NSX|V3: Remove Neutron port if failed to add port to security-groups

During create_port, a Neutron port is created before updating the security-groups on the backend, if update fails (e.g - an SecurityGroupMaximumCapacityReached is raised) then we need to delete the Neutron port from the DB. Change-Id: Id07fc4a988b58ca2aec5c372c3c3cb597e8760a8
2016-02-14 08:23:23 -08:00 · 2016-02-14 08:23:23 -08:00 · c2e7627625
commit c2e7627625
parent 8d41bccb9c
1 changed files with 16 additions and 15 deletions
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@ -780,26 +780,27 @@ class NsxV3Plugin(addr_pair_db.AllowedAddressPairsMixin,
                lport = self._create_port_at_the_backend(
                    context, neutron_db, port_data,
                    l2gw_port_check, is_psec_on)
+
+                if sgids:
+                    security.update_lport_with_security_groups(
+                        context, lport['id'], [], sgids)
+
+            except nsx_exc.SecurityGroupMaximumCapacityReached:
+                with excutils.save_and_reraise_exception():
+                    LOG.debug("Couldn't associate port %s with "
+                              "one or more security-groups, reverting "
+                              "reverting logical-port creation (%s).",
+                              port_data['id'], lport['id'])
+                    super(NsxV3Plugin, self).delete_port(context,
+                                                         neutron_db['id'])
+                    self._port_client.delete(lport['id'])
            except Exception:
                with excutils.save_and_reraise_exception():
                    LOG.exception(
                        _LE('Failed to create port %s on NSX backend'),
                        neutron_db['id'])
-                    with context.session.begin(subtransactions=True):
-                        super(NsxV3Plugin, self).delete_port(context,
-                                                             neutron_db['id'])
-
-            if sgids:
-                try:
-                    security.update_lport_with_security_groups(
-                        context, lport['id'], [], sgids)
-                except nsx_exc.SecurityGroupMaximumCapacityReached:
-                    with excutils.save_and_reraise_exception():
-                        LOG.debug("Couldn't associate port %s with "
-                                  "one or more security-groups, reverting "
-                                  "reverting logical-port creation (%s).",
-                                  port_data['id'], lport['id'])
-                        self._port_client.delete(lport['id'])
+                    super(NsxV3Plugin, self).delete_port(context,
+                                                         neutron_db['id'])

        nsx_rpc.handle_port_metadata_access(self, context, neutron_db)
        return port_data