cpuset is insufficient to limit performance of resolvers
Kernel tasks (such as handling TCP connections) can be executed by other CPUs that those specified in cpuset for our docker container. In practice, this can heavily skew results for benchmarks that are kernel-intensive and we limit the resolver to less threads than there are available CPUs.
For accurate benchmarks with less CPUs, we need to turn the CPU cores off entirely:
echo 0 > /sys/devices/system/cpu/cpuN/onlineThis can be done in the tuning playbook. All CPUs should be brought back online after the test.