Download as PDF, PPTX
Uploaded byThomas Graf
PDF, PPTX5,067 views
Cilium - Container Networking with BPF & XDP
The document discusses a network architecture involving frontend and backend components with a focus on load balancing (lb) and policy enforcement through a cluster-wide label ID system. It highlights reduced costs in policy enforcement due to a simplified hashtable lookup. Additionally, it mentions performance tests involving Intel Xeon processors and handling large amounts of policies.
More Related Content
What's hot
More from Thomas Graf
Cilium - Container Networking with BPF & XDP
- 3.
- 4.
- 6.
- 7.
- 8. ● ● ○ ○ Frontend BackendLB FE BE LB LB FE FEBE LB Prod Frontend BackendLB FE BELB QA Prod QA Prodrequires requires QA QA
- 9. ● ○ FE BE LB Prod QA Prod Prod FE BE LB QA QA 10 11 12 13 14 15 16 Cluster WideLabel ID Table: This ID is carried in the network packet and used to reconstruct the label context at the receiving host. Policy enforcement cost is reduced to a single hashtable lookup regardless of complexity.
- 10. ● ● ● FE BE LB LB ECMP FE FE BE BE BE Small HTTP GET UltraHD Cat Pictures/Videos
- 12. Intel Xeon 3.5GhzSandy Bridge, 24 cores, 1 TCP flow per core, netperf -t TCP_SENDFILE, 10’000 policies
- 15.