On 4/4/24 15:27, Aaron Conole wrote: > Felix Huettner via dev <ovs-dev@openvswitch.org> writes: > >> Previously the kernel did not provide a netlink interface to flush/list >> only conntrack entries matching a specific zone. With [1] and [2] it is now >> possible to flush and list conntrack entries filtered by zone. Older >> kernels not yet supporting this feature will ignore the filter. >> For the list request that means just returning all entries (which we can >> then filter in userspace as before). >> For the flush request that means deleting all conntrack entries. >> >> The implementation is now identical to the windows one, so we combine >> them. >> >> These significantly improves the performance of flushing conntrack zones >> when the conntrack table is large. Since flushing a conntrack zone is >> normally triggered via an openflow command it blocks the main ovs thread >> and thereby also blocks new flows from being applied. Using this new >> feature we can reduce the flushing time for zones by around 93%. >> >> In combination with OVN the creation of a Logical_Router (which causes >> the flushing of a ct zone) could block other operations, e.g. the >> failover of Logical_Routers (as they cause new flows to be created). >> This is visible from a user perspective as a ovn-controller that is idle >> (as it waits for vswitchd) and vswitchd reporting: >> "blocked 1000 ms waiting for main to quiesce" (potentially with ever >> increasing times). >> >> The following performance tests where run in a qemu vm with 500.000 >> conntrack entries distributed evenly over 500 ct zones using `ovstest >> test-netlink-conntrack flush zone=<zoneid>`. >> >> | flush zone with 1000 entries | flush zone with no entry | >> +---------------------+----------+---------------------+----------| >> | with the patch | without | with the patch | without | >> +----------+----------+----------+----------+----------+----------| >> | v6.8-rc4 | v6.7.1 | v6.8-rc4 | v6.8-rc4 | v6.7.1 | v6.8-rc4 | >> +---------+----------+----------+----------+----------+----------+----------| >> | Min | 0.260 | 3.946 | 3.497 | 0.228 | 3.462 | 3.212 | >> | Median | 0.319 | 4.237 | 4.349 | 0.298 | 4.460 | 4.010 | >> | 90%ile | 0.335 | 4.367 | 4.522 | 0.325 | 4.662 | 4.572 | >> | 99%ile | 0.348 | 4.495 | 4.773 | 0.340 | 4.931 | 6.003 | >> | Max | 0.362 | 4.543 | 5.054 | 0.348 | 5.390 | 6.396 | >> | Mean | 0.320 | 4.236 | 4.331 | 0.296 | 4.430 | 4.071 | >> | Total | 80.02 | 1058 | 1082 | 73.93 | 1107 | 1017 | >> >> [1]: >> https://github.com/torvalds/linux/commit/eff3c558bb7e61c41b53e4c8130e514a5a4df9ba >> [2]: >> https://github.com/torvalds/linux/commit/fa173a1b4e3fd1ab5451cbc57de6fc624c824b0a >> >> Acked-by: Mike Pattrick <m...@redhat.com> >> Co-Authored-By: Luca Czesla <luca.czesla@mail.schwarz> >> Signed-off-by: Luca Czesla <luca.czesla@mail.schwarz> >> Co-Authored-By: Max Lamprecht <max.lamprecht@mail.schwarz> >> Signed-off-by: Max Lamprecht <max.lamprecht@mail.schwarz> >> Signed-off-by: Felix Huettner <felix.huettner@mail.schwarz> >> --- > > Acked-by: Aaron Conole <acon...@redhat.com> > > Thanks!
Thanks, everyone! Applied. Best regards, Ilya Maximets. _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
