Deleting Instances Doesn't Delete Security Group Associations

When an instance is deleted, corresponding security_group_instance_association entries are not deleted, and so security_groups are left with references to these deleted instances. As a result, calls that reference or join SecurityGroup.instances (such as security_group_get_by_name()) become slow for a project over time.

This becomes a serious performance issue for highly active projects that add and remove instances with great frequency. On Nebula, one highly active project takes over 23 seconds to perform a describe-groups call, and several minutes for run-instances to return to the api caller.

Some related issues:

* The SecurityGroups.instances association does not filter deleted security_group_instance_association's
* Deleting a security_group does not delete related security_group_instance_association's