8.2.
安全组规则应用到项目中的所有实例。
注意
您无法在实例创建过程中将基于角色的访问控制 (RBAC) 共享安全组直接应用到实例。要将 RBAC 共享安全组应用到实例,您必须首先创建端口,将共享安全组应用到该端口,然后将该端口分配给实例。
注意
8.2.1.
流程
$ openstack security group list $ openstack security group rule list <sec_group>
$ openstack security group create mySecGroup
$ openstack security group rule create --protocol <protocol> \ [--dst-port <port-range>] \ [--remote-ip <ip-address> | --remote-group <group>] \ [--ingress | --egress] mySecGroup
$ openstack security group rule create --protocol tcp \ --dst-port 22 mySecGroup
8.2.2.
流程
$ openstack security group list
$ openstack security group rule create --protocol <protocol> \ [--dst-port <port-range>] \ [--remote-ip <ip-address> | --remote-group <group>] \ [--ingress | --egress] <group_name>
$ openstack security group rule create --protocol tcp \ --dst-port 22 mySecGroup
8.2.3.
流程
$ openstack security group list
$ openstack security group show <sec-group>
$ openstack security group rule delete <rule> [<rule> ...]
8.2.4.
流程
$ openstack port list --server myInstancewithSSH
$ openstack port set --security-group <sec_group> <port>
8.2.5.
流程
$ openstack port show <port>
$ openstack port set --no-security-group <port>
$ openstack port set --security-group <sec_group> <port>
8.2.6.
流程
$ openstack security group list
$ openstack port list
$ openstack port show <port-uuid> -c security_group_ids
$ openstack security group delete <group> [<group> ...]
8.2.7.
注意
流程
$ openstack keypair create <keypair> > ~/.ssh/<keypair>.pem
$ chmod 600 ~/.ssh/<keypair>.pem
8.2.8.
流程
$ openstack keypair create --public-key ~/.ssh/<public_key>.pub \ <keypair> > ~/.ssh/<keypair>.pem
$ openstack keypair create --private-key ~/.ssh/<private_key> \ <keypair> > ~/.ssh/<keypair>.pem
$ chmod 600 ~/.ssh/<keypair>.pem
