From b309c760aad8458ec1d279d98f4b5c2c53a086f4 Mon Sep 17 00:00:00 2001
From: asarfaty <asarfaty@vmware.com>
Date: Mon, 8 Mar 2021 13:03:08 +0200
Subject: [PATCH] NSX|P: Fix devstack cleanup for fwaas

Change-Id: Ibe21d84729785294611199a6fe900b86e8896391
---
 devstack/tools/nsxp_cleanup.py                     | 14 +++++++++++---
 .../services/fwaas/nsx_p/fwaas_callbacks_v2.py     |  3 +++
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/devstack/tools/nsxp_cleanup.py b/devstack/tools/nsxp_cleanup.py
index 679c2de88d..0be245ac5f 100755
--- a/devstack/tools/nsxp_cleanup.py
+++ b/devstack/tools/nsxp_cleanup.py
@@ -517,14 +517,22 @@ class NSXClient(object):
                 tags_to_search,
                 self.nsxpolicy.group.entry_def.resource_type())['results']
             for group in groups:
-                self.nsxpolicy.group.delete(policy_constants.DEFAULT_DOMAIN,
-                                            group['id'])
+                try:
+                    self.nsxpolicy.group.delete(
+                        policy_constants.DEFAULT_DOMAIN, group['id'])
+                except exceptions.ResourceInUse:
+                    # This may happen if the rule is used in multiple gateways
+                    pass
 
             services = self.nsxpolicy.search_by_tags(
                 tags_to_search,
                 self.nsxpolicy.service.parent_entry_def.resource_type())
             for srv in services['results']:
-                self.nsxpolicy.service.delete(srv['id'])
+                try:
+                    self.nsxpolicy.service.delete(srv['id'])
+                except exceptions.ResourceInUse:
+                    # This may happen if the rule is used in multiple gateways
+                    pass
 
     def get_os_qos_policies(self):
         policies = self.get_os_resources(self.nsxpolicy.qos_profile.list())
diff --git a/vmware_nsx/services/fwaas/nsx_p/fwaas_callbacks_v2.py b/vmware_nsx/services/fwaas/nsx_p/fwaas_callbacks_v2.py
index 9059a19c2d..0984aa2c25 100644
--- a/vmware_nsx/services/fwaas/nsx_p/fwaas_callbacks_v2.py
+++ b/vmware_nsx/services/fwaas/nsx_p/fwaas_callbacks_v2.py
@@ -452,6 +452,9 @@ class NsxpFwaasCallbacksV2(com_callbacks.NsxCommonv3FwaasCallbacksV2):
         self.cleanup_router_fw_resources(router_id)
 
     def cleanup_router_fw_resources(self, router_id):
+        # TODO(asarfaty): In case multiple routers are using the same rule,
+        # the group and service will hold on one of the router ids. so this
+        # delete may fail or not get called.
         tags_to_search = [{'scope': ROUTER_FW_TAG, 'tag': router_id}]
         # Delete per rule & per network groups
         groups = self.nsxpolicy.search_by_tags(