From 1c2a822cc66d99bb7b0766b344c047ded3a95d61 Mon Sep 17 00:00:00 2001 From: Jaroslav Pulchart Date: Thu, 25 Oct 2012 19:14:55 +0200 Subject: [PATCH 9/9] Do not run RPC call for simple db look at fixed_ip set. --- nova/virt/firewall.py | 23 ++++++++--------------- 1 file changed, 8 insertions(+), 15 deletions(-) diff --git a/nova/virt/firewall.py b/nova/virt/firewall.py index f0f1594..d056a1f 100644 --- a/nova/virt/firewall.py +++ b/nova/virt/firewall.py @@ -322,28 +322,21 @@ class IptablesFirewallDriver(FirewallDriver): fw_rules += [' '.join(args)] else: if rule['grantee_group']: - # FIXME(jkoelker) This needs to be ported up into - # the compute manager which already - # has access to a nw_api handle, - # and should be the only one making - # making rpc calls. - import nova.network - nw_api = nova.network.API() for instance in rule['grantee_group']['instances']: - LOG.info('instance: %r', instance) - nw_info = nw_api.get_instance_nw_info(ctxt, - instance) - ips = [ip['address'] - for ip in nw_info.fixed_ips() - if ip['version'] == version] + try: + ips = [ip['address'] + for ip in db.fixed_ip_get_by_instance(ctxt, instance['id'])] + except: + ips = [] - LOG.info('ips: %r', ips) + LOG.debug('ips: %r', ips) for ip in ips: subrule = args + ['-s %s' % ip] fw_rules += [' '.join(subrule)] - LOG.info('Using fw_rules: %r', fw_rules) + LOG.info('Using fw_rules for instance: %s' % instance['id']) + LOG.debug('%r', fw_rules) ipv4_rules += ['-j $sg-fallback'] ipv6_rules += ['-j $sg-fallback'] -- 1.7.11.7