Open Stack

Can you start a bug on launchpad and upload the conntrack attachment to the
bug?

Switching to the rootwrap daemon should also help significantly.

On Mon, Sep 11, 2017 at 12:32 PM, Ajay Kalambur (akalambu) <
akalambu at cisco.com> wrote:

> Hi Kevin
> The information you asked for
> For 1 compute node with 45 Vms here is the number of connection tracking
> entries getting deleted
> cat conntrack.file  | wc -l
>    38528
>
> The file with output is 14MB so ill email it to Ian and he can share it if
> needed
>
> Security group rules
> Direction Ether Type IP Protocol Port Range Remote IP Prefix Remote
> Security Group Actions
> Egress IPv4 Any Any 0.0.0.0/0
> Ingress IPv6 Any Any - default
> Egress IPv6 Any Any ::/0 -
> Ingress IPv4 Any Any -
>
> Please let me know if u need the dump of conntrack entries if so I can
> email it to email address of your choice
>
>
> Ajay
>
>
>
> From: Ajay Kalambur <akalambu at cisco.com>
> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev at lists.openstack.org>
> Date: Monday, September 11, 2017 at 10:02 AM
> To: "OpenStack Development Mailing List (not for usage questions)" <
> openstack-dev at lists.openstack.org>
> Subject: Re: [openstack-dev] [neutron]OVS connection tracking cleanup
>
> Hi Kevin
> Thanks for your response it was about 50 vms
> Ajay
>
>
>
> On Sep 11, 2017, at 9:49 AM, Kevin Benton <kevin at benton.pub> wrote:
>
> The biggest improvement will be switching to native netlink calls:
> https://review.openstack.org/#/c/470912/
>
> How many VMs were on a single compute node?
>
> On Mon, Sep 11, 2017 at 9:15 AM, Ajay Kalambur (akalambu) <
> akalambu at cisco.com> wrote:
>
>> Hi
>> I am performing a scale test and I see that after creating 500 Vms with
>> ping traffic between them it took almost 1 hr for the connection tracking
>> To clean up and ovs agent was busy doing this and unable to service any
>> new port bind requests on some computes for almost an hr
>> It took that long for conntrack clean up to complete
>>
>>
>> I see the following bug
>> https://bugs.launchpad.net/neutron/+bug/1513765
>>
>> And I also have the fix below
>> https://git.openstack.org/cgit/openstack/neutron/commit/?id=
>> d7aeb8dd4b1d122e17eef8687192cd122b79fd6e
>>
>>
>> Still see really long times for conntrack cleanup
>>
>> What is the solution to this problem in scale scenarios?
>> Ajay
>>
>>
>> ____________________________________________________________
>> ______________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscrib
>> e
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170911/05422f91/attachment.html>