CMP315_Optimizing Network Performance for Amazon EC2 Instances

© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Optimizing Network Performance
for Amazon EC2 Instances
N i c k M a t t h e w s , P a r t n e r S o l u t i o n s A r c h i t e c t
V i s h v e s h S a h a s r a b u d h e , E C 2 P r o d u c t M a n a g e r
N o v e m b e r 2 8 , 2 0 1 7
C M P 3 1 5
AWS re:INVENT

Network Performance
Packets in Packets out
?

Network Performance: Let’s Look
Packets in Packets out
?

What to Expect
• Performance Concepts
• Operating system tweaks
• Networking Performance Features
• Enhanced networking
• EC2 features
• Architectural Performance
• Network location
• Load balancing
• Testing

Performance Concepts

Basic Concepts
Bandwidth Latency Throughput Jitter

Bandwidth Delay Product
10 Gbps
500 milliseconds
Data

10 Gbps
500 milliseconds
1 second RTT
ACK
(To make math easy)

Data Data DataData
10 Gbps
1 second RTT
Bandwidth per second = How much
data is sent in one round trip
1. Larger packets (MTU)
2. Send more packets (TCP window size)

TCP and Latency
Latency really matters for:
• Cross-Region connectivity
• Instance-to-Instance for clustering (HPC)
• Elasticache, memcached
Tuning:
• TCP tuning
• Set larger MTUs
• Increase network efficiency
Making friends with physics:
• AWS Region choice: 10’s of ms
• Availability Zone affinity: milliseconds
• Placement groups: <1 ms

Examples of TCP Tuning
TCP receive window:
sysctl net.ipv4.tcp_rmem
Initial congestion window:
ip route change 10.16.16.0/24 dev eth0
proto kernel scope link initcwnd 16
TCP congestion control algorithms:
net.ipv4.tcp_available_congestion_control
TCP retransmission timer:
ip route change 10.16.16.0/24 dev eth0 proto kernel
scope link rto_min 50ms
From this session:
NET401 – Making Every Packet Count

Other Related Performance Sessions
CMP207 – High Performance Computing on AWS
CMP301 – Deep Dive on Amazon EC2 Instances, Featuring
Performance Optimization Best Practices

Packets per Second (PPS) and
Maximum Transmission Unit (MTU)
Each packet has processing overhead
• Small packets such as real time systems or transactions
Large packets increase the overall performance
• Jumbo MTU of 9001 available within VPC or VPC peers
1448 B
Payload
8949 B Payload
Jumbo MTUs increase the usable data per packet

AWS Network Performance Features

AWS networking
• Higher performance with larger EC2 instance sizes
Enhanced Networking
• Over 1M PPS performance
• Reduces instance-to-instance latencies
• Support SR-IOV with PCIe passthrough, to get the hypervisor
out of the way and for consistent performance
• Intel ixgbvef and Amazon EC2 Elastic Network Adapter (ENA)
Networking on AWS

Amazon EC2 Enhanced Networking

Virtualization
Layer
HW NIC
Virtualization
Layer
HW NIC
Xen-PV Xen-PV

HW NIC HW NIC
VF VF
Intel
ixgbevf
Intel
ixgbevf
10 Gbps
Virtualization
Layer
Virtualization
Layer

Amazon EC2 Elastic Network Adapter
ENA ENA
VF VF
20 Gbps
25 Gbps
Virtualization
Layer
Virtualization
Layer

ENA Driver Capabilities
• Future proof: support for up to 400 Gbps
• Increased queues per device
• Lower latency and jitter
• Broad Operating System AMI support
• Linux—Amazon Linux, RHEL 7.4, SLES 12, Ubuntu 14.04,
16.04, CentOS 7 (1711), and in the Linux kernel since 4.9
• Windows Server 2008 R2, 2012, 2012 R2, 2016
• FreeBSD 11
• DPDK support starting in 16.04, PMD support
• Open Source: https://github.com/amzn/amzn-drivers

Enhanced Networking Latency Improvements
(RTT)
0
50
100
150
200
250
300
tp50 tp99
cc2.8xlarge c3.8xlarge c4.8xlarge c5.18xlarge

Network Throughput
25G across all ENA i nstance typ e s, in all R e g ions
0
5000
10000
15000
20000
25000
30000
96 128 256 512 1024 2048 4096 8192
Mbps
TCP Packet Size
c3.8xlarge C4.8xlarge
C5.18xlarge single-stream C5.18xlarge multi-stream

Amazon EC2 Performance
New instance types (C5, I3, P3, R4) with higher
performance
Smaller instances can have up to 10 Gbps network
performance
Larger instances have dedicated 10 or 25 Gbps
Instance size impacts the total network capacity, speeds
are bidirectional
Instances also have dedicated Amazon Elastic Block
Store (EBS) volume bandwidth

Network + Storage Throughput
0
10
20
30
40
c3.8xlarge c4.8xlarge c5.18xlarge
Network Storage

Enhanced Networking Requirements
Instances support either ixgbevf or ENA:
• ixgbevf: C3, C4, D2, I2, M4 (except m4.16xlarge), R3
• ENA: C5, F1, G3, P2, P3, R4, I3, X1, X1e, m4.16xlarge
AMI must support the correct driver version:
• ixgbevf 2.14.2+ or any ENA release
Enable the AMI or instance
• AMI tag OR instance attribute

Instance Enablement
% aws ec2 describe-instance-attribute
--instance-id i-0ec179afafe026710
--attribute sriovNetSupport
{
"InstanceId": "i-01286b75ff50326ea",
"SriovNetSupport": {}
}
Not yet!

Instance Enablement
% aws ec2 describe-instance-attribute
--instance-id i-07312ca8e93d69514
{
"InstanceId": "i-07312ca8e93d69514",
"SriovNetSupport": {
"Value": "simple”
}
}
ixgbevf
Support!

Instance Enablement
% aws ec2 describe-instances
--instance-id i-07a94b1806d6cd309
--query "Reservations[].Instances[].EnaSupport”
[
true
]
ENA
Support!

AMI Check
• ixgbevf Enhanced Networking:
aws ec2 describe-image-attribute --image-id ami_id
• ENA Enhanced Networking:
aws ec2 describe-image-attribute --image-id ami_id
--attribute enaSupport

ENA Instance Enablement
1. Start an instance without enhanced networking support
2. Build the ENA kernel driver
3. Build a new AMI or modify the instance
# aws ec2 modify-instance-attribute
--instance-id instance_id --ena-support
Or
# aws ec2 register-image --ena-support ...
4. Restart/relaunch and enjoy!

PV-XEN
$ ethtool -k eth0
driver: vif
Enhanced Networking
$ ethtool -i eth0
driver: ixgbevf
C3, C4, D2, I2, R3,
M4 (not m4.16XL)
Elastic Network Adapter
$ ethtool -i eth0
driver: ena
C5, F1, G3, P2, P3, R4, I3,
X1, X1e, m4.16xlarge
Verifying Enhanced Networking
https://github.com/amzn/amzn-drivers

Beyond Enhanced Networking with DPDK
Intel Data Plane Development Kit (DPDK) is a set of C
libraries and drivers for fast packet processing
DPDK provides:
• Lower latency due to kernel and TCP stack bypass
• More control of packet processing
• Lower CPU overhead

Data Plane Development Kit (DPDK)
ENA ENA
VF25 Gbps
Virtualization
Layer
Virtualization
Layer
Kernel
App
VF

Data Plane Development Kit (DPDK)
ENA ENA
VF VF25 Gbps
Virtualization
Layer
Virtualization
Layer
Kernel
DPDK
App
The application is developed to use the DPDK libraries

DPDK on AWS
Supported on Enhanced Networking instances:
• Intel ixgbevf and AWS Elastic Network Adapter (ENA)
DPDK can reduce latency while increasing control of packet processing
• Kernel, TCP stack, and PMD instead of interrupts reduce latency
• DPDK does not change any underlying limits or maximums
Note:
ixgbevf will receive 802.1q tagged frames, which should be stripped. Egress
packets should be untagged. ENA receives and sends untagged frames.

Supercell
• Distributed application with thousands of TCP connections between instances
• Migrated Clash of Clans from EC2 Classic to VPC
• 100% on enhanced networking instances
Internet
Front-end
Proxy Layer
Application
Service Layer
Storage Layer

How Did Supercell Benefit?
• In EC2 Classic, hundreds of servers each with thousands
of TCP connections took 30 minutes to initialize
• With enhanced networking it takes less than 1 minute
• Benefits:
• TCP reliability
• Monitoring
• Database connections
• Message queue depths dramatically smaller

Getting Players Back In the Game
Network maintenance and
update downtimes are 20
minutes instead 1 hour

Architectures: Network Performance

Sometimes It’s Where You Are
The sources and destinations matter:
• Within a placement group
• Over a VPN connection
• Using AWS Direct Connect
• Using Elastic Load Balancing
• Accessing AWS services such as Amazon S3

VPC Performance
No VPC-specific limits
Availability Zone Availability Zone
No limit for any
Availability Zone or subnet
IGW
No limit for any Internet
Gateway
Bandwidth Limits: NAT Gateway
Each NAT Gateway can
sustain 10 Gbps, and
scales horizontally
beyond 10 Gbps

VPC Peering Performance
No limit for VPC peering
Internet Gateway
Bandwidth Limits:
Internet Gateway
VPC Peering

Placement Group
Bandwidth Limits
Availability Zone B
Availability Zone A
Amazon S3
Placement Group – 10 Gbps
Everywhere else – 5 Gbps
Flow Limits:
5 Gbps aggregate per instance
25 Gbps
25Gbps
Every Other Traffic Type:
Inter-instance Limits:
25 Gbps within the VPC or peered
VPC
Limits to S3:
25 Gbps to VPC Endpoints and
public IPs in the same Region

Virtual Private Gateway Performance
~1.25 Gbps aggregate per VPN tunnel
Availability Zone
Internet Gateway
Bandwidth Limits:
Virtual Private
Gateway
Virtual Private Network (VPN)
AWS Direct Connect
AWS Direct Connect is only limited
by physical port speeds

Virtual Private Gateway Performance
5gbps limit for egress traffic per
instance
Availability Zone
Internet Gateway
Bandwidth Limits:
Virtual Private
Gateway
Virtual Private Network (VPN)
AWS Direct Connect

Network Load Balancer Performance
Auto Scaling Group
Network Load
Balancer
Network Load Balancer
• L4 load balancer
• TCP
• High Performance
• Availability Zone locality
• One IP per Availability Zone
Bandwidth Limits:
Several gigabits of capacity at launch
Scales horizontally

Distributed load testing (BWMG), executed in a loop
bees attack --url '<NLB>' --number 10000000 --concurrent 100000 –keepalive
Performance graph shows no errors, and content was served fine

Related Session:
NET304 – Deep Dive into the new Network Load Balancer

Performance Testing

Benefits of Testing
Many potential performance factors:
• Flow location, type, size
• Instance family, type
• Application profile
• Packet sizes, protocols, CPU/memory/disk usage
AWS Recommendation: test it yourself

Performance Testing: How?
With your application and environment
• Load testing
• Transaction testing
• “Race track numbers”
Benchmark testing
• Scenario testing: intra-VPC, internet traffic, VPN
• Bandwidth, latency, jitter, throughput, packets per second

Testing Tips
Use multiple flows
#iperf –c 192.168.1.1 –P 10
Try UDP as well
#iperf –c 192.168.1.1 –u –p <port number>
Distributed testing tools
• https://github.com/newsapps/beeswithmachineguns
Network benchmark testing
• https://aws.amazon.com/premiumsupport/knowledge-
center/network-throughput-benchmark-linux-ec2/

Summary
Understand latency and TCP dynamics
• Tune and reduce latency
Understand what AWS offers to help
• Enhanced networking, jumbo MTU, instance families
Use the right architecture
• Know the limits, distribute the load
Test it out

Available February 2018
Networking Study Guide

Thank you!

CMP315_Optimizing Network Performance for Amazon EC2 Instances

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a CMP315_Optimizing Network Performance for Amazon EC2 Instances

Semelhante a CMP315_Optimizing Network Performance for Amazon EC2 Instances (20)

Mais de Amazon Web Services

Mais de Amazon Web Services (20)

CMP315_Optimizing Network Performance for Amazon EC2 Instances