cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Radhika Puthiyetath <radhika.puthiyet...@citrix.com>
Subject RE: Security Groups in Advanced mode
Date Tue, 18 Dec 2012 13:52:52 GMT
Hi,

Security Group support in Advanced Zone is a new feature. The feature is not yet released.

Experts, correct me if I am wrong!

-Radhika



-----Original Message-----
From: Valery Ciareszka [mailto:valery.tereshko@gmail.com] 
Sent: Tuesday, December 18, 2012 7:02 PM
To: cloudstack-users@incubator.apache.org
Subject: Security Groups in Advanced mode

Hi people,

Does anybody know how security groups could be enabled in advanced networking mode ?

Official documentation at
http://incubator.apache.org/cloudstack/docs/en-US/Apache_CloudStack/4.0.0-incubating/html/Installation_Guide/security-groups.html
 says:

11.7.3. Enabling Security Groups
> In order for security groups to function in a zone, the security 
> groups feature must first be enabled for the zone. The administrator 
> can do this when creating a new zone, by selecting a network offering 
> that includes security groups. The procedure is described in Basic 
> Zone Configuration in the Advanced Installation Guide.


I can see option to choose network offering in basic mode:
http://thesuki.org/png/2012/12/cloudstack/cs_basic.png

But there is not such option in advanced mode:
http://thesuki.org/png/2012/12/cloudstack/cs_adv.png

I can see shared offering with security groups in network offerings:
http://thesuki.org/png/2012/12/cloudstack/cs_noff.png

But when I try to add shared network to zone, there is no option to select network offering
with security groups:
http://thesuki.org/png/2012/12/cloudstack/cs_guest.png

I've figured out that

>  In CloudStack 3.0.3 - 3.0.5, security groups are supported only in 
> zones that use basic networking.


So are security groups supported in Cloudstack 4.0  or  I am trying to break the brick wall
with my head in vain :) ?
If they are not supported, how could I prevent ip spoofing on the guest VMs within one shared
network segment ?

Thanks.

--
Regards,
Valery

http://protocol.by/slayer
Mime
View raw message