-
Notifications
You must be signed in to change notification settings - Fork 90
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
does OpenOnload + AF_XDP + Intel NIC support nginx multiple workers ? #70
Comments
Hello Ligong, Thanks for the interest and detailed info. With your set-up do you use two NICs? One for upstream and one for downstream? Accelerating upstream and downstream are somewhat separate problems and best to tackle them one by one. Firstly, on downstream side to be able to receive traffic to multiple stacks a RSS support is required. Before jumping to RSS yet I'd advise tuning Nginx in single worker mode to see whether you get appropriate performance. Best Ragards, |
Hi @maciejj-xilinx , this explains the problem we see with memcached in multi-threaded mode on Mellanox NiCs as well. When memcached is offloaded via Onload-on-AF_XDP, we see only one thread processing traffic and rest all else idle. On deeper inspection, we see Is there any patch you can apply quickly to use RSS on non-SFC NiCs or can you give the instructions for using kernel MAC filters with RSS enabled ? |
Hi Maciej, Thanks for your quick reply.
for this setup onload nginx proxy uses two XXV710 NIC ports, and eth1 is nginx proxy downstream, eth0 is upstream, run wrk on One thing to mention before this test I also run one nginx worker test, the Onload number is pretty good, outperform a lot of for this setup I make two tests, one let onload acclerates both eth0 and eth1, and two acclaretes eth1 only, both tests show for the i40 NIC you mentioned the workaronud by rely on kernel MAC filter with RSS enabled, what is configure option or I have take a look at the onload AF_XDP support code (point me out if I am wrong), the kernel side efhw\af_xdp.c nic init hw The Linux kernel Documentation\networking\af_xdp.rst mentioned the ring structure are single-consumer/single-producer, Best Regards, |
Can you please respond to this question:
and to this question:
|
@ligong234 I think @maciejj-xilinx maybe talking about this: |
I have given this some though but was not able to put together all the steps and test. This might take a bit of time. @shirshen12 is this with single Onload stack? to capture traffic on multiple queues, multiple stacks are needed. This is a simple test on rx side with use of rss, with enable_af_xdp_flow_filters=0
Best to start as many instances as many RX channels your device got setup - not less not more - this is crucial to cover entire traffic. The number of channels can be adjusted: e.g. I would expect this to work for @ligong234 with Intel NIC, with Mellanox ... probably - easy to check. The test is to do several connection attempts from the peer host and see if both onload stacks show some traffic.
In my case both stacks opened some half of the connections:
|
@maciejj-xilinx, @shirshen12, Thanks your guys for share the valuable information, I will give it a try and post the result shortly. |
unfortunately, my setup does not have the parameter "enable_af_xdp_flow_filters", and onload source code does not contains this string. my setup is derived from " 2021-12-15 [Jamal Mulla] ON-13728: Fixes the missing CTPIO ptr issue (#856)", @maciejj-xilinx which onload version are you running ?
|
Have you registered your NiC to AF_XDP @ligong234 ? |
@shirshen12 Yes I do.
|
Is it a Intel NiC or Mellanox NiC ? If its a Intel NiC, you need to enable flow director. I can give you exact instructions per the NiC make. |
@shirshen12 it is Intel Corporation Ethernet Controller XXV710 for 25GbE SFP28 (rev 02) |
please see instructions for i40e below, please follow as is. Its for Ubuntu 21.04 LTS Driver: ixgbe upgrade to latest OS kernel
reboot into new kernel Install dependencies
build the intel driver, ixgbe
build the intel driver, i40e
The binary will be installed as: Load the ixgbe module using the modprobe command. Load the i40e module using the modprobe command. update the initrd/initramfs file to prevent the OS loading old versions of the ixgbe driver. reboot again, just for safety Install Onload:
register the NiC with AF_XDP driver interface turn on Intel Flow Director You are set! |
@shirshen12 Thanks for sharing the detail instructions, that is exactly what I did, a little bit difference is that my system is CentOS and use kernel in tree i40e driver, the single worker onload nginx is working fine. The problem I have right now is my onload resource driver does not have the "enable_af_xdp_flow_filters" parameter as maciejj-xilinx pointed out, which prevent me from running multiple instances of onload nginx. This is a simple test on rx side with use of rss, with enable_af_xdp_flow_filters=0
my env and instructions are as below:
|
Can you move to Red Hat 8 or CentOS 8 ?I know you are on 4.18+ but it looks like somehow the eBPF VM is not baked into CentOS 7.6 (it was in preview mode last I knew, not production grade) |
Hi @ligong234,
You need to update your source tree. This feature got added with b8ba4e2 on 28 Feb 2022. Andy |
@abower-xilinx Thanks you I will give it a try |
Did it work for you @ligong234 . I thought you were using latest master branch of onload. |
@shirshen12 I have not try the latest master branch, my test is basing on Onload 2021-12-15 commit, I will try the latest master and report the result. |
Hi @maciejj-xilinx its for multhreaded memcached, |
Update, today I try the Onload latest master branch, and hit another error. multiple nginx instances start successfully, when I start wrk, nginx complain failed to allocate stack, and dmesg shows out of VI instances, and the error code is -EBUSY.
steps to reproduce, I turn off the xdp zerocopy, when it is on , onload failed to allocate UMEM
|
by default, onload does not get into generic mode of XDP in case driver support does is not available. Please dont turn off ZC support for AF_XDP. I also used to get this error @ligong234 |
I tested the SO_REUSEPORT thing and it works!!!! But yeah multithreaded apps with auto sensing of RSS is not there. So we can work around it this way. |
Hello Onload Team,
I am follow the instructions in https://www.xilinx.com/publications/onload/sf-onload-nginx-proxy-cookbook.pdf, and
managed to make OpenOnload work on CentOS Linux release 7.6.1810 (Core) plus CentOS 8.4 kernel 4.18.0-305.12.1, all
onload drivers were loaded successfully, and I can register the Intel XXV710 NIC to onload, I want to do nginx proxy
benchmark test, start with four worker process, from another machine I uses wrk to generate the http requests, I noticed there
is only one nginx process is handling requests, while others are all idle, if I kill this busy nginx, a new nginx process
is forked and start handling http requests, the other three nginx are always idle, so the question is: does OpenOnload + AF_XDP
my environment setup is as below:
[root@localhost openonload]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@localhost openonload]# uname -a
Linux localhost 4.18.0-305.12.1.el7.centos.x86_64 #1 SMP Wed Aug 25 14:27:38 CST 2021 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost openonload]# ethtool -i eth1
driver: i40e
version: 4.18.0-305.12.1.el7.centos.x86_
firmware-version: 6.01 0x8000354e 1.1747.0
expansion-rom-version:
bus-info: 0000:5e:00.1
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
[root@localhost openonload]# lspci -s 5e:00.1 -v
5e:00.1 Ethernet controller: Intel Corporation Ethernet Controller XXV710 for 25GbE SFP28 (rev 02)
Subsystem: Intel Corporation Ethernet Network Adapter XXV710
Physical Slot: 3
Flags: bus master, fast devsel, latency 0, IRQ 657, NUMA node 0
Memory at c3000000 (64-bit, prefetchable) [size=16M]
Memory at c5800000 (64-bit, prefetchable) [size=32K]
Expansion ROM at c5e00000 [disabled] [size=512K]
Capabilities: [40] Power Management version 3
Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+
Capabilities: [70] MSI-X: Enable+ Count=129 Masked-
Capabilities: [a0] Express Endpoint, MSI 00
Capabilities: [100] Advanced Error Reporting
Capabilities: [140] Device Serial Number 78-d4-1c-ff-ff-b7-a6-40
Capabilities: [150] Alternative Routing-ID Interpretation (ARI)
Capabilities: [160] Single Root I/O Virtualization (SR-IOV)
Capabilities: [1a0] Transaction Processing Hints
Capabilities: [1b0] Access Control Services
Kernel driver in use: i40e
Kernel modules: i40e
[root@localhost openonload]# rpm -qi nginx
Name : nginx
Epoch : 1
Version : 1.16.0
Release : 1.el7.ngx
Architecture: x86_64
Install Date: Tue 04 Jan 2022 04:04:30 PM CST
Group : System Environment/Daemons
Size : 2811760
License : 2-clause BSD-like license
Signature : RSA/SHA1, Tue 23 Apr 2019 11:13:55 PM CST, Key ID abf5bd827bd9bf62
Source RPM : nginx-1.16.0-1.el7.ngx.src.rpm
Build Date : Tue 23 Apr 2019 10:36:28 PM CST
Build Host : centos74-amd64-builder-builder.gnt.nginx.com
Relocations : (not relocatable)
Vendor : Nginx, Inc.
URL : http://nginx.org/
Summary : High performance web server
Description :
nginx [engine x] is an HTTP and reverse proxy server, as well as
a mail proxy server.
[root@localhost openonload]# cat /usr/libexec/onload/profiles/latency-af-xdp.opf
onload_set EF_POLL_USEC 100000
onload_set EF_AF_XDP_ZEROCOPY 0
onload_set EF_TCP_SYNRECV_MAX 8192
onload_set EF_MAX_ENDPOINTS 8192
onload_set EF_TCP_FASTSTART_INIT 0
onload_set EF_TCP_FASTSTART_IDLE 0
[root@localhost openonload]# cat /etc/nginx/nginx-proxy-node0-4-worker.conf
user root root;
worker_processes 4;
worker_rlimit_nofile 8388608;
worker_cpu_affinity 01 010 0100 01000 ;
pid /var/run/nginx-node0_4.pid;
events {
multi_accept off;
accept_mutex off;
use epoll;
worker_connections 200000;
}
error_log /var/log/error-node0_4.log debug;
http {
default_type application/octet-stream;
access_log off;
error_log /dev/null crit;
sendfile on;
proxy_buffering off;
keepalive_timeout 300s;
keepalive_requests 1000000;
server {
listen 10.19.1.43:80 reuseport;
listen 10.19.1.43:81 reuseport;
server_name localhost;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
upstream backend {
server 10.96.10.21:80 ;
keepalive 500;
}
}
steps to reproduce the problem:
load onload diver
[root@localhost openonload]# onload_tool reload
onload_tool: /sbin/modprobe sfc
onload_tool: /sbin/modprobe onload
register nic
[root@localhost openonload]# ethtool -K eth1 ntuple on
[root@localhost openonload]# ethtool -k eth1 | grep ntuple
[root@localhost openonload]# echo eth1 > /sys/module/sfc_resource/afxdp/register
[root@localhost openonload]# /bin/onload -p latency-af-xdp /sbin/nginx -c /etc/nginx/nginx-proxy-node0-4-worker.conf
oo:nginx[32964]: Using Onload 20211221 [7]
oo:nginx[32964]: Copyright 2019-2021 Xilinx, 2006-2019 Solarflare Communications, 2002-2005 Level 5 Networks
oo:nginx[33000]: onload_setrlimit64: RLIMIT_NOFILE: hard limit requested 8388608, but set to 655360
oo:nginx[33000]: onload_setrlimit64: RLIMIT_NOFILE: soft limit requested 8388608, but set to 655360
oo:nginx[33002]: onload_setrlimit64: RLIMIT_NOFILE: hard limit requested 8388608, but set to 655360
oo:nginx[33002]: onload_setrlimit64: RLIMIT_NOFILE: soft limit requested 8388608, but set to 655360
oo:nginx[33004]: onload_setrlimit64: RLIMIT_NOFILE: hard limit requested 8388608, but set to 655360
oo:nginx[33004]: onload_setrlimit64: RLIMIT_NOFILE: soft limit requested 8388608, but set to 655360
oo:nginx[33007]: onload_setrlimit64: RLIMIT_NOFILE: hard limit requested 8388608, but set to 655360
oo:nginx[33007]: onload_setrlimit64: RLIMIT_NOFILE: soft limit requested 8388608, but set to 655360
[root@localhost openonload]# ps -ef | grep nginx
root 32999 1 0 11:28 ? 00:00:00 nginx: master process /sbin/nginx -c /etc/nginx/nginx-proxy-node0-4-worker.conf
root 33000 32999 1 11:28 ? 00:00:00 nginx: worker process
root 33002 32999 2 11:28 ? 00:00:00 nginx: worker process
root 33004 32999 2 11:28 ? 00:00:00 nginx: worker process
root 33007 32999 1 11:28 ? 00:00:00 nginx: worker process
root 33013 55380 0 11:28 pts/1 00:00:00 grep --color=auto nginx
[root@localhost openonload]# oo:nginx[33007]: Using Onload 20211221 [0]
oo:nginx[33007]: Copyright 2019-2021 Xilinx, 2006-2019 Solarflare Communications, 2002-2005 Level 5 Networks
[root@localhost benchmark]# wrk -c 3200 -d 60 -t 32 --latency http://10.19.1.43/1kb.bin
[root@localhost openonload]# top
top - 11:19:29 up 1 day, 19:13, 3 users, load average: 1.44, 1.31, 1.25
Tasks: 771 total, 2 running, 389 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.6 us, 0.8 sy, 0.0 ni, 98.1 id, 0.0 wa, 0.0 hi, 0.4 si, 0.0 st
KiB Mem : 26350249+total, 22556315+free, 27453884 used, 10485452 buff/cache
KiB Swap: 0 total, 0 free, 0 used. 23326888+avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
33007 root 20 0 335736 270784 151832 R 81.7 0.1 0:23.72 nginx <================
27999 root 0 -20 0 0 0 I 11.6 0.0 0:03.19 kworker/u132:0-
14505 root 20 0 90520 5144 4276 S 0.3 0.0 0:17.66 rngd
28034 root 20 0 162716 5208 3804 R 0.3 0.0 0:00.12 top
Can someone point out what is wrong with my setup, or share some information regarding AF_XDP + XXV710 , any help is appreciated.
Best Regards
Ligong
The text was updated successfully, but these errors were encountered: