[queens][neutron][fwaas_v2] PENDING_UPDATE

Ignazio Cassano ignaziocassano at gmail.com
Tue Mar 3 12:41:11 UTC 2020


Hello Donny,  please visit this link: it should work:
https://superuser.openstack.org/articles/firewall-service-openstack/

Il giorno mar 3 mar 2020 alle ore 13:33 Donny Davis <donny at fortnebula.com>
ha scritto:

> I have never really used fwaas, but I do believe its targeted at routers.
>
> Security groups already do firewalling for the vm ports
>
>
>
> Donny Davis
> c: 805 814 6800
>
> On Tue, Mar 3, 2020, 5:15 AM Ignazio Cassano <ignaziocassano at gmail.com>
> wrote:
>
>> Hello All, I installed firewall v2 on queens based on centos 7.
>> I create a firewall group policy and a firewall group rulle with that
>> policy.
>>
>> The firewall results ACTIVE AND UP and INACTIVE
>>
>> When I ttry to apply the firewall group to an instance port :
>> openstack  firewall group set --port c7c8be58-35de-47fe-87db-39bbd681db8b
>> fwg1
>>
>> It does not works and goes in pending update status.
>>
>>
>> L3 agent log reports:
>> Could not load
>> neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
>>
>> But the file esists
>>
>> I am using firewall_driver = openvswitch
>>
>> Please, whai is wrong ?
>>
>> I read Supports L2 firewalling (VM ports) was planned for ocata and I am
>> on queens.
>>
>> Please, help me.
>>
>> Ignazio
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20200303/d9e2669d/attachment.html>


More information about the openstack-discuss mailing list