Delete security group bindings on port delete

Delete the security group bindings from neutron DB and the backend during port deletion. Change-Id: I69be01ad6c1fce6f732de4af2cfe11a77c1db7db
2015-08-21 00:57:19 -07:00 · 2015-08-21 00:57:19 -07:00 · b9d5962987
parent 4bf8308494
commit b9d5962987
1 changed files with 9 additions and 0 deletions
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@ -475,6 +475,10 @@ class NsxV3Plugin(db_base_plugin_v2.NeutronDbPluginV2,
            if sgids is not None:
                self._process_port_create_security_group(
                    context, neutron_db, sgids)
+                #FIXME(abhiraut): Security group should not be processed for
+                #                 a port belonging to an external network.
+                #                 Below call will fail since there is no lport
+                #                 in the backend.
                security.update_lport_with_security_groups(
                    context, lport['id'], [], sgids)
        return neutron_db
@ -508,6 +512,11 @@ class NsxV3Plugin(db_base_plugin_v2.NeutronDbPluginV2,
        if not self._network_is_external(context, port['network_id']):
            _net_id, nsx_port_id = nsx_db.get_nsx_switch_and_port_id(
                context.session, port_id)
+            # Update port to remove security group bindings from the
+            # backend and change it's admin state to DOWN
+            updated_port = {'port': {ext_sg.SECURITYGROUPS: [],
+                                     'admin_state_up': False}}
+            self.update_port(context, port_id, updated_port)
            nsxlib.delete_logical_port(nsx_port_id)
        self.disassociate_floatingips(context, port_id)
        ret_val = super(NsxV3Plugin, self).delete_port(context, port_id)