I found the time to finishing the applying iptables rules( in neutron/agent/linux/iptables_manager.py _apply_synchronized,_modify_rules) takes nearly more than half an hour( 36 minutes in my environment) when the number of active vms in cloud is more than 980.
This will lead that the time of bringing new created port up when booting an instance will take very long, and if the vif_plugging_is_fatal is true, the vif_plugging_timeout is not big enough, booting will fail.
Although optimization on _modify_rules in patch https://review.openstack.org/#/c/77549/ did help shorten the cost, but still the time is not short enough (it takes 17 minutes when the number of active vms in cloud is more than 980 in my environment).
Further optimazation on _modify_rules need be done to fit the situation of Large-scale deployment.
I found the time to finishing the applying iptables rules( in neutron/ agent/linux/ iptables_ manager. py _apply_ synchronized, _modify_ rules) takes nearly more than half an hour( 36 minutes in my environment) when the number of active vms in cloud is more than 980. is_fatal is true, the vif_plugging_ timeout is not big enough, booting will fail. /review. openstack. org/#/c/ 77549/ did help shorten the cost, but still the time is not short enough (it takes 17 minutes when the number of active vms in cloud is more than 980 in my environment).
This will lead that the time of bringing new created port up when booting an instance will take very long, and if the vif_plugging_
Although optimization on _modify_rules in patch https:/
Further optimazation on _modify_rules need be done to fit the situation of Large-scale deployment.