[Openstack] Security Groups Can't Apply in Kilo with Neutron & XenServer
Remo Mattei
remo at italy1.com
Mon Mar 14 19:17:32 UTC 2016
can you share your security groups rules?
> On Mar 13, 2016, at 20:56, Adhi Priharmanto <adhi.pri at gmail.com> wrote:
>
> Hi all,
>
> I had Openstack Kilo installed on my lab, for Compute Hypervisor I use XenServer 6.5, and networking Using Neutron OVS. For Controller, Network, and Compute node I'm using Ubuntu 14.04.
>
> My problem was Security Groups rules doesn't applied to the instance that created. For example, there is no rule for SSH port 22 in security group i defined to the instance, but instance with floating IP able to login by ssh from external network.
>
> I've already add this option on my nova.conf
>
> firewall_driver=nova.virt.xenapi.firewall.Dom0IptablesFirewallDriver
>
> and also defined firewall_driver on my ml2_conf.ini at Controller, Network, and Compute node
>
> [ovs]
> enable_security_group = True
> enable_ipset = True
> firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
>
> can somebody help me with this problem ?
>
>
> --
> Cheers,
>
>
>
> Adhi Priharmanto
> about.me/a_dhi
>
> <http://about.me/a_dhi?promo=email_sig>
>
>
> !DSPAM:1,56e639a818092205511520! _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
> !DSPAM:1,56e639a818092205511520!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160314/00e74dd6/attachment.html>
More information about the Openstack
mailing list