Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-515

BZ#2070140 [RFE][neutron]: Enable setting default rules for default security group

XMLWordPrintable

    • Enable setting default rules for default security group
    • 34
    • False
    • Hide

      None

      Show
      None
    • False
    • Committed
    • Committed
    • OSPRH-2664 - Security Group Enhancements
    • rhos-18.0.0
    • Committed
    • Committed
    • 67% To Do, 0% In Progress, 33% Done
    • Networking; Neutron

      Description:

      Customer is looking for a way to prevent creation of the two default egress rules (ipv4/ipv6) on all new security groups.

      As an example, Customer created a new security group , then below rules (IPv4/IPv6) were added to it by default in their environment.
      ```
      $ openstack security group create sgtest
      ----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

      Field Value

      ----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

      created_at 2022-03-23T12:21:20Z
      description sgtest
      id e775b515-6055-4495-84c5-10c42a04c9f4
      name sgtest
      project_id d1bbfc8a1a524d2ab96ce76c179047b0
      revision_number 1
      rules created_at='2022-03-23T12:21:20Z', direction='egress', ethertype='IPv4', id='86bb3e49-da86-475e-a011-b3d10ffac328', updated_at='2022-03-23T12:21:20Z'
        created_at='2022-03-23T12:21:20Z', direction='egress', ethertype='IPv6', id='96b22909-a035-495f-8f62-1fddfaa33551', updated_at='2022-03-23T12:21:20Z'
      stateful None
      tags []
      updated_at 2022-03-23T12:21:20Z

      ----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
      Customer tested below upstream patch and it worked for them .
      https://review.opendev.org/c/openstack/neutron/+/835386

      Can we make this patch available for downstream as well for OSP 16.x ?
      If so,by when we can expect it to be available in downsteam.

            skaplons@redhat.com Slawomir Kaplonski
            jira-bugzilla-migration RH Bugzilla Integration
            Maor Blaustein Maor Blaustein
            rhos-dfg-networking-squad-neutron
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated: