Neutron security_group_rules_for_devices RPC rewrite

Reading time ~1 minute

We found during scalability tests, that the security_group_rules_for_devices RPC, which is transmitted from neutron-server to the neutron L2 agents during port changes, grew exponentially.

So we filled a spec for juno-3, the effort leaded by shihanzhang and me can be tracked here:


I have written a test and a little -dirty- benchmark ( line 418) to check the results and make sure the new RPC actually performs better.

Here are the results:

Message size (Y) vs. number of ports (X) graph:

RPC execution time in seconds (Y) vs. number of ports (X):

OVN Distributed East/West and L3HA routing on VLAN

HA and Distributed are beautiful words, but complex ones. Within few seconds MAC addresses flap in the switch. It is for a good cause, bu...… Continue reading

Cirros Image mirror

Published on January 11, 2018