security group not working - nova networking FlatDHCP - vSphere
Seems that nothing is being blocked by either the default security group or any security group I create.... Not sure if I'm missing something?
Can someone point out places I can check?
I have this in my nova.conf
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
Even with Neutron you need to have NVP plugin with NSX controller, or else the security group will not work in Vsphere
Yea the deeper I investigate the integration of OpenStack with vSphere the more I'm disappointed in the fact that if you want to use OpenStack "fully" you still have to pay VMware for networking... It's like a smack in the face. Unless they plan on making NSX apart of vSphere Enterprise Plus....
Exactly :) I checked with some of the VMware people regarding the support of openvswitch with Vspehere, they were not willing to comment on that.
@antonnoble can you please update your question to specify that you're working with vSphere, not (say) kvm in your installation? I think yours is an interesting question and it has an answer, would be good to document it here fully. Thanks
I contacted the VMWare team, and they stated they are thinking about releasing a neutron plugin for vSphere that's "dumbed" down to reduce the barrier to entry for networking with vSphere. However, you would still be extremely limited without using NSX.