Giter Site home page Giter Site logo

slim's Introduction

Slim: OS Kernel Support for a Low-Overhead Container Overlay Network

Slim is a low-overhead container overlay networking solution. Unlike traditional container overlay networks that rely on packet encapsulation (e.g., VXLAN), Slim virtualizes the network at a per-connection level, significantly improving throughput, latency, and CPU utilization.

Slim has two modes: secure mode and non-secure mode. Non-secure mode does not require kernel modifications and is easy to deploy. However, non-secure mode should be used only when a container is trusted because the container gets access to its host network. Secure mode addresses this security issue via a Linux kernel module.

Our NSDI 2019 paper (https://danyangzhuo.com/papers/NSDI19-Slim.pdf) describes the technical details of Slim.

Requirement

We have tested on:

  • Ubuntu 16.04
  • Docker
  • Weave Overlay Network

We have tested the following applications:

  • Memcached
  • Nginx
  • Postgres
  • Apache Kafka

How to use this code?

Here is an example to configure a cluster of two machines to use Slim in the non-secure mode. Let's assume machine A has IP address of IP1 and machine B has IP2.

Step 0: Clone the repo, build from source

On machine A and B:

git clone https://github.com/danyangz/slim
pushd slim/socket
make
popd
pushd slim/router
make
popd

Step 0: Secure mode (optional)

To use the secure mode, first compile and insert the kernel module on machine A and B:

git clone https://github.com/danyangz/slim
pushd slim/kern_module
make
sudo insmod slim_kern.ko 
popd

Uncomment the first lines in router/router.cpp and socket/socket.c. Then, compile the secure mode of SlimRouter and SlimSocket:

pushd slim/socket
make
popd
pushd slim/router
make
popd

Step 1: Start the weave network

On machine A:

weave launch

On machine B:

weave launch <IP1>

Step 2: Start the containers

Let's start a container on each machine. Here we simply use standard ubuntu 16.04 image to instantiate containers. We name the container on machine A as c1 and the container on machine B as c2.

On machine A:

eval $(weave env)
docker run --name c1 -v slim/:/slim/ -ti ubuntu:16.04

On machine B:

eval $(weave env)
docker run --name c2 -v slim/:/slim/ -ti ubuntu:16.04

Step 3: Start SlimRouter

On machine A:

cd slim/router
./router <IP1>

On machine B:

cd slim/router
./router <IP2>

Step 4: Speed test

Let's use iperf to test the network speed.

Inside the shell of container c1 on machine A:

apt update
apt install iperf
LD_PRELOAD=/slim/socket/SlimSocket.so VNET_PREFIX=10.32.0.0/12 iperf -s

Inside the shell of container c2 on machine B:

apt update
apt install iperf
LD_PRELOAD=/slim/socket/SlimSocket.so VNET_PREFIX=10.32.0.0/12 iperf -c c1

Support for Kubernetes

Slim supports Kubernetes, and the instructions are in k8s Setup.

slim's People

Contributors

danyangz avatar caopeirui avatar wz30 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.