Atom feed of this document
  
 

 Enable ping and SSH on VMs (security groups)

You must configure security group rules depending on the type of plug-in you are using. If you are using a plug-in that:

  • Implements Networking security groups, you can configure security group rules directly by using neutron security-group-rule-create. This example enables ping and ssh access to your VMs.

    $ neutron security-group-rule-create --protocol icmp \
        --direction ingress default
    $ neutron security-group-rule-create --protocol tcp --port-range-min 22 \
        --port-range-max 22 --direction ingress default
  • Does not implement Networking security groups, you can configure security group rules by using the nova secgroup-add-rule or euca-authorize command. These nova commands enable ping and ssh access to your VMs.

    $ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
    $ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
[Note]Note

If your plug-in implements Networking security groups, you can also leverage Compute security groups by setting security_group_api = neutron in the nova.conf file. After you set this option, all Compute security group commands are proxied to Networking.

Questions? Discuss on ask.openstack.org
Found an error? Report a bug against this page

loading table of contents...