-
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/linux: use NETLINK_SOCK_DIAG #1660
base: master
Are you sure you want to change the base?
Conversation
@@ -374,15 +373,15 @@ type inodeMap struct { | |||
} | |||
|
|||
type connTmp struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reorder struct elements for better memory alignment/usage.
To quantify this change is hard, as it is hard to have a controlled environment, where network connections do not open/close all the time. For this reason, I think, the Program to test impact of NETLINK_SOCK_DIAG
In the first picture the program is using shirou/gopsutil@v4.24.5. Here one can see the impact of the repeated call of the read syscall. The following picture shows the impact of this proposed change. There are less read syscalls and instead the newly introduced netlink syscall to the NETLINK_SOCK_DIAG is noticeable. Both pictures are generated with continuous on-CPU profiling. So consequently, what is not shown in these pictures is the off-CPU part. As the original implementation is reading and processing files to extract network connection, the waiting on i/o is not visualized in both pictures. As the proposed change is less i/o intensive, garbage collection is also reduced with the proposed change. @shirou I would be interested on your feedback. |
To retrieve network information use NETLINK_SOCK_DIAG instead of walking /proc/<PID> and parsing files. Consequently this reduces the number of syscalls, as walking /proc/<PID> and opening, reading and closing files is no longer required. But it also reduces the memory footprint as reading files into memory for processing is no longer required. Related issues: - shirou#695 - shirou#784 Supersedes shirou#809 Signed-off-by: Florian Lehner <dev@der-flo.net>
Signed-off-by: Florian Lehner <dev@der-flo.net>
Signed-off-by: Florian Lehner <dev@der-flo.net>
Thank you very much for the excellent PR. Netlink support has been a concern for over 5 years or more. However, when we tried it in #809, the issue seemed to be with obtaining the PID and FD, rather than the change to netlink. But it was so long ago that I don't remember very well... And perhaps various things have changed with the recent versions of Go. Therefore, I have a few requests:
|
Benchmark code
old.txt
new.txt
Note The number of network connections and processes changed during the benchmark. Therefore, the results are not reliable. The benchmark does also not reflect the positive impact of the proposed change on the garbage collector, when running in a real world application or the reduced number of syscalls. 10 iterations of the benchmark with current master did take
As mentioned in #1660 (comment) providing a reliable benchmark for this change is hard.
How does the number of dependencies impact performance?
As can be seen in the flamegraphs in #1660 (comment) walking On systems processes and network connections start and stop all the time. Using |
Thank you for the benchmark. However, from this, it appears that the time increased by 88%, memory usage for Inet slightly decreased but increased for All, and allocations increased by 40%. This suggests that performance seems to have worsened. I understand that accurate measurement is difficult, but is this result accurate?
Increasing unnecessary dependencies will increase the final build time and binary size. Moreover, gopsutil is a library, meaning it is used by various other applications. If gopsutil depends on many other libraries, it makes troubleshooting more difficult for application developers. Therefore, I would like to minimize the number of dependencies as much as possible. |
No - these numbers are totally off, not reliable and not reproducible. I have mentioned this already in the Note in #1660 (comment). Note The number of network connections and processes changed during the benchmark. Therefore, the results are not reliable. The benchmark does also not reflect the positive impact of the proposed change on the garbage collector, when running in a real world application or the reduced number of syscalls. If using this PR with elastic-agent, the CPU consumption is reduced by 10% and heap size is also reduced by 8 to 10%. @shirou Data accuracy is another reason for #1660. With netlink one gets all network connections at once. While with the current approach the returned resuts can contain network connections that no longer exists or even miss network connections. |
To retrieve network information use NETLINK_SOCK_DIAG instead of walking
/proc/<PID>
and parsing files.Consequently this reduces the number of syscalls, as walking
/proc/<PID>
and opening, reading and closing files is no longer required. But it also reduces the memory footprint as reading files into memory for processing is no longer required.Related issues:
net.Connections("all")
causes high CPU usage on server with 120K connections #784Supersedes #809