github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #67948 from wojtek-t/use_buffers_in_kube_proxy

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 66577, 67948, 68001, 67982). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md.

Reduce amount of allocations in kube-proxy

Follow up from https://github.com/kubernetes/kubernetes/pull/65902
This commit is contained in:
Kubernetes Submit Queue 2018-08-29 16:33:34 -07:00 committed by GitHub
commit 11c47e1872
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pkg/proxy/iptables/proxier.go
View File

@ -242,11 +242,12 @@ type Proxier struct {
// The following buffers are used to reuse memory and avoid allocations // The following buffers are used to reuse memory and avoid allocations
// that are significantly impacting performance. // that are significantly impacting performance.
iptablesData *bytes.Buffer iptablesData *bytes.Buffer
filterChains *bytes.Buffer existingFilterChainsData *bytes.Buffer
filterRules *bytes.Buffer filterChains *bytes.Buffer
natChains *bytes.Buffer filterRules *bytes.Buffer
natRules *bytes.Buffer natChains *bytes.Buffer
natRules *bytes.Buffer
// endpointChainsNumber is the total amount of endpointChains across all // endpointChainsNumber is the total amount of endpointChains across all
// services that we will generate (it is computed at the beginning of // services that we will generate (it is computed at the beginning of
@ -340,6 +341,7 @@ func NewProxier(ipt utiliptables.Interface,
healthzServer: healthzServer, healthzServer: healthzServer,
precomputedProbabilities: make([]string, 0, 1001), precomputedProbabilities: make([]string, 0, 1001),
iptablesData: bytes.NewBuffer(nil), iptablesData: bytes.NewBuffer(nil),
existingFilterChainsData: bytes.NewBuffer(nil),
filterChains: bytes.NewBuffer(nil), filterChains: bytes.NewBuffer(nil),
filterRules: bytes.NewBuffer(nil), filterRules: bytes.NewBuffer(nil),
natChains: bytes.NewBuffer(nil), natChains: bytes.NewBuffer(nil),
@ -682,14 +684,12 @@ func (proxier *Proxier) syncProxyRules() {
// Get iptables-save output so we can check for existing chains and rules. // Get iptables-save output so we can check for existing chains and rules.
// This will be a map of chain name to chain with rules as stored in iptables-save/iptables-restore // This will be a map of chain name to chain with rules as stored in iptables-save/iptables-restore
existingFilterChains := make(map[utiliptables.Chain][]byte) existingFilterChains := make(map[utiliptables.Chain][]byte)
// TODO: Filter table is small so we're not reusing this buffer over rounds. proxier.existingFilterChainsData.Reset()
// However, to optimize it further, we should do that. err := proxier.iptables.SaveInto(utiliptables.TableFilter, proxier.existingFilterChainsData)
existingFilterChainsData := bytes.NewBuffer(nil)
err := proxier.iptables.SaveInto(utiliptables.TableFilter, existingFilterChainsData)
if err != nil { // if we failed to get any rules if err != nil { // if we failed to get any rules
glog.Errorf("Failed to execute iptables-save, syncing all rules: %v", err) glog.Errorf("Failed to execute iptables-save, syncing all rules: %v", err)
} else { // otherwise parse the output } else { // otherwise parse the output
existingFilterChains = utiliptables.GetChainLines(utiliptables.TableFilter, existingFilterChainsData.Bytes()) existingFilterChains = utiliptables.GetChainLines(utiliptables.TableFilter, proxier.existingFilterChainsData.Bytes())
} }
// IMPORTANT: existingNATChains may share memory with proxier.iptablesData. // IMPORTANT: existingNATChains may share memory with proxier.iptablesData.

1
pkg/proxy/iptables/proxier_test.go
View File

@ -388,6 +388,7 @@ func NewFakeProxier(ipt utiliptables.Interface) *Proxier {
healthChecker: newFakeHealthChecker(), healthChecker: newFakeHealthChecker(),
precomputedProbabilities: make([]string, 0, 1001), precomputedProbabilities: make([]string, 0, 1001),
iptablesData: bytes.NewBuffer(nil), iptablesData: bytes.NewBuffer(nil),
existingFilterChainsData: bytes.NewBuffer(nil),
filterChains: bytes.NewBuffer(nil), filterChains: bytes.NewBuffer(nil),
filterRules: bytes.NewBuffer(nil), filterRules: bytes.NewBuffer(nil),
natChains: bytes.NewBuffer(nil), natChains: bytes.NewBuffer(nil),

17
pkg/proxy/ipvs/proxier.go
View File

@ -217,11 +217,12 @@ type Proxier struct {
ipGetter IPGetter ipGetter IPGetter
// The following buffers are used to reuse memory and avoid allocations // The following buffers are used to reuse memory and avoid allocations
// that are significantly impacting performance. // that are significantly impacting performance.
iptablesData *bytes.Buffer iptablesData *bytes.Buffer
natChains *bytes.Buffer filterChainsData *bytes.Buffer
filterChains *bytes.Buffer natChains *bytes.Buffer
natRules *bytes.Buffer filterChains *bytes.Buffer
filterRules *bytes.Buffer natRules *bytes.Buffer
filterRules *bytes.Buffer
// Added as a member to the struct to allow injection for testing. // Added as a member to the struct to allow injection for testing.
netlinkHandle NetLinkHandle netlinkHandle NetLinkHandle
// ipsetList is the list of ipsets that ipvs proxier used. // ipsetList is the list of ipsets that ipvs proxier used.
@ -369,6 +370,7 @@ func NewProxier(ipt utiliptables.Interface,
ipvsScheduler: scheduler, ipvsScheduler: scheduler,
ipGetter: &realIPGetter{nl: NewNetLinkHandle()}, ipGetter: &realIPGetter{nl: NewNetLinkHandle()},
iptablesData: bytes.NewBuffer(nil), iptablesData: bytes.NewBuffer(nil),
filterChainsData: bytes.NewBuffer(nil),
natChains: bytes.NewBuffer(nil), natChains: bytes.NewBuffer(nil),
natRules: bytes.NewBuffer(nil), natRules: bytes.NewBuffer(nil),
filterChains: bytes.NewBuffer(nil), filterChains: bytes.NewBuffer(nil),
@ -1357,10 +1359,7 @@ func (proxier *Proxier) acceptIPVSTraffic() {
// createAndLinkeKubeChain create all kube chains that ipvs proxier need and write basic link. // createAndLinkeKubeChain create all kube chains that ipvs proxier need and write basic link.
func (proxier *Proxier) createAndLinkeKubeChain() { func (proxier *Proxier) createAndLinkeKubeChain() {
// TODO: Filter table is small so we're not reusing this buffer over rounds. existingFilterChains := proxier.getExistingChains(proxier.filterChainsData, utiliptables.TableFilter)
// However, to optimize it further, we should do that.
filterBuffer := bytes.NewBuffer(nil)
existingFilterChains := proxier.getExistingChains(filterBuffer, utiliptables.TableFilter)
existingNATChains := proxier.getExistingChains(proxier.iptablesData, utiliptables.TableNAT) existingNATChains := proxier.getExistingChains(proxier.iptablesData, utiliptables.TableNAT)
// Make sure we keep stats for the top-level chains // Make sure we keep stats for the top-level chains

1
pkg/proxy/ipvs/proxier_test.go
View File

@ -163,6 +163,7 @@ func NewFakeProxier(ipt utiliptables.Interface, ipvs utilipvs.Interface, ipset u
ipvsScheduler: DefaultScheduler, ipvsScheduler: DefaultScheduler,
ipGetter: &fakeIPGetter{nodeIPs: nodeIPs}, ipGetter: &fakeIPGetter{nodeIPs: nodeIPs},
iptablesData: bytes.NewBuffer(nil), iptablesData: bytes.NewBuffer(nil),
filterChainsData: bytes.NewBuffer(nil),
natChains: bytes.NewBuffer(nil), natChains: bytes.NewBuffer(nil),
natRules: bytes.NewBuffer(nil), natRules: bytes.NewBuffer(nil),
filterChains: bytes.NewBuffer(nil), filterChains: bytes.NewBuffer(nil),