kuryr-libnetwork

Optimize add security group rules for exposed ports

Bug #1627922 reported by Dongcan Ye
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kuryr-libnetwork
Fix Released
Medium
Dongcan Ye

Bug Description

If user wants to expose ranges of ports for a container, like ports from 1000 to 5000. Using docker client command:
$ docker run --net=my_kuryr_net --expose=1000-5000/udp -it ubuntu:14.04

In currently implementation, we should call Neutron client 4000 times to create Neutron security group rules.

Maybe there is a method to optimize this, and passing port-range-min and port-range-max values to Neutron client.

See original description
Dongcan Ye (hellochosen)
Changed in kuryr-libnetwork:
assignee: nobody → Dongcan Ye (hellochosen)
Antoni Segura Puimedon (celebdor)
Changed in kuryr-libnetwork:
importance: Undecided → Medium
Dongcan Ye (hellochosen)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kuryr-libnetwork (master)

Fix proposed to branch: master
Review: https://review.openstack.org/378485

Changed in kuryr-libnetwork:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kuryr-libnetwork (master)

Reviewed: https://review.openstack.org/378485
Committed: https://git.openstack.org/cgit/openstack/kuryr-libnetwork/commit/?id=75f15770bc22ae6b55bb1d35437b5c9f8b964b67
Submitter: Jenkins
Branch: master

commit 75f15770bc22ae6b55bb1d35437b5c9f8b964b67
Author: Dongcan Ye <email address hidden>
Date: Wed Sep 28 17:41:44 2016 +0800

    Optimize add security group rules for exposed ports

    If user wants to expose ranges of ports for a container,
    like ports from 1000 to 1100. Using docker client command:
    $ docker run --net=my_kuryr_net --expose=1000-1100/udp -it ubuntu:14.04

    In currently implementation, we should call Neutron client 100 times
    to create Neutron security group rules.

    This patch obtains min_port and max_port from libnetwork request,
    then pass to Neutron client port-range-min and port-range-max in
    security-group-rule-create.

    Change-Id: I3a2baa71f94834bdf3679bb05c40f9f2ae06eca8
    Closes-Bug: #1627922

Changed in kuryr-libnetwork:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.