[openstack-dev] [Kuryr] [Neutron] Controlling security groups through Kuryr's libnetwork plugin [was: Waiting until Neutron PortisActive]

Antoni Segura Puimedon toni+openstackml at midokura.com
Mon Jun 13 07:15:49 UTC 2016

On Sun, Jun 12, 2016 at 9:39 PM, Mike Spreitzer <mspreitz at us.ibm.com> wrote:

> Antoni Segura Puimedon <toni+openstackml at midokura.com> wrote on
> 06/11/2016 07:39:41 PM:
> > Well, with a label you can make the Neutron Port have an SG that
> > forbids pinging.
> Wait, what?  Labels on what can do what?

There are two options here. It is not implemented yet. You could:

* Have the docker network create pass an option to say: All the ports in
this docker net shall have
this neutron SG assigned.
* Wait a bit for the proposal that is being pushed to Docker upstream that
demands to have
--net-opts to `docker run`.

> Thanks,
> Mike
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160613/1c37b714/attachment.html>

More information about the OpenStack-dev mailing list