Manage Security Groups in Red Hat OpenStack


Security groups are sets of IP filter rules. It can be assigned to Project instances and they are project specific. It describes networking access to the instance.

All projects have a default security group that is applied to any instance that has no other defined security group and it has default deny all policy for incoming traffic.

Security groups in Red Hat OpenStack

How to create a Security Group:

Go to Project > Compute > Access & Security

Click on “Create Security Group” -> Provide name and description.

Create New Security Group

Verify the new Security Group in the Red Hat OpenStack Dashboard.

Security Group in Red Hat OpenStack Dashboard

Click on Manage Rules for default security group

Default Security Group

Now let’s add rule into new security group which we created earlier.

Manage Security Group Rules: MitSec

Click on Add rule

Add Rule in Security Group in Red Hat OpenStack

Available rules are as below:

2015-03-08 22_24_09-Manage Security Group Rules - OpenStack Dashboard

Following are screenshots of options available in Direction, Open Port and Remote List box in a dialogue box.

2015-03-08 22_28_04-Manage Security Group Rules - OpenStack Dashboard 2015-03-08 22_28_18-Manage Security Group Rules - OpenStack Dashboard 2015-03-08 22_28_32-Manage Security Group Rules - OpenStack Dashboard

To add rule to allow HTTP access:

2015-03-08 22_32_28-Manage Security Group Rules - OpenStack Dashboard

Verify the new HTTP rule added in Red Hat OpenStack Dashboard

2015_03_08_22_32_48_Manage_Security_Group_Rules_OpenStack_Dashboard

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s