Comment 25 for bug 1513765

Reviewed: https://review.openstack.org/293286
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=e4f590dc45424ddaaec0a23841156ea9d1a8bbb9
Submitter: Jenkins
Branch: stable/liberty

commit e4f590dc45424ddaaec0a23841156ea9d1a8bbb9
Author: Kevin Benton <email address hidden>
Date: Mon Mar 14 13:19:54 2016 -0700

    De-dup conntrack deletions before running them

    During a lot of port deletions, the OVS agent will
    build up a lot of remote security group member updates
    for a single device. Once the call to delete all
    of the removed remote IP conntrack state gets issued,
    there will be many duplicated entries for the same
    device in the devices_with_updated_sg_members dicionary
    of lists.

    This results in many duplicated calls to remove conntrack
    entries that are just a waste of time. The longer it takes
    to remove conntrack entries, the more of these duplicates
    build up for other pending changes, to the point where there
    can be hundreds of duplicate calls for a single device.

    This just adjusts the conntrack manager clearing logic to
    make sure it de-duplicates all of its delete commands before
    it issues them.

    In a local test on a single host I have 11 threads create
    11 ports each, plug them into OVS, and then delete them.
    Here are the number of conntrack delete calls issued:

    Before this patch - ~232000
    With this patch - ~5200

    While the remaining number still seems high, the agent is now
    fast enough to keep up with all of the deletes.

    Closes-Bug: #1513765
    Depends-On: I4041478ca09bd124827782774b8520908ef07be0
    Change-Id: Icba88ab47ee17bf5d6ccdfc0f78bec911987ca90
    (cherry picked from commit d7aeb8dd4b1d122e17eef8687192cd122b79fd6e)