1

We are currently hosted on a hosting provider that allows us to set up multiple virtual machines using KVM, where each virtual machine runs on it's own physical box (ie: one hypervisor, one VM with all the memory and CPU allocated to it). Recently we ran into some nasty problems we needed to diagnose (turned out to be stack overflows - lol). In the process we set up DataDog to monitor all our servers and it helped us narrow down the cause and eventually fix it. But we found it super useful we left it all enabled. In the process of learning the tools we keep seeing slow response times during the day for our web sites. Enabling APM tracing we have been able to narrow it down to poor response time from our MySQL cluster. Sometimes we will see MySQL connections take 900ms or longer to get created, and other times dead simple queries like setting the connection collation or the timezone take 600ms or more. Queries that normally run in in less than 800 microseconds.

To diagnose the problem we set up pings to multiple endpoints in our cluster, and have two pings that regularly run slow (4-5s at times!) that simply do noting but return a string (PHP/apache version) or return some client IP information (.net and IIS version). We set those up to see if we would see issues on Linux or IIS without anything else involved, and we do. Oddly during the times we get these outages the CPU on the machines is very low, same on the MySQL cluster. When the queries are running slow, CPU is super low as those boxes generally sit around 5-6% CPU most of the time.

To try to work out if this was a networking issue, we set up captures using Wireshark on windows and dumped the packets while we had some decoration in the queries so we could find them in the packet dumps easily (basically set a MySQL variable in the query that is an encoded version of the current UTC timestamp in microeconds). Using that we were able to correctly match up long MySQL spans in DataDog APM with the packets in the TCP dumps. Looking at the Windows/IIS side, we could see that all the time was spent waiting for the result to come back over the wire from the MySQL server. So the time reported in DataDog for the MySQL query exactly matched up with the time in the data dumps.

DataDog slow query span Wireshark TCP capture on Windows

So as you can see from the two screen shots, they match up exactly. To determine if the networking issue happened on the MySQL side, we then did the same capture dump again on the Linux machine and saw the exact same thing. MySQL got the request, and a huge number of milliseconds later it sent the reply. So the issue is clearly not networking, but something causing MySQL itself to slow down.

Now what is really odd is that it's not MySQL itself getting blocked up, because the particular box I ran those queries against was only running read queries from one of our windows virtual machines, as a read slave. So it did not have much load on it, and during the time of the queries the CPU load was probably 3% (it has 16 CPU physical cores with dual 8C Xeon CPU's, and 32 vCores allocated to the VM). So clearly not a load issue on the MySQL server, and more importantly from the TCP dumps it's clear that while the query we were interested in was taking a long time to execute, plenty of other queries from other connections came along and got processed with no delay.

Now to top it all off, we have also found in our logging that the MySQL slave will routinely get way behind, 30-40 seconds behind the master. We have seen cases where it got up to 110 seconds behind the mater, which makes zero sense as the machine has low load on it, and it's all on the same local private network that the master database (and web servers) is on. Sometimes those delays in the slave occur around the same time the slow downs happen, and some times they do not.

So now that we have conclusively determined that we do not think this is a networking issues, we are starting to think this is some kind of thread deadlocking issue in KVM itself? Especially because we see super odd slow downs in all our virtual machines, some of which have nothing to do with MySQL (such as the static PHP hello file). Since we don't have any control over the KVM layer so we do not know what version it is running on now how it is configured. But the more we look into this perplexing problems, the more the finger is pointing at KVM as the root cause of this, but we have no idea how to resolve it.

To illustrate the problem, here is a ping of a PHP page that just echo's 'hello' and does nothing else, and the ping times from three AWS servers. Clearly you can see big spikes in there at times.

PHP hello.php ping in seconds from AWS

Now you might simply argue, but that is networking! Of course you might have glitches from AWS talking to that server during the day. True enough, but here is a ping during the EXACT same time period from the EXACT same AWS servers to a static page in Apache measured in milliseconds this time (less to do than PHP having to server up even a simple page):

Static file ping with Apache

So as you can see it is not external networking either, because the static file ping was never slow. No issues at all. We actually set up that static file ping to run against a second instance of Apache on that box to ensure it has zero load on it to get a baseline. At the end of the ping you can see stuff started going a bit nuts and the ping times are all over the place. That's because we just enabled PHP in that instance and served up the same hello.php file from that second apache instance to see what different it would make. Primarily because the first instance is also serving real live traffic to our wordpress blogs and ad servers (low volume traffic, but its not zero). So clearly once we add something to the mix that uses a lot more CPU, things start to go wonky.

So my question is, has anyone else ever experienced this kind of problem before with KVM, and if so, how do you resolve it? We are on the verge of ditching this KVM solution and migrating either back to dedicated machines again (which we ditched a decade ago), moving to a private VMware cloud or considering moving to Google or Azure (both of which will cost us a lot more money). But I fail to see the point in moving to another cloud architecture like Google or Azure or a private VMware cloud, if they might have similar issues?

Any suggestions?

Kendall Bennett
  • 111
  • 2
  • Additional information request from slow BIKE Any SSD or NVME devices on MySQL Host server? Post on pastebin.com and share the links. From your SSH login root, Text results of: B) SHOW GLOBAL STATUS; after minimum 24 hours UPTIME C) SHOW GLOBAL VARIABLES; D) SHOW FULL PROCESSLIST; E) complete MySQLTuner report AND Optional very helpful information, if available includes - htop OR top for most active apps, ulimit -a for a Linux/Unix list of limits, iostat -xm 5 3 for IOPS by device and core/cpu count, for server workload tuning analysis to provide suggestions. – Wilson Hauck May 16 '20 at 20:18
  • Is it DansComp.com with the delayed response? – Wilson Hauck May 17 '20 at 00:27
  • If you are changing Thread_handling from pool-of-threads to one-thread-per-connection, consider threadpool_threads=0 and thread_cache_size of 100 to minimize threads_created. – Wilson Hauck May 23 '20 at 13:22

1 Answers1

1

Rate Per Second = RPS

Suggestions to consider for your my.cnf [mysqld] 

read_rnd_buffer_size=128K  # from 256K to reduce handler_read_rnd_next RPS of 262756
innodb_lru_scan_depth=100  # from 1024 to conserve 90% of CPU cycles used for function
innodb_flush_neighbors=2  # from 0 to speed reduction of innodb_buffer_pool_pages_dirty of 148,465 
sort_buffer_size=512K  # from 256K to reduce sort_merge_passes RPhr of 1370
innodb_io_capacity=1900  # from 200 to use more of available SSD IOPS capacity

This is only first five performance improving suggestions. There are many more to consider. Please view profile, Network profile for contact info and free downloadable Utility Scripts to assist with performance tuning.

Wilson Hauck
  • 472
  • 5
  • 11