[Openstack-operators] How to configure security-port feature in Kilo ?

Clayton O'Neill clayton at oneill.net
Tue Jul 14 13:28:59 UTC 2015 

Note that if you enable port-security when you upgrade to kilo you can
avoid these issues.  If you enable port-security after upgrading, it's a
few pretty simple SQL commands to work around the bug below​ described
below.  You can find them in the associated kilo upgrade db migration here:

https://github.com/openstack/neutron/blob/master/neutron/db/migration/alembic_migrations/versions/35a0f3365720_add_port_security_in_ml2.py

That said, I'd be glad to hear more about how to actually *use* the port
security extension.  It seems as if it can be used to turn off port
security on a per port or per network basis.  Is there any UI for this, or
do you have to use the API?

On Tue, Jul 14, 2015 at 5:52 AM, James Denton <james.denton at rackspace.com>
wrote:

>  In the /etc/neutron/plugins/ml2/ml2_conf.ini file, add the following
> under [ml2] and restart the neutron-server service:
>
>
>  extension_drivers = port_security
>
>
>  You may experience the following bugs upon enabling port security:
>
>
>  https://bugs.launchpad.net/neutron/+bug/1461519
>
> https://bugs.launchpad.net/neutron/+bug/1454148​
>
>
>  If you can, remove all existing Neutron networks prior to enabling port
> security. Otherwise, you may be looking at some DB changes to get things
> working again.
>
>
>  James
>  ------------------------------
> *From:* 16189455 at qq.com <16189455 at qq.com>
> *Sent:* Tuesday, July 14, 2015 12:17 AM
> *To:* openstack-operators
> *Subject:* [Openstack-operators] How to configure security-port feature
> in Kilo ?
>
>  Hi all,
>     Recently I want to have a try of the  feature security-port, but these
> is very few introduction. Could you give some help?
>     Thank you.
>
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150714/b1448315/attachment.html>

More information about the OpenStack-operators mailing list