Hi Aaron, Thanks for the CLI. I have a query related to that. I have a multinode openstack-deployment. To allow all the ports of VM accessible from outside, I need to add a rule "*TCP port-range 1-65535 Allow*" using Horizon dashboard. Now this rule is pushed to Quantum database as well as Nova database.
root@controller1:~# quantum security-group-rule-list -- --tenant-id=40a7cd193a794161bfefd62364e64d03 +--------------------------------------+----------------+-----------+----------+------------------+--------------+ | id | security_group | direction | protocol | remote_ip_prefix | remote_group | +--------------------------------------+----------------+-----------+----------+------------------+--------------+ | 24cd1f88-8b50-45da-822c-e932178aeffd | default | egress | | | | | 54e72726-61d5-4253-a92f-47a84d0ec882 | default | ingress | | | default | | 977c7aff-9649-4037-af03-086d5db4955a | default | egress | | | | *| d3e0d85c-b9c7-4fc3-9009-d14ed085876a | default | ingress | tcp | 0.0.0.0/0 | |* | e0887d63-bee2-4848-acce-c193aa03ef02 | default | ingress | | | default | +--------------------------------------+----------------+-----------+----------+------------------+--------------+ root@controller1:~# nova --os-username test --os-password test --os-tenant-name "test" secgroup-list-rules default +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | | -1 | -1 | | default | | | -1 | -1 | | default | *| tcp | 1 | 65535 | 0.0.0.0/0 | |* +-------------+-----------+---------+-----------+--------------+ How can I do the same using CLI? Is there any single command which will do this task or I need to manually do this from UI? I tried adding rule using nova and quantum commands but its giving me error in taking parameters like 0.0.0.0/0 or due to something else which is not evident from the error message. I am using Grizzly release. Thanks and Regards Rahul Sharma On Thu, Jun 27, 2013 at 10:25 PM, Aaron Rosen <aro...@nicira.com> wrote: > Hi Rahul, > > The issue is that you are running as an admin user so it shows all the > security groups for every tenant. If you want to list the security groups > for just one particular tenant you can do this: > > > quantum security-group-list -- --tenant-id=<tenant_id> > > > Aaron > > > > On Thu, Jun 27, 2013 at 5:54 AM, Rahul Sharma <rahulsharma...@gmail.com>wrote: > >> Hi All, >> >> I have a query regarding the security-groups. Whenever I create a new >> tenant, a default security-group is created for that tenant. Now I want to >> find out which security-group is for which tenant? If I run "quantum >> security-group-list", then it shows me the security-groups is below format:- >> root@controller1:~# quantum security-group-list >> >> +--------------------------------------+-----------------+-------------------------------------+ >> | id | name | >> description | >> >> +--------------------------------------+-----------------+-------------------------------------+ >> | 429f8e9e-edfc-4173-b599-9d91d9f7cb7d | default | >> default | >> | 47cbba23-6a73-44dc-b7c4-46794ed7aa5a | default | >> default | >> | 5ea93a09-6d96-4688-8005-99f8de4f20d7 | default | >> default | >> | 81cb819c-ffc2-4c26-b390-8e24b11f3443 | default | >> default | >> | 83778bc4-bbd2-4e02-9131-c5d4cf8a9e9b | default | >> default | >> | 9ca14384-00f0-4597-acd4-00bdec10ab5c | default | >> default | >> | a0e42478-ff76-4513-a698-7d7b0450a878 | default | >> default | >> | da2cb126-520e-475b-81f3-5d0d2f053333 | default | >> default | >> >> +--------------------------------------+-----------------+-------------------------------------+ >> >> How can I figure out the default security-group to a particular >> tenant/user? There is no option to show security-groups bound to particular >> tenant. Is there any CLI command to figure out the same? >> >> Thanks and Regards >> Rahul Sharma >> >> _______________________________________________ >> Mailing list: https://launchpad.net/~openstack >> Post to : openstack@lists.launchpad.net >> Unsubscribe : https://launchpad.net/~openstack >> More help : https://help.launchpad.net/ListHelp >> >> >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
