[PATCH] net: limit a number of namespaces which can be cleaned up concurrently
David Miller
davem at davemloft.net
Fri Oct 14 14:09:13 UTC 2016
From: ebiederm at xmission.com (Eric W. Biederman)
Date: Thu, 13 Oct 2016 22:06:28 -0500
> Oh that is a surprise. We can definitely skip genenerating uevents for
> network namespaces that are exiting because by definition no one can see
> those network namespaces. If a socket existed that could see those
> uevents it would hold a reference to the network namespace and as such
> the network namespace could not exit.
>
> That sounds like it is worth investigating a little more deeply.
>
> I am surprised that allocation and freeing is so heavy we are spending
> lots of time doing that. On the other hand kobj_bcast_filter is very
> dumb and very late so I expect something can be moved earlier and make
> that code cheaper with the tiniest bit of work.
I definitely would rather see the uevents removed to kill ~%99 of the
namespace removal overhead rather than limiting.
More information about the Containers
mailing list