OpenStack nova/neutron iptables rules are cleared when implementing host rules

Solution Verified - Updated -

Issue

  • What is the preferred way to manage iptables rules for the host along with the dynamic rules from nova and neutron?
  • We have a local firewall policy on our OpenStack hosts which lock down communication at a host level.
  • We've noticed that if we make changes to this policy and restart iptables that any dynamic rules created by nova or neutron are lost during that restart.

Environment

Red Hat Enterprise Linux OpenStack Platform

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content