[Openstack] Issue with Security Groups

sylecn sylecn at gmail.com
Fri Jun 27 11:12:31 UTC 2014


On Thu, Jun 26, 2014 at 9:37 AM, Muralidhar Balcha <muralidharb at gmail.com>
wrote:
>
> Hi,
> I am using Openstack havana and I am using default security group with
> my own set of new rules added to the security group to enable ssh into
> instances. I am noticing that occasionally nova drops those
> corresponding rules from the IP tables. Also when nova api service is
> restarted, it resets the IP table rules to default rules in the
> security group.

Since you mentioned you need to add security group rule to allow ssh
access, I guess the network and security group configuration is correct.

Please check whether you have a cron job or some firewall software that
is modifying the iptables rules. Nova should not drop rules unless told
to do so.

> Is this a known issue? Does it have something to with the default
> security group. How can I make security group settings persist across
> service restarts?

Not as far as I know. Security groups are meant to be persistent by
design. You don't need to do anything.


--

YY Inc. is hiring openstack and python developers. Interested? Check
http://www.nsbeta.info/jobs

--
Thanks,
Yuanle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140627/01ef0dea/attachment.html>


More information about the Openstack mailing list