mirror of https://github.com/k3s-io/k3s
Reduce amount of allocations in kube-proxy
wojtekt
parent
963adda7f9
commit
8fb365df32
|
|
@ -242,11 +242,12 @@ type Proxier struct {
|
||||||
|
|
||||||
// The following buffers are used to reuse memory and avoid allocations
|
// The following buffers are used to reuse memory and avoid allocations
|
||||||
// that are significantly impacting performance.
|
// that are significantly impacting performance.
|
||||||
iptablesData *bytes.Buffer
|
iptablesData *bytes.Buffer
|
||||||
filterChains *bytes.Buffer
|
existingFilterChainsData *bytes.Buffer
|
||||||
filterRules *bytes.Buffer
|
filterChains *bytes.Buffer
|
||||||
natChains *bytes.Buffer
|
filterRules *bytes.Buffer
|
||||||
natRules *bytes.Buffer
|
natChains *bytes.Buffer
|
||||||
|
natRules *bytes.Buffer
|
||||||
|
|
||||||
// endpointChainsNumber is the total amount of endpointChains across all
|
// endpointChainsNumber is the total amount of endpointChains across all
|
||||||
// services that we will generate (it is computed at the beginning of
|
// services that we will generate (it is computed at the beginning of
|
||||||
|
|
@ -340,6 +341,7 @@ func NewProxier(ipt utiliptables.Interface,
|
||||||
healthzServer: healthzServer,
|
healthzServer: healthzServer,
|
||||||
precomputedProbabilities: make([]string, 0, 1001),
|
precomputedProbabilities: make([]string, 0, 1001),
|
||||||
iptablesData: bytes.NewBuffer(nil),
|
iptablesData: bytes.NewBuffer(nil),
|
||||||
|
existingFilterChainsData: bytes.NewBuffer(nil),
|
||||||
filterChains: bytes.NewBuffer(nil),
|
filterChains: bytes.NewBuffer(nil),
|
||||||
filterRules: bytes.NewBuffer(nil),
|
filterRules: bytes.NewBuffer(nil),
|
||||||
natChains: bytes.NewBuffer(nil),
|
natChains: bytes.NewBuffer(nil),
|
||||||
|
|
@ -682,14 +684,12 @@ func (proxier *Proxier) syncProxyRules() {
|
||||||
// Get iptables-save output so we can check for existing chains and rules.
|
// Get iptables-save output so we can check for existing chains and rules.
|
||||||
// This will be a map of chain name to chain with rules as stored in iptables-save/iptables-restore
|
// This will be a map of chain name to chain with rules as stored in iptables-save/iptables-restore
|
||||||
existingFilterChains := make(map[utiliptables.Chain][]byte)
|
existingFilterChains := make(map[utiliptables.Chain][]byte)
|
||||||
// TODO: Filter table is small so we're not reusing this buffer over rounds.
|
proxier.existingFilterChainsData.Reset()
|
||||||
// However, to optimize it further, we should do that.
|
err := proxier.iptables.SaveInto(utiliptables.TableFilter, proxier.existingFilterChainsData)
|
||||||
existingFilterChainsData := bytes.NewBuffer(nil)
|
|
||||||
err := proxier.iptables.SaveInto(utiliptables.TableFilter, existingFilterChainsData)
|
|
||||||
if err != nil { // if we failed to get any rules
|
if err != nil { // if we failed to get any rules
|
||||||
glog.Errorf("Failed to execute iptables-save, syncing all rules: %v", err)
|
glog.Errorf("Failed to execute iptables-save, syncing all rules: %v", err)
|
||||||
} else { // otherwise parse the output
|
} else { // otherwise parse the output
|
||||||
existingFilterChains = utiliptables.GetChainLines(utiliptables.TableFilter, existingFilterChainsData.Bytes())
|
existingFilterChains = utiliptables.GetChainLines(utiliptables.TableFilter, proxier.existingFilterChainsData.Bytes())
|
||||||
}
|
}
|
||||||
|
|
||||||
// IMPORTANT: existingNATChains may share memory with proxier.iptablesData.
|
// IMPORTANT: existingNATChains may share memory with proxier.iptablesData.
|
||||||
|
|
|
||||||
|
|
@ -373,6 +373,7 @@ func NewFakeProxier(ipt utiliptables.Interface) *Proxier {
|
||||||
healthChecker: newFakeHealthChecker(),
|
healthChecker: newFakeHealthChecker(),
|
||||||
precomputedProbabilities: make([]string, 0, 1001),
|
precomputedProbabilities: make([]string, 0, 1001),
|
||||||
iptablesData: bytes.NewBuffer(nil),
|
iptablesData: bytes.NewBuffer(nil),
|
||||||
|
existingFilterChainsData: bytes.NewBuffer(nil),
|
||||||
filterChains: bytes.NewBuffer(nil),
|
filterChains: bytes.NewBuffer(nil),
|
||||||
filterRules: bytes.NewBuffer(nil),
|
filterRules: bytes.NewBuffer(nil),
|
||||||
natChains: bytes.NewBuffer(nil),
|
natChains: bytes.NewBuffer(nil),
|
||||||
|
|
|
||||||
|
|
@ -213,11 +213,12 @@ type Proxier struct {
|
||||||
ipGetter IPGetter
|
ipGetter IPGetter
|
||||||
// The following buffers are used to reuse memory and avoid allocations
|
// The following buffers are used to reuse memory and avoid allocations
|
||||||
// that are significantly impacting performance.
|
// that are significantly impacting performance.
|
||||||
iptablesData *bytes.Buffer
|
iptablesData *bytes.Buffer
|
||||||
natChains *bytes.Buffer
|
filterChainsData *bytes.Buffer
|
||||||
filterChains *bytes.Buffer
|
natChains *bytes.Buffer
|
||||||
natRules *bytes.Buffer
|
filterChains *bytes.Buffer
|
||||||
filterRules *bytes.Buffer
|
natRules *bytes.Buffer
|
||||||
|
filterRules *bytes.Buffer
|
||||||
// Added as a member to the struct to allow injection for testing.
|
// Added as a member to the struct to allow injection for testing.
|
||||||
netlinkHandle NetLinkHandle
|
netlinkHandle NetLinkHandle
|
||||||
// ipsetList is the list of ipsets that ipvs proxier used.
|
// ipsetList is the list of ipsets that ipvs proxier used.
|
||||||
|
|
@ -365,6 +366,7 @@ func NewProxier(ipt utiliptables.Interface,
|
||||||
ipvsScheduler: scheduler,
|
ipvsScheduler: scheduler,
|
||||||
ipGetter: &realIPGetter{nl: NewNetLinkHandle()},
|
ipGetter: &realIPGetter{nl: NewNetLinkHandle()},
|
||||||
iptablesData: bytes.NewBuffer(nil),
|
iptablesData: bytes.NewBuffer(nil),
|
||||||
|
filterChainsData: bytes.NewBuffer(nil),
|
||||||
natChains: bytes.NewBuffer(nil),
|
natChains: bytes.NewBuffer(nil),
|
||||||
natRules: bytes.NewBuffer(nil),
|
natRules: bytes.NewBuffer(nil),
|
||||||
filterChains: bytes.NewBuffer(nil),
|
filterChains: bytes.NewBuffer(nil),
|
||||||
|
|
@ -1345,10 +1347,7 @@ func (proxier *Proxier) acceptIPVSTraffic() {
|
||||||
|
|
||||||
// createAndLinkeKubeChain create all kube chains that ipvs proxier need and write basic link.
|
// createAndLinkeKubeChain create all kube chains that ipvs proxier need and write basic link.
|
||||||
func (proxier *Proxier) createAndLinkeKubeChain() {
|
func (proxier *Proxier) createAndLinkeKubeChain() {
|
||||||
// TODO: Filter table is small so we're not reusing this buffer over rounds.
|
existingFilterChains := proxier.getExistingChains(proxier.filterChainsData, utiliptables.TableFilter)
|
||||||
// However, to optimize it further, we should do that.
|
|
||||||
filterBuffer := bytes.NewBuffer(nil)
|
|
||||||
existingFilterChains := proxier.getExistingChains(filterBuffer, utiliptables.TableFilter)
|
|
||||||
existingNATChains := proxier.getExistingChains(proxier.iptablesData, utiliptables.TableNAT)
|
existingNATChains := proxier.getExistingChains(proxier.iptablesData, utiliptables.TableNAT)
|
||||||
|
|
||||||
// Make sure we keep stats for the top-level chains
|
// Make sure we keep stats for the top-level chains
|
||||||
|
|
|
||||||
|
|
@ -163,6 +163,7 @@ func NewFakeProxier(ipt utiliptables.Interface, ipvs utilipvs.Interface, ipset u
|
||||||
ipvsScheduler: DefaultScheduler,
|
ipvsScheduler: DefaultScheduler,
|
||||||
ipGetter: &fakeIPGetter{nodeIPs: nodeIPs},
|
ipGetter: &fakeIPGetter{nodeIPs: nodeIPs},
|
||||||
iptablesData: bytes.NewBuffer(nil),
|
iptablesData: bytes.NewBuffer(nil),
|
||||||
|
filterChainsData: bytes.NewBuffer(nil),
|
||||||
natChains: bytes.NewBuffer(nil),
|
natChains: bytes.NewBuffer(nil),
|
||||||
natRules: bytes.NewBuffer(nil),
|
natRules: bytes.NewBuffer(nil),
|
||||||
filterChains: bytes.NewBuffer(nil),
|
filterChains: bytes.NewBuffer(nil),
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue