During a lot of port deletions, the OVS agent will
build up a lot of remote security group member updates
for a single device. Once the call to delete all
of the removed remote IP conntrack state gets issued,
there will be many duplicated entries for the same
device in the devices_with_updated_sg_members dicionary
of lists.
This results in many duplicated calls to remove conntrack
entries that are just a waste of time. The longer it takes
to remove conntrack entries, the more of these duplicates
build up for other pending changes, to the point where there
can be hundreds of duplicate calls for a single device.
This just adjusts the conntrack manager clearing logic to
make sure it de-duplicates all of its delete commands before
it issues them.
In a local test on a single host I have 11 threads create
11 ports each, plug them into OVS, and then delete them.
Here are the number of conntrack delete calls issued:
Before this patch - ~232000
With this patch - ~5200
While the remaining number still seems high, the agent is now
fast enough to keep up with all of the deletes.
Closes-Bug: #1513765
Change-Id: Icba88ab47ee17bf5d6ccdfc0f78bec911987ca90