openstack team mailing list archive

Thread
Date

Re: Default rules for the 'default' security group

To: Gabriel Hurley <Gabriel.Hurley@xxxxxxxxxx>
From: Shake Chen <shake.chen@xxxxxxxxx>
Date: Fri, 24 Aug 2012 08:54:20 +0800
Cc: "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <BD35DBE010D5B64589500D43F775F23629226207@CH1PRD0511MB431.namprd05.prod.outlook.com>

Now in HPcloud, have this feature.

all the new user, the default security group would open 80,22, 443 and icmp.


On Fri, Aug 24, 2012 at 2:02 AM, Gabriel Hurley
<Gabriel.Hurley@xxxxxxxxxx>wrote:

>  I traced this through the code at one point looking for the same thing.
> As it stands, right now there is **not** a mechanism for customizing the
> default security group’s rules. It’s created programmatically the first
> time the rules for a project are retrieved with no hook to add or change
> its characteristics.****
>
> ** **
>
> I’d love to see this be possible, but it’s definitely a feature request.**
> **
>
> ** **
>
> **-          **Gabriel****
>
> ** **
>
> *From:* openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx[mailto:
> openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx] *On
> Behalf Of *Boris-Michel Deschenes
> *Sent:* Thursday, August 23, 2012 7:59 AM
> *To:* Yufang Zhang; openstack@xxxxxxxxxxxxxxxxxxx
> *Subject:* Re: [Openstack] Default rules for the 'default' security group*
> ***
>
> ** **
>
> I’m very interested in this, we run essex and have a very bad workaround
> for this currently, but it would be great to be able to do this (set
> default rules for the default security group).****
>
> ** **
>
> Boris****
>
> ** **
>
> *De :*
> openstack-bounces+boris-michel.deschenes=ubisoft.com@xxxxxxxxxxxxxxxxxxx
> [mailto:openstack-bounces+boris-michel.deschenes=ubisoft.com@xxxxxxxxxxxxxxxxxxx]
> *De la part de* Yufang Zhang
> *Envoyé :* 23 août 2012 08:43
> *À :* openstack@xxxxxxxxxxxxxxxxxxx
> *Objet :* [Openstack] Default rules for the 'default' security group****
>
> ** **
>
> Hi all,****
>
> ** **
>
> Could I ask how to set the default rules for the 'default' security group
> for all the users in openstack? Currently, the 'default' security group has
> no rule by default, thus newly created instances could only be accessed by
> instances from the same group. ****
>
> ** **
>
> Is there any method to set default rules(such as ssh or icmp) for the
> 'default' security group for all users in openstack, so that I don't have
> to remind the new users to modify security group setting the fist time they
> logged into openstack and create instances?  I have ever tried HP could
> which is built on openstack, they permit ssh or ping to the instances in
> the 'default' security group. ****
>
> ** **
>
> Best Regards.****
>
> ** **
>
> Yufang****
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Shake Chen

Follow ups

Re: Default rules for the 'default' security group
From: Day, Phil, 2012-08-29

References

Default rules for the 'default' security group
From: Yufang Zhang, 2012-08-23
Re: Default rules for the 'default' security group
From: Boris-Michel Deschenes, 2012-08-23
Re: Default rules for the 'default' security group
From: Gabriel Hurley, 2012-08-23