From 01e7e598d0eb4aab9c3e7f69926a2875cdf22136 Mon Sep 17 00:00:00 2001 From: Soren Hansen Date: Tue, 22 Mar 2011 14:39:35 +0100 Subject: Get rid of IptablesManager's explicit semaphore. --- nova/network/linux_net.py | 4 ---- nova/virt/libvirt_conn.py | 11 ++++------- 2 files changed, 4 insertions(+), 11 deletions(-) diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py index 9bb1685c0..8cbf8db24 100644 --- a/nova/network/linux_net.py +++ b/nova/network/linux_net.py @@ -21,8 +21,6 @@ import inspect import os import calendar -from eventlet import semaphore - from nova import db from nova import exception from nova import flags @@ -272,8 +270,6 @@ class IptablesManager(object): self.ipv4['nat'].add_chain('floating-snat') self.ipv4['nat'].add_rule('snat', '-j $floating-snat') - self.semaphore = semaphore.Semaphore() - @utils.synchronized('iptables', external=True) def apply(self): """Apply the current in-memory set of iptables rules diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py index ca8d81f5f..902866167 100644 --- a/nova/virt/libvirt_conn.py +++ b/nova/virt/libvirt_conn.py @@ -1766,14 +1766,11 @@ class IptablesFirewallDriver(FirewallDriver): def refresh_security_group_members(self, security_group): pass + @utils.synchronized('iptables', external=True) def refresh_security_group_rules(self, security_group): - # We use the semaphore to make sure noone applies the rule set - # after we've yanked the existing rules but before we've put in - # the new ones. - with self.iptables.semaphore: - for instance in self.instances.values(): - self.remove_filters_for_instance(instance) - self.add_filters_for_instance(instance) + for instance in self.instances.values(): + self.remove_filters_for_instance(instance) + self.add_filters_for_instance(instance) self.iptables.apply() def _security_group_chain_name(self, security_group_id): -- cgit