Security Groups Can't Apply in Kilo with Neutron & XenServer

asked 2016-03-13 23:12:42 -0600

adhi gravatar image

updated 2016-03-13 23:37:33 -0600

Hi all,

I had Openstack Kilo installed on my lab, for Compute Hypervisor I use XenServer 6.5, and networking Using Neutron OVS. For Controller, Network, and Compute node I'm using Ubuntu 14.04.

My problem was Security Groups rules doesn't applied to the instance that created. For example, there is no rule allowed for SSH port 22 in security group that I defined to the instance, but instance with floating IP able to login by ssh from external network.

I've already add this option on my nova.conf


and also defined firewall_driver on my ml2_conf.ini at Controller, Network, and Compute node

enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

can somebody help me with this problem ?

edit retag flag offensive close merge delete


can you provide the output ? just to confirm

neutron security-group-rule-list
Bipin gravatar imageBipin ( 2016-03-13 23:49:44 -0600 )edit

Here you go

adhi gravatar imageadhi ( 2016-03-14 00:50:48 -0600 )edit