Optimize creating security_group
When passing a source group_id for creating a new security group rule, the code is looking up that group twice. We should just look that up once at the beginning and reuse it so we don't have to hit the nova db or neutron twice for the same thing. Change-Id: I3ea4586d11b14da5f6d93e8d20f05171e7e6f0e8 Closes-bug: #1580621
This commit is contained in:
parent
0cd67d23bd
commit
f726163977
|
@ -68,7 +68,9 @@ class SecurityGroupControllerBase(object):
|
|||
sg_rule['to_port'] = rule['to_port']
|
||||
sg_rule['group'] = {}
|
||||
sg_rule['ip_range'] = {}
|
||||
if rule['group_id']:
|
||||
if group_rule_data:
|
||||
sg_rule['group'] = group_rule_data
|
||||
elif rule['group_id']:
|
||||
try:
|
||||
source_group = self.security_group_api.get(
|
||||
context, id=rule['group_id'])
|
||||
|
@ -85,8 +87,6 @@ class SecurityGroupControllerBase(object):
|
|||
return
|
||||
sg_rule['group'] = {'name': source_group.get('name'),
|
||||
'tenant_id': source_group.get('project_id')}
|
||||
elif group_rule_data:
|
||||
sg_rule['group'] = group_rule_data
|
||||
else:
|
||||
sg_rule['ip_range'] = {'cidr': rule['cidr']}
|
||||
return sg_rule
|
||||
|
@ -243,6 +243,8 @@ class SecurityGroupRulesController(SecurityGroupControllerBase,
|
|||
context = _authorize_context(req)
|
||||
|
||||
sg_rule = self._from_body(body, 'security_group_rule')
|
||||
group_id = sg_rule.get('group_id')
|
||||
source_group = {}
|
||||
|
||||
try:
|
||||
parent_group_id = self.security_group_api.validate_id(
|
||||
|
@ -250,12 +252,17 @@ class SecurityGroupRulesController(SecurityGroupControllerBase,
|
|||
security_group = self.security_group_api.get(context, None,
|
||||
parent_group_id,
|
||||
map_exception=True)
|
||||
if group_id is not None:
|
||||
group_id = self.security_group_api.validate_id(group_id)
|
||||
|
||||
source_group = self.security_group_api.get(
|
||||
context, id=group_id)
|
||||
new_rule = self._rule_args_to_dict(context,
|
||||
to_port=sg_rule.get('to_port'),
|
||||
from_port=sg_rule.get('from_port'),
|
||||
ip_protocol=sg_rule.get('ip_protocol'),
|
||||
cidr=sg_rule.get('cidr'),
|
||||
group_id=sg_rule.get('group_id'))
|
||||
group_id=group_id)
|
||||
except (exception.Invalid, exception.InvalidCidr) as exp:
|
||||
raise exc.HTTPBadRequest(explanation=exp.format_message())
|
||||
except exception.SecurityGroupNotFound as exp:
|
||||
|
@ -275,9 +282,7 @@ class SecurityGroupRulesController(SecurityGroupControllerBase,
|
|||
|
||||
group_rule_data = None
|
||||
try:
|
||||
if sg_rule.get('group_id'):
|
||||
source_group = self.security_group_api.get(
|
||||
context, id=sg_rule['group_id'])
|
||||
if group_id:
|
||||
group_rule_data = {'name': source_group.get('name'),
|
||||
'tenant_id': source_group.get('project_id')}
|
||||
|
||||
|
@ -300,10 +305,6 @@ class SecurityGroupRulesController(SecurityGroupControllerBase,
|
|||
ip_protocol=None, cidr=None, group_id=None):
|
||||
|
||||
if group_id is not None:
|
||||
group_id = self.security_group_api.validate_id(group_id)
|
||||
|
||||
# check if groupId exists
|
||||
self.security_group_api.get(context, id=group_id)
|
||||
return self.security_group_api.new_group_ingress_rule(
|
||||
group_id, ip_protocol, from_port, to_port)
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue