This has a side affect of breaking security group linking via source groups.
Example:
Secgroup "Server" has rule
+-------------+-----------+---------+----------+---------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+---------------+
| tcp | 8140 | 8140 | | client |
+-------------+-----------+---------+----------+---------------+
Instance A is running and is associated with the "Server" secgroup
Now if a create a new instance with the "client" security group it should add a rule to instance A to all the new instance to talk to it.
This no longer gets added as it uses the cached version.
Restarting nova-compute will fix this and the rule will be applied.
This has a side affect of breaking security group linking via source groups.
Example:
Secgroup "Server" has rule
+------ ------- +------ -----+- ------- -+----- -----+- ------- ------- + ------- +------ -----+- ------- -+----- -----+- ------- ------- + ------- +------ -----+- ------- -+----- -----+- ------- ------- +
| IP Protocol | From Port | To Port | IP Range | Source Group |
+------
| tcp | 8140 | 8140 | | client |
+------
Instance A is running and is associated with the "Server" secgroup
Now if a create a new instance with the "client" security group it should add a rule to instance A to all the new instance to talk to it.
This no longer gets added as it uses the cached version.
Restarting nova-compute will fix this and the rule will be applied.