Shunmin Zhu,Jianyuan Lu,Biao Lyu,Tian Pan,Chenhao Jia,Xin Cheng,Daxiang Kang,Yilong Lv,Fukun Yang,Xiaobo Xue,Zhiliang Wang,Jiahai Yang

DOI: https://doi.org/10.1145/3555050.3569116

2022-01-01

Abstract:We present Zoonet, a proactive virtual network telemetry system for multi-tenant clouds. The requirements are to (1) cover hyper-scale virtual networks with millions of tenants and millions of VMs for top tenants; (2) handle frequent virtual topology changes due to tenants' configuration through flexible APIs; (3) adapt to heterogeneous middleboxes along the probing paths; (4) achieve VM-to-VM telemetry without breaking tenant privacy; (5) differentiate virtual and physical network problems. We argue existing physical network telemetry solutions fail to satisfy our needs due to either incomplete telemetry coverage or outrageous telemetry overhead. Zoonet sets an ambitious goal to provide VM-to-VM hop-by-hop telemetry for each tenant, which is achieved based on self-developed, customizable middleboxes via hundreds of person-months under close team collaboration. At the data plane, Zoonet defines an elegant generalization of ping and traceroute, but made to work on multi-tenant clouds with heterogeneous middleboxes. At the control plane, Zoonet conducts substantial probing path pruning and update batch processing to lessen the overhead. Zoonet has been deployed in Alibaba Cloud for over two years, covering tens of cloud regions, hundreds of thousands of servers. We become increasingly reliant on Zoonet as it reduces 86% of the personnel engaged in troubleshooting.

Shunmin Zhu,Jianyuan Lu,Biao Lyu,Tian Pan,Chenhao Jia,Cheng Xin,Daxiang Kang,Yilong Lv,Fukun Yang,Xiaobo Xue,Zhiliang Wang,Jiahai Yang

DOI: https://doi.org/10.1145/3555050.3569116

2022-01-01

Abstract:We present Zoonet, a proactive virtual network telemetry system for multi-tenant clouds. The requirements are to (1) cover hyper-scale virtual networks with millions of tenants and millions of VMs for top tenants; (2) handle frequent virtual topology changes due to tenants' configuration through flexible APIs; (3) adapt to heterogeneous middleboxes along the probing paths; (4) achieve VM-to-VM telemetry without breaking tenant privacy; (5) differentiate virtual and physical network problems. We argue existing physical network telemetry solutions fail to satisfy our needs due to either incomplete telemetry coverage or outrageous telemetry overhead. Zoonet sets an ambitious goal to provide VM-to-VM hop-by-hop telemetry for each tenant, which is achieved based on self-developed, customizable middleboxes via hundreds of person-months under close team collaboration. At the data plane, Zoonet defines an elegant generalization of ping and traceroute, but made to work on multi-tenant clouds with heterogeneous middleboxes. At the control plane, Zoonet conducts substantial probing path pruning and update batch processing to lessen the overhead. Zoonet has been deployed in Alibaba Cloud for over two years, covering tens of cloud regions, hundreds of thousands of servers. We become increasingly reliant on Zoonet as it reduces 86% of the personnel engaged in troubleshooting.

Jiamei Lv,Yi Gao,Wei Dong

DOI: https://doi.org/10.1109/PADSW.2018.8644951

2018-01-01

Abstract:For network operators, knowing the problems in their networks before users complain can help improve their Quality-of-Experience (QoE) and bring great commercial value. However, accurate measurement of the internal performance of a network generally requires the deployment of additional dedicated instrumentation in the network. Another possible approach is to use network tomography technique to infer these internal states from measurements obtained from the edge of the network. However, network tomography usually requires that the network topology and the path of each probe are known. In this paper, using a sparse crowdsourced measurement dataset from mobile users to varies types of network resources, we build a BRAS (broadband remote access server)-level QoE model to help the network operator locate network problems quickly. By reasonably mining the intrinsic correlation among the measurement data, the proposed scheme is able to model the user QoE accurately and achieve an accuracy of 97%.

Chengkun Wei,Xing Li,Ye Yang,Xiaochong Jiang,Tianyu Xu,Bowen Yang,Taotao Wu,Chao Xu,Yilong Lv,Haifeng Gao,Zhentao Zhang,Zikang Chen,Zeke Wang,Zihui Zhang,Shunmin Zhu,Wenzhi Chen

DOI: https://doi.org/10.1145/3603269.3604859

2023-01-01

Abstract:Cloud computing has witnessed tremendous growth, prompting enterprises to migrate to the cloud for reliable and on-demand computing. Within a single Virtual Private Cloud (VPC), the number of instances (such as VMs, bare metals, and containers) has reached millions, posing challenges related to supporting millions of instances with network location decoupling from the underlying hardware, high elastic performance, and high reliability. However, academic studies have primarily focused on specific issues like high-speed data plane and virtualized routing infrastructure, while existing industrial network technologies fail to adequately address these challenges. In this paper, we report on the design and experience of Achelous , Alibaba Cloud's network virtualization platform. Achelous consists of three key designs to enhance hyperscale VPC: ( i ) a novel hierarchical programming architecture based on the collaborative design of both data plane and control plane; ( ii ) elastic performance strategy and distributed ECMP schemes for seamless scale-up and scale-out, respectively; ( iii ) health check scheme and transparent VM live migration mechanisms that ensure stateful flow continuity during the failover. The evaluation results demonstrate that, Achelous scales to over 1, 500, 000 of VMs with elastic network capacity in a single VPC, and reduces 25× programming time, with 99% updating can be completed within 1 second. For failover, it condenses 22.5× downtime during VM live migration, and ensures 99.99% of applications do not experience stall. More importantly, the experience from three years of operation proves the Achelous 's serviceability, and versatility independent of any specific hardware platforms.

Chongrong Fang,Haoyu Liu,Mao Miao,Jie Ye,Lei Wang,Wansheng Zhang,Daxiang Kang,Biao Lyu,Shunmin Zhu,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/tnet.2021.3137557

2022-01-01

IEEE/ACM Transactions on Networking

Abstract:Persistent packet loss in the cloud-scale overlay network severely compromises tenant experiences. Cloud providers are keen to diagnose such problems efficiently. However, existing work is either designed for the physical network or insufficient to present the concrete reason of packet loss. We propose to record and analyze the on-site forwarding condition of packets during packet-level tracing. The cloud-scale overlay network presents great challenges to achieve this goal with its high network complexity, multi-tenant nature, and diversity of root causes. To address these challenges, we present VTrace, an automatic diagnostic system for persistent packet loss over the cloud-scale overlay network. Utilizing the ''fast path-slow path'' structure of virtual forwarding devices (VFDs), e.g., vSwitches, VTrace installs several ''coloring-matching-logging'' rules in VFDs to selectively track the target packets and inspect them in depth. The detailed forwarding situation at each hop is logged and then assembled to perform analysis with an efficient path reconstruction scheme. Experiments are conducted to demonstrate VTrace's low overhead and quick response. Besides, based on the idea ''coloring-matching-counting'', VTrace can be easily extended to VTrace-stats to identify the culprit device for transient packet loss. We share experiences of how VTrace and VTrace-stats efficiently work after deploying them in Alibaba Cloud for years.

Yunsenxiao Lin,Yu Zhou,Zhengzheng Liu,Ke Liu,Yangyang Wang,Mingwei Xu,Jun Bi,Ying Liu,Jianping Wu

DOI: https://doi.org/10.1016/j.comnet.2020.107386

IF: 5.493

2020-10-01

Computer Networks

Abstract:<p>Network telemetry is to collect information (<em>e.g.</em>, hop latency, throughput) from network devices. Network-wide telemetry is critical for operators to understand the quality of network performance and to diagnose on-going failures. The state-of-the-art telemetry approaches are far from ideal as they are unable to fully satisfy diverse requirements of operators, specifically for <em>on-demand, full coverage</em>, and <em>scalable</em> telemetry.</p><p>In this paper, we provide a new framework of network telemetry for data center networks, called <em>NetView</em>. NetView can support various telemetry applications and telemetry frequencies <em>on demand</em>, monitoring each device via proactively sending dedicated probes while only one vantage server is required. Technically, NetView divides the probe into a forwarding stack and a telemetry stack, which are respectively responsible for flexible forwarding and network status monitoring, achieving full <em>coverage</em> and visibility. Besides, a series of probe generation algorithms and update algorithms largely reduce probe number, providing high <em>scalability</em>. The evaluation shows that NetView reduces the bandwidth occupancy by more than two orders of magnitude compared with Pingmesh and INT-path, and conducts network-wide telemetry for the data center network with thousands of switches using only one vantage server, without bringing about resources bottleneck.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Zhe Wang,Huanwu Hu,Linghe Kong,Xinlei Kang,Teng Ma,Qiao Xiang,Jingxuan Li,Yang Lu,Zhuo Song,Peihao Yang,Jiejian Wu,Yong Yang,Tao Ma,Zheng Liu,Xianlong Zeng,Dennis Cai,Guihai Chen

2024-01-01

Abstract:Timely detection and diagnosis of application-network anomalies is a key challenge of operating large-scale production clouds. We reveal three practical issues in a cloud-native era. First, impact assessment of anomalies at a (micro)service level is absent currently deployed monitoring systems. Ping systems are oblivious to the "actual weights" of application traffic, e.g., traffic volume and the number of connections/instances. Failures of critical (micro)services with large weights can be easily overlooked by probing systems under prevalent network jitters. Second, the efficiency of anomaly routing (to a blamed application/network team) is still low with multiple attribution teams involved. Third, collecting fine-grained metrics at a (micro)service level incurs considerable computational/storage overheads, however, is indispensable for accurate impact assessment and anomaly routing. We introduce the application-network diagnosing (AND) system in Alibaba cloud. AND exploits the single metric of TCP retransmission (retx) to capture anomalies at (micro)service levels and correlates applications with networks end-to-end. To resolve deployment challenges, AND further proposes three core designs: (1) a collecting tool to perform filtering/statistics on massive retxs at the (micro)service level, (2) a real-time detection procedure to extract anomalies from 'noisy' rem with millions of time series, (3) an anomaly routing model to delimit anomalies among multiple target teams/scenarios. AND has been deployed in Alibaba cloud for over three years and enables minute-level anomaly detection/routing and fast failure recovery.

Chongrong Fang,Haoyu Liu,Mao Miao,Jie Ye,Lei Wang,Wansheng Zhang,Daxiang Kang,Biao Lyv,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1145/3387514.3405851

2020-01-01

Abstract:Persistent packet loss in the cloud-scale overlay network severely compromises tenant experiences. Cloud providers are keen to automatically and quickly determine the root cause of such problems. However, existing work is either designed for the physical network or insufficient to present the concrete reason of packet loss. In this paper, we propose to record and analyze the on-site forwarding condition of packets during packet-level tracing. The cloud-scale overlay network presents great challenges to achieve this goal with its high network complexity, multi-tenant nature, and diversity of root causes. To address these challenges, we present VTrace, an automatic diagnostic system for persistent packet loss over the cloud-scale overlay network. Utilizing the "fast path-slow path" structure of virtual forwarding devices (VFDs), e.g., vSwitches, VTrace installs several "coloring, matching and logging" rules in VFDs to selectively track the packets of interest and inspect them in depth. The detailed forwarding situation at each hop is logged and then assembled to perform analysis with an efficient path reconstruction scheme. Experiments are conducted to demonstrate VTrace's low overhead and quick responsiveness. We share experiences of how VTrace efficiently resolves persistent packet loss issues after deploying it in Alibaba Cloud for over 20 months.

Zhewen Yang,Changrong Wu,Chen Tian,Zhaochen Zhang

2023-05-04

Abstract:In today's private cloud, the resource of the datacenter is shared by multiple tenants. Unlike the storage and computing resources, it's challenging to allocate bandwidth resources among tenants in private datacenter networks. State-of-the-art approaches are not effective or practical enough to meet tenants' bandwidth requirements. In this paper, we propose ProNet, a practical end-host-based solution for bandwidth sharing among tenants to meet their various demands. The key idea of ProNet is byte-counter, a mechanism to collect the bandwidth usage of tenants on end-hosts to guide the adjustment of the whole network allocation, without putting much pressure on switches. We evaluate ProNet both in our testbed and large-scale simulations. Results show that ProNet can support multiple allocation policies such as network proportionality and minimum bandwidth guarantee. Accordingly, the application-level performance is improved.

Networking and Internet Architecture

Zhuotao Liu,Yuan Cao,Xuewu Zhang,Changping Zhu,Fan Zhang

DOI: https://doi.org/10.1109/tpds.2019.2893239

IF: 5.3

2019-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:With the advent of software-defined networking, network configuration through programmable interfaces becomes practical, leading to various on-demand opportunities for network routing update in multi-tenant datacenters, where tenants have diverse requirements on network routings such as short latency, low path inflation, large bandwidth, high reliability, etc. Conventional solutions that rely on topology search coupled with an objective function to find desired routings have at least two shortcomings: ${\sf (i)}$(i) they run into scalability issues when handling consistent and frequent routing updates and ${\sf (ii)}$(ii) they restrict the flexibility and capability to satisfy various routing requirements. To address these issues, this paper proposes a novel search and optimization decoupled design, which not only saves considerable topology search costs via search result reuse, but also avoids possible sub-optimality in greedy routing search algorithms by making decisions based on the global view of all possible routings. We implement a prototype of our proposed system, OpReduce, and perform extensive evaluations to validate its design goals.

Tianlin Huang,Chao Rong,Yazhe Tang,Chengchen Hu,Jinming Li,Peng Zhang

DOI: https://doi.org/10.1109/icc.2014.6883883

2014-01-01

Abstract:It has become a common practice that enterprises outsource their networks to the cloud by renting multiple virtual machines (VMs) in cloud datacenters. Due to the multi-tenant nature of cloud datacenter, how to efficiently share the network resources becomes an important issue. Recent studies, e.g., SecondNet and Oktopus, have taken network bandwidth into consideration when allocating VMs. However, these schemes are problematic in that the allocation is not that accurate, and can result in a low multiplexing rate. To this end, we present VirtualRack (VR), a new bandwidth-aware VM allocation scheme in multi-tenant datacenters. VR simultaneously considers intra-datacenter bandwidth and Internet-access-bandwidth requirements in the allocation process. In addition, we introduce a redundancy factor α that can be specified by tenants to accommodate their dynamic requirements. Simulation results show that VR can guarantee the network performance for each of the multiple tenants, and at the same time keep a high acceptance ratio without any false allocation.

Qianyu Zhang,Gongming Zhao,Hongli Xu,Zhuolong Yu,Liguang Xie,Yangming Zhao,Chunming Qiao,Ying Xiong,Liusheng Huang

2022-01-01

Abstract:With the broad deployment of distributed applications on clouds, the dominant volume of traffic in cloud networks traverses in an east-west direction, flowing from server to server within a data center. Existing communication solutions are tightly coupled with either the control plane (e.g., preprogrammed model) or the location of compute nodes (e.g., conventional gateway model). The tight coupling makes it challenging to adapt to rapid network expansion, respond to network anomalies (e.g., burst traffic and device failures), and maintain low latency for east-west traffic. To address this issue, we design Zeta, a scalable and robust east-west communication framework with gateway clusters in large-scale clouds. Zeta abstracts the traffic forwarding capability as a Gateway Cluster Layer, decoupled from the logic of control plane and the location of compute nodes. Specifically, Zeta adopts gateway clusters to support large-scale networks and cope with burst traffic. Moreover, a transparent Multi IPs Migration is proposed to quickly recover the system/devices from unpredictable failures. We implement Zeta based on eXpress Data Path (XDP) and evaluate its scalability and robustness through comprehensive experiments with up to 100k container instances. Our evaluation shows that Zeta reduces the 99% RTT by 5.1x in burst video traffic, and speeds up the gateway recovery by 10.8 x compared with the state-of-the-art solutions.

Rui Ding,Xunpeng Liu,Shibo Yang,Qun Huang,Baoshu Xie,Ronghua Sun,Zhi Zhang,Bolong Cui

DOI: https://doi.org/10.1145/3651890.3672256

2024-01-01

Abstract:Ensuring service availability in large-scale datacenters hinges on network monitoring. For monitoring quality, it is essential to attain sufficient coverage of all physical components. However, given the ever-evolving complexity of industrial environments, even measuring coverage metrics becomes challenging, let alone attaining sufficient coverage. In fact, insufficient coverage widely existed in our production datacenters and caused many missed failures. To address this, we design RD-Probe, an industrial monitoring system with coverage and scalability guarantees. Specifically, it first constructs a network topology encoding the industrial complexity. Then, it combines Randomized and Deterministic methods to efficiently generate probe tasks that meet the coverage requirement. We have deployed RD-Probe in three large production regions in Huawei Cloud. Within the first month, RD-Probe improved coverage from 80.9% to 99.5% and unearthed several previously unnoticed issues while tolerating numerous faults. Large-scale simulation of four industry solutions shows that RD-Probe is the only one achieving both sufficient coverage and scalability in complex datacenter networks. We plan to expand RD-Probe to other regions soon.

Zhifeng Zhao,Feng Hong,Rongpeng Li

DOI: https://doi.org/10.1109/ACCESS.2017.2762362

IF: 3.9

2017-01-01

IEEE Access

Abstract:Nowadays, cloud computing networks significantly benefit the deployment of new services and have become one infrastructure provider in the digital society. The virtual extensible local area network (VxLAN), which belongs to the network schemes to overlay Layer 2 over Layer 3, is one of the most popular methods to realize cloud computing networks. Though VxLAN partially overcomes the capacity limitation of its predecessor virtual local area network, it still faces several challenges like annoying signaling overhead during the multicast period and interrupted communication with a migrating virtual machine (VM). In this paper, we propose a new software defined network (SDN) based VxLAN network architecture. Based on this architecture, we address how we can deploy an intelligent center to enhance the multicast capability and facilitate the VM migration. Besides, we discuss the means to update the global information and guarantee the communication continuum. Finally, we use Mininet to emulate this SDN based VxLAN architecture and demonstrate effective load balancing results. In a word, this proposed architecture could provide a blueprint for future cloud computing networks.

Zhuo Song,Jiejian Wu,Teng Ma,Zhe Wang,Linghe Kong,Zhenzao Wen,Jingxuan Li,Yang Lu,Yong Yang,Tao Ma,Zheng Liu,Guihai Chen

DOI: https://doi.org/10.1109/tnet.2024.3394514

2024-08-25

IEEE/ACM Transactions on Networking

Abstract:Cloud services have shifted from monolithic designs to microservices running on cloud-native infrastructure with monitoring systems to ensure service level agreements (SLAs). However, traditional monitoring systems no longer meet the demands of cloud-native monitoring. In Alibaba's "double eleven" shopping festival, it is observed that the monitor occupies resources of the monitored infrastructure and even disrupts services. In this paper, we propose a novel monitoring system named Zero+ for cloud-native monitoring. Zero+ achieves zero overhead in collecting raw metrics using one-sided remote direct memory access (RDMA) and remedies network congestion by adopting a receiver-driven flow control scheme. Zero+ also features a priority queue mechanism to meet different quality of service requirements and an efficient batch processing design to relieve CPU occupation. Zero+ has been deployed and evaluated in four different clusters with heterogeneous RDMA NIC devices and architectures in Alibaba Cloud. Results show that Zero+ achieves no CPU occupation at the monitored host and supports hosts with sampling interval using a single thread for network I/O. Zero+ significantly relieves the incast issue and maintains of bandwidth utilization in several clusters when monitoring hosts. Zero+ also ensures services with high priority accomplish collecting metrics earlier than low priority ones by at least when monitoring hosts.

telecommunications,computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Zhe Wang,Teng Ma,Linghe Kong,Zhenzao Wen,Jingxuan Li,Zhuo Song,Yang Lu,Yong Yang,Tao Ma,Guihai Chen,Wei Cao

2022-01-01

Abstract:Cloud services have recently undergone a major shift from monolithic designs to microservices running on the cloud-native infrastructure, where monitoring systems are widely deployed to ensure the service level agreement (SLA). Nevertheless, the traditional monitoring system no longer fulfills the demands of cloud-native monitoring, which is observed from the practical experience in Alibaba cloud. Specifically, the monitor occupies resources (e.g., CPU) of the monitored infrastructure, disturbing services running on it. For example, enabling monitor causes jitters/declines of online services in Alibaba's "double eleven" shopping festival with high loads. On the other hand, the quality of service (QoS) of monitoring itself, which is vital to track and ensure SLA, is not guaranteed with the high loaded system. In this paper, we design and implement a novel monitoring system, named ZERO, for cloud-native monitoring. First, ZERO achieves zero overhead to collect raw metrics from the monitored hosts using one-sided remote direct memory access (RDMA) operations, thus avoiding any interferences to cloud services. Second, ZERO adopts receiver-driven model to collect monitoring metrics with high QoS, where credit-based flow control and hybrid I/O model are proposed to mitigate network congestion/interference and CPU bottlenecks. ZERO has been deployed and evaluated in Alibaba cloud. Deployment results show that ZERO achieves no CPU occupation at the monitored host and supports 1 similar to 10k hosts with 0.1 similar to 1s sampling interval using single thread for network I/O.

Zhengzheng Liu,Jun Bi,Yu Zhou,Yangyang Wang,Yunsenxiao Lin

DOI: https://doi.org/10.1109/icnp.2018.00036

2018-01-01

Abstract:In-band Network Telemetry (INT) can provide fine-grained and accurate device-level telemetry metrics. Nonetheless, INT can track only a small ratio of devices and links and embedding telemetry data into normal packets brings high overhead and high operation complexity. Hence, we present NetVision, a powerful proactive network telemetry platform with high coverage and high scalability.

Qun Huang,Haifeng Sun,Patrick P. C. Lee,Wei Bai,Feng Zhu,Yungang Bao

DOI: https://doi.org/10.1145/3387514.3405877

2020-01-01

Abstract:Network telemetry is essential for administrators to monitor massive data traffic in a network-wide manner. Existing telemetry solutions often face the dilemma between resource efficiency (i.e., low CPU, memory, and bandwidth overhead) and full accuracy (i.e., error-free and holistic measurement). We break this dilemma via a network-wide architectural design OmniMon, which simultaneously achieves resource efficiency and full accuracy in flow-level telemetry for large-scale data centers. OmniMon carefully coordinates the collaboration among different types of entities in the whole network to execute telemetry operations, such that the resource constraints of each entity are satisfied without compromising full accuracy. It further addresses consistency in network-wide epoch synchronization and accountability in error-free packet loss inference. We prototype OmniMon in DPDK and P4. Testbed experiments on commodity servers and Tofino switches demonstrate the effectiveness of OmniMon over state-of-the-art telemetry designs.

Haoyu Liu,Chongrong Fang,Yining Qi,Jian Bai,Shaozhe Wang,Xiong Xiao,Daxiang Kang,Biao Lyu,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/noms47738.2020.9110414

2020-01-01

Abstract:Core devices form the critical components of the cloud network and provide service to multiple tenants simultaneously. The anomalies that happened in core devices impact network availability of a large number of users, meanwhile, lead to the degradation of cloud providers' profits. However, direct monitoring of core devices needs to deploy massive heartbeat checking tools on numerous related components, which will be extremely laborious. In this paper, we deploy RAIN to reduce the number of devices that need to be detailed investigated for anomalies. The session traffic data among core devices and served virtual machines are utilized to conduct the analyzing. To guarantee near real-time monitoring, RAIN is designed as a two-step structure and incorporating four feature-based detection methods. RAIN has been deployed in Alibaba's production cloud network for over 6 months and is analyzing terabytes of traffic flow metrics per day.

Congcong Miao,Zhizhen Zhong,Yunming Xiao,Feng Yang,Senkuo Zhang,Yinan Jiang,Zizhuo Bai,Chaodong Lu,Jingyi Geng,Zekun He,Yachen Wang,Xianneng Zou,Chuanchuan Yang

DOI: https://doi.org/10.1145/3651890.3672242

2024-01-01

Abstract:In today's virtualized cloud, containers and virtual machines (VMs) are prevailing methods to deploy applications with different tenant requirements. However, these requirements are at odds with the resource allocation capabilities of conventional networking stacks in wide-area networks (WANs). In particular, existing WAN traffic engineering (TE) systems at the granularity of aggregated traffic flows are not designed to cater to each individual flow. In this paper, we advocate for a radical new approach to extend TE systems to involve millions of virtual instance endpoints. We propose and implement a first-of-its-kind system, called MegaTE, to satisfy the needs of each fine-grained traffic flow at the virtual instance level. At the core of the MegaTE system is the paradigm shift from the top-down centralized control to the bottom-up asynchronous query in the TE control loop, combined with eBPF-based segment routing on the data plane and TE optimization contraction on the control plane. We evaluate MegaTE using flow-level simulations with production traffic traces. Our results show that MegaTE supports 20× more endpoints with the similar algorithm run time compared to prior work. MegaTE has been adopted by large-scale public cloud providers. Notably, Tencent rolled out MegaTE in its cloud WAN since December 2022. Our production analysis shows that MegaTE reduces the packet latency of real-time applications by up to 51%.