XMasq: Low-Overhead Container Overlay Network Based on eBPF

Recent years have witnessed a widespread adoption of containers in cloud computing. While containers simplify and accelerate application development, the existing container network technologies either incur significant overhead, which hurts performance for distributed applications, or lose flexibility or universality, which hinders the widespread deployment in production. We design and implement XMasq, an eBPF-based container overlay network, to eliminate the extra overhead while keeping flexibility and universality. We take full advantage of eBPF and design a cache-based network virtualization mechanism and a redirect-based intra-host data path in XMasq. XMasq closes the performance gap between overlay networks and host networks. Compared to standard overlay networks, XMasq improves the TCP throughput by 18% and the Request-Response transaction rate by 101%; XMasq also reduces the latency of Memcached by 28.3%, PostgreSQL by 14.6% and Nginx by 29%. Compared to container native-routing networks, XMasq does not require the underlay network being able to foward packets using container IPs. Compared to Slim, which only supports TCP traffic, XMasq is protocol independent and thus all the applications can benefit from XMasq. We deploy XMasq as a plugin of Antrea, which is a Container Network Interface (CNI).