Can you start a bug on launchpad and upload the conntrack attachment to the bug?
Switching to the rootwrap daemon should also help significantly. On Mon, Sep 11, 2017 at 12:32 PM, Ajay Kalambur (akalambu) < [email protected]> wrote: > Hi Kevin > The information you asked for > For 1 compute node with 45 Vms here is the number of connection tracking > entries getting deleted > cat conntrack.file | wc -l > 38528 > > The file with output is 14MB so ill email it to Ian and he can share it if > needed > > Security group rules > Direction Ether Type IP Protocol Port Range Remote IP Prefix Remote > Security Group Actions > Egress IPv4 Any Any 0.0.0.0/0 > Ingress IPv6 Any Any - default > Egress IPv6 Any Any ::/0 - > Ingress IPv4 Any Any - > > Please let me know if u need the dump of conntrack entries if so I can > email it to email address of your choice > > > Ajay > > > > From: Ajay Kalambur <[email protected]> > Reply-To: "OpenStack Development Mailing List (not for usage questions)" < > [email protected]> > Date: Monday, September 11, 2017 at 10:02 AM > To: "OpenStack Development Mailing List (not for usage questions)" < > [email protected]> > Subject: Re: [openstack-dev] [neutron]OVS connection tracking cleanup > > Hi Kevin > Thanks for your response it was about 50 vms > Ajay > > > > On Sep 11, 2017, at 9:49 AM, Kevin Benton <[email protected]> wrote: > > The biggest improvement will be switching to native netlink calls: > https://review.openstack.org/#/c/470912/ > > How many VMs were on a single compute node? > > On Mon, Sep 11, 2017 at 9:15 AM, Ajay Kalambur (akalambu) < > [email protected]> wrote: > >> Hi >> I am performing a scale test and I see that after creating 500 Vms with >> ping traffic between them it took almost 1 hr for the connection tracking >> To clean up and ovs agent was busy doing this and unable to service any >> new port bind requests on some computes for almost an hr >> It took that long for conntrack clean up to complete >> >> >> I see the following bug >> https://bugs.launchpad.net/neutron/+bug/1513765 >> >> And I also have the fix below >> https://git.openstack.org/cgit/openstack/neutron/commit/?id= >> d7aeb8dd4b1d122e17eef8687192cd122b79fd6e >> >> >> Still see really long times for conntrack cleanup >> >> What is the solution to this problem in scale scenarios? >> Ajay >> >> >> ____________________________________________________________ >> ______________ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: [email protected]?subject:unsubscrib >> e >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: [email protected]?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: [email protected]?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
