x/vmware-nsx
Code Issues Proposed changes

Merge "Avoid refreshing firewall rules unnecessarily."

Browse Source
This commit is contained in:
Jenkins 2013-07-20 02:29:55 +00:00 committed by Gerrit Code Review
commit ded31acb89
2 changed files with 29 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
neutron/agent/securitygroups_rpc.py
View File

@ -125,13 +125,14 @@ class SecurityGroupAgentRpcMixin(object):
'security_group_source_groups') 'security_group_source_groups')
def _security_group_updated(self, security_groups, attribute): def _security_group_updated(self, security_groups, attribute):
#check need update or not devices = []
sec_grp_set = set(security_groups)
for device in self.firewall.ports.values(): for device in self.firewall.ports.values():
if set(device.get(attribute, if sec_grp_set & set(device.get(attribute, [])):
[])).intersection( devices.append(device)
set(security_groups)):
self.refresh_firewall() if devices:
return self.refresh_firewall(devices)
def security_groups_provider_updated(self): def security_groups_provider_updated(self):
LOG.info(_("Provider rule updated")) LOG.info(_("Provider rule updated"))
@ -148,10 +149,15 @@ class SecurityGroupAgentRpcMixin(object):
continue continue
self.firewall.remove_port_filter(device) self.firewall.remove_port_filter(device)
def refresh_firewall(self): def refresh_firewall(self, devices=None):
LOG.info(_("Refresh firewall rules")) LOG.info(_("Refresh firewall rules"))
device_ids = self.firewall.ports.keys()
if devices:
device_ids = [d['device'] for d in devices]
else:
device_ids = self.firewall.ports.keys()
if not device_ids: if not device_ids:
LOG.info(_("No ports here to refresh firewall"))
return return
devices = self.plugin_rpc.security_group_rules_for_devices( devices = self.plugin_rpc.security_group_rules_for_devices(
self.context, device_ids) self.context, device_ids)

17
neutron/tests/unit/test_security_groups_rpc.py
View File

@ -465,7 +465,7 @@ class SecurityGroupAgentRpcTestCase(base.BaseTestCase):
self.agent.prepare_devices_filter(['fake_port_id']) self.agent.prepare_devices_filter(['fake_port_id'])
self.agent.security_groups_rule_updated(['fake_sgid1', 'fake_sgid3']) self.agent.security_groups_rule_updated(['fake_sgid1', 'fake_sgid3'])
self.agent.refresh_firewall.assert_has_calls( self.agent.refresh_firewall.assert_has_calls(
[call.refresh_firewall()]) [call.refresh_firewall([self.fake_device])])
def test_security_groups_rule_not_updated(self): def test_security_groups_rule_not_updated(self):
self.agent.refresh_firewall = mock.Mock() self.agent.refresh_firewall = mock.Mock()
@ -478,7 +478,7 @@ class SecurityGroupAgentRpcTestCase(base.BaseTestCase):
self.agent.prepare_devices_filter(['fake_port_id']) self.agent.prepare_devices_filter(['fake_port_id'])
self.agent.security_groups_member_updated(['fake_sgid2', 'fake_sgid3']) self.agent.security_groups_member_updated(['fake_sgid2', 'fake_sgid3'])
self.agent.refresh_firewall.assert_has_calls( self.agent.refresh_firewall.assert_has_calls(
[call.refresh_firewall()]) [call.refresh_firewall([self.fake_device])])
def test_security_groups_member_not_updated(self): def test_security_groups_member_not_updated(self):
self.agent.refresh_firewall = mock.Mock() self.agent.refresh_firewall = mock.Mock()
@ -501,6 +501,19 @@ class SecurityGroupAgentRpcTestCase(base.BaseTestCase):
call.update_port_filter(self.fake_device)] call.update_port_filter(self.fake_device)]
self.firewall.assert_has_calls(calls) self.firewall.assert_has_calls(calls)
def test_refresh_firewall_devices(self):
self.agent.prepare_devices_filter(['fake_port_id'])
self.agent.refresh_firewall([self.fake_device])
calls = [call.defer_apply(),
call.prepare_port_filter(self.fake_device),
call.defer_apply(),
call.update_port_filter(self.fake_device)]
self.firewall.assert_has_calls(calls)
def test_refresh_firewall_none(self):
self.agent.refresh_firewall([])
self.firewall.assert_has_calls([])
class FakeSGRpcApi(agent_rpc.PluginApi, class FakeSGRpcApi(agent_rpc.PluginApi,
sg_rpc.SecurityGroupServerRpcApiMixin): sg_rpc.SecurityGroupServerRpcApiMixin):