yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #13255
[Bug 1292598] Re: rootwrap massive overhead limits neutron scalability
This should be fixed via the blueprint process rather than a bug.
** Changed in: neutron
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1292598
Title:
rootwrap massive overhead limits neutron scalability
Status in OpenStack Neutron (virtual network service):
Invalid
Bug description:
Permission elevation via rootwrap, has a massive impact on the network nodes,
increasing setup time 2.5 times compared to plain sudo. [2] [3]
A network node with 192 private networks + 192 routers takes:
- 24 minutes to setup with rootwrap
- 10 minutes to setup with just sudo
Rootwrap need is clear, from the security point of view, but an optimization is required
from the performance point of view [1]
Appendix:
[1] https://etherpad.openstack.org/p/neutron-agent-exec-performance
[2] mail list discussions:
a) http://lists.openstack.org/pipermail/openstack-dev/2014-March/029017.html
b) http://lists.openstack.org/pipermail/openstack-dev/2013-July/012539.html
[3]
[root@rhos4-neutron2 ~]# time neutron-rootwrap --help
/usr/bin/neutron-rootwrap: No command specified
real 0m0.309s
user 0m0.128s
sys 0m0.037s
[root@rhos4-neutron2 ~]# time python -c'import sys;sys.exit(0)'
real 0m0.057s
user 0m0.016s
sys 0m0.011s
[root@rhos4-neutron2 ~]# time sudo bash -c 'exit 0'
real 0m0.032s
user 0m0.010s
sys 0m0.019s
[root@rhos4-neutron2 ~]# echo "int main() { return 0; }" > test.c
[root@rhos4-neutron2 ~]# gcc test.c -o test
[root@rhos4-neutron2 ~]# time test # to time process invocation on this machine
real 0m0.000s
user 0m0.000s
sys 0m0.000s
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1292598/+subscriptions
References
