← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #79225

[Bug 1836095] [NEW] Improve "OVSFirewallDriver.process_trusted_ports"

  Thread PreviousDate PreviousThread Next 
Public bug reported:

When "OVSFirewallDriver.process_trusted_ports" is called with many
ports, "_initialize_egress_no_port_security" retrieves the VIF ports
("Interface" registers in OVS DB), one per iteration, based in the
port_id. Instead of this procedure, if the DB is called only once to
retrieve all the VIF ports, the performance increase is noticeable.
E.g.: bridge with 1000 ports and interfaces.

port_ids = ['id%s' % i for i in range(1, 1000)]
ts1 = timeutils.utcnow_ts(microsecond=True)
vifs = ovs.get_vifs_by_ids(port_ids)
ts2 = timeutils.utcnow_ts(microsecond=True)
print("Time lapsed: %s" % str(ts2 - ts1))

ts1 = timeutils.utcnow_ts(microsecond=True)
for i in range(1, 1000):
    id = "id%s" % i
    vif = ovs.get_vif_port_by_id(id)
ts2 = timeutils.utcnow_ts(microsecond=True)
print("Time lapsed: %s" % str(ts2 - ts1))


Retrieving 100 ports:
- Bulk operation: 0.08 secs
- Loop operation: 5.6 secs

Retrieving 300 ports:
- Bulk operation: 0.08 secs
- Loop operation: 16.44 secs

Retrieving 300 ports:
- Bulk operation: 0.08 secs
- Loop operation: 59 secs

[1]https://github.com/openstack/neutron/blob/06754907e241af76570f19301093c2abab97e627/neutron/agent/linux/openvswitch_firewall/firewall.py#L667
[2]https://github.com/openstack/neutron/blob/06754907e241af76570f19301093c2abab97e627/neutron/agent/linux/openvswitch_firewall/firewall.py#L747

** Affects: neutron
     Importance: Undecided
     Assignee: Rodolfo Alonso (rodolfo-alonso-hernandez)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Rodolfo Alonso (rodolfo-alonso-hernandez)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1836095

Title:
  Improve "OVSFirewallDriver.process_trusted_ports"

Status in neutron:
  New

Bug description:
  When "OVSFirewallDriver.process_trusted_ports" is called with many
  ports, "_initialize_egress_no_port_security" retrieves the VIF ports
  ("Interface" registers in OVS DB), one per iteration, based in the
  port_id. Instead of this procedure, if the DB is called only once to
  retrieve all the VIF ports, the performance increase is noticeable.
  E.g.: bridge with 1000 ports and interfaces.

  port_ids = ['id%s' % i for i in range(1, 1000)]
  ts1 = timeutils.utcnow_ts(microsecond=True)
  vifs = ovs.get_vifs_by_ids(port_ids)
  ts2 = timeutils.utcnow_ts(microsecond=True)
  print("Time lapsed: %s" % str(ts2 - ts1))

  ts1 = timeutils.utcnow_ts(microsecond=True)
  for i in range(1, 1000):
      id = "id%s" % i
      vif = ovs.get_vif_port_by_id(id)
  ts2 = timeutils.utcnow_ts(microsecond=True)
  print("Time lapsed: %s" % str(ts2 - ts1))

  
  Retrieving 100 ports:
  - Bulk operation: 0.08 secs
  - Loop operation: 5.6 secs

  Retrieving 300 ports:
  - Bulk operation: 0.08 secs
  - Loop operation: 16.44 secs

  Retrieving 300 ports:
  - Bulk operation: 0.08 secs
  - Loop operation: 59 secs

  [1]https://github.com/openstack/neutron/blob/06754907e241af76570f19301093c2abab97e627/neutron/agent/linux/openvswitch_firewall/firewall.py#L667
  [2]https://github.com/openstack/neutron/blob/06754907e241af76570f19301093c2abab97e627/neutron/agent/linux/openvswitch_firewall/firewall.py#L747

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1836095/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next