From 804083b6ba811834c0bf9d5e2edcdf0130d7d1ce Mon Sep 17 00:00:00 2001 From: Soren Hansen Date: Tue, 22 Mar 2011 14:50:53 +0100 Subject: IptablesManager.semaphore is no more. --- nova/network/linux_net.py | 37 ++++++++++++++++--------------------- 1 file changed, 16 insertions(+), 21 deletions(-) diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py index 8cbf8db24..9faa7de07 100644 --- a/nova/network/linux_net.py +++ b/nova/network/linux_net.py @@ -277,28 +277,23 @@ class IptablesManager(object): This will blow away any rules left over from previous runs of the same component of Nova, and replace them with our current set of rules. This happens atomically, thanks to iptables-restore. - - We wrap the call in a semaphore lock, so that we don't race with - ourselves. In the event of a race with another component running - an iptables-* command at the same time, we retry up to 5 times. """ - with self.semaphore: - s = [('iptables', self.ipv4)] - if FLAGS.use_ipv6: - s += [('ip6tables', self.ipv6)] - - for cmd, tables in s: - for table in tables: - current_table, _ = self.execute('sudo', - '%s-save' % (cmd,), - '-t', '%s' % (table,), - attempts=5) - current_lines = current_table.split('\n') - new_filter = self._modify_rules(current_lines, - tables[table]) - self.execute('sudo', '%s-restore' % (cmd,), - process_input='\n'.join(new_filter), - attempts=5) + s = [('iptables', self.ipv4)] + if FLAGS.use_ipv6: + s += [('ip6tables', self.ipv6)] + + for cmd, tables in s: + for table in tables: + current_table, _ = self.execute('sudo', + '%s-save' % (cmd,), + '-t', '%s' % (table,), + attempts=5) + current_lines = current_table.split('\n') + new_filter = self._modify_rules(current_lines, + tables[table]) + self.execute('sudo', '%s-restore' % (cmd,), + process_input='\n'.join(new_filter), + attempts=5) def _modify_rules(self, current_lines, table, binary=None): unwrapped_chains = table.unwrapped_chains -- cgit