Received: by 2002:a05:6358:701b:b0:131:369:b2a3 with SMTP id 27csp2956222rwo; Mon, 24 Jul 2023 04:14:51 -0700 (PDT) X-Google-Smtp-Source: APBJJlE7HSGQu/i/Dc2ekq8ua5bFdvanx9DTKruIK95OVB+S2dJruglPfjayi6sMQLfMpSf5iKaE X-Received: by 2002:aa7:c1c4:0:b0:521:d23d:6850 with SMTP id d4-20020aa7c1c4000000b00521d23d6850mr7727640edp.21.1690197291524; Mon, 24 Jul 2023 04:14:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690197291; cv=none; d=google.com; s=arc-20160816; b=OXo93ZhcduEl79EoVwzcsD6oXuk68cGCq7lbBVc5G5UpWMp7suKF1AUrZJowB4cagZ V0rqusmcpXFo5qgY+RpZxB/ffll9AmYjuBIflzE2iQDcPDHprWc8MOQzDzvWRPhAi05J y2fHkomGoxdD8cxv6cQa9MLFqsLokxgo1XIyS8kNgICXH6gux4UGpuP+TvRAO9vZb71j X7a9stASMsL35A/nz/qFfoe0LXe3xJa8bVxjMD8vMjAP+sD55YcS2TYefpf4aqw6uB2H LP3AJQ5MbJIJauR/djvg7b5dMvy0A53nHS3XQ+wMui0A4wFe6u3KFvd5Hs0pr5F8RzLm thsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date:dkim-signature; bh=SLOAsozuYWZeaP2qXUkyeOsmJkVK/aMbG9BhLqpH/QY=; fh=Hfl9wguad+VqAkv4vrgdGF1hweYmRS+xnjq/F5RFnf0=; b=DaqQ56DNQ2T2rVoPZKI1dAUD0aIduMIHIRRo8dlFo+KP4RmPvBEobt0ZYEWspoviME cYY1slcNBVvS60D/xRT8U5OPmT7Ddosu2d260LRAR8rBH/YYR1yxeHTYdcOuvJObYI7R gQmhczIOnC88Aa1aHdEkgO+kZ5Nxm6RGwEs5m8dI6NqQgUWbW6fV227JrdHKz3RydNTp VfPj4iPh0FTDIcrWNZgAisDMxX0d67uaSAGxEirR7SRrvVuZRzhQTCw5BKIiOup1G22B pehKJ761i8OAa4FXq3b+IpmVO7SlYriZXg10MPg1vzQ3I/6qmXgccAdEif18jnYwgPhH 7x9g== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@ssi.bg header.s=ink header.b=uwX3347G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ssi.bg Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d1-20020a05640208c100b0052229b7741fsi1748625edz.424.2023.07.24.04.14.27; Mon, 24 Jul 2023 04:14:51 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=fail header.i=@ssi.bg header.s=ink header.b=uwX3347G; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ssi.bg Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231409AbjGXKYd (ORCPT + 99 others); Mon, 24 Jul 2023 06:24:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54282 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232651AbjGXKYT (ORCPT ); Mon, 24 Jul 2023 06:24:19 -0400 Received: from mg.ssi.bg (mg.ssi.bg [193.238.174.37]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3E2495267; Mon, 24 Jul 2023 03:18:51 -0700 (PDT) Received: from mg.bb.i.ssi.bg (localhost [127.0.0.1]) by mg.bb.i.ssi.bg (Proxmox) with ESMTP id E414923226; Mon, 24 Jul 2023 13:18:47 +0300 (EEST) Received: from ink.ssi.bg (ink.ssi.bg [193.238.174.40]) by mg.bb.i.ssi.bg (Proxmox) with ESMTPS id CC14523222; Mon, 24 Jul 2023 13:18:47 +0300 (EEST) Received: from ja.ssi.bg (unknown [213.16.62.126]) by ink.ssi.bg (Postfix) with ESMTPSA id 0683E3C07C8; Mon, 24 Jul 2023 13:18:42 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ssi.bg; s=ink; t=1690193923; bh=SCZRWOzob6VC4Fc+IynUeDO44QbYqOB9xWyQgHRmE+I=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=uwX3347G3JprqfWir/U5Crg1yILWVwb6y5At63Rrxk+aPRWoZh9yD8vhRyJM29fsM NJbo8iZ6XQBPzYWSjE346G+TsuMEwpwUvGh5+zBsCOpDXFV1zkYdpxZuMNsKfgiXbi U+ZC1TYD17XKBhEGxSzgh2DhtQKQTNzx5Qg0rXyo= Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by ja.ssi.bg (8.17.1/8.17.1) with ESMTP id 36OAIcAO063160; Mon, 24 Jul 2023 13:18:40 +0300 Date: Mon, 24 Jul 2023 13:18:38 +0300 (EEST) From: Julian Anastasov To: Dust Li cc: "David S. Miller" , David Ahern , Simon Horman , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Jiejian Wu , netdev@vger.kernel.org, lvs-devel@vger.kernel.org, linux-kernel@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org Subject: Re: [PATCH v3 net-next] ipvs: make ip_vs_svc_table and ip_vs_svc_fwm_table per netns In-Reply-To: <20230724074028.17964-1-dust.li@linux.alibaba.com> Message-ID: References: <20230724074028.17964-1-dust.li@linux.alibaba.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, On Mon, 24 Jul 2023, Dust Li wrote: > From: Jiejian Wu > > Current ipvs uses one global mutex "__ip_vs_mutex" to keep the global > "ip_vs_svc_table" and "ip_vs_svc_fwm_table" safe. But when there are > tens of thousands of services from different netns in the table, it > takes a long time to look up the table, for example, using "ipvsadm > -ln" from different netns simultaneously. > > We make "ip_vs_svc_table" and "ip_vs_svc_fwm_table" per netns, and we > add "service_mutex" per netns to keep these two tables safe instead of > the global "__ip_vs_mutex" in current version. To this end, looking up > services from different netns simultaneously will not get stuck, > shortening the time consumption in large-scale deployment. It can be > reproduced using the simple scripts below. > > init.sh: #!/bin/bash > for((i=1;i<=4;i++));do > ip netns add ns$i > ip netns exec ns$i ip link set dev lo up > ip netns exec ns$i sh add-services.sh > done > > add-services.sh: #!/bin/bash > for((i=0;i<30000;i++)); do > ipvsadm -A -t 10.10.10.10:$((80+$i)) -s rr > done > > runtest.sh: #!/bin/bash > for((i=1;i<4;i++));do > ip netns exec ns$i ipvsadm -ln > /dev/null & > done > ip netns exec ns4 ipvsadm -ln > /dev/null > > Run "sh init.sh" to initiate the network environment. Then run "time > ./runtest.sh" to evaluate the time consumption. Our testbed is a 4-core > Intel Xeon ECS. The result of the original version is around 8 seconds, > while the result of the modified version is only 0.8 seconds. > > Signed-off-by: Jiejian Wu > Co-developed-by: Dust Li > Signed-off-by: Dust Li Looks good to me, thanks! I'm taking this patch and will repost it together with other related patches. > --- > v3: > * fix complains of checkpatch > v2: > * remove global __ip_vs_mutex in ip_vs_est.c > * remove ip_vs_ prefix for svc_table and svc_fwm_table > * remove redundant "svc->ipvs == ipvs" checks > --- Regards -- Julian Anastasov