Security Group for network
Neutron offers virtual network management functionality.
Since we can define any number of networks/subnets in a flexible way,
so virtual network topologies
tend to map security policy. On the other hand, we can specify security group
on a per port basis.
In this blueprint, we are proposing the addition of security_groups
as an extension attribute for the Network resource, for better API usability.
As an example, with this extension a tenant can define network-wide default security group(s),
so any vms that come up on any subnet in that network will be subject to the corresponding group rules.
Blueprint information
- Status:
- Complete
- Approver:
- Kyle Mestery
- Priority:
- Medium
- Drafter:
- Nachi Ueno
- Direction:
- Needs approval
- Assignee:
- Nachi Ueno
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Blocked
- Milestone target:
- None
- Started by
- Kyle Mestery
- Completed by
- Armando Migliaccio
Related branches
Related bugs
Sprints
Whiteboard
August-26 (mestery): Since this patch has been stuck for a while now, moving this out of Juno at this point. Nachi, lets work with the core team in Kilo to revive this work.
15-July (mestery): Moving to Juno-3 as the code review appears to still be stuck for now.
12-June (mestery): Targeting Juno-2 for this.
Gerrit topic: https:/
Addressed by: https:/
Added extension for network_
Addressed by: https:/
Extension for Network Security Group (Spec)