Remove distributed firewall policy on segment deletion

2023-11-13 16:44:22 -03:00 · 2023-11-13 16:44:22 -03:00 · 1a24ba6949
parent c6acd8fb61
commit 1a24ba6949
1 changed files with 13 additions and 0 deletions
--- a/plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/service/NsxApiClient.java
+++ b/plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/service/NsxApiClient.java
@ -389,6 +389,7 @@ public class NsxApiClient {
    public void deleteSegment(long zoneId, long domainId, long accountId, Long vpcId, long networkId, String segmentName) {
        try {
            Segments segmentService = (Segments) nsxService.apply(Segments.class);
+            removeSegmentDistributedFirewallRules(segmentName);
            removeGroupForSegment(segmentName);
            LOGGER.debug(String.format("Removing the segment with ID %s", segmentName));
            segmentService.delete(segmentName);
@ -754,6 +755,18 @@ public class NsxApiClient {
        service.delete(DEFAULT_DOMAIN, segmentName, true, false);
    }

+    private void removeSegmentDistributedFirewallRules(String segmentName) {
+        try {
+            SecurityPolicies services = (SecurityPolicies) nsxService.apply(SecurityPolicies.class);
+            services.delete(DEFAULT_DOMAIN, segmentName);
+        } catch (Error error) {
+            ApiError ae = error.getData()._convertTo(ApiError.class);
+            String msg = String.format("Failed to remove NSX distributed firewall policy for segment %s, due to: %s", segmentName, ae.getErrorMessage());
+            LOGGER.error(msg);
+            throw new CloudRuntimeException(msg);
+        }
+    }
+
    public void createSegmentDistributedFirewall(String policyName, List<NsxNetworkRule> nsxRules) {
        try {
            SecurityPolicies services = (SecurityPolicies) nsxService.apply(SecurityPolicies.class);