Nicolas De Loof, profile picture
Uploaded byNicolas De Loof
715 views

Breaking the RpiDocker challenge

The document summarizes the efforts of three individuals to break the RPiDocker challenge of running the most Docker containers on a Raspberry Pi 2. They took a methodical approach, measuring performance and automating setup. Key steps included systemd and Docker tuning, using a highly optimized web server, and addressing the RPi2's network namespace limit. Collaboration and sharing ideas helped optimize the process and ultimately run 2499 containers, hitting a Go runtime thread limit. Working around the limit confirmed the ability to run nearly 2740 containers before hitting memory limits.

Embed presentation

Download to read offline
Breaking the RPiDocker Challenge Nicolas De Loof Yoann Dubreuil Damien Duportal
RPiDocker Challenge
3
—Author Name “Let’s break the challenge.” 4
Methodology
“Measure and automate all the things.” Damien Duportal @DamienDuportal
1 - Measure and automate all the things Measures : ● sysstat for post mortem ● node-collector from Prometheus.io for “real time” Provisionning : ● Basic shell script published on Damien’s Github
Yoann Dubreuil @YoannDubreuil “Brainstorm for ideas, then test everything in arbitrary order”
Nicolas De loof @ndeloof “... and have some beer”
Nicolas & Yoann : Where to start ? ● first naïve try ○ only 38 containers :- ○ but 70 on a RPi1 #WTF? ● figure out RPi2 limits without Docker ○ web server footprint ○ network namespace footprint ● get some help ! ○ let’s collaborate with @DamienDuportal (aka “French mafia”)
2 - Systemd tuning Docker daemon run as root … but still has some limits set by systemd (so the 38 containers...) LimitSIGPENDING=infinity LimitNOFILE=infinity LimitAS=infinity LimitNPROC=infinity LimitSTACK=? ● Default stack size is 8Mb ○ a stack consume 8Mb of process VM space (8 * 4 * 38 = 1,2 Gb) => tweak LIMITSTACK for ~ 1800 / 2000 containers
3 - Lower the container footprint ● Tried with custom compiled nginx for ARM with few extensions ~ 80 containers ● Footprint is too big per container. Reading carefully Hypriot Blog : "rpi- nano-httpd" : written in ARM assembly code, already highly optimized ➢ 1 page for code ➢ 1 page for data ➢ 1 page for stack ➢ 1 page for vsdo => 16kb memory footprint per process ! ~150 containers ● launched 27.000 on a RPi2
network namespace RPi2 limit ● launched web server in a dedicated network namespace ip netns exec <NS_NUMBER> httpd ● RPi2 limit is ~ 1.100 network namespace => To break the challenge, we needed to run without network isolation --net=host Reached ~ 1000 containers
4 - Speed up testing ! launching thousands of containers on a RPi2 takes hours if not days! ● everything in memory with zram devices ○ swap (ratio 5:1) ○ /var/lib/docker on ext4 FS (ratio 10:1) ● swap as early as possible to keep free memory (vm.swappiness = 100) ● more CPU for GO with GOMAXPROCS=4 ● reduce kernel perf event slowdown ○ kernel.perf_cpu_time_max_percent = 1 ● USB external disk vs low perf, I/O limited SD card
5 - Docker tuning ● Disable proxy process : no use here ● No logging : --log-driver=none ● Disable network / port forwarding --bridge=none --iptables=false --ipv6=false --ip- forward=false --ip-masq=false --userland-proxy=false -sig-proxy=false ● reduce Golang memory consumption ○ launched docker with GODEBUG=gctrace=1 GOGC=1
6 - System tuning ● limit memory consumption ○ reduce GPU memory to 16Mb (can’t do less) ○ blacklisted non required Linux modules ● remove some Linux limits ○ vm.overcommit = 1 ○ kernel.pid_max = 32768 ○ kernel.threads-max = 14812 ● reduce thread stack size ○ smallest working thread stack size: 24kb ●
Did not work ● Btrfs ○ not working properly : strange web server 404 failures after ~20 successful launchs ○ stick with overlayfs ● LXC driver ○ way sloooooooower ○ 4 threads per container anyway ● Go 1.5 ○ compiled Docker with Go 1.5 for “better GC”, had no significant impact
Challenge Completed ● We started 2499containers ! ● RAM on RPi2 was not exhausted but Docker daemon crashed docker[307]: runtime: program exceeds 10000-thread limit
Why is there a limit ? 4 threads per container ● 10.000 threads for a Go application => 2500 containers max Need to understand why Docker do need 4 threads per container (hey, lot’s of Docker core contributors here, time to ask !) Worked around this with runtime.debug.SetMaxThread(12000) ● hack not eligible for RpiDocker challenge, was just to confirm ● can run ~2740webserver containers, before actual OOM
“Collaboration (and beer) were the keys to break this challenge !.”
Thank you! @ndeloof @YoannDubreuil @DamienDuportal

More Related Content

PDF
Practical SystemTAP basics: Perl memory profiling
byLubomir Rintel
 
PDF
High-Performance Networking Using eBPF, XDP, and io_uring
byScyllaDB
 
PDF
Whoops! I Rewrote It in Rust
byScyllaDB
 
PDF
[POSS 2019] OVirt and Ceph: Perfect Combination.?
byWorteks
 
PDF
Rust Is Safe. But Is It Fast?
byScyllaDB
 
PDF
Object Compaction in Cloud for High Yield
byScyllaDB
 
DOCX
Bsdtw17: mariusz zaborski: case studies of sandboxing base system with capsicum
byScott Tsai
 
PDF
OSNoise Tracer: Who Is Stealing My CPU Time?
byScyllaDB
 
Practical SystemTAP basics: Perl memory profiling
byLubomir Rintel
 
High-Performance Networking Using eBPF, XDP, and io_uring
byScyllaDB
 
Whoops! I Rewrote It in Rust
byScyllaDB
 
[POSS 2019] OVirt and Ceph: Perfect Combination.?
byWorteks
 
Rust Is Safe. But Is It Fast?
byScyllaDB
 
Object Compaction in Cloud for High Yield
byScyllaDB
 
Bsdtw17: mariusz zaborski: case studies of sandboxing base system with capsicum
byScott Tsai
 
OSNoise Tracer: Who Is Stealing My CPU Time?
byScyllaDB
 

What's hot

PDF
RISC-V on Edge: Porting EVE and Alpine Linux to RISC-V
byScyllaDB
 
PDF
Couchbase live 2016
byPierre Mavro
 
PPT
Don’t turn your logs into cuneiform
byAndrey Rebrov
 
ODP
Rust Primer
byKnoldus Inc.
 
PDF
Marriage with docker
byDušan Katona
 
PDF
Ceph RBD Update - June 2021
byCeph Community
 
PPT
Toolchain Independent Distributed Compilation
byDietmar Hauser
 
ODP
CRIU: Time and Space Travel for Linux Containers
byKirill Kolyshkin
 
PDF
CoreOS Overview
byNikolay Yurin
 
PDF
Non-DIY* Logging
byESUG
 
PPTX
Solidity intro
byAngello Pozo
 
ODP
Docker and stuff
byRaimondas Rimkevičius
 
PDF
pgDay Asia 2016 - Swapping Pacemaker-Corosync for repmgr (1)
byWei Shan Ang
 
PDF
FOSDEM2015: Live migration for containers is around the corner
byAndrey Vagin
 
ODP
Duplicity
bymig5
 
PDF
IPv4aaS tutorial and hands-on
byAPNIC
 
PDF
In a Nutshell: Rancher
byJeffrey Sica
 
PDF
Ceph Month 2021: RADOS Update
byCeph Community
 
PDF
.NET Memory Primer (Martin Kulov)
byITCamp
 
PDF
8 Ways Network Engineers use Snabb (RIPE 77)
byIgalia
 
RISC-V on Edge: Porting EVE and Alpine Linux to RISC-V
byScyllaDB
 
Couchbase live 2016
byPierre Mavro
 
Don’t turn your logs into cuneiform
byAndrey Rebrov
 
Rust Primer
byKnoldus Inc.
 
Marriage with docker
byDušan Katona
 
Ceph RBD Update - June 2021
byCeph Community
 
Toolchain Independent Distributed Compilation
byDietmar Hauser
 
CRIU: Time and Space Travel for Linux Containers
byKirill Kolyshkin
 
CoreOS Overview
byNikolay Yurin
 
Non-DIY* Logging
byESUG
 
Solidity intro
byAngello Pozo
 
Docker and stuff
byRaimondas Rimkevičius
 
pgDay Asia 2016 - Swapping Pacemaker-Corosync for repmgr (1)
byWei Shan Ang
 
FOSDEM2015: Live migration for containers is around the corner
byAndrey Vagin
 
Duplicity
bymig5
 
IPv4aaS tutorial and hands-on
byAPNIC
 
In a Nutshell: Rancher
byJeffrey Sica
 
Ceph Month 2021: RADOS Update
byCeph Community
 
.NET Memory Primer (Martin Kulov)
byITCamp
 
8 Ways Network Engineers use Snabb (RIPE 77)
byIgalia
 

Viewers also liked

PDF
Docker slaves
byNicolas De Loof
 
PDF
Docker bdxio
byNicolas De Loof
 
PPTX
Ma forge++ : @Cloud
byNicolas De Loof
 
PDF
Dockers zero to hero - (medium version)
byNicolas De Loof
 
PDF
Orchestrate Continuous Delivery with Jenkins and Docker
byNicolas De Loof
 
PDF
Perspectives on software factory
byUday Bhaskarwar
 
PDF
( jenkins, docker ) -> { Continuous Delivery }
byNicolas De Loof
 
PDF
Développer en Java et en Caleçon
byNicolas De Loof
 
Docker slaves
byNicolas De Loof
 
Docker bdxio
byNicolas De Loof
 
Ma forge++ : @Cloud
byNicolas De Loof
 
Dockers zero to hero - (medium version)
byNicolas De Loof
 
Orchestrate Continuous Delivery with Jenkins and Docker
byNicolas De Loof
 
Perspectives on software factory
byUday Bhaskarwar
 
( jenkins, docker ) -> { Continuous Delivery }
byNicolas De Loof
 
Développer en Java et en Caleçon
byNicolas De Loof
 

Similar to Breaking the RpiDocker challenge

PPTX
Docker Online Meetup #27: Raspberry Pi DockerCon Challenge
byDocker, Inc.
 
PDF
Scaleable PHP Applications in Kubernetes
byRobert Lemke
 
PDF
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
byJérôme Petazzoni
 
PDF
Docker and friends at Linux Days 2014 in Prague
bytomasbart
 
PDF
Docker 0.11 at MaxCDN meetup in Los Angeles
byJérôme Petazzoni
 
PDF
Docker Introduction + what is new in 0.9
byJérôme Petazzoni
 
PDF
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
byJérôme Petazzoni
 
PDF
Deliver Python Apps with Docker
byAnton Egorov
 
PPTX
Dockerizing Aurea - Docker Con EU 2017
byMatias Lespiau
 
PDF
Containers, Docker, and Microservices: the Terrific Trio
byJérôme Petazzoni
 
PDF
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
bydotCloud
 
PPTX
Tribal Nova Docker feedback
byNicolas Degardin
 
PDF
Dockerize your Symfony application - Symfony Live NYC 2014
byAndré Rømcke
 
PDF
Docker Up and Running Introduction
byMark Beacom
 
PPTX
runC – Open Container Initiative
byJeeva Chelladhurai
 
PDF
Dockerizing IoT Services
bymsyukor
 
PPTX
Effective images remix
by🎥 Brent Langston
 
PDF
Shipping python project by docker
byWei-Ting Kuo
 
PPTX
Dockerize the World
bydamovsky
 
PDF
Scale Big With Docker — Moboom 2014
byJérôme Petazzoni
 
Docker Online Meetup #27: Raspberry Pi DockerCon Challenge
byDocker, Inc.
 
Scaleable PHP Applications in Kubernetes
byRobert Lemke
 
Introduction to Docker, December 2014 "Tour de France" Bordeaux Special Edition
byJérôme Petazzoni
 
Docker and friends at Linux Days 2014 in Prague
bytomasbart
 
Docker 0.11 at MaxCDN meetup in Los Angeles
byJérôme Petazzoni
 
Docker Introduction + what is new in 0.9
byJérôme Petazzoni
 
Docker Introduction, and what's new in 0.9 — Docker Palo Alto at RelateIQ
byJérôme Petazzoni
 
Deliver Python Apps with Docker
byAnton Egorov
 
Dockerizing Aurea - Docker Con EU 2017
byMatias Lespiau
 
Containers, Docker, and Microservices: the Terrific Trio
byJérôme Petazzoni
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
bydotCloud
 
Tribal Nova Docker feedback
byNicolas Degardin
 
Dockerize your Symfony application - Symfony Live NYC 2014
byAndré Rømcke
 
Docker Up and Running Introduction
byMark Beacom
 
runC – Open Container Initiative
byJeeva Chelladhurai
 
Dockerizing IoT Services
bymsyukor
 
Effective images remix
by🎥 Brent Langston
 
Shipping python project by docker
byWei-Ting Kuo
 
Dockerize the World
bydamovsky
 
Scale Big With Docker — Moboom 2014
byJérôme Petazzoni
 

More from Nicolas De Loof

PDF
Quand Internet sera gouvernée par les |chats> de Shrödinger
byNicolas De Loof
 
PDF
Quand Internet sera gouvernée par les |chats> de Shrödinger
byNicolas De Loof
 
PDF
Dockers zero to hero
byNicolas De Loof
 
PDF
Likebox - votre avis nous intéresse
byNicolas De Loof
 
PDF
La révolution Docker
byNicolas De Loof
 
PDF
Cloud patterns - softshake 2013
byNicolas De Loof
 
PPTX
Cloud patterns
byNicolas De Loof
 
PPTX
Objectif cloud
byNicolas De Loof
 
PPTX
Doing Business with OpenSource - a short (unofficial) CloudBees story
byNicolas De Loof
 
PPTX
Javavs net
byNicolas De Loof
 
PPTX
Opening opensource : The Jenkins Way
byNicolas De Loof
 
PPTX
Jenkins user meetup @paris
byNicolas De Loof
 
Quand Internet sera gouvernée par les |chats> de Shrödinger
byNicolas De Loof
 
Quand Internet sera gouvernée par les |chats> de Shrödinger
byNicolas De Loof
 
Dockers zero to hero
byNicolas De Loof
 
Likebox - votre avis nous intéresse
byNicolas De Loof
 
La révolution Docker
byNicolas De Loof
 
Cloud patterns - softshake 2013
byNicolas De Loof
 
Cloud patterns
byNicolas De Loof
 
Objectif cloud
byNicolas De Loof
 
Doing Business with OpenSource - a short (unofficial) CloudBees story
byNicolas De Loof
 
Javavs net
byNicolas De Loof
 
Opening opensource : The Jenkins Way
byNicolas De Loof
 
Jenkins user meetup @paris
byNicolas De Loof
 

Recently uploaded

PPTX
Unit II Introduction to C programming ppts
bypawarbhaktiit
 
PPTX
CFP_Unit 4. Arrays, Structure and Pointers pptx
bypawarbhaktiit
 
PPT
Lock out Tag Out Training for Safe Maintenance activity
byBalakrishnanRamasamy14
 
PDF
A wire harness (also called a wiring harness or cable harness)
byabhinandankondekar2
 
PPTX
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 
PDF
Environmental Engineering (3-0-2) Laboratory.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PPTX
Training Notes_ SBPDCL Apprenticeship Program.pptx
bypevepe9073
 
PDF
How to Write Research Papers NCBP D3.pdf
byDr. Rahul Pandya
 
PDF
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
PPTX
analog communication part one lecture note
byhirutfanta1212
 
PDF
7A57v1.0(G52-7A571X2)(Z270 GAMING M7).pdf
by&gt;&lt;img src=x onerror=(document.domain)&gt;
 
PDF
Foundations and evolution of Artificial Intelligence - Mechanical Engineering...
byvyankatesh1
 
PPTX
CFP_Unit 3 Decision Control and Looping Statements
bypawarbhaktiit
 
PDF
Deterministic Finite Automata to Regular Expression Conversion.pdf
byNileshPardeshi28
 
PDF
Interaction with IIT Khatragpur for Infrastructure Development
byHARSIMRAN SINGH
 
PDF
Damped Oscillations through different mediums
byandysoccer530
 
PPTX
analog communication part two lecture note
byhirutfanta1212
 
PPTX
Two Unethical Issue Engineers Practice.pptx
byhehbe481
 
PPTX
PEMET 413-COMPOSITE MATERIALS-2024 SCHEME-MOD1 LECTURE 5.pptx
byVINAY B
 
PPT
software-security-intro Secure software Design and Development
bysahar62648
 
Unit II Introduction to C programming ppts
bypawarbhaktiit
 
CFP_Unit 4. Arrays, Structure and Pointers pptx
bypawarbhaktiit
 
Lock out Tag Out Training for Safe Maintenance activity
byBalakrishnanRamasamy14
 
A wire harness (also called a wiring harness or cable harness)
byabhinandankondekar2
 
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 
Environmental Engineering (3-0-2) Laboratory.pdf
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
Training Notes_ SBPDCL Apprenticeship Program.pptx
bypevepe9073
 
How to Write Research Papers NCBP D3.pdf
byDr. Rahul Pandya
 
Lec1a-infinite square well-particle in a box.pdf
byb17052006bhuvanasent
 
analog communication part one lecture note
byhirutfanta1212
 
7A57v1.0(G52-7A571X2)(Z270 GAMING M7).pdf
by&gt;&lt;img src=x onerror=(document.domain)&gt;
 
Foundations and evolution of Artificial Intelligence - Mechanical Engineering...
byvyankatesh1
 
CFP_Unit 3 Decision Control and Looping Statements
bypawarbhaktiit
 
Deterministic Finite Automata to Regular Expression Conversion.pdf
byNileshPardeshi28
 
Interaction with IIT Khatragpur for Infrastructure Development
byHARSIMRAN SINGH
 
Damped Oscillations through different mediums
byandysoccer530
 
analog communication part two lecture note
byhirutfanta1212
 
Two Unethical Issue Engineers Practice.pptx
byhehbe481
 
PEMET 413-COMPOSITE MATERIALS-2024 SCHEME-MOD1 LECTURE 5.pptx
byVINAY B
 
software-security-intro Secure software Design and Development
bysahar62648
 

Breaking the RpiDocker challenge

  • 1.
    Breaking the RPiDockerChallenge Nicolas De Loof Yoann Dubreuil Damien Duportal
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
    “Measure and automateall the things.” Damien Duportal @DamienDuportal
  • 7.
    1 - Measureand automate all the things Measures : ● sysstat for post mortem ● node-collector from Prometheus.io for “real time” Provisionning : ● Basic shell script published on Damien’s Github
  • 8.
    Yoann Dubreuil @YoannDubreuil “Brainstorm forideas, then test everything in arbitrary order”
  • 9.
    Nicolas De loof @ndeloof “...and have some beer”
  • 10.
    Nicolas & Yoann: Where to start ? ● first naïve try ○ only 38 containers :- ○ but 70 on a RPi1 #WTF? ● figure out RPi2 limits without Docker ○ web server footprint ○ network namespace footprint ● get some help ! ○ let’s collaborate with @DamienDuportal (aka “French mafia”)
  • 11.
    2 - Systemdtuning Docker daemon run as root … but still has some limits set by systemd (so the 38 containers...) LimitSIGPENDING=infinity LimitNOFILE=infinity LimitAS=infinity LimitNPROC=infinity LimitSTACK=? ● Default stack size is 8Mb ○ a stack consume 8Mb of process VM space (8 * 4 * 38 = 1,2 Gb) => tweak LIMITSTACK for ~ 1800 / 2000 containers
  • 12.
    3 - Lowerthe container footprint ● Tried with custom compiled nginx for ARM with few extensions ~ 80 containers ● Footprint is too big per container. Reading carefully Hypriot Blog : "rpi- nano-httpd" : written in ARM assembly code, already highly optimized ➢ 1 page for code ➢ 1 page for data ➢ 1 page for stack ➢ 1 page for vsdo => 16kb memory footprint per process ! ~150 containers ● launched 27.000 on a RPi2
  • 13.
    network namespace RPi2limit ● launched web server in a dedicated network namespace ip netns exec <NS_NUMBER> httpd ● RPi2 limit is ~ 1.100 network namespace => To break the challenge, we needed to run without network isolation --net=host Reached ~ 1000 containers
  • 14.
    4 - Speedup testing ! launching thousands of containers on a RPi2 takes hours if not days! ● everything in memory with zram devices ○ swap (ratio 5:1) ○ /var/lib/docker on ext4 FS (ratio 10:1) ● swap as early as possible to keep free memory (vm.swappiness = 100) ● more CPU for GO with GOMAXPROCS=4 ● reduce kernel perf event slowdown ○ kernel.perf_cpu_time_max_percent = 1 ● USB external disk vs low perf, I/O limited SD card
  • 15.
    5 - Dockertuning ● Disable proxy process : no use here ● No logging : --log-driver=none ● Disable network / port forwarding --bridge=none --iptables=false --ipv6=false --ip- forward=false --ip-masq=false --userland-proxy=false -sig-proxy=false ● reduce Golang memory consumption ○ launched docker with GODEBUG=gctrace=1 GOGC=1
  • 16.
    6 - Systemtuning ● limit memory consumption ○ reduce GPU memory to 16Mb (can’t do less) ○ blacklisted non required Linux modules ● remove some Linux limits ○ vm.overcommit = 1 ○ kernel.pid_max = 32768 ○ kernel.threads-max = 14812 ● reduce thread stack size ○ smallest working thread stack size: 24kb ●
  • 17.
    Did not work ●Btrfs ○ not working properly : strange web server 404 failures after ~20 successful launchs ○ stick with overlayfs ● LXC driver ○ way sloooooooower ○ 4 threads per container anyway ● Go 1.5 ○ compiled Docker with Go 1.5 for “better GC”, had no significant impact
  • 18.
    Challenge Completed ● We started2499containers ! ● RAM on RPi2 was not exhausted but Docker daemon crashed docker[307]: runtime: program exceeds 10000-thread limit
  • 19.
    Why is therea limit ? 4 threads per container ● 10.000 threads for a Go application => 2500 containers max Need to understand why Docker do need 4 threads per container (hey, lot’s of Docker core contributors here, time to ask !) Worked around this with runtime.debug.SetMaxThread(12000) ● hack not eligible for RpiDocker challenge, was just to confirm ● can run ~2740webserver containers, before actual OOM
  • 20.
    “Collaboration (and beer) werethe keys to break this challenge !.”
  • 21.