[openstack-dev] [Neutron] default security group rules in neutron

Miguel Angel Ajo Pelayo mangelajo at redhat.com
Mon Jun 23 06:44:29 UTC 2014


   I believe it's an important feature, because currently
the default security rules are hard-coded in neutron's code,
and that won't fit all organizations (not to say that the
default security rules won't scale well on our current
implementation).

   Best,
Miguel Ángel
  



----- Mensaje original -----
> Greetings
> 
> We use neutron as network functionality implementation in nova, and as
> you know, there is a feature called 'os-security-group-default-rules'
> in nova extension[1], a hook mechanism to add customized rules when
> creating default security groups, which is a very useful feature to
> the administrators or operators (at least useful to us in our
> deployment). But I found this feature is valid only when using
> nova-network.
> 
> So, for the functionality parity between nova-network and neutron and
> for our use case, I registered a blueprint[2] about default security
> group rules in Neutron days ago and related neutron spec[3], and I
> want it to be involved in Juno, so we can upgrade our deployment that
> time for this feature. I'm ready for the code implementation[3].
> 
> But I still want to see what's the community's thought about including
> this feature in neutron, any of your feedback and comments are
> appreciated!
> 
> [1]
> https://blueprints.launchpad.net/nova/+spec/default-rules-for-default-security-group
> [2]
> https://blueprints.launchpad.net/neutron/+spec/default-rules-for-default-security-group
> [3] https://review.openstack.org/98966
> [4] https://review.openstack.org/99320
> 
> --
> Regards!
> -----------------------------------
> Lingxian Kong
> 
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 



More information about the OpenStack-dev mailing list