Add a CPU utilization resource monitor for overload manager

[cancecen]

Commit Message: Add a CPU utilization resource monitor for overload manager
Additional Description: Adds a new resource monitor to be used in CPU bound workloads to shed load. i.e. this can be configured to reject requests once CPU Utilization reaches a certain brownout point.

In my company, we experience user driven retry storms and/or unexpected flash crowds that are mitigated via auto scaling of our compute resources. However, auto scaling takes time and we still want to keep our fleet reasonably healthy during auto scaling and having a way to cheaply reject requests via overload manager has been very helpful. As a platform owner, it is easier to configure limits for CPU bound workloads with this resource monitor than other RPS/Latency/Concurrency based limiters.

Risk Level: Low
Testing: Unit tests
Docs Changes:
Release Notes:
Platform Specific Features: Today this is only implemented for Linux

[repokitteh-read-only]

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @markdroth
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).

🐱

Caused by: #34713 was opened by cancecen.

see: more, trace.

[KBaichoo]

Thank you for working on this!

/wait

[labilezhu]

Some other ideas: We use cgroups cpu controller to limit CPU usage in a container environment. So maybe some cgroup metrics, eg. cpu.stat is a valuable resource monitor for overload manager.

[KBaichoo]

Thanks, lgtm except the two other pending comments, CI and we need release notes in changelogs/current.yaml.

[KBaichoo]

Some other ideas: We use cgroups cpu controller to limit CPU usage in a container environment. So maybe some cgroup metrics, eg. cpu.stat is a valuable resource monitor for overload manager.

@labilezhu agree this would be a good follow up to have a another source for the cpu monitor

/wait

[github-actions]

This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[github-actions]

This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[phlax]

hi @cancecen - seems CI is failing

/wait

[markdroth]

/lgtm api

[phlax]

/docs

[repokitteh-read-only]

Docs for this Pull Request will be rendered here:

https://storage.googleapis.com/envoy-pr/34713/docs/index.html

The docs are (re-)rendered each time the CI envoy-presubmit (precheck docs) job completes.

🐱

Caused by: a #34713 (comment) was created by @phlax.

see: more, trace.

[cancecen]

/docs

Thanks @phlax. Looks good to me, let me know what you think:
https://storage.googleapis.com/envoy-pr/2eeb3fe/docs/configuration/operations/overload_manager/overload_manager.html#cpu-intensive-workload-brownout-protection

[phlax]

nice! thanks

lgtm from docs pov - thanks for iterating

[phlax]

@KBaichoo would you mind doing another review

[KBaichoo]

Otherwise, lgtm. Thank you

[KBaichoo]

you can just compare buffer != target

[kyessenov]

Somewhat related question: I see that you use kernel reported CPU usage here, but we use self-reported memory usage in fixed_heap. If we were consistent, we'd probably use cgroup2 /sys/fs/cgroup/memory.current for memory monitor. Is there some rationale why we choose kernel here but user-space monitor there?

[cancecen]

Somewhat related question: I see that you use kernel reported CPU usage here, but we use self-reported memory usage in fixed_heap. If we were consistent, we'd probably use cgroup2 /sys/fs/cgroup/memory.current for memory monitor. Is there some rationale why we choose kernel here but user-space monitor there?

Yes. We use the kernel reported one because we really want to get the view of the whole system - i.e. there can be workloads Envoy is proxying requests running in the system that are actually compute intensive. This way we can make the decision based on that.

[kyessenov]

Somewhat related question: I see that you use kernel reported CPU usage here, but we use self-reported memory usage in fixed_heap. If we were consistent, we'd probably use cgroup2 /sys/fs/cgroup/memory.current for memory monitor. Is there some rationale why we choose kernel here but user-space monitor there?

Yes. We use the kernel reported one because we really want to get the view of the whole system - i.e. there can be workloads Envoy is proxying requests running in the system that are actually compute intensive. This way we can make the decision based on that.

Is there a reason why you are not using cpu.stat from cgroup2? That would work better on k8s, for example, where Envoy runs inside a container.

[cancecen]

Somewhat related question: I see that you use kernel reported CPU usage here, but we use self-reported memory usage in fixed_heap. If we were consistent, we'd probably use cgroup2 /sys/fs/cgroup/memory.current for memory monitor. Is there some rationale why we choose kernel here but user-space monitor there?

Yes. We use the kernel reported one because we really want to get the view of the whole system - i.e. there can be workloads Envoy is proxying requests running in the system that are actually compute intensive. This way we can make the decision based on that.

Is there a reason why you are not using cpu.stat from cgroup2? That would work better on k8s, for example, where Envoy runs inside a container.

That can be a follow up to this PR. Today in my company we have 3 different compute platforms and the majority of the workloads are in VMs. That's why I structured the code to have the possibility of separate cpu stats reader per platform.

[cancecen]

Somewhat related question: I see that you use kernel reported CPU usage here, but we use self-reported memory usage in fixed_heap. If we were consistent, we'd probably use cgroup2 /sys/fs/cgroup/memory.current for memory monitor. Is there some rationale why we choose kernel here but user-space monitor there?

Yes. We use the kernel reported one because we really want to get the view of the whole system - i.e. there can be workloads Envoy is proxying requests running in the system that are actually compute intensive. This way we can make the decision based on that.

Is there a reason why you are not using cpu.stat from cgroup2? That would work better on k8s, for example, where Envoy runs inside a container.

That can be a follow up to this PR. Today in my company we have 3 different compute platforms and the majority of the workloads are in VMs. That's why I structured the code to have the possibility of separate cpu stats reader per platform.

@kyessenov To add a little bit more here, we do have a k8s-like container platform within my company and I use cpu.stat to calculate the overall cpu utilization there. I'll upstream that in the next few weeks as I find time. No plans for Windows based systems as of now though.

[cancecen]

/retest