← Back to team overview

openstack team mailing list archive

Re: Default rules for the 'default' security group

 

2012/8/24 Gabriel Hurley <Gabriel.Hurley@xxxxxxxxxx>

>  I traced this through the code at one point looking for the same thing.
> As it stands, right now there is **not** a mechanism for customizing the
> default security group’s rules. It’s created programmatically the first
> time the rules for a project are retrieved with no hook to add or change
> its characteristics.****
>
> ** **
>
> I’d love to see this be possible, but it’s definitely a feature request.**
> **
>
> **
>

 Really agreed. I have created a blueprint to track this issue:

https://blueprints.launchpad.net/nova/+spec/default-rules-for-default-security-group

**
>
> **-          **Gabriel****
>
> ** **
>
> *From:* openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx[mailto:
> openstack-bounces+gabriel.hurley=nebula.com@xxxxxxxxxxxxxxxxxxx] *On
> Behalf Of *Boris-Michel Deschenes
> *Sent:* Thursday, August 23, 2012 7:59 AM
> *To:* Yufang Zhang; openstack@xxxxxxxxxxxxxxxxxxx
> *Subject:* Re: [Openstack] Default rules for the 'default' security group*
> ***
>
> ** **
>
> I’m very interested in this, we run essex and have a very bad workaround
> for this currently, but it would be great to be able to do this (set
> default rules for the default security group).****
>
> ** **
>
> Boris****
>
> ** **
>
> *De :*
> openstack-bounces+boris-michel.deschenes=ubisoft.com@xxxxxxxxxxxxxxxxxxx
> [mailto:openstack-bounces+boris-michel.deschenes=ubisoft.com@xxxxxxxxxxxxxxxxxxx]
> *De la part de* Yufang Zhang
> *Envoyé :* 23 août 2012 08:43
> *À :* openstack@xxxxxxxxxxxxxxxxxxx
> *Objet :* [Openstack] Default rules for the 'default' security group****
>
> ** **
>
> Hi all,****
>
> ** **
>
> Could I ask how to set the default rules for the 'default' security group
> for all the users in openstack? Currently, the 'default' security group has
> no rule by default, thus newly created instances could only be accessed by
> instances from the same group. ****
>
> ** **
>
> Is there any method to set default rules(such as ssh or icmp) for the
> 'default' security group for all users in openstack, so that I don't have
> to remind the new users to modify security group setting the fist time they
> logged into openstack and create instances?  I have ever tried HP could
> which is built on openstack, they permit ssh or ping to the instances in
> the 'default' security group. ****
>
> ** **
>
> Best Regards.****
>
> ** **
>
> Yufang****
>

Follow ups

References