Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-18 Thread Chandler Li
Hello Ashok, Thanks for your reply! My libvirt_vif_driver parameter setting at compute node is nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver. Thanks, Chandler 2013/6/18 Ashok Kumaran > Hi Chandler, > > whats your libvirt_vif_driver set in nova-compute.conf? > > > On Tue, Jun 18, 2013 at

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-18 Thread Ashok Kumaran
Hi Chandler, whats your libvirt_vif_driver set in nova-compute.conf? On Tue, Jun 18, 2013 at 1:08 PM, Chandler Li wrote: > Hi, Aaron, > > Sorry for my unclear explanation. > > I can ping or ssh into the VM with default security group even there are > no rules setting... > > Here is my security

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-18 Thread Chandler Li
Hi, Aaron, Sorry for my unclear explanation. I can ping or ssh into the VM with default security group even there are no rules setting... Here is my security group information, [root@controller ~]# nova secgroup-list +-+-+ | Name| Description | +-+-+

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-17 Thread Aaron Rosen
Hi, I think it would also be helpful if you attached the output of: nova secgroup-list then: nova secgroup-list-rules for each group so we could see what rules you have set in nova. Aaron On Mon, Jun 17, 2013 at 6:22 PM, Chandler Li wrote: > Hi Aaron, > > Thanks for your reply! > > Yes, I hav

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-17 Thread Chandler Li
Hi Aaron, Thanks for your reply! Yes, I have set /etc/nova/nova.conf as follows, but it seems not working. libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver libvirt_use_virtio_for_bridges=True I can't figure o

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-17 Thread Aaron Rosen
Do you have: firewall_driver=nova.virt.firewall.IptablesFirewallDriver in your nova.conf? In folsom, quantum leveraged nova security groups implementation directly so you need that. (looks like you have that set though by your output). Aaron On Sun, Jun 16, 2013 at 7:38 PM, Chandler Li wrot

Re: [Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-16 Thread Chandler Li
Hi, I checked the compute node's iptables rules and found out the nova-compute-inst-xxx have no traffic flow. The traffic flow stopped at nova-filter-top chain rule, so security group is not working. Any idea how to resolve this problem? Thanks, Chandler [root@compute1 ~]# iptables -L -v -n Chain

[Openstack] Security Group of Quantum ovs plugin (Folsom) is not working

2013-06-13 Thread Chandler Li
Hello, I'm trying to use security group of Quantum ovs plugin(Folsom) in CentOS 6.3 (2012.2.3-1.el6@epel). Everything looks good, except security group, and there are no error message in /var/log/nova/compute.log file. After I created VM, I can see the bridges and interfaces have been created n