Phil Sutter <p...@nwl.cc> writes: > Stress-testing OpenStack Neutron revealed poor performance of 'ip netns' > when dealing with a high amount of namespaces. The cause of this lies in > the combination of how iproute2 mounts NETNS_RUN_DIR and the netns files > therein and the fact that systemd makes all mount points of the system > shared.
So please tell me. Given that it was clearly a deliberate choice in the code to make these directories shared, and that this is not a result of a systemd making all directories shared by default. Why is it better to these directories non-shared? This may be the appropriate change but saying you stress testing things and have a problem but do not describe how large a scale you had a problem, or anything else to make your problem reproducible by anyone else makes it difficult to consider the merits of this change. Sometimes things are a good default policy but have imperfect scaling on extreme workloads. My experience with the current situtation with ip netns is that it prevents a whole lot of confusion by making the network namespace names visible whichever mount namespace your processes are running in. > Phil Sutter (2): > ipnetns: Move NETNS_RUN_DIR into it's own propagation group > ipnetns: Make netns mount points private > > ip/ipnetns.c | 12 +++++++++++- > 1 file changed, 11 insertions(+), 1 deletion(-) Eric
