There's a bit of background about this here:
https://www.redhat.com/archives/augeas-devel/2015-September/msg00001.html
In short, virt-manager is calling the virInterface APIs and that ties
up a libvirt thread (and CPU core) for a very long time on hosts that
have a large number of interfaces. These patches don't cure the
problem (I don't know that there really is a cure other than "Don't DO
that!"), but they do fix a couple of bugs I found while investigating,
and make a substantial improvement in the amount of time used by
virConnectListAllInterfaces().
One thing that I wondered about while investigating this - a big use
of CPU by virConnectListAllInterfaces() comes from the need to
retrieve the MAC address of every interface. The MAC addresses are
both
1) returned to the caller in the interface objects and
2) sent to the policykit ACL checking to decide which interfaces to include in
the list.
I'm 90% confident that
1) most callers don't really care that they're getting the MAC address
along with interface name (virt-manager, for example, follows up with
a virInterfaceGetXMLDesc() anyway)), and
2) there is not even a single host *anywhere* that is using libvirt
policykit ACLs to limit the list of host interfaces viewable by a
client.
So we could add a flag to not return MAC addresses, which would allow
cutting down the time to list all devices to something < 1
second). But this would be at the expense of no longer having the
possibility to limit the list with policykit according to MAC
address. Since all host interface information is available to all
users via the file system, for example, I don't see this as a huge
issue, but it would change behavior, so I don't feel comfortable doing
it. I don't like the idea of a single API call taking > 1 minute to
return either, though. Does anyone have an opinion about this?
Laine Stump (4):
interface: fail on OOM from virGetInterface()
interface: report correct interface count when not returning list
interface: re-use name and mac address rather than re-retrieving
interface: let netcf pre-filter for active vs. inactive
src/interface/interface_backend_netcf.c | 56 +++++++++++++++------------------
1 file changed, 25 insertions(+), 31 deletions(-)
--
2.4.3