1# F-Stack 2 3 4## Introduction 5With the rapid development of NIC, the poor performance of data packets processing with Linux kernel has become the bottleneck. However, the rapid development of the Internet needs high performance of network processing, kernel bypass has caught more and more attentions. There are various similar technologies appear, such as DPDK, NETMAP and PF_RING. The main idea of kernel bypass is that Linux is only used to deal with control flow, all data streams are processed in user space. Therefore, kernel bypass can avoid performance bottlenecks caused by kernel packet copying, thread scheduling, system calls and interrupts. Furthermore, kernel bypass can achieve higher performance with multi optimizing methods. Within various techniques, DPDK has been widely used because of its more thorough isolation from kernel scheduling and active community support. 6 7[F-Stack](http://www.f-stack.org/?from=github) is an open source network framework with high performance based on DPDK. With following characteristics 8 91. Ultra high network performance which can achieve network card under full load, 10 million concurrent connections, 5 million RPS, 1 million CPS. 102. Transplant FreeBSD 11.01 user space stack, provides a complete stack function, cut a great amount of irrelevant features. Therefore greatly enhance the performance. 113. Support Nginx, Redis and other mature applications, service can easily use F-Stack 124. With Multi-process architecture, easy to extend 135. Provide micro thread interface. Various applications with stateful app can easily use F-Stack to get high performance without processing complex asynchronous logic. 146. Provide Epoll/Kqueue interface that allow many kinds of applications easily use F-Stack 15 16## History 17 18In order to deal with the increasingly severe DDoS attacks, authorized DNS server of Tencent Cloud DNSPod switched from Gigabit Ethernet to 10-Gigabit at the end of 2012. We faced several options, one is to continue to use the original model another is to use kernel bypass technology. After several rounds of investigation, we finally chose to develop our next generation of DNS server based on DPDK. The reason is DPDK provides ultra-high performance and can be seamlessly extended to 40G, or even 100G NIC in the future. 19 20After several months of development and testing, DKDNS, high-performance DNS server based on DPDK officially released in October 2013. It's capable of achieving up to 11 million QPS with a single 10GE port and 18.2 million QPS with two 10GE ports. And then we developed a user-space TCP/IP stack called F-Stack that can process 0.6 million RPS with a single 10GE port. 21 22With the fast growth of Tencent Cloud, more and more services need higher network access performance. Meanwhile, F-Stack was continuous improving driven by the business growth, and ultimately developed into a general network access framework. But this TCP/IP stack couldn't meet the needs of these services while continue to develop and maintain a complete network stack will cost high, we've tried several plans and finally determined to port FreeBSD(11.0 stable) TCP/IP stack into F-Stack. Thus, we can reduce the cost of maintenance and follow up the improvement from community quickly.Thanks to [libplebnet](https://gitorious.org/freebsd/kmm-sandbox/commit/fa8a11970bc0ed092692736f175925766bebf6af?p=freebsd:kmm-sandbox.git;a=tree;f=lib/libplebnet;h=ae446dba0b4f8593b69b339ea667e12d5b709cfb;hb=refs/heads/work/svn_trunk_libplebnet) and [libuinet](https://github.com/pkelsey/libuinet), this work becomes a lot easier. 23 24With the rapid development of all kinds of application, in order to help different APPs quick and easily use F-Stack, F-Stack has integrated Nginx, Redis and other commonly used APPs, and a micro thread framework, and provides a standard Epoll/Kqueue interface. 25 26Currently, besides authorized DNS server of DNSPod, there are various products in Tencent Cloud has used the F-Stack, such as HttpDNS (D+), COS access module, CDN access module, etc.. 27 28## Quick Start 29 30 #clone F-Stack 31 mkdir /data/f-stack 32 git clone https://github.com/F-Stack/f-stack.git /data/f-stack 33 34 cd f-stack 35 # compile DPDK 36 cd dpdk/tools 37 ./dpdk-setup.sh # compile with x86_64-native-linuxapp-gcc 38 39 # Set hugepage 40 # single-node system 41 echo 1024 > /sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages 42 43 # or NUMA 44 echo 1024 > /sys/devices/system/node/node0/hugepages/hugepages-2048kB/nr_hugepages 45 echo 1024 > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages 46 47 # Using Hugepage with the DPDK 48 mkdir /mnt/huge 49 mount -t hugetlbfs nodev /mnt/huge 50 51 # close ASLR; it is necessary in multiple process 52 echo 0 > /proc/sys/kernel/randomize_va_space 53 54 # offload NIC 55 modprobe uio 56 insmod /data/f-stack/dpdk/x86_64-native-linuxapp-gcc/kmod/igb_uio.ko 57 insmod /data/f-stack/dpdk/x86_64-native-linuxapp-gcc/kmod/rte_kni.ko 58 python dpdk-devbind.py --status 59 ifconfig eth0 down 60 python dpdk-devbind.py --bind=igb_uio eth0 # assuming that use 10GE NIC and eth0 61 62 # On Ubuntu, use gawk instead of the default mawk. 63 #sudo apt-get install gawk # or execute `sudo update-alternatives --config awk` to choose gawk. 64 65 # Compile F-Stack 66 export FF_PATH=/data/f-stack 67 export FF_DPDK=/data/f-stack/dpdk/x86_64-native-linuxapp-gcc 68 cd ../../lib/ 69 make 70 71#### Nginx 72 73 cd app/nginx-1.11.10 74 bash ./configure --prefix=/usr/local/nginx_fstack --with-ff_module 75 make 76 make install 77 cd ../.. 78 /usr/local/nginx_fstack/sbin/nginx 79 80for more details, see [nginx guide](https://github.com/F-Stack/f-stack/blob/master/doc/F-Stack_Nginx_APP_Guide.md). 81 82#### Redis 83 84 cd app/redis-3.2.8/ 85 make 86 make install 87 88 If KNI is enabled in the configuration file, you should create a virtual NIC after F-Stack started, and set the ipaddr, netmask, mac addr, route table, etc. These addrs must be same with F-Stack. 89 90 If you don't have another management port, you should execute a script like this. 91 92 ./start.sh -b /usr/local/nginx_fstack/sbin/nginx -c config.ini 93 sleep 10 94 ifconfig veth0 <ipaddr> netmask <netmask> broadcast <broadcast> hw ether <mac addr> 95 route add -net 0.0.0.0 gw <gateway> dev veth0 96 # route add -net ... # other route rules 97 98## Nginx Testing Result 99 100Test environment 101 102 NIC:Intel Corporation Ethernet Controller XL710 for 40GbE QSFP+ 103 CPU:Intel(R) Xeon(R) CPU E5-2670 v3 @ 2.30GHz(NUMA) 104 Memory:128G 105 OS:CentOS Linux release 7.2 (Final) 106 Kernel:3.10.104-1-tlinux2-0041.tl2 107 108Nginx uses linux kernel's default config, all soft interrupts are working in the first CPU core. 109 110Nginx si means modify the smp_affinity of every IRQ, so that the decision to service an interrupt with a particular CPU is made at the hardware level, with no intervention from the kernel. 111 112Nginx_FStack's 600 cache bytes' body was returned directly in nginx.conf. 113 114All of these test cases use CPUs' physical cores. 115 116 117CPS (Connection:close, Small data packet) test result 118 119 120RPS (Connection:Keep-Alive, Small data packet) test data 121 122 123Bandwidth (Connection:Keep-Alive, 3.7k bytes data packet) test data 124 125 126## Licenses 127See [LICENSE](LICENSE) 128 129## Join us 130 131Tencent Cloud F-Stack team developed F-Stack which is a general network framework based on DPDK and provides ultra high network performance. We are here looking for more and more talented people with great passion on technology to join us. You would have the chance to work with brightest minds on this planet and help Tencent cloud and F-stack continuously evolve. Send us your resume or refer your friend to us if you are interested in joining us. 132 133Open Positions: Software engineer(C/C++), Web developer, IOS/Android developer, Product Manager, Operating Manager, etc. 134Contact: Please send your resume to [us](mailto:[email protected]) 135
){kind=link}
){kind=link}
){kind=link}