neutron - default security group per tenant
Hi , I am running openstack with rhel 7.1 and rhos version 6 (juno). the cloud supports neutron (vxlan) After install we have default security-group for admin tenant , 4 rules two for v4 and two for v6.
[root@volume-lvm-os-7 ~(keystone_demo)]# neutron security-group-rule-show eeb39e81-62ea-43aa-b583-0e29916a268a
Example: (please note protcol is empty and remote_ip)
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | eeb39e81-62ea-43aa-b583-0e29916a268a |
| port_range_max | |
| port_range_min | |
| protocol | |
| remote_group_id | 07420f78-c93b-4e1b-86d8-38ba31291959 |
| remote_ip_prefix | |
| security_group_id | 07420f78-c93b-4e1b-86d8-38ba31291959 |
| tenant_id | 3d40ca08dad7461fa86e359138463147 |
+-------------------+--------------------------------------+
When we create a new tenant , it inherits these rules but we could not ping or ssh to instance . When i am adding the rule manually to the tenant - it works .
My question : Is there any way to change the default policy group for all tenants ? i need that the new tenant will inherit more rules. I did try to do it with policy group for admin , adding rules but the new tenant does not inherit these rules ....
Please assist,
Thanks, Benny