Ask Your Question

nova api calls slow for non-admin users

asked 2019-07-11 06:06:07 -0500

zara-zaimeche gravatar image

updated 2019-07-17 10:44:24 -0500

Hi! I'm looking at a Newton deployment where commands like nova list (or openstack server list) and nova show are slow-- but only for users without the 'admin' role. If they have only the member role, the calls are slow. The timings for token generation seem fine; the slow part is GET servers/detail. It seems like the speed of the api calls depends on which projects the user is in. The policy settings seem to be the default (ie: there's no custom policy.json). Has anyone seen something similar before, or does anyone know where to start looking for clues?


The slow calls are the calls via the neutronclient, to ports.json . For the member user, these take approx 10s apiece. For the admin user, these take approx 200 ms apiece.


Turns out openstack port list is also slow on its own. So slowness is likely in neutron, not nova itself. And again, only slow for non-admin users.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2019-08-16 11:27:10 -0500

zara-zaimeche gravatar image

updated 2019-08-16 11:28:50 -0500

We found it. Turned out it was an issue with the neutron policy.json; the system was missing this commit:

"Postpone heavy policy check for ports to later"

de167d355d5ba314ab5732b4812251b86df00151 (

As a result, it was doing the more costly checks before the quicker ones. We applied the change and things sped up again.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2019-07-11 06:06:07 -0500

Seen: 171 times

Last updated: Aug 16 '19