[Openstack] [openstack-dev] [NOVA][NEUTRON] Whats the correct firewall driver and interface driver to use neutron sec groups in havana

Robert Collins robertc at robertcollins.net
Thu Oct 24 02:58:18 UTC 2013

(dropping -dev, this is a deployment question).


^ thats your problem. It's a no-op driver, which means no firewall
rules are applied.


(applies to apt etc as well - just the first hit from google :))
covers this part of the setup.


On 24 October 2013 01:57, Leandro Reox <leandro.reox at gmail.com> wrote:
> Hi guys,
> Seem that i cant find the right combination to get neutron security groups
> working with nova and OVS
> - I see the logs on the ovs agent like sec group updated or rule updated
> - I can configure the rules on neutron without an issue
> Seems like nova is not doing anything with the the rules itself, i dont see
> any root-wrap event trying to apply an iptables chain, its like the the
> agent is not passing the order to apply the rules to nova
> Here is all the nova.conf stuff, and agent logs, and iptables chains:
> http://pastebin.com/RMgQxFyN
> I dont know what to try to get this working , maybe im using the wrong
> firewall driver or something ? or do i need for example that neutron and
> nova connects to the same queue??
> Best
> Lean
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Robert Collins <rbtcollins at hp.com>
Distinguished Technologist
HP Converged Cloud

More information about the Openstack mailing list