From 6c91bdfe24e275ede65df369d714ca119d5ce5f2 Mon Sep 17 00:00:00 2001 From: Aaron Rosen Date: Mon, 3 Mar 2014 15:15:08 -0800 Subject: [PATCH] NSX: passing wrong security_group id mapping to nsx backend When the async secgroup work was added the update_port() code was not changed to pass in the nsx security_group uuids. This patch fixes that so that the nsx uuids are passed in instead of neutron. Closes-bug: #1287419 Change-Id: I1a075564f2548764de15b85b2970b5f360412eb2 --- neutron/plugins/vmware/plugins/base.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/neutron/plugins/vmware/plugins/base.py b/neutron/plugins/vmware/plugins/base.py index 08d725229..df066a372 100644 --- a/neutron/plugins/vmware/plugins/base.py +++ b/neutron/plugins/vmware/plugins/base.py @@ -1290,6 +1290,13 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin, LOG.warn(_("Update port request: %s"), port) nsx_switch_id, nsx_port_id = nsx_utils.get_nsx_switch_and_port_id( context.session, self.cluster, id) + # Convert Neutron security groups identifiers into NSX security + # profiles identifiers + nsx_sec_profile_ids = [ + nsx_utils.get_nsx_security_group_id( + context.session, self.cluster, neutron_sg_id) for + neutron_sg_id in (ret_port[ext_sg.SECURITYGROUPS] or [])] + if nsx_port_id: try: switchlib.update_port( @@ -1301,7 +1308,7 @@ class NsxPluginV2(addr_pair_db.AllowedAddressPairsMixin, ret_port['mac_address'], ret_port['fixed_ips'], ret_port[psec.PORTSECURITY], - ret_port[ext_sg.SECURITYGROUPS], + nsx_sec_profile_ids, ret_port[qos.QUEUE], ret_port.get(mac_ext.MAC_LEARNING), ret_port.get(addr_pair.ADDRESS_PAIRS)) -- 2.45.2