Public bug reported:
I am not sure if its design intention, Openstack add 'deafult' security group to a VM when attaching new interface to that VM even if the VM have customized secgroup . for many deployment, users create and add customized security group to the VMs, so when attaching new network interface to the VM, Openstack keeps the customized secgroup , but in addition, it adds the 'deafult' which is not good as default should not have all security ports open by default. Liberty, before attach the VM to new network < Nova show <vm> > | security_groups | customized | after VM attached to new network < Nova show <vm> > | security_groups | customized, default | ** Affects: neutron Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1667500 Title: Openstack add 'deafult' security group to a VM when attaching new interface to new network even the VM have customized secgroup Status in neutron: New Bug description: I am not sure if its design intention, Openstack add 'deafult' security group to a VM when attaching new interface to that VM even if the VM have customized secgroup . for many deployment, users create and add customized security group to the VMs, so when attaching new network interface to the VM, Openstack keeps the customized secgroup , but in addition, it adds the 'deafult' which is not good as default should not have all security ports open by default. Liberty, before attach the VM to new network < Nova show <vm> > | security_groups | customized | after VM attached to new network < Nova show <vm> > | security_groups | customized, default | To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1667500/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp