Container Service for Kubernetes:Use Alibaba Cloud Linux 3

Benefit

Description

New basic software and new applications

• Kernel: Linux kernel 5.10 developed by Alibaba Cloud.

• Compiler: The default compilers are GCC 10, LLVM 15, and Rust 1.66. GCC Toolset 12 is also supported.

• Language libraries: glibc 2.32, OpenJDK 1.8, Python 3.8, Golang 1.19, and Node.js 14.21.

• Mainstream applications:

  • Web applications: Nginx 1.20 and HTTPd 2.4.37.

  • Databases: Redis 6.2.7, MySQL 8.0.32, PostgreSQL 13.10, and MariaDB 10.5.16.

  • AI applications: Compatible with the AI ecosystem software repository (epao) from the OpenAnolis community.

• Drivers: CUDA 11.4.4 and NVIDIA Driver 470.199.02.

• Frameworks: TensorFlow 2.5.0 and PyTorch 1.10.1.

• Containers: nvidia-container-toolkit 1.13.1 and libnvidia-container 1.13.1.

Optimized integration with ACK and Elastic Compute Service (ECS)

Alibaba Cloud Linux 3 works with ECS to accelerate the startup of ECS instances and provides built-in environment dependencies. The auto scaling feature of ACK also reduces the time required for creating individual nodes that run Alibaba Cloud Linux 3.

Based on in-depth integration with ECS and the optimizations of kernel technologies, compilers, and configurations, Alibaba Cloud Linux 3 greatly improves the runtime performance of each node in an ACK cluster. This results in a performance improvement of over 30% in scenarios such as big data computing, web servers, databases, and AI.

New operating system technologies to improve user experience in the cloud

• Completely supports cgroup v2

  cgroup v2 is an API for the next-generation Linux cgroup mechanism. cgroup v2 provides unified resource control capabilities for processes or process groups. Compared to cgroup v1, cgroup v2 boasts the following improvements:

  • An independent and unified hierarchy

  • A more securely designed tree structure

  • New kernel Pressure Stall Information (PSI) features

  • Enhanced resource allocation and management capabilities

• Completely supports Extended Berkeley Packet Filter (eBPF)

  • An improved eBPF programming and debugging experience, such as fewer limits on specific instructions, optimized performance, and support for debugging of source code that corresponds to the visible bytecode.

  • Higher performance in Express Data Path (XDP) and kernel debugging.

  • Support for more user-space frameworks, such as BPF skeleton and libbpf-bootstrap, to optimize the BPF programming experience.

  • Support more features of the networking and security project Cilium, including network bandwidth control, traffic encryption, session affinity, routing at the BPF layer, and proxies.

  • More efficient and lightweight implementation of tools such as BCC and Bpftrace.

• Provides page cache limits and supports cgroup-level limits.

  The Linux operating system controls and manages the memory usage of process groups through the Memory Control Group (memcg) mechanism. It sets memory limits for each process group (or task group) to avoid resource waste. If the memcg reaches the memory upper limit, the system triggers memory reclaim for the memcg, which may affect the performance of the current process. The Linux system provides the memcg backend asynchronous reclaim feature. However, this feature has limited support for handling unexpected spikes of memory requests. In some tasks, such as Spark computing, the page cache usually occupies a large amount of memory, most of which is used by dirty pages. The slow reclaim of dirty pages can lead to unexpected out of memory (OOM). To ensure the stability of services and reduce unexpected OOM errors, it is important to limit the use of the page cache.

  Alibaba Cloud Linux 3 provides the page cache limit feature that allows you to limit the use of the page cache at the memcg level, including the root group. You can set an upper limit for the page cache and asynchronously or synchronously reclaim the page cache that exceeds the upper limit. This helps control the amount of memory resources occupied by the page cache and improves the stability and reliability of the system. For more information, see Page Cache Limit feature.

Sophisticated platform for AI development

• Alibaba Cloud Linux 3 introduces the AI ecosystem software repository (epao) from the OpenAnolis community to allow you to install mainstream NVIDIA GPU drivers and CUDA acceleration libraries with a few clicks. The installation is much faster and eliminates the need to select driver versions.

• The epao repository supports mainstream AI frameworks such as TensorFlow and PyTorch, and automatically installs dependencies for the corresponding AI framework during the installation. You can quickly develop AI tasks with the Python environment without additional compilation.

• All components that provide AI capabilities have passed compatibility tests. You can install the AI components with one click. You do not need to modify the system dependencies in the environment configuration. This improves the stability of the components.

• AI optimizations are made for CPUs from different platforms, such as Intel and AMD, to better utilize the hardware.

Others

Alibaba Cloud Linux 3 provides various system optimizations:

• Supports transparent conversion from the TCP/IP protocol stack to Remote Direct Memory Access (RDMA).

• Provides optimization solutions for memory bloat issues caused by the use of Transparent Huge Pages (THP).

• Provides multiple accelerators for Intel 8th generation SPR instances.

For more information, see Release notes for Alibaba Cloud Linux 3.