ProHoster > Π‘Π»ΠΎΠ³ > wararka internetka > Hagaajinta Linux si ay u qabato 1.2 milyan JSON codsi ilbiriqsikii

Hagaajinta Linux si ay u qabato 1.2 milyan JSON codsi ilbiriqsikii

Hage faahfaahsan ayaa la daabacay oo ku saabsan hagaajinta deegaanka Linux si loo gaaro waxqabadka ugu sarreeya ee codsiyada HTTP. Hababka la soo jeediyay ayaa suurtageliyay in la kordhiyo waxqabadka processor-ka JSON ee ku saleysan maktabadda libreactor ee deegaanka Amazon EC2 (4 vCPU) laga bilaabo 224 kun oo codsi API ah ilbiriqsi kasta oo leh goobaha caadiga ah ee Amazon Linux 2 oo leh kernel 4.14 ilaa 1.2 milyan codsi halkiikiiba. labaad ka dib hagaajinta (kor u kaca 436%), iyo sidoo kale waxay keentay hoos u dhac ku yimid codsiyada habbaynta 79%. Hababka la soo jeediyay maaha kuwo gaar u ah xoriyada iyo shaqada marka la isticmaalayo adeegayaasha kale ee http, oo ay ku jiraan nginx, Actix, Netty iyo Node.js (libreactor ayaa loo isticmaalay imtixaanada sababtoo ah xalka ku salaysan wuxuu muujiyay waxqabad wanaagsan).

Hagaajinta Linux si ay u qabato 1.2 milyan JSON codsi ilbiriqsikii

Hagaajinta aasaasiga ah:

  • Hagaajinta koodka xoreeyaha. Xulashada R18 ee xirmada Techempower ayaa loo adeegsaday saldhig ahaan, kaas oo la wanaajiyay iyadoo meesha laga saaray koodka si loo xaddido tirada kombuyuutarrada CPU ee la adeegsaday ( tayaynta ayaa loo oggolaaday in la dedejiyo shaqada 25-27%), iyadoo lagu ururinayo GCC oo leh xulashooyinka "-O3". (kor u kac ah 5-10%) iyo "-march-native" (5-10%), beddelaadda akhrinta/qorista wicitaannada recv/dir (5-10%) iyo dhimista sare marka la isticmaalayo pthreads (2-3%) . Kor u kaca guud ee waxqabadka kadib kobcinta koodhka waxa uu ahaa 55%, wax soo saarkana waxa uu kordhay 224k req/s ilaa 347k req/s.
  • Ka saar ilaalinta ka hortagga dayacanka fulinta mala-awaalka ah. Isticmaalka halbeegyada "nospectre_v1 nospectre_v2 pti=off mds=off tsx_async_abort=off" marka la shubayo kernel-ka waxaa loo ogolyahay in lagu kordhiyo waxqabadka 28%, iyo waxsoosaarka ayaa kordhay min 347k req/s ilaa 446k req/s. Si ka duwan, kororka cabbirka "nospectre_v1" (ilaalinta Specter v1 + SWAPGS) waxay ahayd 1-2%, "nospectre_v2" (ilaalinta Specter v2) - 15-20%, "pti=off" (Spectre v3 / dhalaalid) - 6%, "mds=off tsx_async_abort=off" (MDS/Zombieload iyo TSX Asynchronous Abort) - 6%. Dejinta ilaalinta L1TF/Foreshadow (l1tf=flush), iTLB multihit, Speculative Store Bypass iyo weerarrada SRBDS ayaan waxba iska beddelin, taas oo aan saameyn ku yeelan waxqabadka maadaama aysan dhexgalin qaabeynta la tijaabiyay (tusaale, gaar ah KVM, buul leh). Virtualization iyo moodooyinka kale ee CPU).
  • Joojinta hanta-dhawrka iyo hababka xannibista nidaamka wicitaanka iyadoo la adeegsanayo amarka "auditctl -a never,task" iyo qeexida "--security-opt seccomp=unconfined" doorashada marka la bilaabayo weelka docker. Korodhka guud ee waxqabadka waxa uu ahaa 11%, wax soo saarkuna waxa uu ka kordhay 446k req/s ilaa 495k req/s.
  • Deminta iptables/netfilter-ka iyadoo la dejinayo qaybaha kernel-ka ee la xidhiidha. Fikradda ah in la joojiyo firewall-ka, oo aan loo isticmaalin xal gaar ah oo server ah, ayaa lagu dhiirigeliyay natiijooyinka sifeynta, iyada oo la xukumay taas oo nf_hook_slow shaqada ay qaadatay 18% wakhtiga si loo fuliyo. Waxaa la xusay in nftables ay u shaqeyso si ka tayo badan marka loo eego iptables, laakiin Amazon Linux waxay sii wadaysaa isticmaalka iptables. Ka dib markii ay curyaamiyeen iptables-ka, korodhka waxqabadku waxa uu ahaa 22%, iyo wax soo saarka ayaa ka kordhay 495k req/s ilaa 603k req/s.
  • U guuritaanka maamulayaasha kala duwan ee CPU waa la dhimay si loo horumariyo waxtarka isticmaalka kaydiyaha processor-ka. Hagaajinta waxaa lagu fuliyay labadaba heerka ku-xidhka habraacyada libreactor-ka ee kombuyuutarrada CPU (CPU Pinning) iyo iyada oo loo marayo isku xidhka maamulayaasha shabakadaha kernel-ka (Hel-qaadista dhinaceeda). Tusaale ahaan, irqbalance waa naafo waxaana safka safka u ahaa CPU si cad loo dejiyay /proc/irq/$IRQ/smp_affinity_list. Si loo isticmaalo isla xudunta CPU si loo habeeyo habka xoraynta iyo safka shabkada ee xidhmooyinka soo socda, maamule BPF caado ah ayaa la isticmaalaa, kaas oo ku xidhan dejinta SO_ATTACH_REUSEPORT_CBPF calanka marka la abuurayo godka. Si safafka baakadaha baxaya loogu xidho CPU, goobaha/sys/class/net/eth0/ safafka/tx- waa la bedelay /xps_cpus. Korodhka guud ee waxqabadka waxa uu ahaa 38%, wax soo saarkana waxa uu ka kordhay 603k req/s ilaa 834k req/s.
  • Hagaajinta wax ka qabashada joojinta iyo isticmaalka cod bixinta. Awood u siinta habka la qabsiga-rx ee darawalka ENA iyo maamulida sysctl net.core.busy_read waxay kordhisay waxqabadka 28% (latency wuxuu ka kordhay 834k req/s ilaa 1.06M req/s, iyo daahitaanku wuxuu ka yaraaday 361ΞΌs ilaa 292ΞΌs).
  • Naafada adeegyada nidaamka taasoo horseedda xannibaad aan loo baahnayn oo ku jirta xirmada shabakadda. Deminta macaamiisha dhclient oo gacanta lagu dejiyo ciwaanka IP-ga waxay keentay 6% korodhka waxqabadka iyo wax-soo-saarka oo kordhay min 1.06M req/s ilaa 1.12M req/s. Sababta dhclient u saamayso waxqabadka waa falanqaynta taraafikada iyadoo la isticmaalayo godad ceeriin ah.
  • La dagaalanka Spin Lock. U beddelashada xirmada shabakadda ee qaabka "noqueue" iyada oo loo marayo sysctl "net.core.default_qdisc=noqueue" iyo "tc qdisc beddelka dev eth0 root mq" waxay keentay koror 2% waxqabadka ah, iyo wax soo saarka ayaa kordhay 1.12M req/s ilaa 1.15M req/s.
  • Hagaajinta yaryar ee u dambeeya, sida curyaaminta GRO (Generic Receive Offload) oo leh amarka "ethtool -K eth0 gro off" oo lagu beddelo algorithmamka xakamaynta ciriiriga cubic iyadoo la adeegsanayo sysctl "net.ipv4.tcp_congestion_control=reno". Kor u kaca wax soo saarka guud wuxuu ahaa 4%. Wax soo saarka ayaa ka kordhay 1.15M req/s ilaa 1.2M req/s.

Marka lagu daro wanaajinta shaqada, maqaalku wuxuu sidoo kale ka hadlayaa hababka aan u horseedin kororka waxqabadka la filayo. Tusaale ahaan, waxyaabaha soo socda ayaa noqday kuwo aan waxtar lahayn:

  • Libreactor ordaya si gooni ah uma kala duwana waxqabadka iyo ku socodsiinta weelka. Beddelka writev ee dirida, kordhinta maxevents ee epoll_wait, iyo tijaabinta noocyada GCC iyo calamada wax saameyn ah kuma yeelan (saameyntu waxay ahayd mid la dareemi karo oo keliya calanka "-O3" iyo "-march-native").
  • Dib u cusboonaysiinta kernel-ka Linux ee noocyada 4.19 iyo 5.4, iyadoo la adeegsanayo jadwalka SCHED_FIFO iyo SCHED_RR, iyadoo la adeegsanayo sysctl kernel.sched_min_granularity_ns, kernel.sched_wakeup_granularity_ns, transparent_hugepages= never=skewtix.
  • Dareewalka ENA, awood u siinaya qaababka Offload (qaybinta, kala firdhiso-ururinta, rx/tx checksum), oo lagu dhisayo calanka β€œ-O3”, iyo adeegsiga ena.rx_queue_size iyo ena.force_large_llq_beegyada madaxdu wax saamayn ah kuma yeelan.
  • Isbeddellada ku yimaadda xidhmada shabakadu ma wanaajin waxqabadka:
    • Dami IPv6: ipv6.disable=1
    • Dami VLAN: modprobe -rv 8021q
    • Dami hubinta isha xirmada
      • net.ipv4.conf.all.rp_filter=0
      • net.ipv4.conf.eth0.rp_filter=0
      • net.ipv4.conf.all.accept_local=1 (saamayn xun)
    • net.ipv4.tcp_sack = 0
    • net.ipv4.tcp_dsack=0
    • net.ipv4.tcp_mem/tcp_wmem/tcp_rmem
    • net.core.netdev_budget
    • net.core.dev_miisaanka
    • net.core.netdev_max_backlog
    • net.ipv4.tcp_slow_start_after_idle=0
    • net.ipv4.tcp_moderate_rcvbuf=0
    • net.ipv4.tcp_timestamps=0
    • net.ipv4.tcp_low_latency = 1
    • SO_PRIORITY
    • TCP_NODELAY

    Source: opennet.ru

Add a comment