Ask Your Question
0

security group not working - nova networking FlatDHCP - vSphere

asked 2013-12-09 09:54:34 -0500

antonnoble gravatar image

updated 2013-12-16 13:39:59 -0500

Seems that nothing is being blocked by either the default security group or any security group I create.... Not sure if I'm missing something?

Can someone point out places I can check?

I have this in my nova.conf

firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
edit retag flag offensive close merge delete

Comments

Even with Neutron you need to have NVP plugin with NSX controller, or else the security group will not work in Vsphere

Ashokb gravatar imageAshokb ( 2013-12-09 10:14:26 -0500 )edit

Yea the deeper I investigate the integration of OpenStack with vSphere the more I'm disappointed in the fact that if you want to use OpenStack "fully" you still have to pay VMware for networking... It's like a smack in the face. Unless they plan on making NSX apart of vSphere Enterprise Plus....

antonnoble gravatar imageantonnoble ( 2013-12-09 10:46:19 -0500 )edit

Exactly :) I checked with some of the VMware people regarding the support of openvswitch with Vspehere, they were not willing to comment on that.

Ashokb gravatar imageAshokb ( 2013-12-12 01:16:06 -0500 )edit

@antonnoble can you please update your question to specify that you're working with vSphere, not (say) kvm in your installation? I think yours is an interesting question and it has an answer, would be good to document it here fully. Thanks

smaffulli gravatar imagesmaffulli ( 2013-12-16 11:45:37 -0500 )edit

I contacted the VMWare team, and they stated they are thinking about releasing a neutron plugin for vSphere that's "dumbed" down to reduce the barrier to entry for networking with vSphere. However, you would still be extremely limited without using NSX.

antonnoble gravatar imageantonnoble ( 2013-12-16 13:42:14 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2013-12-09 10:09:19 -0500

antonnoble gravatar image

updated 2013-12-16 11:43:44 -0500

smaffulli gravatar image

Looks like security groups are not supported with vSphere in conjunction with nova networking.... Time to make Neutron work.... Once you setup Neutron you need to have NVP plugin with NSX controller, or else the security group will not work in Vsphere

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-12-09 09:54:34 -0500

Seen: 154 times

Last updated: Dec 16 '13