I had created the project with two networks A and B and with two security groups, default and Allpermit, and created an instance that connected network A and set security group Allpermit.
- Default Security group: Set to allow transmission only within the same group
- Allpermit security group: Allow all transmission and reception
Then, we added another network B with the
nova interface-attachcommand, and after network B was added, the security group default was applied to the whole instance.
- Question 1: Is it possible to specify a security group when adding a network with the
- Question 2: When applying / deleting a security group from Dashboard, if applying security group Allpermit first, does Allpermit override the filtering of default security group added later?
- If you assign or delete a security group from the Dashboard to an instance with two networks, Is only the security group added earlier valid?
- In other words, if you want to apply a separate security group to each network port, you must use the CLI to specify a security group with
neutron port-update --security-group SECURITY_GROUP PORT?
- Red Hat OpenStack Platform 7.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.