[Openstack-operators] Quantum + Firewall as a Service

Jacob Godin jacobgodin at gmail.com
Tue Apr 2 22:02:23 UTC 2013 

Hi Tomasz,

Just to clarify, this was not in Folsom?


On Tue, Apr 2, 2013 at 4:15 PM, Tomasz Paszkowski <ss7pro at gmail.com> wrote:

> Yes,
>
> after you'll put this line into your nova.conf file on all compute nodes
> it'll work seamlessly with security groups (also though horizon, as horizon
> is just an graphical interface to an openstack api).  Remember also to
> check if you have valid firewall driver set (eg.
> firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver).
>
>
>
>
>
> On Tue, Apr 2, 2013 at 8:06 PM, Jacob Godin <jacobgodin at gmail.com> wrote:
>
>> Will this work with per-tenant routers as well? Is it configurable
>> through nova security groups (and Horizon)?
>>
>> Thanks!
>>
>>
>> On Tue, Apr 2, 2013 at 12:59 PM, Tomasz Paszkowski <ss7pro at gmail.com>wrote:
>>
>>> Hi Jacob,
>>>
>>> Grizzly release supports this setup by using Hybrid configuration (linux
>>> bridge attached to the ovs-bridge). All you need is to set:
>>>
>>> libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver in your
>>> nova.conf
>>>
>>> :-)
>>>
>>>
>>>
>>>
>>> On Tue, Apr 2, 2013 at 5:43 PM, Jacob Godin <jacobgodin at gmail.com>wrote:
>>>
>>>> Hi all,
>>>>
>>>> Is anyone implementing Quantum per-tenant routers with a "Firewall as a
>>>> Service" so that each tenant can create and manage their own firewalls? As
>>>> far as I know, Nova security groups still will not integrate with this type
>>>> of Quantum setup.
>>>>
>>>> I'm currently using Openvswitch as an L2 agent.
>>>>
>>>> Thanks
>>>> Jacob
>>>>
>>>> _______________________________________________
>>>> OpenStack-operators mailing list
>>>> OpenStack-operators at lists.openstack.org
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>>>
>>>>
>>>
>>>
>>> --
>>> Tomasz Paszkowski
>>> SS7, Asterisk, SAN, Datacenter, Cloud Computing
>>> +48500166299
>>>
>>
>>
>
>
> --
> Tomasz Paszkowski
> SS7, Asterisk, SAN, Datacenter, Cloud Computing
> +48500166299
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20130402/dc0af310/attachment.html>

More information about the OpenStack-operators mailing list