Add swap_encryption benchmark (AWS EKS)#6758
Conversation
Benchmarks Linux swap behavior on encrypted vs unencrypted backends on AWS EKS. Covers instance-store NVMe (i4i, always Nitro-encrypted) and io2 EBS (m6id, encrypted and unencrypted). Measures swap throughput, CPU overhead, and application-level impact (redis, kernel build, OpenSearch) under memory pressure. Includes unit tests for the fio/memtier JSON parsers, cloud detection, and cost sampling. GKE support to follow in a separate change.
|
cc @ajaysundark |
|
I'll leave more comments in detail, but my high level feedback is that GKE setup should use the managed swap configuration (https://docs.cloud.google.com/kubernetes-engine/docs/how-to/node-memory-swap) for provisioning swap instead of hacking per pod swap limits.. PKB already seem to support gke_node_system_config so it could be simpler to leverage this for GKE setup |
|
|
||
| """GKE vs. AWS EKS Swap Encryption and LSSD Performance Benchmark. | ||
|
|
||
| Methodology: go/swap-encryption-and-lssd-performance-comparison:gke-vs-aws |
There was a problem hiding this comment.
I'm good to keep the swap+encryption micro-benchmarks separately in this file, but for the real workload comparisons it is better to keep them in the existing, respective workload benchmarks to keep the application level comparisons valuable
| return out, err | ||
|
|
||
|
|
||
| def _EnableSwapPressure(pod: str, high_pct: int = 75) -> None: |
There was a problem hiding this comment.
I'm not clear on the need for these cgroup overrides. could you clarify the intent?
Kubernetes sets the swap cgroup limits based on the user memory request. overriding them for the benchmark run defeats the purpose as it may test the environment that's not representative of a real workload run.
|
|
||
| Methodology: go/swap-encryption-and-lssd-performance-comparison:gke-vs-aws | ||
|
|
||
| == Architecture == |
There was a problem hiding this comment.
For EKS, is it better to set kubelet swapBehavior in the launch-template or user-data and wire instance-store or io2 configurations for the swap device at boot instead of DS?
This could enable you to set swap as a capability on BaseNodePoolConfig so any k8s benchmark like redis or esrally, can request a swap-enabled pool declaratively.
it'll help us land swap as a feature config to validate "present/absent" comparisons for different workloads.
2 participants
Benchmarks Linux swap behavior on encrypted vs unencrypted backends on AWS EKS. Covers instance-store NVMe (i4i, always Nitro-encrypted) and io2 EBS (m6id, encrypted and unencrypted). Measures swap throughput, CPU overhead, and application-level impact (redis, kernel build, OpenSearch) under memory pressure.
Includes unit tests for the fio/memtier JSON parsers, cloud detection, and cost sampling. GKE support to follow in a separate change.