[Openstack] neutron default security groups
Xiaolin Zhang
zhangxiaolins at gmail.com
Thu Mar 20 11:36:04 UTC 2014
1. As far as I know, the default sg would be populated by plugin - e.g.
ovs, ml2 - with _ensure_default_security_group, which allow egress to all
destination and ingress originated from the same sg only.
2. The default rules in default sg cannot be changed.
hope it helps,
*Best Regards, Xiaolin Zhang*
On Thu, Mar 20, 2014 at 5:51 PM, Ruzicka, Marek
<marek.ruzicka at t-systems.sk>wrote:
> I second that question…
>
>
>
> We have a registration system that is creating users/tenants/etc and also
> taking care of these security groups (deleting defaults, creating custom
> ones).
>
> If it was possible to configure default sec groups, it would be one less
> thing to deal with.
>
>
>
> Marek
>
>
>
> *From:* Nick Maslov [mailto:azpekt at gmail.com]
> *Sent:* 20. marca 2014 10:32
> *To:* openstack at lists.openstack.org
> *Cc:* Maxim Bashkirov
> *Subject:* [Openstack] neutron default security groups
>
>
>
> Hi,
>
>
>
> Whenever I create new tenant, it creates an security group for this
> tenant. Rules are always the same - no ingress traffic allowed at all.
>
>
>
> Is there a way to create security group, that will have all traffic
> allowed and will be used for each and every new tenant?
>
>
>
> Thanks,
>
> NM
>
>
>
> --
> Nick Maslov
> Sent with Airmail
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140320/57441bd3/attachment.html>
More information about the Openstack
mailing list