[systemd-devel] Why systemd-nspawn is slower than docker, podman and qemu?! how to Improve nspawn performance?
Badr Elmers
badrelmers at gmail.com
Thu Jan 28 13:47:13 UTC 2021
Problem solved, as Mantas Mikulėnas said I had to use export
SYSTEMD_SECCOMP=0, because nspawn will still be processing syscalls
when I whitelist them with --system-call-filter. and I was using
systemd v241 of debian buster but SYSTEMD_SECCOMP was added in systemd
v247 (so it had no effect when I first test it) .
now nspawn is as quick as the baremetal host, perf and even the
context switch benchmark improved and now it is as the baremetal.
This is what I used (need systemd v247):
export SYSTEMD_SECCOMP=0
systemd-nspawn --capability=all --private-users=false -D ./bbusterboot --boot
Thank you very much for your help.
badr
On Mon, Jan 25, 2021 at 3:06 PM Greg KH <gregkh at linuxfoundation.org> wrote:
>
> On Mon, Jan 25, 2021 at 11:56:09AM +0100, Badr Elmers wrote:
> > Hi,
> > Why nspawn is slow compared to docker podman and even qemu?!
> > CPU tasks take twice of the time it takes in docker, podman or qemu
> >
> > here I filled a request to improve nspawn performance which contain the
> > steps and the full test result:
> > https://github.com/systemd/systemd/issues/18370
> >
> > Do you know why systemd-nspawn is slower? how can I improve it?
>
> As I pointed out in the above "issue", the benchmark isn't measuring
> what anyone thinks it is measuring and should not be treated as a
> reliable indication of anything.
>
> thanks,
>
> greg k-h
More information about the systemd-devel
mailing list