Open Stack

On 25 June 2013 07:06, Daniel Ellison <daniel at syrinx.net> wrote:
> Hey all,
>
> I'm running grizzly on Ubuntu 12.04 server. I have two instances, both with the same security groups ("default" and one to allow XMPP traffic). The firewall rules are working for one instance but not for the other. Can anyone think of why the group rules would be applied differently?
>
> If more details are needed I'll gladly provide them. Both VMs are running Ubuntu 12.04. Both are provisioned with the same flavour. Both have private and public IPs. Running port scans on both provide different results, however. Ports that are open on one (e.g. 5000) are coming back as closed on the other.

So portscan will show open things that are a) permitted by the
security groups and b) have a listening service. if you don't have
something listening on one host, that would be enough to trigger the
difference.

That said, AIUI security groups, you get one per instance - what exact
command are you using to boot the instances?

You can also get a dump of the rules by running 'iptables-save' on the
compute host, which is probably the most direct way to see whether the
rules are active or not.

-Rob
-- 
Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Cloud Services