AWSのLambdaの裏側で動いているマイクロVMの論文を読んでみた.
4章はAWSでのLambdaの動作を知るには有益なので読んでみるとGoodかも.
URL) https://www.usenix.org/system/files/nsdi20-paper-agache.pdf
最初のLambdaではLinux Containerを使っていたのが意外だ.
顧客アカウント単位で単一のVM内で複数の関数を実行していたのか.
When we first built AWS Lambda, we chose to use Linuxcontainers to isolate functions, and virtualization to isolatebetween customer accounts. In other words, multiple func-tions for the same customer would run inside a single VM,but workloads for different customers always run in differentVMs.
出典) Firecracker: Lightweight Virtualization for Serverless Applications
AWSにおいて重要だったポイントは「density (密集度)」と「overhead (オーバヘッド)」の2つ
ねらい(たぶん)→関数が起動するまでの時間の削減,マルチテナンシー(収容率)の向上
Two key, and related, challenges of virtualization are density and overhead
出典) Firecracker: Lightweight Virtualization for Serverless Applications
QEMUの複雑さがエグい… 140万行のコードと270のシステムコール…
To illustrate this complexity, the popular combination of Linux Kernel Virtual Machine [29] (KVM) and QEMU clearly illustrates the complexity. QEMU contains 1.4million lines of code, and can require up to 270 unique syscalls [57] (more than any other package on Ubuntu Linux15.04). The KVM code in Linux adds another 120,000 lines. The NEMU [24] project aims to cut down QEMU by removing unused features, but appears to be inactive.
出典) Firecracker: Lightweight Virtualization for Serverless Applications
Rustで書いて96%のコード量をQEMUに比べて削減…
Firecracker’s approach to these problems is to use KVM(for reasons we discuss in section 3), but replace the VMM with a minimal implementation written in a safe language. Minimizing the feature set of the VMM helps reduce surface area, and controls the size of the TCB. Firecracker contains approximately 50k lines of Rust code (96%fewer lines than QEMU), including multiple levels of automated tests, and auto-generated bindings. Intel Cloud Hypervisor [25] takes a similar approach, (and indeed shares much code with Fire-cracker), while NEMU [24] aims to address these problems by cutting down QEMU.
出典) Firecracker: Lightweight Virtualization for Serverless Applications
Lambdaの関数実行環境はコロコロ変わるけれど,コードの読み込みとコードの移動にかかるコストを抑えるために関数実行環境をSticky(2回目以降は1回目を使う)に割り当てるのか !!
The execution of the customer code happens on the Lambda worker fleet, but to improve cache locality, enable connection re-use and amortize the costs of moving and loading customer code, events for a single function are sticky-routed to as few workers as possible.
出典) Firecracker: Lightweight Virtualization for Serverless Applications
コメントを残す