[b]Linux 2.6 en los Hosts[/b][/size]
Seis de los 20 servidores anfitriones funcionan ahora con la versión 2.6 del núcleo de Linux, con el programador de disco de cola justa CFQ.
Ahora que lo hemos estado ejecutando en algunas cajas durante un tiempo, tengo una idea bastante buena de cómo se desempeña. He notado que 2.6 es mejor en algunas cargas de trabajo, y un poco peor para otras cargas de trabajo, en comparación con 2.4 (determinado por la comparación de la salida de mrtg y vmstats antes y después de 2.6). Soy optimista de que hay algunas ganancias adicionales que se tienen con algunas de las opciones de ajuste de VM (/proc/sys/vm/*).
En general, creo que la versión 2.6 es "algo bueno", y en algún momento pasaremos el resto de los anfitriones a la versión 2.6.
[b]¡Se acabó el I/O Thrashing de disco![/b][/size]
La razón principal por la que quería pasar a la 2.6 era por las mejoras en el rendimiento de E/S con respecto a la 2.4.
Linux es susceptible de lo que yo llamaría un "ataque de denegación de servicio al disco duro" cuando hay una alta tasa de peticiones de lectura/escritura aleatorias, llenando la cola de peticiones. Esto causa problemas de latencia para otras peticiones, y esencialmente hace que las cosas se detengan.
Este es exactamente el tipo de carga de trabajo que ocurre cuando un Linode está continuamente machacando sus dispositivos de intercambio (lectura y escritura rápidas) y cuando el host está bajo presión para escribir esas páginas sucias (lo que siempre ocurrirá, después de algún tiempo). Desgraciadamente, el parche de CFQ para la versión 2.6 no resolvió este problema. (Tampoco lo hacen los programadores por defecto de anticipación o de fecha límite).
CFQ ayuda un poco con muchos hilos que hacen I/O al azar (como durante las fiestas de los trabajos cron), pero no elimina la posibilidad de que un Linode se cuele en todo el host. Sigue leyendo para ver la solución...
[b]Parche limitador de fichas de solicitud de E/S UML[/b][/size]
He implementado un simple Filtro/Limitador de Cubos de Fichas alrededor del controlador asíncrono UBD dentro de UML. El método token-bucket es bastante limpio. Así es como funciona: Cada segundo, se añaden x tokens al cubo. Cada solicitud de E/S requiere un token, así que tiene que esperar hasta que el cubo tenga algunos tokens antes de que se le permita realizar la E/S.
Este método permite una tasa de ráfagas/sin restricciones hasta que el cubo se vacía, y entonces empieza a estrangularse. Perfecto.
Enlaces:
[url=http://www.theshore.net/~caker/patches/token-limiter-v1.patch]token-limiter-v1.patch[/url]
[url=http://www.theshore.net/~caker/patches/token-limiter-v1.README]token-limiter-v1.README[/url]
[b][color=darkred]¡Con este parche, un solo Linode ya no puede calzar al huésped![/color][/b]
Esto es un gran problema, ya que el único método para corregir esto cuando sucede era que yo interviniera, y detuviera al infractor Linode.
El parche del limitador está en el kernel 2.4.25-linode24-1um (el 2.6 lo hará en breve).
Los valores por defecto son muy altos, y dudo que ninguno de vosotros se vea afectado por ello en un uso normal. Puedo cambiar los valores de recarga y tamaño de cubo durante el tiempo de ejecución, así que podré diseñar un monitor para cada host que cambie dinámicamente los perfiles dependiendo de la carga del host. Esto es una gran cosa 🙂 .
[b]Linux 2.6 para los Linodes[/b][/size]
Todavía no he anunciado oficialmente el kernel 2.6-um. Todavía hay algunos errores y problemas de rendimiento por resolver. Todavía no recomiendo utilizar el kernel 2.6-um para producción, pero algunos usuarios aventureros lo han probado y han informado de algunas de las peculiaridades que conlleva su funcionamiento en cada distro. Intentaré compilar una guía para migrar a la 2.6 y publicarla una vez que el kernel sea más estable.
[b]¿Qué hay de nuevo en el mundo de UML?[/b][/size]
Hace tiempo que necesitamos nuevos parches UML. Supongo que tendremos una nueva versión de UML (tanto para la 2.4 como para la 2.6) en las próximas dos semanas aproximadamente.
Además de las habituales correcciones de errores, sé que Jeff ha estado trabajando en el soporte de AIO para el controlador IO dentro de UML. AIO es una nueva característica implementada en 2.6 (en los hosts). Algunos beneficios son:
La capacidad de enviar múltiples solicitudes de E/S con una sola llamada al sistema.
La capacidad de enviar una solicitud de E/S sin esperar a que se complete y de solapar la solicitud con otros procesos.
Optimización de la actividad del disco por parte del kernel mediante la combinación o reordenación de las solicitudes individuales de una E/S por lotes.
Mejor utilización de la CPU y rendimiento del sistema mediante la eliminación de hilos adicionales y la reducción de los cambios de contexto.
[/lista]
Más información sobre AIO:
http://lse.sourceforge.net/io/aio.html
http://archive.linuxsymposium.org/ols2003/Proceedings/All-Reprints/Reprint-Pulavarty-OLS2003.pdf
- —
¡Eso es todo!
-Chris
Comentarios (12)
This may be naive, but wouldn’t it help tremendously to have all the swap partitions for a given linode on a different drive?
[quote:9a75d3e3be=”diN0″]This may be naive, but wouldn’t it help tremendously to have all the swap partitions for a given linode on a different drive?[/quote]
It might, but that’s not the point, really. Before this patch, a single UML could consume all of the I/O (say, for a given device, like you suggested). It would still cause the same problem when other Linodes tried to access the device. The same effect can be had with “swap files” that exist on your filesystem (rather than actual ubd images) or heavy I/O on any filesystem.
With this patch, I am able to guarantee a minimum level of service. Previously that wasn’t possible.
-Chris
Great work chris, I genuinely can’t think of anything else you can improve upon! 😉
Chris,
I tried the 2.6 kernel of Redhat 9 (large) a few days ago. It failed to boot & I had to switch back to 2.4.
Another forum thread had the same problem.
dev/ubd/disc0: unknown partition table
/dev/ubd/disc1: unknown partition table
I am really excited about this. As you know I have been one of the most vocal proponents of some system of throttling disk I/O so that an overzealous Linode cannot DOS the host.
It sounds like this solution will require everyone to upgrade to a 2.6 kernel, which means that it cannot be applied until everyone is ready to go to 2.6 (and it will only be effective when *everyone* has upgraded to this fixed kernel). So I guess the solution is months away. But at least there is a plan in the works to solve this problem for good.
Great job man! Keep up the good work!
Just curious – why not solve this problem in the host kernel instead? Can the host kernel be patched to limit any one of its processes using the I/O token system that you have devised? Then the Linode themselves can run any kernel they want to and the host system will prevent any one from thrashing the disk.
Ideally this would be some kind of rlimit option, so that it could be applied just to the Linode processes themselves and not to the other processes of the host system.
I don’t know if the I/O layer that’s deeper in the kernel than the UML ubd driver is harder to work with though … perhaps it would be too complex to modify the fundamental Linux I/O code than it is to modify the ubd driver?
caker, thanks for all the hard work you’ve put in to keep the linode hosts in top shape.
It’s rather surprising that CFQ didn’t solve the I/O scheduling problem, though. The algorithm is supposed to be [i]completely fair[/i] towards each thread requesting I/O. 😛
[quote:52760ef410=”Quik”]Great work chris, I genuinely can’t think of anything else you can improve upon! :wink:[/quote]
Thanks Quik 🙂
[quote:52760ef410=”gmt”]Chris,
I tried the 2.6 kernel of Redhat 9 (large) a few days ago. It failed to boot & I had to switch back to 2.4.
Another forum thread had the same problem.
dev/ubd/disc0: unknown partition table
/dev/ubd/disc1: unknown partition table[/quote]
You can always ignore this warning message — it’s just telling you that the ubd devices are not partitioned. You’re using the entire block device as one giant ‘partition’.
To get 2.6 to work under RedHat, first rename /lib/tls to something else (since 2.6-um and NPTL don’t mix yet).
-Chris
[quote:2eaacf3890=”bji”]I am really excited about this. As you know I have been one of the most vocal proponents of some system of throttling disk I/O so that an overzealous Linode cannot DOS the host.
It sounds like this solution will require everyone to upgrade to a 2.6 kernel, which means that it cannot be applied until everyone is ready to go to 2.6[/quote]
Not sure where you read that from my post. I’ve already patched the 2.4.25-linode24-1um kernel with the token-limiter patch, and 2.6-um to follow shortly.
[quote:2eaacf3890=”bji”](and it will only be effective when *everyone* has upgraded to this fixed kernel). So I guess the solution is months away. But at least there is a plan in the works to solve this problem for good.[/quote]
Most/all of the repeat offenders have already been rebooted into the “linode24″ kernel (with the limiter patch). So the solution is in effect right now. But, you are correct — there are still many Linodes running un-limited.
[quote:2eaacf3890=”bji”]Great job man! Keep up the good work![/quote]
Thanks!
-Chris
[quote:f066e66db0=”bji”]Just curious – why not solve this problem in the host kernel instead? Can the host kernel be patched to limit any one of its processes using the I/O token system that you have devised? Then the Linode themselves can run any kernel they want to and the host system will prevent any one from thrashing the disk.
Ideally this would be some kind of rlimit option, so that it could be applied just to the Linode processes themselves and not to the other processes of the host system.
I don’t know if the I/O layer that’s deeper in the kernel than the UML ubd driver is harder to work with though … perhaps it would be too complex to modify the fundamental Linux I/O code than it is to modify the ubd driver?[/quote]
I agree — the correct solution is to get Linux fixed, or perhaps to get UML to use the host more efficiently. Some of the UML I/O rework is already under way (the AIO stuff), but that kind of thing *is* months away…
One interesting “feature” of the CFQ scheduler is an ionice priority level. But, I wasn’t able to get the syscalls working to test it.
-Chris
[quote:01c9cda963=”griffinn”]caker, thanks for all the hard work you’ve put in to keep the linode hosts in top shape.
It’s rather surprising that CFQ didn’t solve the I/O scheduling problem, though. The algorithm is supposed to be [i]completely fair[/i] towards each thread requesting I/O. :P[/quote]
I’m not sure where the bottleneck is — but as far as I can tell, CFQ and the standard scheduler in 2.4 appear equally (non)responsive in the worst-case scenario. Go figure…
One interesting thing is that UML uses the no-op elevator. Jeff and I got into a discussion about this, and he says there’s no point to UML doing any request merging, but I disagree. I’d rather have UML do some of it’s own request merging and reordering than force the host to do it all. Plus, it makes UML appear to the host as more of a streaming type load than a random load…
Think back to the last set of tiobench benchmark results you’ve seen — look how poorly the random-i/o results are compared to “streaming-read” and “streaming-write”…
So .. another hack to the UML code (one-liner) to test…
-Chris
Thanks, Caker. I have a tiny linode and I make almost no demands on the system, so far at least. However, fairness is part of what you sell. It sounds like the leaky bucket in the UM kernel solves most of the problem with a minimum of effort. I’ve been implementing fairness algorithms for at least 30 years, so I have a few theoretical observations and questions:
You appear to be issueing tokens independently to each process at an absolute rate, independent of the actual resource availability. This means that a UML may get limited even if nobody else wants the resource, yes? It might be better for the host kernel to issue tokens at an over-all rate to the UMLs.That way a particular UML can use the whole resource if nobody else wants it. since everybody’s buckets are full, the instant anyone else wants to use the resource the original user is instantly throttled to 50% as the tokens are returned equally to the two users, and so on as more users are added. That is, the main kernel returns tokens to each UML with a non-full bucket equally, but does not add tokens to a bucket that is already full. The host kernel should dyamically adjust its token generation rate to just keep the resource occupied. I’ve successfully done this in the past by watching the resource: if the resource goes idle when thre are any empty buckets, slightly increase the token rate. If the resource never goes idle, slightly decrease the token rate.
Next issue: Do you “oversubscribe” the host memory? That is, does the sum of the UML memory sizes exceed the size of the host’s real application space? If so, the host swapspace is used, causing disk activity at this level. This is independent of the swap activity within each UML as the user exceeds its “real” space and begins to use its swap partition. I’m guessing that host-level swapping does not count against any UML’s bucket. but that UML-level swapping does. This would be tha fair way to do this. However, host-level swapping will reduce the overall amount of IO resource that is available to the users. The algorithm above will account for this.
Next issue: Do we have fairness issues with network bandwidth? do you intend to add a token system to address this?
Again: I’m a happy camper. These are purely theoretical questions for me.