yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1858993] [NEW] Too many security group policies

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: 王义军 <1858993@xxxxxxxxxxxxxxxxxx>
Date: Thu, 09 Jan 2020 08:33:10 -0000
Reply-to: Bug 1858993 <1858993@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

The problem we encountered in production was that when using the
security group policy for east-west isolation, the current mechanism
would create a bridge for each virtual machine, and issue the same
policy for the virtual machine under the same segment. Increasing the
number of virtual machines will waste more resource and affect system
performance. So what is the original intention to achieve the purpose?
whether we should bound the virtual machine under the same segment on
the same node to a same bridge, Instead of creating a new bridge for
each one

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1858993

Title:
  Too many security group policies

Status in neutron:
  New

Bug description:
  The problem we encountered in production was that when using the
  security group policy for east-west isolation, the current mechanism
  would create a bridge for each virtual machine, and issue the same
  policy for the virtual machine under the same segment. Increasing the
  number of virtual machines will waste more resource and affect system
  performance. So what is the original intention to achieve the purpose?
  whether we should bound the virtual machine under the same segment on
  the same node to a same bridge, Instead of creating a new bridge for
  each one

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1858993/+subscriptions

Follow ups

[Bug 1858993] Re: Too many security group policies
From: Hongbin Lu, 2020-01-10