Profile

Cover photo
3,243 followers|582,687 views
AboutPostsPhotos

Stream

systemd

Shared publicly  - 
 
 
We used systemd cgroup magic to map stale library mappers to the services that needed restarting.
44
8
Gianluca Sforna's profile photoAndreas Proschofsky's profile photo
Add a comment...

systemd

Shared publicly  - 
 
 
DHCP performance

One of the things we wanted from networkd was reasonably fast network configuration.

Most of today's machines (be it phones, laptops, container instances or servers) are only really useful for their purpose once they have a network connection. It does not matter much that we are able to boot in one second, if it takes several times that to establish a network connection.

This is especially important for container instances that we can boot in, say 100ms, and therefore reasonably start on demand.

A couple of weeks ago I started profiling networkd's DHCP client library, and found that we compared relatively favorably to the 'competition', but were still adding way too much to boot-time to be acceptable in containers. Acquiring a DHCP lease from the same host (so no network latency) took about 500ms.

Quite a bit of low-hanging fruit later we were down to 50ms, but with one big bottle-neck remaining. Today, with lots of help from +Kay Sievers and a crucial suggestion from Daniel Borkmann, I finally killed off the last obvious bottle-neck and we are now able to acquire a lease in about 750 micro seconds (so almost 1000x improvement :)).

The tests were pretty synthetic (our DHCP client and server libraries talking to each other over a veth pair from the same process), so let's finish off with two real-world tests:

Deploying networkd as the DHCP client in an nspawn container started with --network-veth, the time from we get link-sense to the network is fully configured is roughly 5ms.

Using networkd together with wpa_supplicant on my laptop on my crappy home wifi, the time from link-sense to fully configured network is roughly 50ms (most of that obviously spent on network latency due to the two round-trips a lease acquisition requires).

Overall, I'm pretty happy with these results, and am even tempted to say that this is good enough. A few obvious improvements can still be made: employ BPF to avoid getting woken up by lots of bogus packets that we have to discard, and optimize our IP/UDP checsum algoritm, which is still pretty naive, and which currently takes up most of our CUP time.

If anyone is interested in working on further optimizations, do get in touch!
49
4
Felipe Lessa's profile photoBrecht Gijbels's profile photoJoshua Hillerup's profile photoTom Gundersen's profile photo
9 comments
 
+Brecht Gijbels that would be nice indeed :)
Add a comment...

systemd

Shared publicly  - 
29
4
Harry ten Berge's profile photoAlexander Diana's profile photoAlan Orth's profile photoDiego Call.'s profile photo
 
I'm loving these container additions.
Add a comment...

systemd

Shared publicly  - 
 
 
You can now log to systemd-journald from Perl.
10
1
Zbyszek Jedrzejewski-Szmek's profile photoKristian Köhntopp's profile photo
Add a comment...

systemd

Shared publicly  - 
 
Our next hackfest is in April in San Francisco!
systemd Hackfest San Francisco April 2014
Yesterday, April 15, 1:00 PM
Pantheon Systems Inc., 717 California Street, Third Floor, San Francisco, CA 94108

3
Add a comment...
Have them in circles
3,243 people

systemd

Shared publicly  - 
 
Next week in San Francisco!
systemd Hackfest San Francisco April 2014
Yesterday, April 15, 1:00 PM
Pantheon Systems Inc., 717 California Street, Third Floor, San Francisco, CA 94108

1
Add a comment...

systemd

Shared publicly  - 
 
 
#systemd 's busctl tool monitoring and pretty-printing kdbus traffic, including the full set of the peer's metadata.
14
Add a comment...

systemd

Shared publicly  - 
 
A +systemd feature that will hopefully get wider exposure in Fedora.
 
I just posted a new Fedora feature. Let's make Fedora more secure by default!

(Also wanted to post another feature, regarding distro-wide adoption of CapabilityBoundingSet= for all long-running services, but I won't have the time to prep that before the feature deadline. Maybe next iteration...)
7
Add a comment...

systemd

Shared publicly  - 
 
 
+Lennart Poettering is conquering the French market!
30
2
Feth AREZKI's profile photoVincent Moutoussamy's profile photoVincent Panel's profile photoIgor Deordiev's profile photo
2 comments
 
Precisely "système débrouille" : do it BY yourself, with what you have at hand.
Add a comment...
People
Have them in circles
3,243 people
Contact Information
Contact info
Email
Story
Tagline
systemd is systemv times one hundred!
Introduction
systemd is just like systemv, just 100x better.

Unix fire extinguisher photo, CC-BY-SA Thomas Claveirole