adding rules to security groups is slow
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Doug Wiegley |
Bug Description
Sometime between liberty and pike, adding rules to SG's got slow, and slower with every rule added.
Gerrit review with fixes is incoming.
You can repro with a vanilla devstack install on master, and this script:
#!/bin/bash
OPENSTACK_
export OPENSTACK_TOKEN
CCN1=10.210.162.2
CCN3=10.210.162.10
export ENDPOINT=localhost
make_rules() {
iter=$1
prefix=$2
file="$3"
echo "generating rules"
cat >$file <<EOF
{"security_
EOF
comma=","
i=0
while [ $i -lt $iter ]; do
j=0
while [ $j -lt 10 ]; do
if [ $i -eq $(($iter-1)) -a $j -eq 9 ]; then
comma=""
fi
cat >>$file <<EOF
{"direction"
,"remote_
EOF
j=$((j+1))
done
i=$((i+1))
done
cat >>$file <<EOF
]}
EOF
}
hit_api() {
json="$1"
echo "hitting api"
start=$(perl -e "print time();")
time curl --silent -g -i -X POST http://
t: python-
oken: $OPENSTACK_TOKEN" -d @${json} >/dev/null
end=$(perl -e "print time();")
echo $((end-start))
}
tmp=/tmp/
echo "Doing test with 1000 rules in bulk"
openstack security group delete dw-test-1
uuid=$(openstack security group create dw-test-1 | grep '| id' | awk '{print $4}')
export SG_UUID="$uuid"
make_rules 100 4 $tmp
hit_api $tmp
echo "Doing loop test"
openstack security group delete dw-test-2
uuid=$(openstack security group create dw-test-2 | grep '| id' | awk '{print $4}')
export SG_UUID="$uuid"
elapsed=0
mm=0
while [ $mm -lt 20 ]; do
make_rules 5 $(($mm+1)) $tmp
n=$(hit_api $tmp | tail -1)
elapsed=
mm=$((mm+1))
done
echo "Loop test took $elapsed seconds"
Fix proposed to branch: master /review. openstack. org/628691
Review: https:/