[queens][neutron][fwaas_v2] PENDING_UPDATE
Hello All, I installed firewall v2 on queens based on centos 7. I create a firewall group policy and a firewall group rulle with that policy. The firewall results ACTIVE AND UP and INACTIVE When I ttry to apply the firewall group to an instance port : openstack firewall group set --port c7c8be58-35de-47fe-87db-39bbd681db8b fwg1 It does not works and goes in pending update status. L3 agent log reports: Could not load neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver But the file esists I am using firewall_driver = openvswitch Please, whai is wrong ? I read Supports L2 firewalling (VM ports) was planned for ocata and I am on queens. Please, help me. Ignazio
I have never really used fwaas, but I do believe its targeted at routers. Security groups already do firewalling for the vm ports Donny Davis c: 805 814 6800 On Tue, Mar 3, 2020, 5:15 AM Ignazio Cassano <ignaziocassano@gmail.com> wrote:
Hello All, I installed firewall v2 on queens based on centos 7. I create a firewall group policy and a firewall group rulle with that policy.
The firewall results ACTIVE AND UP and INACTIVE
When I ttry to apply the firewall group to an instance port : openstack firewall group set --port c7c8be58-35de-47fe-87db-39bbd681db8b fwg1
It does not works and goes in pending update status.
L3 agent log reports: Could not load neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
But the file esists
I am using firewall_driver = openvswitch
Please, whai is wrong ?
I read Supports L2 firewalling (VM ports) was planned for ocata and I am on queens.
Please, help me.
Ignazio
Hello Donny, please visit this link: it should work: https://superuser.openstack.org/articles/firewall-service-openstack/ Il giorno mar 3 mar 2020 alle ore 13:33 Donny Davis <donny@fortnebula.com> ha scritto:
I have never really used fwaas, but I do believe its targeted at routers.
Security groups already do firewalling for the vm ports
Donny Davis c: 805 814 6800
On Tue, Mar 3, 2020, 5:15 AM Ignazio Cassano <ignaziocassano@gmail.com> wrote:
Hello All, I installed firewall v2 on queens based on centos 7. I create a firewall group policy and a firewall group rulle with that policy.
The firewall results ACTIVE AND UP and INACTIVE
When I ttry to apply the firewall group to an instance port : openstack firewall group set --port c7c8be58-35de-47fe-87db-39bbd681db8b fwg1
It does not works and goes in pending update status.
L3 agent log reports: Could not load neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
But the file esists
I am using firewall_driver = openvswitch
Please, whai is wrong ?
I read Supports L2 firewalling (VM ports) was planned for ocata and I am on queens.
Please, help me.
Ignazio
participants (2)
-
Donny Davis
-
Ignazio Cassano