Avoid looking up a source security group twice when creating new rules
Bug #1580621 reported by
Matt Riedemann
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Fix Released
|
Low
|
Sean Dague |
Bug Description
When passing a source group_id for creating a new security group rule, the code is looking up that group twice, once here:
->
And then once again before creating the rule:
We should just look that up once at the beginning and reuse it so we don't have to hit the nova db (nova-net) or neutron twice for the same thing.
This is a low severity performance optimization.
Changed in nova: | |
assignee: | nobody → Liyingjun (liyingjun) |
Changed in nova: | |
assignee: | Liyingjun (liyingjun) → Maciej Szankin (mszankin) |
Changed in nova: | |
assignee: | Maciej Szankin (mszankin) → Liyingjun (liyingjun) |
Changed in nova: | |
assignee: | Liyingjun (liyingjun) → Stephen Finucane (stephenfinucane) |
Changed in nova: | |
assignee: | Stephen Finucane (stephenfinucane) → Sean Dague (sdague) |
To post a comment you must log in.
Another thing, we get the source group again here when formatting the security group rules:
https:/ /github. com/openstack/ nova/blob/ f8a01ccdffc1340 3df77148867ef38 21100b5edb/ nova/api/ openstack/ compute/ security_ groups. py#L71
But if we had the group_id already, then we have group_rule_data in that code and it has what we need, so that should change to either:
if group_rule_data: 'ip_range' ] = {'cidr': rule['cidr']}
sg_rule['group'] = group_rule_data
elif rule['group_id']:
...
else
sg_rule[
Or:
if rule['group_id'] and not group_rule_data:
...
elif group_rule_data:
...
else:
...