improve CPU cores affinity to NUMA nodes v9.5 #12656
Open
+1,258
−235
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 10 commits
February 22, 2025 11:08
Split the code into multiple functions for easier readability.
Part of Ticket 2321 work to remove unnecessary lists from the config file. Ticket: 2321
Provide backward compatibility with the previous configuration format to allow smooth transition to the new format. The commit adds docs about the new format and the introduced changes.
Using the new configuration format, it is now possible to set CPU affinity settings per interface. The threading.autopin option has been added to automatically use CPUs from the same NUMA node as the interface. The autopin option requires hwloc-devel / hwloc-dev to be installed and --enable-hwloc flag in configure script. Ticket: 7036
lukashino
requested review from
jasonish,
jufajardini,
victorjulien and
a team
as code owners
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #12656 +/- ##
==========================================
- Coverage 80.77% 80.17% -0.61%
==========================================
Files 932 933 +1
Lines 259517 259785 +268
==========================================
- Hits 209629 208283 -1346
- Misses 49888 51502 +1614
Flags with carried forward coverage won't be shown. Click here to find out more. |
|
WARNING:
Pipeline 24861 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Followup of #12369
Redmine ticket:
https://redmine.openinfosecfoundation.org/issues/7036
https://redmine.openinfosecfoundation.org/issues/2321
This work allows more precise thread assignment and it is done either
This works with AF-PACKET and DPDK (and should with other capture modes as well). The primary target is workers runmode but it also works with autofp receive threads.
To try this PR:
Feedback
Feedback was given in the previous PRs:
Feedback sum up:
worker-cpu-set: [ "!management-cpu-set" ]- that I view as an extension of this workDescribe changes:
v9.5:
v9.4:
v9:
v8:
v7:
v6
On YAML changes:
CPU affinity section in
suricata.yamlhas been changed to (seesuricata.yaml.infor the full picture):Below is the reasoning for it.
When starting this work I wanted to follow the same structure as CPU set nodes that is:
converted to JSON it looks like:
{ "threading": { "cpu-affinity": [ { "worker-cpu-set": { "cpu": [ "all" ], "mode": "exclusive" } } ] } }So worker-cpu-set is an object by itself, it holds the key that is named "worker-cpu-set" and only that contains its children properties (CPU, prio, etc.).
But when adding the interface-specific node I found out that having the interface names directly as the keys for the object storing the properties (CPU, prio, etc.) can change its name to something else, in this case to
net-bonding0.So adding it as a value:
yields an invalid YAML construct.
Therefore, for interface-specific CPU affinity settings, I ended up putting it on the same level as the interface name itself. This follows the same structure as is established in e.g. capture-mode interface definition (dpdk.interfaces, af-packet).
Note: In the matter of this I transferred the base *-cpu-set nodes from the list items as part of the Ticket 2321.
The CPU affinity interface-specific design I ended up with is:
JSON visualization of this:
{ "threading": { "cpu-affinity": { "worker-cpu-set": { "cpu": [ "all" ], "mode": "exclusive", "interface-specific-cpu-set": [ { "interface": "net_bonding0", "cpu": [ "all" ] }, { "interface": "net_bonding1", "cpu": [ "all" ] } ] } } } }This leaves the base {worker,receive,management}-cpu-set nodes in the original setting and as we know it. The internal code can handle this because the names of these are known beforehand and can "step down" to the children level to inspect cpu-affinity properties. The dynamic part - interface-specific-cpu-set contains all properties on the same level.
Other unsuccessful YAML designs
Specifying the NUMA affinity in the individual capture modes
Example
But management / other threads would still be required to configure elsewhere. I liked the proposed approach more because all affinity-related settings are centralized.
Not having a list nodes in the YAML
YAML library changes net_bonding to net-bonding when YAML is loaded - so this is a nogo.
Have interface-related properties as children
This is a disallowed construct in YAML, so another nogo. A similar pattern is currently with *-cpu-set nodes but the different here is that the parent list item has a value (in this case net_bonding0). That is what is causing problems. Interface related therefore need to right under "interface".
PRO TIP: A good way to visualize different YAML structures is by using YAML to JSON converters. Currently it creates object like:
[ { "interface": "3b:00.0", "mode": "exclusive", } ]