UniNet: Accelerating the Container Network Data Plane in IaaS Clouds

Abstract

Kubernetes (K8s) is the container orchestration platform in cloud-based IaaS environments. While it operates on bare-metal servers and VMs, both clients and providers prefer VMs for cost savings and agility reasons despite the added network overhead. This overhead, stemming from dual network tunneling at the VM and container levels, degrades performance. To address this, we present UniNet, a SmartNICbased solution that offloads container-level network tunneling.We designed this system to be compatible with leading Container Network Interfaces (CNIs). This approach involves three key elements: (1) transforming VF-based NICs into a container network gateway, (2) offloading the critical path of the data plane functionalities to SmartNICs for enhanced performance and reduced latency, (3) instituting an isolated control plane that separates VM and container-level rule insertions, making it tenant-accessible. UniNet boosts CNI throughput by an average improvement of 7.08×, cuts tail latency by 41.6%, and reduces CPU usage by up to 5.6× for RX and 4.02× for TX.