From da9fcd8ab9e48226b18d42180ae0089c2abbcab5 Mon Sep 17 00:00:00 2001 From: Kevin Benton Date: Mon, 5 Oct 2015 07:57:54 -0700 Subject: [PATCH] Only lock in set_members on mutating operations ipset was locking on every set_members call with an external filesystem lock. This was expensive when lots of ports that were a part of the same security group were on the same agent. This patch adjusts it to check if it needs to make a change before acquiring the semaphore. Closes-Bug: #1502930 Change-Id: I2553ab74b7d0fbada5d573246194f83d58bd7d56 --- neutron/agent/linux/ipset_manager.py | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/neutron/agent/linux/ipset_manager.py b/neutron/agent/linux/ipset_manager.py index ebcc72dc1..78445cb7f 100644 --- a/neutron/agent/linux/ipset_manager.py +++ b/neutron/agent/linux/ipset_manager.py @@ -70,7 +70,6 @@ class IpsetManager(object): set_name = self.get_name(id, ethertype) return set_name in self.ipset_sets - @utils.synchronized('ipset', external=True) def set_members(self, id, ethertype, member_ips): """Create or update a specific set by name and ethertype. It will make sure that a set is created, updated to @@ -78,6 +77,16 @@ class IpsetManager(object): that's faster. """ member_ips = self._sanitize_addresses(member_ips) + set_name = self.get_name(id, ethertype) + add_ips = self._get_new_set_ips(set_name, member_ips) + del_ips = self._get_deleted_set_ips(set_name, member_ips) + if not add_ips and not del_ips and self.set_exists(id, ethertype): + # nothing to do because no membership changes and the ipset exists + return + self.set_members_mutate(id, ethertype, member_ips) + + @utils.synchronized('ipset', external=True) + def set_members_mutate(self, id, ethertype, member_ips): set_name = self.get_name(id, ethertype) if not self.set_exists(id, ethertype): # The initial creation is handled with create/refresh to -- 2.45.2