From 67bd9e848a14ce7e97c4974771a492d0cb6714fc Mon Sep 17 00:00:00 2001 From: JackDoan Date: Tue, 5 May 2026 12:58:33 -0500 Subject: [PATCH] scoot pinning around --- interface.go | 3 ++- main.go | 1 + cpupin_linux.go => util/cpupin_linux.go | 6 +++--- cpupin_other.go => util/cpupin_other.go | 6 +++--- 4 files changed, 9 insertions(+), 7 deletions(-) rename cpupin_linux.go => util/cpupin_linux.go (82%) rename cpupin_other.go => util/cpupin_other.go (66%) diff --git a/interface.go b/interface.go index e29861b3..3d7176d2 100644 --- a/interface.go +++ b/interface.go @@ -13,6 +13,7 @@ import ( "github.com/gaissmai/bart" "github.com/rcrowley/go-metrics" + "github.com/slackhq/nebula/util" "github.com/slackhq/nebula/config" "github.com/slackhq/nebula/firewall" @@ -387,7 +388,7 @@ func (f *Interface) listenIn(reader tio.Queue, i int) { if n := len(f.cpuAffinity); n > 0 { cpu = f.cpuAffinity[i%n] } - if err := pinThreadToCPU(cpu); err != nil { + if err := util.PinThreadToCPU(cpu); err != nil { f.l.Warn("failed to pin tun reader to CPU", "queue", i, "cpu", cpu, "err", err) } rejectBuf := make([]byte, mtu) diff --git a/main.go b/main.go index 2af6840a..913d6018 100644 --- a/main.go +++ b/main.go @@ -6,6 +6,7 @@ import ( "log/slog" "net" "net/netip" + "runtime" "runtime/debug" "strings" "time" diff --git a/cpupin_linux.go b/util/cpupin_linux.go similarity index 82% rename from cpupin_linux.go rename to util/cpupin_linux.go index 3080df6d..a5acc01d 100644 --- a/cpupin_linux.go +++ b/util/cpupin_linux.go @@ -1,6 +1,6 @@ //go:build linux && !android && !e2e_testing -package nebula +package util import ( "runtime" @@ -8,13 +8,13 @@ import ( "golang.org/x/sys/unix" ) -// pinThreadToCPU restricts the calling OS thread to the given CPU via +// PinThreadToCPU restricts the calling OS thread to the given CPU via // sched_setaffinity(2). Combined with runtime.LockOSThread on the // goroutine, this prevents the kernel from migrating us across CPUs and // in turn keeps every sendmmsg from this goroutine going through the // same XPS-selected TX ring, eliminating the wire-side reorder that // otherwise fragments one nebula flow across multiple rings. -func pinThreadToCPU(cpu int) error { +func PinThreadToCPU(cpu int) error { runtime.LockOSThread() var set unix.CPUSet set.Zero() diff --git a/cpupin_other.go b/util/cpupin_other.go similarity index 66% rename from cpupin_other.go rename to util/cpupin_other.go index 4a472eae..ed28d82f 100644 --- a/cpupin_other.go +++ b/util/cpupin_other.go @@ -1,11 +1,11 @@ //go:build !linux || android || e2e_testing -package nebula +package util -// pinThreadToCPU is a no-op outside Linux: only Linux exposes a stable +// PinThreadToCPU is a no-op outside Linux: only Linux exposes a stable // per-thread CPU affinity API and only Linux has XPS-driven TX ring // selection in the first place. On every other platform there's nothing // to fix here. -func pinThreadToCPU(_ int) error { +func PinThreadToCPU(_ int) error { return nil }