗಈ௥੻ 1. ஗ԆΦʔόϔουͷղܾ ɾιέοτͷ؂ࢹΛϓϩηε ͷ௨৴ͱಠཱͤ͞Δ 2. ِӄੑͷղܾ ɾ͢΂ͯͷιέοτΛ؂ࢹ ɾύέοτ͸ඵؒ਺ສ୯Ґ͕ ͋Γ͑Δ ɾιέοτ͸࠶ར༻͞Ε͏Δ ͨΊɼιέοτ਺ͷ΄͏͕ খ͘͞ͳΓ΍͍͢

  8. 8 γεςϜ؅ཧऀʹͱͬͯ఍߅ͳ͘ಋೖՄೳ ɾΦʔόϔου͕େ͖͍ͱɼ؅ཧऀ͸Өڹͷେ͖͍ίϯϙʔωϯτΛ ௥੻ର৅͔Β֎͢͜ͱ͕͋Δ ↪ ؅ཧऀͷهԱ΍υΩϡϝϯςʔγϣϯʹґଘ͢Δ ɾِӄੑ͕େ͖͍ͱɼ؅ཧऀ͸ಘΒΕͨґଘؔ܎Λ৴༻͠ͳ͘ͳΔ ↪ ؅ཧऀ͕खಈͰґଘؔ܎Λௐࠪ͢Δ ௿͍Φʔόʔϔουͱ௿ِ͍ӄੑʹΑΓ

    γεςϜ؅ཧऀ͕ར༻͢Δͱ͖ͷ৺ཧత఍߅Λ௿ݮՄೳ

  9. 2. ෼ࢄγεςϜ಺ͷ ґଘؔ܎ͷ௥੻ٕज़

  10. 10 ɾWebαʔϏεͷ෼ࢄγεςϜ಺ͷґଘؔ܎Λ௥੻Մೳ ɾWebαʔϏεͰ͸ɼΞΫηε਺͕େ͖͘ɼԠ౴଎౓͕1ඵҎԼͰ͋ Δ͜ͱ͕ಛ௃ ɾ઀ଓΛ࠶ར༻͠ɼ઀ଓ͝ͱͷෛՙΛ௿ݮ͍ͤͯ͞Δ ɾσʔληϯλʔ಺௨৴ͰHTTP/2ͷར༻͕૿େ ɾίωΫγϣϯϓʔϦϯάʹΑΓσʔλϕʔε΁ͷ઀ଓΛ࠶ར༻ ɾτϥϯεϙʔτ૚Ͱ͸ɼ௕໋ͳ઀ଓͱͳΔ܏޲͕͋Δ ຊݚڀͷ௥੻ର৅ͷલఏ

  11. 11 ෼ࢄγεςϜ಺ͷґଘؔ܎ͷ௥੻ٕज़ͷ෼ྨ ϦΫΤετϕʔε Ξϓϩʔν ΞϓϦέʔγϣϯ૚ͷϦΫΤετ͕ Ͳͷ௨৴ܦ࿏ΛͨͲΔ͔Λ௥੻͢Δख๏ ίωΫγϣϯϕʔε Ξϓϩʔν ऴ୺ϗετ্Ͱτϥϯεϙʔτ઀ଓͷঢ়ଶΛ औಘ͢Δ͜ͱʹΑΓґଘؔ܎Λ௥੻͢Δख๏

    ύέοτϕʔε Ξϓϩʔν ϗετ্΍εΠον্ͰύέοτϔομΛ؍ଌ ͢Δ͜ͱʹΑΓɼ ґଘؔ܎Λ௥੻͢Δख๏

  12. 12 ɾΞϓϦέʔγϣϯ૚ͷ֤ϦΫΤετʹࣝผࢠΛׂΓৼΓɼޙଓͷϦ ΫΤετʹຒΊࠐΜ্ͩͰɼޙଓͷϓϩηε΁఻ൖͤ͞Δ ɾࣝผࢠΛཔΓʹɼϦΫΤετ͕γεςϜ಺ͷͲͷϓϩηεΛܦ༝͠ ͯॲཧ͞Ε͔ͨΛ௥੻ ϦΫΤετϕʔεΞϓϩʔν M. Y. Chen, et

    al., Pinpoint: Problem Determination in Large, Dynamic Internet Services, IEEE/IFIP International Conference on DSN, pp. 595–604 2002. P. Barham, et al., Magpie: Online Modelling and Performance-aware Systems, HotOS, pp. 85–90 2003. R. Fonseca, et al., X-Trace: A Pervasive Network Tracing Framework, USENIX Conference on NSDI, pp. 20–20 2007. B. H. Sigelman, et al., Dapper, a Large-Scale Distributed Systems Tracing Infrastructure, Technical report, Google 2010.

  13. 13 ɾLinuxͷύέοτϑΟϧλ(iptables)Λར༻ͯ͠ɼτϥϯεϙʔτ૚ ઀ଓΛݕग़ ɾiptablesͰ઀ଓ։࢝ϩάΛऩू͠ɼϩάίϨΫλͰதԝͷσʔλ ϕʔεʹอଘ ɾLinuxΧʔωϧͷL4௨৴ػߏΛར༻͢ΔݶΓɼґଘΛ௥੻Մೳ ίωΫγϣϯϕʔεΞϓϩʔν [Clawson 15] [Clawson

    15] J. K. Clawson, Service Dependency Analysis via TCP/UDP Port Tracing, Master’s thesis, Brigham Young University-Provo 2015.

  14. 14 ɾωοτϫʔΫ૚ͷύέοτΛ΋ͱʹґଘΛ௥੻͢Δ ɾطଘͷτϥώοΫ͔ΒύέοτΛऩू͠ɼύέοτϔομ্ͷIPΞ υϨεͱϙʔτɼύέοτͷૹड৴ͷ࣌ࠁͳͲͷ৘ใΛղੳ͢Δ ɾ֤ܦ࿏ͰτϥώοΫྲྀྔʹ͕࣌ؒࠩ͋Δ͜ͱʹண໨͠ɼ֤ܦ࿏Ͱτ ϥώοΫੑ࣭ʹ૬͕ؔ͋ΔύλʔϯΛൃݟ͠ɼґଘΛਪఆ͢Δ ύέοτϕʔεΞϓϩʔν P. Bahl, et.al.:

    Towards Highly Reliable Enterprise Network Services via Inference of Multi-Level Dependencies, ACM SIGCOMM Review, Vol. 37, No. 4, pp.13–24 2007. X. Chen, et.al.: Automating Network Application Dependency Discovery: Experiences, Limitations, and New Solutions, USENIX Symposium on OSDI, pp.117–130 2008. P. Lucian, etl.al.: Macroscope: End-Point Approach to Networked Application Dependency Discovery, CoNEXT, pp.229–240 2009. A. Natarajan, et.al.: NSDMiner: Automated Discovery of Network Service Dependencies, IEEE INFOCOM, pp. 2507–2515 2012. A. Zand, et.al.: Rippler: Delay Injection for Service Dependency Detection, IEEE INFOCOM, pp. 2157–2165 2014.

  15. 15 ɾϦΫΤετϕʔεɾίωΫγϣϯϕʔε ɾ஗ԆΦʔόϔου: ௨৴ܦ࿏தʹ௥ՃͷॲཧΛڬΈࠐΉΦʔόϔου ɾίωΫγϣϯϕʔεɾύέοτϕʔε ɾِӄੑ: ύέοτͷαϯϓϦϯάʹΑΓྲྀྔͷখ͍͞઀ଓΛݕ஌Ͱ ͖ͳ͍ ɾ௥੻୯Ґ: OSϓϩηεͰ͸ͳ͘IPΞυϨε୯ҐͱͳΔ

    ɾϦΫΤετϕʔε ɾܭଌ४උίετ: طଘͷΞϓϦέʔγϣϯ಺ʹ௥੻ॲཧΛ௥Ճ͢Δ खؒ ֤Ξϓϩʔνͷ՝୊

  16. 3. ఏҊख๏

  17. 17 ఏҊख๏: ιέοτϕʔεΞϓϩʔν Linux OS Kernel Process Process TCP/UDP Flows

    … . . . User ιέοτ Λ؂ࢹ ɾιέοτͷ؂ࢹ͸ϓϩηεͷ ௨৴ͱ͸ಠཱ͍ͯ͠ΔͨΊɼ ஗ԆΦʔόϔουΛ௿ݮՄೳ ɾ઀ଓ࠶ར༻࣌ʹ͸͢΂ͯͷι έοτΛ௿ෛՙͰ؂ࢹՄೳ ɾιέοτʹΑΓɼϓϩηεͱ ઀ଓͷඥ෇͚͕Մೳ ɾϓϩηε͕ιέοτΛར༻͢ ΔݶΓಁաతʹ௥੻Մೳ

  18. 18 TranstracerͷγεςϜߏ੒ Host 1 Host 2 Host N CMDB Tracer

    Tracer Tracer Systems Administrator ɾϗετ্ʹTracerϓϩηεΛ഑ஔ ɾ֤Tracerϓϩηε͸औಘͨ͠઀ଓ৘ ใΛCMDB(઀ଓ৘ใ؅ཧDB)ʹอଘ ɾγεςϜ؅ཧऀ͸CMDBʹΞΫηε ͠ɼෳ਺ͷϗετʹ·͕ͨΓґଘؔ ܎Λऔಘ

  19. 19 ઀ଓ৘ใͷऔಘ Host Kernel Process Process TCP/UDP Flows … Tracer

    Polling ɾTracerϓϩηε͕LinuxΧʔωϧʹ໰͍߹Θ ͤɼTCP/UDPιέοτ৘ใΛϙʔϦϯάऔಘ ɾ઀ଓΛऴ୺͢ΔOSϓϩηε৘ใ΋͋Θͤͯ औಘ ɾιέοτ৘ใ: /proc/net/tcp΍Netlink sock_diag ɾϓϩηε৘ใ: /proc/<pid>/{stat,fd} . . . ॲཧʹհೖ͠ͳ͍ͨΊ ௿Φʔόʔϔου

  20. 20 Transtracerͷར༻ྫ $ ttctl --dbhost 10.0.0.20 --ipv4 10.0.0.10 10.0.0.10:80 (’nginx’,

    pgid=4656) ᵋ<-- 10.0.0.11:many (’wrk’, pgid=5982) 10.0.0.10:80 (’nginx’, pgid=4656) ᵋ--> 10.0.0.12:8080 (’python’, pgid=6111) 10.0.0.10:many (’fluentd’, pgid=2127) ᵋ--> 10.0.0.13:24224 (’fluentd’, pgid=2001) 10.0.0.10 nginx 10.0.0.11 wrk 10.0.0.12 python 10.0.0.13 fluentd :80 fluentd :8080 :24224

  21. 21 ϓϩηεͷσʔλߏ଄ ᶃ LinuxͷϓϩηεάϧʔϓΛ ϊʔυͷ࠷খ୯Ґͱ͢Δ ᵓᴷnginx,627,627 ᴹ ᵓᴷnginx,628,627 ᴹ ᵋᴷnginx,629,627

    $ pstree -apg | grep nginx ᶄ (ipv4, pgid, pname)Ͱϓϩηε ʹҰҙ੍໿Λ͔͚Δ ϓϩηε͸࠶ىಈ͢ΔͱID͕มԽ ͯ͠͠·͏ͨΊɼ໰͍߹Θͤ࣌ʹ ͸pgid͕ҟͳΔ΋ͷΛॏෳഉআ

  22. 22 ઀ଓ؅ཧͷͨΊͷσʔλߏ଄ ᶅ ActiveͱPassiveʹϊʔυΛ෼ྨ ᶆ Active => PassiveͷϑϩʔΛอଘ Active Passive

    Process Passive Active Port N Port M Active ಉҰϓϩηε͕Activeʹ΋ Passiveʹ΋ͳΓ͑Δ ಉҰϓϩηε͕ෳ਺ͷϙʔτ ΛϦοεϯ͢Δ͜ͱ͕͋Δ

  23. 23 ɾIPΞυϨεͱϙʔτ൪߸͕௨৴ܦ࿏தʹมߋ͞ΕΔͱϓϩηεؒͷඥ ෇͚͕Ͱ͖ͳ͘ͳΔ ɾϩʔυόϥϯαʹΑΔDNATͳͲ ɾNATͷηογϣϯΛಡΈऔΓɼมߋલޙͷΞυϨεͱϙʔτͷඥ෇ ͚Λߦ͏͜ͱ͸Մೳ ɾLinuxͷINETιέοτΛར༻͠ͳ͍ΞϓϦέʔγϣϯͷ઀ଓΛ௥੻Ͱ ͖ͳ͍ ɾDPDK΍netmapͳͲͷΧʔωϧΛόΠύεͯ͠௨৴͢Δٕज़ ఏҊख๏ͷ੍໿

  24. 4. ࣮ݧͱߟ࡯

  25. 25 1. ΞϓϦέʔγϣϯʹ༩͑ΔԠ౴஗ԆΦʔόϔουͷධՁ 2. ઀ଓ৘ใऔಘͷͨΊͷCPUར༻཰ΦʔόϔουͷධՁ ධՁ࣮ݧ ఏҊख๏ͱಛ௃͕ࣅ͍ͯΔίωΫγϣϯϕʔεΞϓϩʔνͷઌߦख๏[1] ͱ֤ΦʔόϔουΛൺֱ [1] J.

    K. Clawson, Service Dependency Analysis via TCP/UDP Port Tracing, Master’s thesis, Brigham Young University-Provo 2015.

  26. 26 ࣮ݧ؀ڥͷߏ੒ CMDB Client Server HTTP benchmarker HTTP server Tracer

  27. 27 ࣮ݧ؀ڥͷৄࡉ ߲໨ ࢓༷ Client CPU Memory Benchmarker Intel Xeon

    CPU E5-2650 v3 2.30GHz 2core 1 GB wrk 4.1.0-4 Server CPU Memory HTTP Server Intel Xeon CPU E5-2650 v3 2.30GHz 4core 1GB nginx 1.17.3 CMDB CPU Memory Database Intel Xeon CPU E5-2650 v3 2.30GHz 1core 1 GB PostgreSQL 11.3 ɾΠϯελϯε͸͢΂ͯ͘͞ΒͷΫϥ΢υ্ʹߏங ɾLinux Kernel 4.15 (Ubuntu Server 18.04.3 LTS)

  28. 28 1. Normal: ௥੻ॲཧ͕ͳ͍ঢ়ଶ 2. Transtracer: ఏҊख๏ (https://github.com/yuuki/transtracer v0.1.0) ɾϙʔϦϯάִؒ͸1ඵ

    3. iptables NEWϑΟϧλํࣜ: ৽ن઀ଓͷΈϩάΛग़ྗ 4. iptables ESTBϑΟϧλํࣜ: ઀ଓཱ֬தʹ΍ΓͱΓ͞ΕΔύέοτ ͷϩάΛαϯϓϦϯάͤͣʹग़ྗ ɾઌߦख๏ͷແ࡞ҝͳαϯϓϦϯάͰ͸ɼ௕໋ͳ઀ଓͰ͋ͬͯ΋ྲྀ ྔ͕খ͍͞઀ଓΛݟಀ͢Մೳੑ͕͋Δ ࣮ݧʹ༻͍Δ֤࣮૷

  29. 29 Ԡ౴஗ԆΦʔόʔϔου 50 100 150 200 250 300 350 400

    450 500 5000 10000 15000 20000 Average Latency (ms) Connections Normal 93.1 191.6 279.3 353.8 Transtracer 94.7 188.3 291.8 401.2 ESTB filter 115.0 236.0 359.0 462.5 NEW filter 113.1 214.4 310.0 449.3 ɾNormalʹରͯ͠transtracer ͕1.7~13.4%ͷΦʔόϔο υ૿ ɾiptables࣮૷ͷESTBϑΟϧ λํࣜʹରͯ͠ɼ transtracer͕13-20%ͷ Φʔόϔουݮগ

  30. 30 CPUར༻཰Φʔόʔϔου 0 10 20 30 40 50 60 70

    80 90 100 5000 10000 15000 20000 0 50 100 150 200 250 300 350 400 450 500 CPU usage (%) Reading sockets time(ms) Connections ttracerd’s CPU usage 13.2 23.0 34.2 44.4 ESTB filter’s CPU usage 72.2 75.9 78.8 78.6 Reading sockets time 102.3 199.1 317.8 408.6 ɾ20,000઀ଓʹ͓͍ͯɼ TranstracerͷCPUར༻཰ 44.4%ɼESTBϑΟϧλํ ࣜͷCPUར༻཰͸78.6% ɾ43.5%ͷCPUར༻཰ͷ௿ ݮ

  31. 31 ɾ2ສ઀ଓ࣌ʹϙʔϦϯάؒ ִΛ૿Ճͤ͞ΔͱCPUར༻ ཰͕Ͳͷఔ౓௿ݮ͞ΕΔ͔ ɾ5ඵҎ಺ͷ୹໋ͳ઀ଓΛݕ ग़Ͱ͖ͳ͘ͳΔՄೳੑ͕͋ Δ͔ΘΓʹɼ8.6%·Ͱ௿ݮ Մೳ ϙʔϦϯάִؒͱCPUར༻཰ͷؔ܎ 0

    5 10 15 20 25 30 35 40 45 50 55 1 2 3 4 5 CPU usage (%) Polling interval CPU usage 44.4 21.6 13.0 10.8 8.6

  32. 32 ɾԠ౴஗ԆΦʔόϔου ɾઌߦख๏ͷ2ͭͷϑΟϧλํࣜͱൺֱ͠ɼఏҊख๏͕༗ར ɾCPUར༻཰Φʔόϔου ɾNEWϑΟϧλํ͕ࣜɼॳճͷ઀ଓཱ֬࣌ͷΈCPUΛར༻͢Δͨ Ίɼ઀ଓͷ࠶ར༻؀ڥͰ͸༗ར ɾͨͩ͠ɼఏҊख๏͸ϙʔϦϯάִؒͷௐ੔ʹΑΓCPUར༻཰ͷ௿ ݮ͸Մೳ ઌߦख๏ͱͷൺֱߟ࡯

  33. 33 ɾ઀ଓΛ࠶ར༻͢Δ؀ڥͰ͸ɼ୹໋ͳ઀ଓΛݕ஌Ͱ͖ͳ͘ͱ΋࣮༻ ্໰୊ʹͳΒͳ͍ ɾϙʔϦϯάִؒΛCPUར༻཰͕े෼খ͘͞ͳΔ·ͰௐઅՄೳ ɾϦΞϧλΠϜੑͷ؍఺ͰɼϙʔϦϯάִ͕ؒ਺ඵ୯ҐͰ͋Ε͹ɼ ਓؒͷ൑அ଎౓ʹ͸Өڹ͠ͳ͍ ࣮؀ڥͰͷར༻Λ૝ఆͨ͠ߟ࡯

  34. 5. ·ͱΊͱࠓޙͷల๬

  35. 35 ɾγεςϜมߋ࣌ͷϦεΫΛ༧ଌ͢Δ͜ͱΛ໨తʹɼϓϩηεؒґଘ ؔ܎Λ௥੻͢ΔΞʔΩςΫνϟ Transtracer ΛఏҊͨ͠ ɾιέοτ؂ࢹʹΑΓɼΦʔόʔϔουΛ௿ݮͤͭͭ͞ɼϓϩηεؒ ͷґଘؔ܎Λ໢ཏతʹݕग़Մೳ ɾ઀ଓΛ࠶ར༻͢Δ͜ͱͷଟ͍WebαʔϏεͷ෼ࢄγεςϜʹ͓͍ ͯɼ࣮༻ՄೳͳϨϕϧͷΦʔόʔϔουͱݕग़ਫ਼౓ΛಘΒΕͨ ·ͱΊ

  36. 36 ɾ͢΂ͯͷ઀ଓΛ௥੻͢ΔલఏͰɼ͍͔ʹΦʔόʔϔουΛ௿ݮͤ͞ ͍͔ͯ͘Λݚڀ։ൃ͍ͯ͘͠ ɾLinuxΧʔωϧ಺ͷॲཧΛ֦ுՄೳͳeBPFΛར༻͠ɼconnectͱ acceptΠϕϯτͷΈΛετϦʔϛϯάͰ௥੻͢Δ ɾUDP௨৴ͷ௥੻ͷରԠ ɾKubernetesͳͲͷීٴ͍ͯ͠ΔΞϓϦέʔγϣϯ࣮ߦج൫্Ͱಈ࡞ ͤ͞Δ ɾΤοδίϯϐϡʔςΟϯάΛݟਾ͑ͯCMDBͷ෼ࢄ഑ஔ ࠓޙͷల๬

  37. ิ଍ࢿྉ

  38. 38 ɾιέοτͷϙʔϦϯά ɾ਺ඵҎԼͷ୹໋ͳ઀ଓΛݟಀ͢Մೳੑ͕͋Δ ɾWebαʔϏεͷΑ͏ͳ઀ଓ࠶ར༻؀ڥͰ͋Ε͹໰୊ͳ͍ ɾύέοτͷαϯϓϦϯά ɾ௕໋ͳ઀ଓͰ͋ͬͯ΋ɼݟಀ͢Մೳੑ͕͋Δ ɾಉҰϗετ্Ͱྲྀྔͷେ͖͍઀ଓͱྲྀྔͷখ͍͞઀ଓ͕ࠞ߹ͯ͠ ͍ΔͱޙऀΛݟಀ͠΍͍͢ ɾγεςϜ؅ཧऀ͕Ͳͷ઀ଓΛݟಀ͔͢Λ༧ଌͮ͠Β͍ ِӄੑͷൺֱ:

    ϙʔϦϯάͱαϯϓϦϯά

  39. 39 ɾϙʔϦϯά͕ݟಀ͢୹໋ͳ ઀ଓΛݕग़͢ΔͨΊʹετ ϦʔϛϯάΛ૊Έ߹ΘͤΔ ɾeBPFʹΑΓɼconnect(2)ͱ accept(2)ΠϕϯτΛऔಘ ͠ɼϑϩʔ৘ใΛऔಘ͢Δ ɾUDPͷ৔߹͸send_msg(2), recv_msg(2)Πϕϯτ ετϦʔϛϯάʹΑΔ઀ଓͷݕग़

    Linux Host Kernel Process Process TCP/UDP Flows … . . . User Streaming Tracer

  40. 40 ɾiovisor/bcc಺ͷtcpacceptͰɼඇӬଓԽ؀ڥͰͷෛՙ࣮ݧ ɾwrk (HTTP KeepAlive off)Ͱಉ࣌઀ଓ1000ͰnginxʹϕϯνϚʔΫ ɾCPUར༻཰͸45~50%/coreఔ౓ ɾԠ౴஗ԆͷΦʔόϔου͸༗ҙͳѱԽ͸ݟΒΕͳ͔ͬͨ ɾeBPFͷΠϕϯτΛ͢΂ͯϢʔβʔϥϯυʹίϐʔ͍ͯ͠Δ͜ͱ͕ CPUෛՙ͕ߴ͍ཁҼ͔΋͠Εͳ͍

    eBPFͷετϦʔϛϯάෛՙͷ༧උ࣮ݧ ৄࡉ͸࣮ݧϊʔτ΁ https://www.notion.so/yuuk1/iovisor-bcc-tcpconnect-tcpaccept-af2d1fdce35c49fb945b548db373213d

  41. 41 ɾ͢΂ͯͷ઀ଓ৘ใΛऩू͢ΔͱɼCMDBʹ֨ೲ͢Δσʔλྔ͕େ͖͘ ͳΔͨΊɼ৑௕ͳ৘ใΛ࡟ݮ͢Δ ɾΤϑΣϝϥϧϙʔτ: Χʔωϧ͔ΒׂΓ౰ͯΒΕΔϥϯμϜͳૹ৴ݩ ϙʔτ ɾಛఆͷLISTENϙʔτ΁ෳ਺ͷΤϑΣϝϥϧϙʔτ͔Β઀ଓ͞ΕΔ ɾ͜ΕΒͷ઀ଓΛू໿͠ɼ୯Ұͷ઀ଓͱΈͳ͢ ΤϑΣϝϥϧϙʔτͷू໿ Host

    Port Process Port Port Host Port Process ୯Ұͷ઀ଓ ͱͯ͠ू໿ LISTEN ΤϑΣϝϥϧ