Currently updates to security group rules or membership
are handled by immediately triggering a call to refresh_firewall.
This call is quite expensive, and it is often executed with a
very high frequency.
With this patch, the notification handler simply adds devices for
which the firewall should be refreshed to a set, which will then
be processed in another routine. The latter is supposed to
be called in the main agent loop.
This patch for 'provider updates' simply sets a flag for refreshing
the firewall for all devices.
In order to avoid breaking other agents leveraging the security
group RPC mixin, the reactive behaviour is still available, and is
still the default way of handling security group updates.
Reviewed: https:/ /review. openstack. org/63100 /git.openstack. org/cgit/ openstack/ neutron/ commit/ ?id=3046c4ae22b 10f9e4fa83a47bf e089554d4a4681
Committed: https:/
Submitter: Jenkins
Branch: master
commit 3046c4ae22b10f9 e4fa83a47bfe089 554d4a4681
Author: Salvatore Orlando <email address hidden>
Date: Thu Dec 19 00:26:38 2013 -0800
Improve handling of security group updates
Currently updates to security group rules or membership
are handled by immediately triggering a call to refresh_firewall.
This call is quite expensive, and it is often executed with a
very high frequency.
With this patch, the notification handler simply adds devices for
which the firewall should be refreshed to a set, which will then
be processed in another routine. The latter is supposed to
be called in the main agent loop.
This patch for 'provider updates' simply sets a flag for refreshing
the firewall for all devices.
In order to avoid breaking other agents leveraging the security
group RPC mixin, the reactive behaviour is still available, and is
still the default way of handling security group updates.
Partial-Bug: #1253993 tempest- parallel
Partially implements blueprint: neutron-
Change-Id: I15745447348655 06ff5383404516c c9349c16ec4