Resource containers: A new facility for resource management in...
Transcript of Resource containers: A new facility for resource management in...
![Page 1: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/1.jpg)
Resource containers:A new facility for resource management in server systemsAuthors:Gaurav BangaPeter DruschelJeffrey C. Mongul
Presented by: Cassiano Campes
OSDI 1999
![Page 2: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/2.jpg)
The high-performance servers
● Researchers are giving attention to improve web servers performance● Previous servers used one-process per connection● New servers use single-process to reduce context-switching costs
Malicious client manages to consume all of the resources
MultipleConnections
requestsDoS
2* DoS = Denial-of-Service
![Page 3: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/3.jpg)
Quality-of-Service from service providers
● How to give differentiated QoS to clients● How control resource usage
○ Application has no control over the consumption of resources inside kernel
● How application can control which connections are high priority
No “connection” between Application and kernel (resource management)
3* QoS = Quality-of-Service
![Page 4: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/4.jpg)
Typical models for high-performance servers
Event-driven server Process-per connection Single-process multi-threaded
Master process attach connection
Thread scheduler is responsible for time
sharingUses select() or poll() 4
![Page 5: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/5.jpg)
ProcessResource Management
5
![Page 6: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/6.jpg)
Domain-classification of processes
● Network-intensive application● Multi-process application● Single-process multi-threaded application
6
![Page 7: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/7.jpg)
Network-intensive application
● Multiple threads doing single activity● Lot of process done in kernel
Kernel generally does not control accounting for such resource
consumption
7
![Page 8: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/8.jpg)
Multi-process application
● Multiple user space processes cooperating to perform a single activity
● Managing is done in all process rather than of individual processes
Resource management is a set of all the processes.
8
![Page 9: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/9.jpg)
Single-process multi-threaded application
● Single process using multiple threads○ One for each connection
Resource management is a set of all the resources used for the
independent activity.
9
![Page 10: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/10.jpg)
TheMotivationOf theResearch
10
![Page 11: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/11.jpg)
● General-purpose OS provides inadequate support for resource management● Resource management is tied to processes running to a given machine● Applications have little control over resources the kernel uses for them● Resources used by the kernel are often accounted / utilized inaccurately
○ ( according to the process ) resulting in bad scheduling decisions
Problems
11
Processes (protection domains) are the unit of resource management - the
“resource principal”
![Page 12: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/12.jpg)
ResourceContainer
12
![Page 13: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/13.jpg)
Resource Containers
● Abstraction entity that logically contains all system resources○ CPU time, sockets, network buffers, etc.
● Containers can also be attached with attributes○ Limit resources such as: CPU availability, Network QoS, scheduling priorities, etc.
● Resource container aspects○ Hierarchy (parent -> children)○ Dynamic resource binding
13
![Page 14: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/14.jpg)
How does it works?
● Applications have to identify resource principals○ Associate those independent activities with resource containers
14Hardware
Host OS kernel with virtualization layer
Container 1 Container 2 Container 3
Applications Applications Applications
Thread
![Page 15: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/15.jpg)
Containers in a multi-threaded server
● New RC created for each connection● Connection uses lot of system resources
○ Usage charged to the corresponding container
15* RC = Resource container
![Page 16: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/16.jpg)
Containers in an event-driven server
● Web Server associates a new container for each connection
○ Single-thread serviced
● Thread’s binding changes dynamically as it moves across connections
● The associated container will be charged for the processing the thread performs
16
To avoid rescheduling threads after every resource container binding, a list of
containers is associated with a thread and it is used to schedule the thread
![Page 17: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/17.jpg)
Resource Containers summary
● RC allow an application to associate scheduling info with an activity○ Allows system’s scheduler to provide resources directly to an activity
● Container mechanism supports a large variety of scheduling models○ Numeric priorities, guaranteed CPU shares, or CPU usage limits
● Scheduler binding between each thread being multiplexed○ Account the threads that have been shared in multiple containers○ A thread scheduler binding is set implicitly
17
LRP: for such a network processing, the kernel does minimal processing and gives
the remainder to the application
* LRP = Lazy Receiver Processing
![Page 18: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/18.jpg)
Evaluation
18
![Page 19: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/19.jpg)
Prototype implementation
● Modifications in Digital UNIX 4.0D kernel● Changes in CPU scheduler, resource management and network subsystem● Per-process kernel thread used for processing network packets in priority
order of their containers○ For accounting, this thread sets its resource binding appropriately
19
![Page 20: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/20.jpg)
Prioritized handling of clients
● As the number of CGI increases, CPU is shared among a larger set of processes
20* Common Gateway Interface
![Page 21: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/21.jpg)
Immunity against SYN-flood
● Malicious clients sent bogus SYN packets to server at high rate
● Measured server’s throughput○ Slight degradation due to the interrupt
overhead from SYN flood○ Kept above 73% throughput
21
![Page 22: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/22.jpg)
Conclusion
22
![Page 23: Resource containers: A new facility for resource management in …csl.skku.edu/uploads/ECE5658S17/week3a.pdf · 2017-03-26 · Resource Containers summary RC allow an application](https://reader034.fdocuments.us/reader034/viewer/2022050507/5f98a32c4296de7d664ed4fc/html5/thumbnails/23.jpg)
Conclusion
● Resource container can explicitly identify a resource principal● Explicit and fine-grained control over resource consumption
○ In all levels of the system (user & kernel space)
● Separation of resource management from protection domain● Can be used to address a large variety of resource management scenarios
23