This bug recently came to my attention: https://bugs.launchpad.net/nova/+bug/1241587 I've reopened it, because it is an actual problem, especially for people using nova-network and Rally, which creates and deletes tons of tenants. The obvious simple solution is to allow deletion of the 'default' security group if it is assigned to a tenant that doesn't exist, but I wasn't sure what the most acceptable way to do that within Nova would be. Is it acceptable to perform a call to the Keystone API to check for the tenant? Or is there another, better way? Alternatively, is there a better way to tackle the problem altogether? Thanks! -- Chris St. Pierre -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150507/23317099/attachment.html>