← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1991579] Re: Neutron connects to the OVN db in the prefork

 

Reviewed:  https://review.opendev.org/c/openstack/neutron/+/860275
Committed: https://opendev.org/openstack/neutron/commit/50eee19723b2d762c2b5653e7a2c75e470f44cdf
Submitter: "Zuul (22348)"
Branch:    master

commit 50eee19723b2d762c2b5653e7a2c75e470f44cdf
Author: Jakub Libosvar <libosvar@xxxxxxxxxx>
Date:   Mon Oct 3 19:32:02 2022 +0000

    ovn: Use ovsdb-client to create neutron_pg_drop
    
    Previously we used short living OVN database connection to create
    neutron_pg_drop Port Group before workers were spawned. The
    pre_fork_initialize actually happens after the api workers are spawned
    anyways and it blocks spawning of other workers, such as maintenance,
    rpc or periodic. If the OVN database was large it may take several
    minutes to connect to the database at scale and this blocks spawning of
    other workers. That means connecting to OVN in pre_fork is not a good
    idea.
    
    This patch replaces the mechanism by using ovsdb-client to send a
    transaction without connecting to the database and downloading the whole
    content. The command does following, everything is on the server side:
    
     1) With timeout 0 it waits for neutron_pg_drop Port Group. If the PG is
        present, the transaction finishes and nothing happens.
    
     2) If the PG is not present, it times out immediately and commits new
        entries that effectivelly creates neutron_pg_drop Port Group with
        implicit ACLs to block ingress and egress traffic.
    
    Closes-Bug: #1991579
    Co-Authored-By: Terry Wilson <twilson@xxxxxxxxxx>
    
    Change-Id: I27af495f96a3ea88dd31345dbfb55f1be8faabd6


** Changed in: neutron
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1991579

Title:
  Neutron connects to the OVN db in the prefork

Status in neutron:
  Fix Released

Bug description:
  Connecting to the OVN database may be an expensive operation at scale.
  Doing this in pre-fork of OVN mechanism driver may slow up spawning of
  periodic and maintenance workers, that are essential for hash ring
  functionality. We shouldn't be using the short living connection for
  the DBs, that was a bad idea of mine.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1991579/+subscriptions



References