[Openstack] Security Groups Can't Apply in Kilo with Neutron & XenServer
Adhi Priharmanto
adhi.pri at gmail.com
Mon Mar 14 03:56:47 UTC 2016
Hi all,
I had Openstack Kilo installed on my lab, for Compute Hypervisor I use
XenServer 6.5, and networking Using Neutron OVS. For Controller, Network,
and Compute node I'm using Ubuntu 14.04.
My problem was Security Groups rules doesn't applied to the instance that
created. For example, there is no rule for SSH port 22 in security group i
defined to the instance, but instance with floating IP able to login by ssh
from external network.
I've already add this option on my nova.conf
firewall_driver=nova.virt.xenapi.firewall.Dom0IptablesFirewallDriver
and also defined firewall_driver on my ml2_conf.ini at Controller, Network,
and Compute node
[ovs]
enable_security_group = True
enable_ipset = True
firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
can somebody help me with this problem ?
--
Cheers,
[image: --]
Adhi Priharmanto
[image: http://]about.me/a_dhi
<http://about.me/a_dhi?promo=email_sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160314/71c4fd18/attachment.html>
More information about the Openstack
mailing list