openstack team mailing list archive

[Kevin Jackson <kevin@xxxxxxxxxxxxxxxxxxx>]

Hi Ritesh,
You will need to have enabled some rules - even if you provide rules that
give carte blanch access to your instances. This is courtesy of the
'default' security group - that by design prevents any access and by
design, is a default if you don't specify any security groups when
launching instances.

Whilst its easy to say you shouldn't do what you're intending to do and
relying on perimeter security alone, that is not what you're asking and I'm
all for choice and learning.

So in your instance:

nova secgroup-add-rule default tcp 0 65536 0.0.0.0/0
nova secgroup-add-rule default udp 0 65536 0.0.0.0/0
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

Note this is the netsec equivalent of doing chmod 777 on a file.

To actually delete groups though

nova secgroup-delete nameOfGroup

Regards,
Kev


On 21 November 2012 13:45, Ritesh Nanda <riteshnanda09@xxxxxxxxx> wrote:

> Hello,
>
> Is there anyway we can disable security group in nova, as i would be using
> an external firewall to do that.
>
> --
>
> * With Regards
> *
>
> * Ritesh Nanda
> *
>
> ***
> *
> <http://www.ericsson.com/>
>
>
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Kevin Jackson
@itarchitectkev