[Openstack] adding security groups to running virtual machines

Dan Wendlandt dan at nicira.com
Wed Aug 8 20:56:22 UTC 2012


Actually, I was wrong about adding/removing security groups at run-time.
 Apparently, it works already :)   Thanks for pointing that out Mohammed!

Dan


On Wed, Aug 8, 2012 at 1:23 PM, Mohammed Naser <mnaser at vexxhost.com> wrote:

> Hi,
>
> You can actually add/remove security groups from an instance anytime
> even when it's running.
>
> The nova client also had the add-secgroup and remove-secgroup commands
> in it (at least in trunk), not sure if this is not supported in
> specific releases.
>
> Regards,
> Mohammed
>
> On Wed, Aug 8, 2012 at 1:20 PM, Dan Wendlandt <dan at nicira.com> wrote:
> > Hi Wolfgang,
> >
> > Yes, currently Nova only allows associating security groups at boot,
> though
> > you can change the rules in a security group post boot.
> >
> > Quantum (new openstack networking service) will be adding a more advanced
> > notion of security groups which allows changing groups of booted
> instances
> > and other improvements.  This had been targeted for Folsom-3, but looks
> very
> > unlikely to make it in time for Folsom.
> >
> > The difference between Nova security groups and Quantum security groups
> is
> > similar to the differences between traditional amazone security groups
> and
> > Amazon "VPC" security groups (see: http://aws.amazon.com/vpc/faqs/#S2)
> >
> > Dan
> >
> >
> > On Wed, Aug 8, 2012 at 4:32 AM, Wolfgang Hennerbichler
> > <wolfgang.hennerbichler at risc-software.at> wrote:
> >>
> >> it's not me :)
> >> http://forums.openstack.org/viewtopic.php?f=10&t=719
> >>
> >>
> >> On 08/08/2012 11:06 AM, Wolfgang Hennerbichler wrote:
> >>>
> >>> hi,
> >>>
> >>> is it me or is it openstack who can't modify security groups for
> running
> >>> virtual machines?
> >>> nova help | grep sec
> >>> doesn't give me a clue.
> >>>
> >>> thanks for a hint,
> >>> Wolfgang
> >>>
> >>
> >>
> >> --
> >> DI (FH) Wolfgang Hennerbichler
> >> Software Development
> >> Unit Advanced Computing Technologies
> >> RISC Software GmbH
> >> A company of the Johannes Kepler University Linz
> >>
> >> IT-Center
> >> Softwarepark 35
> >> 4232 Hagenberg
> >> Austria
> >>
> >> Phone: +43 7236 3343 245
> >> Fax: +43 7236 3343 250
> >> wolfgang.hennerbichler at risc-software.at
> >> http://www.risc-software.at
> >>
> >> _______________________________________________
> >> Mailing list: https://launchpad.net/~openstack
> >> Post to     : openstack at lists.launchpad.net
> >> Unsubscribe : https://launchpad.net/~openstack
> >> More help   : https://help.launchpad.net/ListHelp
> >
> >
> >
> >
> > --
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Dan Wendlandt
> > Nicira, Inc: www.nicira.com
> > twitter: danwendlandt
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> >
> > _______________________________________________
> > Mailing list: https://launchpad.net/~openstack
> > Post to     : openstack at lists.launchpad.net
> > Unsubscribe : https://launchpad.net/~openstack
> > More help   : https://help.launchpad.net/ListHelp
> >
>
>
>
> --
> Mohammed Naser — vexxhost
> -----------------------------------------------------
> E. mnaser at vexxhost.com
> W. http://vexxhost.com
>



-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Dan Wendlandt
Nicira, Inc: www.nicira.com
twitter: danwendlandt
~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120808/80b64a3a/attachment.html>


More information about the Openstack mailing list