京东弹性云1.0技术剖析2016/5云平台-弹性云团队-鲍永成www.jd.com第2页数据中心业务运行环境100%容器化规模JDOS架构DataCenterOperatingSystem(OpenStack)VMsPhysicalserversContainersJFSOVSDPDK应用研发上线控制台运维控制台www.jd.com第6页一个容器www.jd.com第7页容器之CPU•Cgroup•CFS(RR/FIFO)•每颗CPU一个TaskQueue•Load宿主机load高会影响同一主机上其他容器吗•导入流量与CPU%成线性增加吗(lock/可能很少人能写出把CPU能力榨干的程序)•CPUAffinity(/etc/cpu_info)•DiskIO消耗CPU吗•监控www.jd.com第8页容器之内存•Cgroup•%=RSS+Share/Total•OOM(likekill-9/namespace)•Cache(filebinarycache)•Slab(inode/dentry/smallfiles)JD分散回收时机•Swap•/dev/shmdefault64MB•ShareMemorydefault32MB•NUMA•Memoryleakwww.jd.com第9页容器之磁盘IO•JDnotusecgroup.blkiosupportQos•SAS10KRAID5(很普通的机械硬盘,但是现在1:N=物理机:容器)•NOOP/CFQ/Deadline•DM/AUFS—LVM—JDPD(物理分区技术)•JD胖容器:/+/export/=readonly,/export=LVM/JDPD(JD工具链+应用系统)•Unfortunatelysyncwritewww.jd.com第10页容器之虚拟化网络VM1switchnova-computeneutron-openvswitch-agent计算节点OVSEth1Eth2VM2neutron-dhcp-agentneutron-openvswitch-agentneutron-l3-agent网络节点OVSEth1Eth2VM3计算节点OVSEth1Eth2VM4dnsmasqdnsmasqeth0172.17.4.10manageswitcheth0172.17.4.11eth0172.17.4.12VLANIDconvertedwithflowtabledl_vlan=101=>mode_vlan_vid:1dl_vlan=102=>mode_vlan_vid:2VLANIDconvertedwithflowtabledl_vlan=1=>mode_vlan_vid:101dl_vlan=2=>mode_vlan_vid:102OVSVLANnova-computeneutron-openvswitch-agentTrunk模式、Bond4Trunk模式、Bond4Tag1Tag2Tag1Tag2Tag1Tag2VLAN101VLAN102www.jd.com第11页容器之虚拟化网络•DisableDockernetwork,使用JDOVS-VLAN•ContainerIP一等公民•Qos1:1权重share•网卡中断CPUAffinity,有效发挥10Gbps网卡性能优势•监控完善,包括收发包,流量•OpenflowSimple•Performace与物理机相当www.jd.com第12页容器之虚拟化网络-流表•LocalVLANidTORealVLANid•LocalVLANidTORealVLANidwww.jd.com第13页容器之虚拟化网络-性能•ContainerTOContainerwww.jd.com第14页容器之虚拟化网络-性能•物理机TO物理机OpenStack集群规模-How•从F版开始使用自研brooder(defaulthavered...
