<div dir="ltr">Hi Tomasz,<div><br></div><div>Just to clarify, this was not in Folsom?</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 2, 2013 at 4:15 PM, Tomasz Paszkowski <span dir="ltr"><<a href="mailto:ss7pro@gmail.com" target="_blank">ss7pro@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Yes,<div><br></div><div>after you'll put this line into your nova.conf file on all compute nodes it'll work seamlessly with security groups (also though horizon, as horizon is just an graphical interface to an openstack api). Remember also to check if you have valid firewall driver set (eg. firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver).</div>
<div><br></div><div><br></div><div><br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 2, 2013 at 8:06 PM, Jacob Godin <span dir="ltr"><<a href="mailto:jacobgodin@gmail.com" target="_blank">jacobgodin@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Will this work with per-tenant routers as well? Is it configurable through nova security groups (and Horizon)?<div>
<br></div><div>Thanks!</div></div><div><div><div class="gmail_extra"><br><br><div class="gmail_quote">
On Tue, Apr 2, 2013 at 12:59 PM, Tomasz Paszkowski <span dir="ltr"><<a href="mailto:ss7pro@gmail.com" target="_blank">ss7pro@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hi Jacob,<div><br></div><div>Grizzly release supports this setup by using Hybrid configuration (linux bridge attached to the ovs-bridge). All you need is to set:</div><div><br></div><div>libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtGenericVIFDriver in your nova.conf<br>
</div><div><br></div><div>:-)</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote"><div><div>On Tue, Apr 2, 2013 at 5:43 PM, Jacob Godin <span dir="ltr"><<a href="mailto:jacobgodin@gmail.com" target="_blank">jacobgodin@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr">Hi all,<div><br></div><div>Is anyone implementing Quantum per-tenant routers with a "Firewall as a Service" so that each tenant can create and manage their own firewalls? As far as I know, Nova security groups still will not integrate with this type of Quantum setup.</div>
<div><br></div><div>I'm currently using Openvswitch as an L2 agent.</div><div><br></div><div>Thanks</div><span><font color="#888888"><div>Jacob</div></font></span></div>
<br></div></div>_______________________________________________<br>
OpenStack-operators mailing list<br>
<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br>
<br></blockquote></div><span><font color="#888888"><br><br clear="all"><div><br></div>-- <br>Tomasz Paszkowski<br>SS7, Asterisk, SAN, Datacenter, Cloud Computing<br><a href="tel:%2B48500166299" value="+48500166299" target="_blank">+48500166299</a>
</font></span></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Tomasz Paszkowski<br>SS7, Asterisk, SAN, Datacenter, Cloud Computing<br><a href="tel:%2B48500166299" value="+48500166299" target="_blank">+48500166299</a>
</div>
</div></div></blockquote></div><br></div>