[openstack-dev] [Quantum] Need review for iptables securitygroup bp

Kyle Mestery (kmestery) kmestery at cisco.com
Wed Nov 7 15:22:20 UTC 2012


On Nov 6, 2012, at 5:49 PM, Nachi Ueno <nachi at nttmcl.com> wrote:
> Hi Quantum folks
> 
> I need to be reviewd  iptables securitygroup bp.
> I updated the bp using Gary's template.
> 
> https://blueprints.launchpad.net/quantum/+spec/quantum-security-groups-iptables
> 
> Actually, I have started the coding, but I do want get the spec agreed
> before code review.
> 
Hi Nachi:

This looks pretty good. So effectively, the security group code will be run before direct port operations are undertaken on the host itself, right? I notice the blueprint only mentions LinuxBridge and OVS plugins. I assume there is some anticipated work for the other plugins (Ryu, NEC, NVP, and Cisco) once this work lands? For instance, is iptables required for each plugin? I imagine Ryu could simply implement security groups using OpenFlow rules for example.

Thanks,
Kyle

> Thanks
> Nachi
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev





More information about the OpenStack-dev mailing list