[Openstack] security groups not working on one compute node
Akshay Kumar Sanghai
akshaykumarsanghai at gmail.com
Tue Jan 12 14:49:31 UTC 2016
Hi,
I am running a kilo openstack setup with 3 nodes, 1 controller and 2
compute. Suppose i have 2 VMs , vm1 on compute node1 and vm2 on compute
node2 . When i change the security groups for vm1 when vm is running ,then
i can see the change is implemented. But for vm2 ,change is not implemented
while vm is running. For example, i am able to ping vm1 and vm2. But when i
remove the security group for icmp for both vm1 and vm2, I can't ping vm1
but i am still able to ping vm2. The change is implemented only when i
reboot the vm. I have checked the confiuration file for ml2_conf.ini , its
same for both compute nodes. What can be other possible problems to look
into?
I have checked the value of /proc/sys/net/bridge/bridge-nf-call-iptables ,
it is 1 for both the compute nodes
Thanks,
Akshay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160112/e4b0b371/attachment.html>
More information about the Openstack
mailing list