Recent years have witnessed a widespread adoption of containers in cloud computing. While containers simplify and accelerate application development, the existing container network technologies either incur significant overhead, which hurts performance for distributed applications, or lose flexibility or universality, which hinders the widespread deployment in production. We design and implement XMasq, an eBPF-based container overlay network, to eliminate the extra overhead while keeping flexibility and universality. We take full advantage of eBPF and design a cache-based network virtualization mechanism and a redirect-based intra-host data path in XMasq. XMasq closes the performance gap between overlay networks and host networks. Compared to standard overlay networks, XMasq improves the TCP throughput by 18% and the Request-Response transaction rate by 101%; XMasq also reduces the latency of Memcached by 28.3%, PostgreSQL by 14.6% and Nginx by 29%. Compared to container native-routing networks, XMasq does not require the underlay network being able to foward packets using container IPs. Compared to Slim, which only supports TCP traffic, XMasq is protocol independent and thus all the applications can benefit from XMasq. We deploy XMasq as a plugin of Antrea, which is a Container Network Interface (CNI).

翻译：近年来，云计算中的容器技术得到了广泛应用。尽管容器简化并加速了应用开发，但现有容器网络技术或引入显著开销从而损害分布式应用的性能，或丧失灵活性/通用性而阻碍其生产环境大规模部署。我们设计并实现了XMasq——一种基于eBPF的容器覆盖网络，在保持灵活性与通用性的同时消除了额外开销。XMasq充分利用eBPF特性，设计了基于缓存的网络虚拟化机制和基于重定向的宿主机内数据路径。该技术弥合了覆盖网络与宿主机网络之间的性能差距。与标准覆盖网络相比，XMasq将TCP吞吐量提升18%，请求-响应事务速率提升101%；同时将Memcached延迟降低28.3%，PostgreSQL延迟降低14.6%，Nginx延迟降低29%。XMasq不需要底层网络支持容器IP转发，这与容器原生路由网络不同；此外，XMasq是协议无关的（区别于仅支持TCP流量的Slim），因此所有应用均可受益。我们已将XMasq作为Antrea（一种容器网络接口CNI）的插件进行部署。