mm_issue.md

Support isolating memory to NUMA node.

What would you like to be added:

/kind feature

Why is this needed:

This issue is intended to start discussion for future enhancement of kubelet

What is an issue?

• Currently, there is no way to guarantee local memory access when container is deployed to machine that has multiple NUMA nodes.

• When container is pinned to specific CPUs by using CPU Manager, It can cause inter-NUMA node communication(remote memory access) for Memory access which leads to increase an I/O latency and decrease performance.

• remote memory access produces high latency and leads performance degradation of DPDK containers.

Current implementation

• kubelet sets a memory limits for a container through CreateContainer CRI message.

[code link]

Cgroups cpuset subsystem

• Using the cpuset subsystem, CPU and Memory can be isolated to a single NUMA node.
• cpuset.mems requires memory node selection to permit processes to access a certain NUMA memory node.
• Setting cpuset.mems to use a specific NUMA memory node also influence a hugepages allocation policy so that hugepages can be isolated to the desired NUMA node.

Conclusion

• kubelet should provide a way to guarantee local memory access on multi NUMA node machine.
• Cpuset subsystem is key solution for this issue.

Related issue, KEP and link

• Link: Memory in Data Plane Development Kit Part 1: General Concepts
• Issue: Hardware topology awareness at node level (including NUMA)
• Issue: Support Container Isolation of Hugepages
• KEP: Node Topology Manager
• KEP: CPU Manager
• KEP: HugePages support in Kubernetes