Security groups, as discussed earlier, are typically required to allow network traffic to an instance, unless the default security group for a project has been modified to be more permissive.
Adding security groups is typically done on instance
boot. When launching from the dashboard you do this on the
Access & Security tab of the Launch Instance
dialog. When launching from the command line, append
--security-groups
with a comma-separated list of
security groups.
It is also possible to add and remove security groups when an instance is running. Currently this is only available through the command-line tools. Here is an example:
$ nova add-secgroup <server> <securitygroup>
$ nova remove-secgroup <server> <securitygroup>