BestHub
Sign in
Cloud Native 6 min read

Boost Kubernetes Pod‑to‑Pod Performance with istio‑tcpip‑bypass and eBPF

This article explains how the Intel istio‑tcpip‑bypass plugin leverages eBPF to bypass the host TCP/IP stack for intra‑node pod communication, provides environment setup, step‑by‑step deployment commands, and shows benchmark results that demonstrate 40‑80% latency reduction and throughput improvement.

Cloud Native Technology Community
Cloud Native Technology Community
Cloud Native Technology Community
Boost Kubernetes Pod‑to‑Pod Performance with istio‑tcpip‑bypass and eBPF

Background

In edge and 5G scenarios, pods on the same node exchange large volumes of TCP traffic. The traditional path traverses the full kernel network stack (TCP/IP, netfilter, OVS), adding latency and limiting throughput.

Principle of istio‑tcpip‑bypass

The open‑source istio‑tcpip‑bypass plugin from Intel uses eBPF to automatically detect intra‑node TCP flows and redirects them away from the kernel stack, enabling direct socket‑to‑socket communication and reducing processing overhead.

Environment Preparation

eBPF requires a recent kernel. Ubuntu 20.04 with Linux 5.4.0‑74‑generic is recommended for the experiments.

Experiment Steps

Deploy two performance‑testing pods on the same node (use nodeSelector if the cluster has multiple nodes).

# kubectl create deployment perf --image=kubeovn/perf:dev --replicas=2
# kubectl get pod -o wide
NAME                     READY   STATUS    RESTARTS   AGE   IP          NODE
perf-...                 1/1     Running   0          ...   100.64.0.3   sealos
perf-...                 1/1     Running   0          ...   100.64.0.2   sealos

Enter one pod and start a qperf server; in the other pod start a qperf client to generate traffic.

# kubectl exec -it perf-...-b2cpv sh
/ # qperf
# kubectl exec -it perf-...-p2xpt sh
/ # qperf -t 60 100.64.0.3 -ub -oo msg_size:1:16K:*4 -vu tcp_lat tcp_bw

Deploy the istio‑tcpip‑bypass daemonset.

# kubectl apply -f https://raw.githubusercontent.com/intel/istio-tcpip-bypass/main/bypass-tcpip-daemonset.yaml

Re‑run the qperf client inside the same pod to measure the optimized path.

Test Results

The benchmarks show a 40%‑60% reduction in TCP latency across various packet sizes and a 40%‑80% increase in throughput for packets larger than 1024 bytes.

On the tested hardware, small packets (< 512 B) may see lower throughput with eBPF optimization due to default TCP‑segmentation offload settings; users should evaluate this case for workloads sensitive to small‑packet throughput.

References

istio‑tcpip‑bypass repository: https://github.com/intel/istio-tcpip-bypass

Tanzu Service Mesh Acceleration using eBPF: https://blogs.vmware.com/networkvirtualization/2022/08/tanzu-service-mesh-acceleration-using-ebpf.html/

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

KubernetesPerformance TestingeBPFService Meshnetwork optimizationKube-OVNistio-tcpip-bypass
Cloud Native Technology Community
Written by

Cloud Native Technology Community

The Cloud Native Technology Community, part of the CNBPA Cloud Native Technology Practice Alliance, focuses on evangelizing cutting‑edge cloud‑native technologies and practical implementations. It shares in‑depth content, case studies, and event/meetup information on containers, Kubernetes, DevOps, Service Mesh, and other cloud‑native tech, along with updates from the CNBPA alliance.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment