Avoid looking up a source security group twice when creating new rules

Bug #1580621 reported by Matt Riedemann on 2016-05-11
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Low
Sean Dague

Bug Description

When passing a source group_id for creating a new security group rule, the code is looking up that group twice, once here:

https://github.com/openstack/nova/blob/f8a01ccdffc13403df77148867ef3821100b5edb/nova/api/openstack/compute/security_groups.py#L246

->

https://github.com/openstack/nova/blob/f8a01ccdffc13403df77148867ef3821100b5edb/nova/api/openstack/compute/security_groups.py#L299

And then once again before creating the rule:

https://github.com/openstack/nova/blob/f8a01ccdffc13403df77148867ef3821100b5edb/nova/api/openstack/compute/security_groups.py#L272

We should just look that up once at the beginning and reuse it so we don't have to hit the nova db (nova-net) or neutron twice for the same thing.

This is a low severity performance optimization.

Liyingjun (liyingjun) on 2016-05-11
Changed in nova:
assignee: nobody → Liyingjun (liyingjun)
Matt Riedemann (mriedem) wrote :

Another thing, we get the source group again here when formatting the security group rules:

https://github.com/openstack/nova/blob/f8a01ccdffc13403df77148867ef3821100b5edb/nova/api/openstack/compute/security_groups.py#L71

But if we had the group_id already, then we have group_rule_data in that code and it has what we need, so that should change to either:

if group_rule_data:
  sg_rule['group'] = group_rule_data
elif rule['group_id']:
  ...
else
  sg_rule['ip_range'] = {'cidr': rule['cidr']}

Or:

if rule['group_id'] and not group_rule_data:
  ...
elif group_rule_data:
  ...
else:
  ...

Fix proposed to branch: master
Review: https://review.openstack.org/315311

Changed in nova:
status: Triaged → In Progress
Changed in nova:
assignee: Liyingjun (liyingjun) → Maciej Szankin (mszankin)
Changed in nova:
assignee: Maciej Szankin (mszankin) → Liyingjun (liyingjun)
Changed in nova:
assignee: Liyingjun (liyingjun) → Stephen Finucane (stephenfinucane)
Changed in nova:
assignee: Stephen Finucane (stephenfinucane) → Sean Dague (sdague)

Reviewed: https://review.openstack.org/315311
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=f726163977367251b7466a3fbf351f5e128004b3
Submitter: Jenkins
Branch: master

commit f726163977367251b7466a3fbf351f5e128004b3
Author: liyingjun <email address hidden>
Date: Wed Apr 20 22:09:30 2016 +0800

    Optimize creating security_group

    When passing a source group_id for creating a new security group rule,
    the code is looking up that group twice. We should just look that up
    once at the beginning and reuse it so we don't have to hit the nova db
    or neutron twice for the same thing.

    Change-Id: I3ea4586d11b14da5f6d93e8d20f05171e7e6f0e8
    Closes-bug: #1580621

Changed in nova:
status: In Progress → Fix Released

This issue was fixed in the openstack/nova 16.0.0.0b2 development milestone.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers