Syscall Analysis for Resource Stress Identification for Container Network Functions

Abstract

Containerized Network Functions (CNFs) have seen recent increase in adoption due to the success of orchestration platforms and the natural flexibility of containers for deployment to heterogeneous, resource constrained environments like the edge. However, the weak isolation model of containers makes them susceptible to performance degradation due to interference from other containers. The interference manifests as stress on various resources like CPU, memory, cache, bandwidth of a CNF and identifying the exact resource that is under stress is essential to utilize the right remediation strategies. Identifying resource under stress is a challenging problem given the wide spectrum of applications, platforms and hardware, especially with the high performance requirements of CNFs with stringent SLAs. We present Sari, a first of a kind practical NF-agnostic framework leveraging temporal patterns in syscalls. Sari works for multi-service NFs and generalizes to a wide range of conditions. We leverage supervised time series classification and achieve performance upto 98.9% with minimal captures at runtime (starting from 25ms). Sari’s prediction error is 63.33% lower than any existing stress identification framework for VNFs and to the best of our knowledge, the first to address the problem for CNFs.