Cloned from launchpad bug 1175464. Description: when booting an instance nova-api automatically adds a default security group if one is not specified, though we shouldn't be doing this and instead quantum should handle be handing this. This actually causes an issue for plugins that implement the port_security_api and have port_security_enabled=False on a network. https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_groups.py#L498 https://github.com/openstack/nova/blob/master/nova/api/openstack/compute/contrib/security_groups.py#L511 Specification URL (additional information): https://bugs.launchpad.net/nova/+bug/1175464
*** Bug 1284123 has been marked as a duplicate of this bug. ***
As per e-mail discussion, closing currentrelease as this is in Newton/ROSP10. Double-checked with Joe Donohue as well and he's good.