Reduce memory allocations in kube proxy

[wojtek-t]

Memory allocation (and Go GarbageCollection) seems to be one of the most expensive operations in kube-proxy (I've seen profiles where it was more than 50%).

The commits are mostly independent from each other and all of them are mostly about reusing already allocated memory.

This PR is reducing memory allocation by ~5x (results below from 100-node load test):

before:

(pprof) top
38.64GB of 39.11GB total (98.79%)
Dropped 249 nodes (cum <= 0.20GB)
Showing top 10 nodes out of 61 (cum >= 0.20GB)
      flat  flat%   sum%        cum   cum%
   15.10GB 38.62% 38.62%    15.10GB 38.62%  bytes.makeSlice
    9.48GB 24.25% 62.87%     9.48GB 24.25%  runtime.rawstringtmp
    8.30GB 21.21% 84.07%    32.47GB 83.02%  k8s.io/kubernetes/pkg/proxy/iptables.(*Proxier).syncProxyRules
    2.08GB  5.31% 89.38%     2.08GB  5.31%  fmt.(*fmt).padString
    1.90GB  4.86% 94.24%     3.82GB  9.77%  strings.Join
    0.67GB  1.72% 95.96%     0.67GB  1.72%  runtime.hashGrow
    0.36GB  0.92% 96.88%     0.36GB  0.92%  runtime.stringtoslicebyte
    0.31GB  0.79% 97.67%     0.62GB  1.58%  encoding/base32.(*Encoding).EncodeToString
    0.24GB  0.62% 98.29%     0.24GB  0.62%  strings.genSplit
    0.20GB   0.5% 98.79%     0.20GB   0.5%  runtime.convT2E

after:

7.94GB of 8.13GB total (97.75%)
Dropped 311 nodes (cum <= 0.04GB)
Showing top 10 nodes out of 65 (cum >= 0.11GB)
      flat  flat%   sum%        cum   cum%
    3.32GB 40.87% 40.87%     8.05GB 99.05%  k8s.io/kubernetes/pkg/proxy/iptables.(*Proxier).syncProxyRules
    2.85GB 35.09% 75.95%     2.85GB 35.09%  runtime.rawstringtmp
    0.60GB  7.41% 83.37%     0.60GB  7.41%  runtime.hashGrow
    0.31GB  3.76% 87.13%     0.31GB  3.76%  runtime.stringtoslicebyte
    0.28GB  3.43% 90.56%     0.55GB  6.80%  encoding/base32.(*Encoding).EncodeToString
    0.19GB  2.29% 92.85%     0.19GB  2.29%  strings.genSplit
    0.18GB  2.17% 95.03%     0.18GB  2.17%  runtime.convT2E
    0.10GB  1.28% 96.31%     0.71GB  8.71%  runtime.mapassign
    0.10GB  1.21% 97.51%     0.10GB  1.21%  syscall.ByteSliceFromString
    0.02GB  0.23% 97.75%     0.11GB  1.38%  syscall.SlicePtrFromStrings

[wojtek-t]

We can probably optimize much more, but I would like to wait with that for all other changes to be merged first to see where we will be (in particular periodic runner)

[thockin]

Nice. Sort of sad how easy it is to write slice-abusive code.

Just a few nits. Will approve, you can fixup and self-lgtm

[thockin]

nit: This isn't really parsed into lines yet - call it iptablesData or iptablesRaw ?

[wojtek-t]

Done.

[thockin]

Comment that this is to avoid re-allocations

[wojtek-t]

done.

[thockin]

Do we still need plain Save() any more?

[wojtek-t]

We are still using it in few places in kubelet. Though I'm happy to send a PR migrating it to SaveInto (should be pretty simple). But I would prefer to do it in a separate one. Will send one on Monday.

[thockin]

Add a comment on this vs CombinedOutput() ?

[wojtek-t]

done

[thockin]

/approve

[k8s-github-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: thockin, wojtek-t

Needs approval from an approver in each of these OWNERS Files:

• pkg/OWNERS [thockin,wojtek-t]

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

[wojtek-t]

Thanks Tim - comments applied.

[wojtek-t]

We are still using it in few places in kubelet. Though I'm happy to send a PR migrating it to SaveInto (should be pretty simple). But I would prefer to do it in a separate one. Will send one on Monday.

[wojtek-t]

Done.

[wojtek-t]

done.

[wojtek-t]

done

[wojtek-t]

Applying label based on Tim`s comment above.

[wojtek-t]

Just fixed compile errors that appeared (didn't rename all occurences of variable).

[wojtek-t]

Sorry - fixed gofmt.

[freehan]

just nits. Looks good overall.

[freehan]

remove if condition here?

[wojtek-t]

Sorry - initially it was different in my code.
So it sometimes makes sense to have such iffs, if the arguments of glog are expensive to compute. So imagine that you have the following line:

glog.V(4).Infof("xxxL: %v", callFunction(args))

Then callFunction(args) will be called no matter what the verbosity is and whether the log will be printed or not. In case of expensive computations, it's simply waste of time.

This is no longer the case here, so will send a PR to remove it (or will integrate it to one of other PRs I already have).

[freehan]

why? I feel like it has to be 4 at least. Otherwise, there is no enough actionable information to debug e2e tests.

[wojtek-t]

This is extremely expensive (in my tests in just 100-node cluster, this line is responsible for ~10% of whole cpu usage and ~20% of all memory allocations and GC).

I think that we can just bump the verbosity in tests in case of problems.

[k8s-ci-robot]

@wojtek-t: The following test(s) failed:

Test name	Commit	Details	Rerun command
pull-kubernetes-federation-e2e-gce	a3da8d7	link	@k8s-bot pull-kubernetes-federation-e2e-gce test this

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[k8s-github-robot]

Automatic merge from submit-queue

[thockin]

weird constructs like this warrant a comment

[wojtek-t]

In this case it's not longer needed - I will send a PR removing it on Monday.

[wojtek-t]

#46201 is already out for review