Simplified distributed block storage with strong consistency, like in Ceph
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

372 lines
21 KiB

1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
1 year ago
  1. ## Vitastor
  2. ## The Idea
  3. Make Software-Defined Block Storage Great Again.
  4. Vitastor is a small, simple and fast clustered block storage (storage for VM drives),
  5. architecturally similar to Ceph which means strong consistency, primary-replication, symmetric
  6. clustering and automatic data distribution over any number of drives of any size
  7. with configurable redundancy (replication or erasure codes/XOR).
  8. ## Features
  9. Vitastor is currently a pre-release, a lot of features are missing and you can still expect
  10. breaking changes in the future. However, the following is implemented:
  11. - Basic part: highly-available block storage with symmetric clustering and no SPOF
  12. - Performance ;-D
  13. - Two redundancy schemes: Replication and XOR n+1 (simplest case of EC)
  14. - Configuration via simple JSON data structures in etcd
  15. - Automatic data distribution over OSDs, with support for:
  16. - Mathematical optimization for better uniformity and less data movement
  17. - Multiple pools
  18. - Placement tree
  19. - Configurable failure domains
  20. - Recovery of degraded blocks
  21. - Rebalancing (data movement between OSDs)
  22. - Lazy fsync support
  23. - I/O statistics reporting to etcd
  24. - Generic user-space client library
  25. - QEMU driver (built out-of-tree)
  26. - Loadable fio engine for benchmarks (also built out-of-tree)
  27. ## Roadmap
  28. - Packaging for Debian and, probably, CentOS too
  29. - OSD creation tool (OSDs currently have to be created by hand)
  30. - Inode deletion tool (currently you can't delete anything :))
  31. - Other administrative tools
  32. - Per-inode I/O and space usage statistics
  33. - jerasure EC support with any number of data and parity drives in a group
  34. - Parallel usage of multiple network interfaces
  35. - Proxmox and OpenNebula plugins
  36. - NBD and iSCSI proxies
  37. - Inode metadata storage in etcd
  38. - Snapshots and copy-on-write image clones
  39. - Operation timeouts and better failure detection
  40. - Checksums
  41. - SSD+HDD optimizations, possibly including tiered storage and soft journal flushes
  42. - RDMA and NVDIMM support
  43. - Compression (possibly)
  44. - Read caching using system page cache (possibly)
  45. ## Architecture
  46. Similarities:
  47. - Just like Ceph, Vitastor has Pools, PGs, OSDs, Monitors, Failure Domains, Placement Tree.
  48. - Just like Ceph, Vitastor is transactional (even though there's a "lazy fsync mode" which
  49. doesn't implicitly flush every operation to disks).
  50. - OSDs also have journal and metadata and they can also be put on separate drives.
  51. - Just like in Ceph, client library attempts to recover from any cluster failure so
  52. you can basically reboot the whole cluster and only pause, but not crash, your clients
  53. (I consider this a bug if the client crashes in that case).
  54. Some basic terms for people not familiar with Ceph:
  55. - OSD (Object Storage Daemon) is a process that stores data and serves read/write requests.
  56. - PG (Placement Group) is a container for data that (normally) shares the same replicas.
  57. - Pool is a container for data that has the same redundancy scheme and placement rules.
  58. - Monitor is a separate daemon that watches cluster state and handles failures.
  59. - Failure Domain is a group of OSDs that you allow to fail. It's "host" by default.
  60. - Placement Tree groups OSDs in a hierarchy to later split them into Failure Domains.
  61. Architectural differences from Ceph:
  62. - Vitastor's primary focus is on SSDs. Proper SSD+HDD optimizations may be added in the future, though.
  63. - Vitastor OSD is (and will always be) single-threaded. If you want to dedicate more than 1 core
  64. per drive you should run multiple OSDs each on a different partition of the drive.
  65. Vitastor isn't CPU-hungry though (as opposed to Ceph), so 1 core is sufficient in a lot of cases.
  66. - Metadata and journal are always kept in memory. Metadata size depends linearly on drive capacity
  67. and data store block size which is 128 KB by default. With 128 KB blocks, metadata should occupy
  68. around 512 MB per 1 TB (which is still less than Ceph wants). Journal doesn't have to be big,
  69. the example test below was conducted with only 16 MB journal. A big journal is probably even
  70. harmful as dirty write metadata also take some memory.
  71. - Vitastor storage layer doesn't have internal copy-on-write or redirect-write. I know that maybe
  72. it's possible to create a good copy-on-write storage, but it's much harder and makes performance
  73. less deterministic, so CoW isn't used in Vitastor.
  74. - The basic layer of Vitastor is block storage with fixed-size blocks, not object storage with
  75. rich semantics like in Ceph (RADOS).
  76. - There's a "lazy fsync" mode which allows to batch writes before flushing them to the disk.
  77. This allows to use Vitastor with desktop SSDs, but still lowers performance due to additional
  78. network roundtrips, so use server SSDs with capacitor-based power loss protection
  79. ("Advanced Power Loss Protection") for best performance.
  80. - PGs are ephemeral. This means that they aren't stored on data disks and only exist in memory
  81. while OSDs are running.
  82. - Recovery process is per-object (per-block), not per-PG. Also there are no PGLOGs.
  83. - Monitors don't store data. Cluster configuration and state is stored in etcd in simple human-readable
  84. JSON structures. Monitors only watch cluster state and handle data movement.
  85. Thus Vitastor's Monitor isn't a critical component of the system and is more similar to Ceph's Manager.
  86. Vitastor's Monitor is implemented in node.js.
  87. - PG distribution isn't based on consistent hashes. All PG mappings are stored in etcd.
  88. Rebalancing PGs between OSDs is done by mathematical optimization - data distribution problem
  89. is reduced to a linear programming problem and solved by lp_solve. This allows for almost
  90. perfect (96-99% uniformity compared to Ceph's 80-90%) data distribution in most cases, ability
  91. to map PGs by hand without breaking rebalancing logic, reduced OSD peer-to-peer communication
  92. (on average, OSDs have fewer peers) and less data movement. It also probably has a drawback -
  93. this method may fail in very large clusters, but up to several hundreds of OSDs it's perfectly fine.
  94. It's also easy to add consistent hashes in the future if something proves their necessity.
  95. - There's no separate CRUSH layer. You select pool redundancy scheme, placement root, failure domain
  96. and so on directly in pool configuration.
  97. ## Understanding Storage Performance
  98. The most important thing for fast storage is latency, not parallel iops.
  99. The best possible latency is achieved with one thread and queue depth of 1 which basically means
  100. "client load as low as possible". In this case IOPS = 1/latency, and this number doesn't
  101. scale with number of servers, drives, server processes or threads and so on.
  102. Single-threaded IOPS and latency numbers only depend on *how fast a single daemon is*.
  103. Why is it important? It's important because some of the applications *can't* use
  104. queue depth greater than 1 because their task isn't parallelizable. A notable example
  105. is any ACID DBMS because all of them write their WALs sequentially with fsync()s.
  106. fsync, by the way, is another important thing often missing in benchmarks. The point is
  107. that drives have cache buffers and don't guarantee that your data is actually persisted
  108. until you call fsync() which is translated to a FLUSH CACHE command by the OS.
  109. Desktop SSDs are very fast without fsync - NVMes, for example, can process ~80000 write
  110. operations per second with queue depth of 1 without fsync - but they're really slow with
  111. fsync because they have to actually write data to flash chips when you call fsync. Typical
  112. number is around 1000-2000 iops with fsync.
  113. Server SSDs often have supercapacitors that act as a built-in UPS and allow the drive
  114. to flush its DRAM cache to the persistent flash storage when a power loss occurs.
  115. This makes them perform equally well with and without fsync. This feature is called
  116. "Advanced Power Loss Protection" by Intel; other vendors either call it similarly
  117. or directly as "Full Capacitor-Based Power Loss Protection".
  118. All software-defined storages that I currently know are slow in terms of latency.
  119. Notable examples are Ceph and internal SDSes used by cloud providers like Amazon, Google,
  120. Yandex and so on. They're all slow and can only reach ~0.3ms read and ~0.6ms 4 KB write latency
  121. with best-in-slot hardware.
  122. And that's in the SSD era when you can buy an SSD that has ~0.04ms latency for 100 $.
  123. I use the following 6 commands with small variations to benchmark any storage:
  124. - Linear write:
  125. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4M -iodepth=32 -rw=write -runtime=60 -filename=/dev/sdX`
  126. - Linear read:
  127. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4M -iodepth=32 -rw=read -runtime=60 -filename=/dev/sdX`
  128. - Random write latency (this hurts storages the most):
  129. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4k -iodepth=1 -fsync=1 -rw=randwrite -runtime=60 -filename=/dev/sdX`
  130. - Random read latency:
  131. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4k -iodepth=1 -rw=randread -runtime=60 -filename=/dev/sdX`
  132. - Parallel write iops (use numjobs if a single CPU core is insufficient to saturate the load):
  133. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4k -iodepth=128 [-numjobs=4 -group_reporting] -rw=randwrite -runtime=60 -filename=/dev/sdX`
  134. - Parallel read iops (use numjobs if a single CPU core is insufficient to saturate the load):
  135. `fio -ioengine=libaio -direct=1 -invalidate=1 -name=test -bs=4k -iodepth=128 [-numjobs=4 -group_reporting] -rw=randread -runtime=60 -filename=/dev/sdX`
  136. ## Vitastor's Theoretical Maximum Random Access Performance
  137. Replicated setups:
  138. - Single-threaded (T1Q1) read latency: 1 network roundtrip + 1 disk read.
  139. - Single-threaded write+fsync latency:
  140. - With immediate commit: 2 network roundtrips + 1 disk write.
  141. - With lazy commit: 4 network roundtrips + 1 disk write + 1 disk flush.
  142. - Saturated parallel read iops: min(network bandwidth, sum(disk read iops)).
  143. - Saturated parallel write iops: min(network bandwidth, sum(disk write iops / number of replicas / write amplification)).
  144. EC/XOR setups:
  145. - Single-threaded (T1Q1) read latency: 1.5 network roundtrips + 1 disk read.
  146. - Single-threaded write+fsync latency:
  147. - With immediate commit: 3.5 network roundtrips + 1 disk read + 2 disk writes.
  148. - With lazy commit: 5.5 network roundtrips + 1 disk read + 2 disk writes + 2 disk fsyncs.
  149. - 0.5 in actually (k-1)/k which means that an additional roundtrip doesn't happen when
  150. the read sub-operation can be served locally.
  151. - Saturated parallel read iops: min(network bandwidth, sum(disk read iops)).
  152. - Saturated parallel write iops: min(network bandwidth, sum(disk write iops * number of data drives / (number of data + parity drives) / write amplification)).
  153. In fact, you should put disk write iops under the condition of ~10% reads / ~90% writes in this formula.
  154. Write amplification for 4 KB blocks is usually 3-5 in Vitastor:
  155. 1. Journal block write
  156. 2. Journal data write
  157. 3. Metadata block write
  158. 4. Another journal block write for EC/XOR setups
  159. 5. Data block write
  160. If you manage to get an SSD which handles 512 byte blocks well (Optane?) you may
  161. lower 1, 3 and 4 to 512 bytes (1/8 of data size) and get WA as low as 2.375.
  162. Lazy fsync also reduces WA for parallel workloads because journal blocks are only
  163. written when they fill up or fsync is requested.
  164. ## Example Comparison with Ceph
  165. Hardware configuration: 4 nodes, each with:
  166. - 6x SATA SSD Intel D3-4510 3.84 TB
  167. - 2x Xeon Gold 6242 (16 cores @ 2.8 GHz)
  168. - 384 GB RAM
  169. - 1x 25 GbE network interface (Mellanox ConnectX-4 LX)
  170. CPU powersaving was disabled. Both Vitastor and Ceph were configured with 2 OSDs per 1 SSD.
  171. All of the results below apply to 4 KB blocks.
  172. Raw drive performance:
  173. - T1Q1 write ~27000 iops (~0.037ms latency)
  174. - T1Q1 read ~9800 iops (~0.101ms latency)
  175. - T1Q32 write ~60000 iops
  176. - T1Q32 read ~81700 iops
  177. Ceph 15.2.4 (Bluestore):
  178. - T1Q1 write ~1000 iops (~1ms latency)
  179. - T1Q1 read ~1750 iops (~0.57ms latency)
  180. - T8Q64 write ~100000 iops, total CPU usage by OSDs about 40 virtual cores on each node
  181. - T8Q64 read ~480000 iops, total CPU usage by OSDs about 40 virtual cores on each node
  182. T8Q64 tests were conducted over 8 400GB RBD images from all hosts (every host was running 2 instances of fio).
  183. This is because Ceph has performance penalties related to running multiple clients over a single RBD image.
  184. cephx_sign_messages was set to false during tests, RocksDB and Bluestore settings were left at defaults.
  185. In fact, not that bad for Ceph. These servers are an example of well-balanced Ceph nodes.
  186. However, CPU usage and I/O latency were through the roof, as usual.
  187. Vitastor:
  188. - T1Q1 write: 7087 iops (0.14ms latency)
  189. - T1Q1 read: 6838 iops (0.145ms latency)
  190. - T2Q64 write: 162000 iops, total CPU usage by OSDs about 3 virtual cores on each node
  191. - T8Q64 read: 895000 iops, total CPU usage by OSDs about 4 virtual cores on each node
  192. T8Q64 read test was conducted over 1 larger inode (3.2T) from all hosts (every host was running 2 instances of fio).
  193. Vitastor has no performance penalties related to running multiple clients over a single inode.
  194. If conducted from one node with all primary OSDs moved to other nodes the result was slightly lower (689000 iops),
  195. this is because all operations resulted in network roundtrips between the client and the primary OSD.
  196. When fio was colocated with OSDs (like in Ceph benchmarks above), 1/4 of the read workload actually
  197. used the loopback network.
  198. Vitastor was configured with: `--disable_data_fsync true --immediate_commit all --flusher_count 8
  199. --disk_alignment 4096 --journal_block_size 4096 --meta_block_size 4096
  200. --journal_no_same_sector_overwrites true --journal_sector_buffer_count 1024
  201. --journal_size 16777216`.
  202. ## Building
  203. - Install Linux kernel 5.4 or newer for io_uring support.
  204. - Install liburing 0.4 or newer and its headers.
  205. - Install lp_solve.
  206. - Install etcd.
  207. - Install node.js 12 or newer.
  208. - Install gcc and g++ 9.x.
  209. - Clone with submodules.
  210. - Install QEMU 4.x or 5.x, get its source, begin to build it, stop the build and copy headers:
  211. - `<qemu>/include` &rarr; `<vitastor>/qemu/include`
  212. - Debian:
  213. * Use qemu packages from the main repository
  214. * `<qemu>/b/qemu/config-host.h` &rarr; `<vitastor>/qemu/b/qemu/config-host.h`
  215. * `<qemu>/b/qemu/qapi` &rarr; `<vitastor>/qemu/b/qemu/qapi`
  216. - CentOS 8:
  217. * Use qemu packages from the Advanced-Virtualization repository. To enable it, run
  218. `yum install centos-release-advanced-virtualization.noarch` and then `yum install qemu`
  219. * `<qemu>/config-host.h` &rarr; `<vitastor>/qemu/b/qemu/config-host.h`
  220. * `<qemu>/qapi` &rarr; `<vitastor>/qemu/b/qemu/qapi`
  221. - `config-host.h` and `qapi` are required because they contain generated headers
  222. - Install fio 3.16, get its source and symlink it into `<vitastor>/fio`. It doesn't currently
  223. build with fio 3.20 or newer due to the conflicts between g++ and gcc's atomics. This will
  224. be fixed in the future.
  225. - Build Vitastor with `make -j8`.
  226. - Copy binaries somewhere.
  227. ## Running
  228. Please note that startup procedure isn't currently simple - you specify configuration
  229. and calculate disk offsets almost by hand. This will be fixed in near future.
  230. - Get some SATA or NVMe SSDs with capacitors (server-grade drives). You can use desktop SSDs
  231. with lazy fsync, but prepare for inferior single-thread latency.
  232. - Get a fast network (at least 10 Gbit/s).
  233. - Disable CPU powersaving: `cpupower idle-set -D 0 && cpupower frequency-set -g performance`.
  234. - Install etcd with `--max-txn-ops=100000 --auto-compaction-retention=10 --auto-compaction-mode=revision` options.
  235. - Create global configuration in etcd: `etcdctl put /vitastor/config/global '{"immediate_commit":"all"}'`
  236. (if all your drives have capacitors).
  237. - Create pool configuration in etcd: `etcdctl put /vitastor/config/pools '{"1":{"name":"testpool","scheme":"replicated","pg_size":2,"pg_minsize":1,"pg_count":256,"failure_domain":"host"}}'`.
  238. - Calculate offsets for your drives with `node ./mon/simple-offsets.js /dev/sdX`.
  239. - Make systemd units for your OSDs. Look at `./mon/` for example.
  240. Notable configuration variables from the example:
  241. - `disable_data_fsync 1` - only safe with server-grade drives with capacitors.
  242. - `immediate_commit all` - use this if all your drives are server-grade.
  243. - `disable_device_lock 1` - only required if you run multiple OSDs on one block device.
  244. - `flusher_count 16` - flusher is a micro-thread that removes old data from the journal.
  245. More flushers mean more aggressive journal flushing which allows for more throughput
  246. but slightly hurts latency under less load. Flushing will probably be improved in the future
  247. because currently high queue depths sometimes lead to performance degradation.
  248. - `disk_alignment`, `journal_block_size`, `meta_block_size` should be set to the internal
  249. block size of your SSDs which is 4096 on most drives.
  250. - `journal_no_same_sector_overwrites true` prevents multiple overwrites of the same journal sector.
  251. Some SSDs (like Intel D3-4510) don't like such overwrites so they benefit from this setting.
  252. When this setting is set, it is also required to raise `journal_sector_buffer_count` setting,
  253. which is the number of dirty journal sectors that may be written to at the same time.
  254. - `systemctl start` everywhere.
  255. - Start any number of monitors: `cd mon; node mon-main.js --etcd_url ',,,' --etcd_prefix '/vitastor' --etcd_start_timeout 5`.
  256. - At this point, one of the monitors will configure PGs and OSDs will start them.
  257. - You can check PG states with `etcdctl get --prefix /vitastor/pg/state`. All PGs should become 'active'.
  258. - Run tests with (for example): `fio -thread -ioengine=./ -name=test -bs=4M -direct=1 -iodepth=16 -rw=write -etcd= -pool=1 -inode=1 -size=400G`.
  259. - Upload VM disk image with qemu-img (for example):
  260. ```
  261. LD_PRELOAD=./ qemu-img convert -f qcow2 debian10.qcow2 -p
  262. -O raw 'vitastor:etcd_host=\:2379/v3:pool=1:inode=1:size=2147483648'
  263. ```
  264. - Run QEMU with (for example):
  265. ```
  266. LD_PRELOAD=./ qemu-system-x86_64 -enable-kvm -m 1024
  267. -drive 'file=vitastor:etcd_host=\:2379/v3:pool=1:inode=1:size=2147483648',format=raw,if=none,id=drive-virtio-disk0,cache=none
  268. -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1,write-cache=off,physical_block_size=4096,logical_block_size=512
  269. -vnc
  270. ```
  271. ## Known Problems
  272. - OSDs may currently crash with "can't get SQE, will fall out of sync with EPOLLET"
  273. if you try to load them with very long iodepths because io_uring queue (ring) is limited
  274. and OSDs don't check if it fills up.
  275. - Object deletion requests may currently lead to unfound objects on crashes because
  276. proper handling of deletions in a cluster requires a "three-phase cleanup process"
  277. and it's currently not implemented. In fact, even though deletion requests are
  278. implemented, there's no user tool to delete anything from the cluster yet :).
  279. Of course I'll create such tool, but its first implementation will be vulnerable to this issue.
  280. It's not a big deal though, because you'll be able to just repeat the deletion request
  281. in this case.
  282. ## Implementation Principles
  283. - I like simple and stupid solutions, so expect Vitastor to stay simple.
  284. - I also like reinventing the wheel to some extent, like writing my own HTTP client
  285. for etcd interaction instead of using prebuilt libraries, because in this case
  286. I'm confident about what my code does and what it doesn't do.
  287. - I don't care about C++ "best practices" like RAII or proper inheritance or usage of
  288. smart pointers or whatever and I don't intend to change my mind, so if you're here
  289. looking for ideal reference C++ code, this probably isn't the right place.
  290. - I like node.js better than any other dynamically-typed language interpreter
  291. because it's faster than any other interpreter in the world, has neutral C-like
  292. syntax and built-in event loop. That's why Monitor is implemented in node.js.
  293. ## Author and License
  294. Copyright (c) Vitaliy Filippov (vitalif [at], 2019+
  295. You can also find me in the Russian Telegram Ceph chat:
  296. All server-side code (OSD, Monitor and so on) is licensed under the terms of
  297. Vitastor Network Public License 1.0 (VNPL 1.0), a copyleft license based on
  298. GNU GPLv3.0 with the additional "Network Interaction" clause which requires
  299. opensourcing all programs directly or indirectly interacting with Vitastor
  300. through a computer network ("Proxy Programs"). Proxy Programs may be made public
  301. not only under the terms of the same license, but also under the terms of any
  302. GPL-Compatible Free Software License, as listed by the Free Software Foundation.
  303. This is a stricter copyleft license than the Affero GPL.
  304. Basically, you can't use the software in a proprietary environment to provide
  305. its functionality to users without opensourcing all intermediary components
  306. standing between the user and Vitastor or purchasing a commercial license
  307. from the author 😀.
  308. Client libraries (cluster_client and so on) are dual-licensed under the same
  309. VNPL 1.0 and also GNU GPL 2.0 or later to allow for compatibility with GPLed
  310. software like QEMU and fio.
  311. You can find the full text of VNPL-1.0 in the file [VNPL-1.0.txt](VNPL-1.0.txt).
  312. GPL 2.0 is also included in this repository as [GPL-2.0.txt](GPL-2.0.txt).