Delete bindings for provider SG only if needed
When provider security groups are removed, the corresponding bindings could have already been removed by _update_port_preprocess_security. This change ensures binding deletion is done only when needed, and avoids failures in case the bindings have already been removed. Change-Id: Iaccf4f3ddb9fef6d8dcb254bc978883b99c947f3
This commit is contained in:
parent
11fafef7cb
commit
5d4b75fc7d
|
@ -337,13 +337,25 @@ class ExtendedSecurityGroupPropertiesMixin(object):
|
||||||
original_port.get(provider_sg.PROVIDER_SECURITYGROUPS, []))
|
original_port.get(provider_sg.PROVIDER_SECURITYGROUPS, []))
|
||||||
|
|
||||||
if provider_sg_changed or sg_changed:
|
if provider_sg_changed or sg_changed:
|
||||||
if not sg_changed:
|
has_security_groups = self._check_update_has_security_groups(port)
|
||||||
|
del_security_groups = self._check_update_deletes_security_groups(
|
||||||
|
port)
|
||||||
|
if not (has_security_groups or del_security_groups):
|
||||||
|
# In this case we need to delete the bindings
|
||||||
query = context.session.query(
|
query = context.session.query(
|
||||||
securitygroups_db.SecurityGroupPortBinding)
|
securitygroups_db.SecurityGroupPortBinding)
|
||||||
for sg in original_port[provider_sg.PROVIDER_SECURITYGROUPS]:
|
for sg in original_port[provider_sg.PROVIDER_SECURITYGROUPS]:
|
||||||
|
# use one_or_none because we don't want to fail if the
|
||||||
|
# binding does not exist
|
||||||
binding = query.filter_by(
|
binding = query.filter_by(
|
||||||
port_id=p['id'], security_group_id=sg).one()
|
port_id=p['id'], security_group_id=sg).one_or_none()
|
||||||
context.session.delete(binding)
|
if binding:
|
||||||
|
context.session.delete(binding)
|
||||||
|
else:
|
||||||
|
LOG.debug("Security group binding for sg %s and "
|
||||||
|
"port %s not found. Skipping",
|
||||||
|
sg, p['id'])
|
||||||
|
|
||||||
self._process_port_create_provider_security_group(
|
self._process_port_create_provider_security_group(
|
||||||
context, updated_port,
|
context, updated_port,
|
||||||
updated_port[provider_sg.PROVIDER_SECURITYGROUPS])
|
updated_port[provider_sg.PROVIDER_SECURITYGROUPS])
|
||||||
|
|
Loading…
Reference in New Issue