Mirantis OpenStack

  1. Series 6.0.x
  2. Bug #1399168
  3. Comment #5

Comment 5 for bug 1399168

Revision history for this message
Alexander Ignatov (aignatov) wrote :

Also I've performed the following check using WARNING logs in python at the beginning and ending of function which modifies security group rules using "START MODIFY RULES" and "END MODIFY RULES" labels:

After patch:

There was booted 96 VMs and 460 rules per VM

Adding +1 VM
2014-12-05 22:51:46.616 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] START MODIFY RULES
2014-12-05 22:51:57.647 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] END MODIFY RULES

Result: 11 sec

Adding +1 VM
2014-12-05 22:55:35.525 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] START MODIFY RULES
2014-12-05 22:55:46.934 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] END MODIFY RULES
Result: 11 sec

After deleting 4VMs
2014-12-05 23:01:21.946 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] START MODIFY RULES
2014-12-05 23:01:33.097 22962 WARNING neutron.agent.linux.iptables_manager [req-3029b20d-abef-4528-92ec-ba00d40afdb3 None] END MODIFY RULES
Result: 11 sec

Before patch

There was booted 96 VMs and 460 rules per VM

2014-12-05 23:28:30.195 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] START MODIFY RULES
2014-12-05 23:38:38.574 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] END MODIFY RULES
Result: 10 mins

Booted 1 VM and
2014-12-05 23:47:12.682 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] START MODIFY RULES
2014-12-05 23:57:13.310 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] END MODIFY RULES

Result: operation of modifying iptables took 10 min and VM moved into Error state

Deleting of 20 VMs
2014-12-06 00:00:18.216 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] START MODIFY RULES
2014-12-06 00:10:04.423 30024 WARNING neutron.agent.linux.iptables_manager [req-b6968b33-ada2-4b51-a6ef-03527bc25415 None] END MODIFY RULES

Result: operation of modifying iptables took 10 min