[Openstack-operators] Appending a security group to a Neutron port
Paul Browne
pfb29 at cam.ac.uk
Tue Dec 13 12:33:46 UTC 2016
Hello Operators,
One of the operations I find myself doing quite often in our OpenStack
is appending a new security group to a Neutron port (rather than a full
instance) which already has several security groups defined on it.
As far as I can tell (possibly wrongly!), there seems to be no easy way
to do this. For a Neutron port with existing security groups A & B on
it, with a new one to be added C, the closest operation via API calls
from the older Neutron client would seem to be;
neutron port-update --security-group A --security-group B
--security-group C *Neutron Port UUID*
, as there seems to be no in-built way to merely append a new
security-group to a port's existing ones (a full list must be provided).
Am I incorrect in thinking this? I would love to find out that that is
the case!
Currently I find myself doing a fair bit of JSON-munging of the existing
security-groups on a port (in order to add a new one to the port without
wiping out its existing security groups), so I'd love to know if any
Operators also often do this operation and, if so, how they best go
about it.
Kind regards,
Paul Browne
--
*******************
Paul Browne
Research Computing Platforms
University Information Services
Roger Needham Building
JJ Thompson Avenue
University of Cambridge
Cambridge
United Kingdom
E-Mail: pfb29 at cam.ac.uk
Tel: 0044-1223-46548
*******************
More information about the OpenStack-operators
mailing list