Comments (6)
orsenthil
commented on June 5, 2024
Thanks for the report and the Pull Request. Have you done any measurements with and without this change? Could you share the differences?
from amazon-vpc-cni-k8s.
GnatorX
commented on June 5, 2024
Not yet. Will update once I have tested this
from amazon-vpc-cni-k8s.
GnatorX
commented on June 5, 2024
@orsenthil I am wondering if it make sense to even cache nodes. K8s caches which usesList + watches on startup are extremely expensive calls. The CNI only cares about the node it is running on and calls with node name is index from k8s side which is relatively fast. Rather than filtering, why not just use non-cached calls get that information?
The availability difference isn't that high, watches vs a call.
from amazon-vpc-cni-k8s.
GnatorX
commented on June 5, 2024
I took a pprof of the issue.
It seems like the issue is with the stream watcher is consuming memory during cluster size increase. It seems to require quite a bit of memory in order to process all nodes and store it in the memory. Even though the memory consumption isn't very high, its still unnecessary to store all node information in cache.
I need to re-test this with my change however I do believe the real solution is to avoid performing list watch against all nodes and only watch for node events specific to the CNI.
from amazon-vpc-cni-k8s.
orsenthil
commented on June 5, 2024
K8s caches which usesList + watches on startup are extremely expensive calls
Even though the memory consumption isn't very high, its still unnecessary to store all node information in cache.
I do believe the real solution is to avoid performing list watch against all nodes and only watch for node events specific to the CNI.
It is pretty standard for k8s client calls to use the cached client. It will be good to measure difference in the memory usage and the performance of the various operations in the large clusters before we decide to not use the cache.
With your changes, if you see any different in both memory and performance, please share an update here.
from amazon-vpc-cni-k8s.
GnatorX
commented on June 5, 2024
It is pretty standard for k8s client calls to use the cached client. It will be good to measure difference in the memory usage and the performance of the various operations in the large clusters before we decide to not use the cache.
Agreed.
When I tested my changes, it didn't yield significant difference in memory utilization. I believe, as shown in the pprof, the memory usage is because of the stream watcher attempting unmarshal incoming data. I think rather than using a informer cache and raw watch against the node itself may be more efficient(?).
I can close to issue for now since I likely don't have time to look into writing a direct watcher instead and I think the memory spike isn't large enough to be a concern.
from amazon-vpc-cni-k8s.
Related Issues (20)
- K3S with AWS VPC CNI breaks Pod communication #9716 HOT 3
- using `amazon-vpc-cni-k8s` outside eks HOT 13
- /run/xtables.lock created as directory when installed with Helm HOT 13
- No additional ENIs are attached after prefix delegation HOT 6
- Configurable log output for the aws-eks-nodeagent in the daemonset HOT 1
- Node created in subnet with low number of IP adresses: failed to assign an IP address to container HOT 2
- Can `AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG` be generalized for multi-homed pods? HOT 5
- Pods stuck in `CrashLoopBackoff` when restarting custom EKS node. HOT 7
- WARM_ENI_TARGET is 1. But worker node ENI 2 (with coredns pods used) HOT 2
- Is it possible to route cluster-ip traffic from EC2 instances (the outside of eks, but same vpc) to EKS HOT 2
- What is the difference between `vX.X.X` and `vX.X.X-eksbuild.x` ? HOT 2
- Upgrading from v1.16.0-eksbuild.1 to v1.17 or v1.18 results in failure to assign IP address to container HOT 9
- RefreshSecurityGroups should only be called on ENIs already checked by the ENI/IP reconciler HOT 8
- Conflicts .data.enable-windows-ipam HOT 2
- Pod stuck in `ContainerCreating` status while waiting for an IP address to get assigned HOT 12
- ip addresses leaking when there are too many ip in cooldown pool HOT 2
- Should node agent be opt-in on vpc CNI HOT 2
- Enhanced subnet discovery should use configurable tags
- make generate-limits script failed due to ENI limit mismatch HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-vpc-cni-k8s.