[Openstack] Compute Node without firewall (iptables) and linux bridge

Chris contact at progbau.de
Wed Oct 29 07:25:02 UTC 2014



I'm looking for a way to disable any firewall feature in one of our compute
nodes and prevent the creation of the Linux bridge in the data path inside
of this compute node. 


Here is the configuration in the compute node:



#firewall_driver =

firewall_driver = neutron.agent.firewall.NoopFirewall

# enable_security_group = True

enable_security_group = False



firewall_driver = nova.virt.firewall.NoopFirewallDriver

#security_group_api = neutron




firewall_driver = neutron.agent.firewall.NoopFirewallDriver

enable_security_group = False


The firewall seems to be disabled but the bridge and the interfaces are
being still created. 

I found an older post about it:

But changing "portbindings.OVS_HYBRID_PLUG" from a hard-coded "True" to
"False" didn't change anything.


Please advise!








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20141029/aaf4fb96/attachment.html>

More information about the Openstack mailing list