I believe it's an important feature, because currently the default security rules are hard-coded in neutron's code, and that won't fit all organizations (not to say that the default security rules won't scale well on our current implementation).
Best, Miguel Ángel ----- Mensaje original ----- > Greetings > > We use neutron as network functionality implementation in nova, and as > you know, there is a feature called 'os-security-group-default-rules' > in nova extension[1], a hook mechanism to add customized rules when > creating default security groups, which is a very useful feature to > the administrators or operators (at least useful to us in our > deployment). But I found this feature is valid only when using > nova-network. > > So, for the functionality parity between nova-network and neutron and > for our use case, I registered a blueprint[2] about default security > group rules in Neutron days ago and related neutron spec[3], and I > want it to be involved in Juno, so we can upgrade our deployment that > time for this feature. I'm ready for the code implementation[3]. > > But I still want to see what's the community's thought about including > this feature in neutron, any of your feedback and comments are > appreciated! > > [1] > https://blueprints.launchpad.net/nova/+spec/default-rules-for-default-security-group > [2] > https://blueprints.launchpad.net/neutron/+spec/default-rules-for-default-security-group > [3] https://review.openstack.org/98966 > [4] https://review.openstack.org/99320 > > -- > Regards! > ----------------------------------- > Lingxian Kong > > _______________________________________________ > OpenStack-dev mailing list > [email protected] > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
