[openstack-dev] [Nova][Neutron] Allow passing security groups when attaching interfaces?

Gary Kotton gkotton at vmware.com
Thu Jul 6 11:39:07 UTC 2017

When you attach an interface there are a number of options:
1. Pass a existing port
2. Pass a network
In the second case a new port will be created and by default that will have the default security group.
You could try the first option by attaching the security group to the port

From: Zhenyu Zheng <zhengzhenyulixi at gmail.com>
Reply-To: OpenStack List <openstack-dev at lists.openstack.org>
Date: Thursday, July 6, 2017 at 12:45 PM
To: OpenStack List <openstack-dev at lists.openstack.org>
Subject: [openstack-dev] [Nova][Neutron] Allow passing security groups when attaching interfaces?


Our product has meet this kind of problem, when we boot instances, we are allowed to pass security groups, and if we provided network id, ports with the sg we passed will be created and when we show instances, we can see security groups field of instance is the sg we provided. But when we attach again some new interfaces(using network_id), the newly added interfaces will be in the default security group.

We are wondering, will it be better to allow passing security groups when attaching interfaces? or it is considered to be a proxy-api which we do not like?


Kevin Zheng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170706/bbcd5ff7/attachment.html>

More information about the OpenStack-dev mailing list