You must configure security group rules depending on the type of plug-in you are using. If you are using a plug-in that:
Implements Networking security groups, you can configure security group rules directly by using neutron security-group-rule-create. This example enables ping and ssh access to your VMs.
$ neutron security-group-rule-create --protocol icmp \ --direction ingress default
$ neutron security-group-rule-create --protocol tcp --port-range-min 22 \ --port-range-max 22 --direction ingress default
Does not implement Networking security groups, you can configure security group rules by using the nova secgroup-add-rule or euca-authorize command. These nova commands enable ping and ssh access to your VMs.
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 $ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
Note | |
---|---|
If your plug-in implements Networking
security groups, you can also leverage Compute
security groups by setting
|