[openstack-dev] [neutron][rootwrap] Performance considerations, sudo?
Miguel Angel Ajo
majopela at redhat.com
Thu Mar 6 08:31:43 UTC 2014
On 03/06/2014 07:57 AM, IWAMOTO Toshihiro wrote:
> At Wed, 05 Mar 2014 15:42:54 +0100,
> Miguel Angel Ajo wrote:
>> 3) I also find 10 minutes a long time to setup 192 networks/basic tenant
>> structures, I wonder if that time could be reduced by conversion
>> of system process calls into system library calls (I know we don't have
>> libraries for iproute, iptables?, and many other things... but it's a
>> problem that's probably worth looking at.)
> Try benchmarking
> $ sudo ip netns exec qfoobar /bin/echo
You're totally right, that takes the same time as rootwrap itself. It's
another point to think about from the performance point of view.
An interesting read:
ip netns does a lot of mounts around to simulate a normal environment,
where an netns-aware application could avoid all this.
> Network namespace switching costs almost as much as a rootwrap
> execution, IIRC.
> Execution coalesceing is not enough in this case and we would need to
> change how Neutron issues commands, IMO.
Yes, one option could be to coalesce all calls that go into
a namespace into a shell script and run this in the
ootwrap > ip netns exec
But we might find a mechanism to determine if some of the steps failed,
and what was the result / output, something like failing line + result
code. I'm not sure if we rely on stdout/stderr results at any time.
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
More information about the OpenStack-dev