← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #66222

[Bug 1667500] Re: Openstack add 'deafult' security group to a VM when attaching new interface to new network even the VM have customized secgroup

  Thread PreviousDate PreviousThread Next 
If there is a request for a Nova feature here, please bring it in via
the Nova Specs process - https://specs.openstack.org/openstack/nova-
specs/readme.html

** Changed in: nova
       Status: New => Opinion

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1667500

Title:
  Openstack add 'deafult' security group to a VM when attaching new
  interface  to new network  even the VM have customized secgroup

Status in neutron:
  Won't Fix
Status in OpenStack Compute (nova):
  Opinion

Bug description:
  
  I am not sure if its design intention, Openstack add 'deafult' security group to a VM when attaching new interface to that VM even if the VM have customized secgroup .

  for many deployment, users create and add customized security group to
  the VMs, so when attaching new network interface to the VM, Openstack
  keeps the customized secgroup , but in addition, it adds the 'deafult'
  which is not good as default should not  have all security ports open
  by default.

  Liberty,


  before attach the VM to new network < Nova show <vm> >

  | security_groups                      | customized
  |

  
  after VM attached to new network     < Nova show <vm> > 
  | security_groups                      | customized, default                                      |

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1667500/+subscriptions

References

  Thread PreviousDate PreviousThread Next