Recent years have witnessed a widespread adoption of containers. While containers simplify and accelerate application development, existing container network technologies either incur significant overhead, which hurts performance for distributed applications, or lose flexibility or compatibility, which hinders the widespread deployment in production. We design and implement ONCache (\textbf{O}verlay \textbf{N}etwork \textbf{Cache}), a cache-based container overlay network, to eliminate the overhead while keeping flexibility and compatibility. We carefully analyze the difference between an overlay network and a host network, and find that an overlay network incurs extra packet processing, including encapsulating, intra-host routing, namespace traversing and packet filtering. Fortunately, the extra processing exhibits an \emph{invariance property}, e.g., most packets of the same flow have the same processing results. This property motivates us to cache the extra processing results. With the proposed cache, ONCache significantly reduces the extra overhead while maintaining the same flexibility and compatibility as standard overlay networks. We implement ONCache using eBPF with only 524 lines of code, and deploy ONCache as a plugin of Antrea. With ONCache, container communication achieves similar performance as host communication. Compared to the standard overlay network, ONCache improves the throughput and request-response transaction rate by 12\% and 36\% for TCP (20\% and 34\% for UDP), while significant reduces per-packet CPU overhead. Many distributed applications also benefit from ONCache.

翻译：近年来，容器技术得到了广泛采用。尽管容器简化并加速了应用程序开发，但现有的容器网络技术要么产生显著开销，从而损害分布式应用的性能，要么失去灵活性或兼容性，妨碍了其在生产环境中的广泛部署。我们设计并实现了ONCache（覆盖网络缓存），一种基于缓存的容器覆盖网络，旨在消除开销的同时保持灵活性和兼容性。我们仔细分析了覆盖网络与主机网络之间的差异，发现覆盖网络引入了额外的数据包处理过程，包括封装、主机内路由、命名空间遍历及数据包过滤。幸运的是，这些额外处理表现出不变性特性，例如同一流中的大多数数据包具有相同的处理结果。这一特性促使我们缓存这些额外处理的结果。借助所提出的缓存机制，ONCache显著降低了额外开销，同时保持了与标准覆盖网络相同的灵活性和兼容性。我们仅用524行eBPF代码实现了ONCache，并将其作为Antrea的插件进行部署。借助ONCache，容器通信实现了与主机通信相媲美的性能。与标准覆盖网络相比，ONCache将TCP的吞吐量和请求-响应事务速率分别提升了12%和36%（UDP分别提升20%和34%），同时显著降低了每数据包的CPU开销。许多分布式应用也受益于ONCache。