Thanks Aaron for your kind help. It worked. Is there any doc which lists all the possible commands and their usage for quantum? because --help doesn't help in identifying all the parameters, is there any reference which one can use to get the complete command syntax?
-Regards Rahul Sharma On Fri, Jun 28, 2013 at 12:45 PM, Aaron Rosen <aro...@nicira.com> wrote: > > > > On Thu, Jun 27, 2013 at 10:51 PM, Rahul Sharma > <rahulsharma...@gmail.com>wrote: > >> Hi Aaron, >> >> Thanks for the CLI. I have a query related to that. I have a multinode >> openstack-deployment. To allow all the ports of VM accessible from outside, >> I need to add a rule "*TCP port-range 1-65535 Allow*" using Horizon >> dashboard. Now this rule is pushed to Quantum database as well as Nova >> database. >> > > This is only stored in the quantum database. When querying nova for this > information it will query quantum. > > >> root@controller1:~# quantum security-group-rule-list -- >> --tenant-id=40a7cd193a794161bfefd62364e64d03 >> >> >> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ >> | id | security_group | direction | >> protocol | remote_ip_prefix | remote_group | >> >> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ >> | 24cd1f88-8b50-45da-822c-e932178aeffd | default | egress >> | | | | >> | 54e72726-61d5-4253-a92f-47a84d0ec882 | default | ingress >> | | | default | >> | 977c7aff-9649-4037-af03-086d5db4955a | default | egress >> | | | | >> *| d3e0d85c-b9c7-4fc3-9009-d14ed085876a | default | ingress | >> tcp | 0.0.0.0/0 | |* >> | e0887d63-bee2-4848-acce-c193aa03ef02 | default | ingress >> | | | default | >> >> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ >> >> root@controller1:~# nova --os-username test --os-password test >> --os-tenant-name "test" secgroup-list-rules default >> +-------------+-----------+---------+-----------+--------------+ >> | IP Protocol | From Port | To Port | IP Range | Source Group | >> +-------------+-----------+---------+-----------+--------------+ >> | | -1 | -1 | | default | >> | | -1 | -1 | | default | >> *| tcp | 1 | 65535 | 0.0.0.0/0 | |* >> +-------------+-----------+---------+-----------+--------------+ >> >> How can I do the same using CLI? Is there any single command which will >> do this task or I need to manually do this from UI? I tried adding rule >> using nova and quantum commands but its giving me error in taking >> parameters like 0.0.0.0/0 or due to something else which is not evident >> from the error message. I am using Grizzly release. >> >> > quantum security-group-rule-create --protocol tcp --ethertype IPv4 > --port-range-min 1 --port-range-max 65535 --remote-ip-prefix 0.0.0.0/0 > default > > or > > nova secgroup-add-rule default tcp 1 65355 0.0.0.0/0 > > >> Thanks and Regards >> Rahul Sharma >> >> >> On Thu, Jun 27, 2013 at 10:25 PM, Aaron Rosen <aro...@nicira.com> wrote: >> >>> Hi Rahul, >>> >>> The issue is that you are running as an admin user so it shows all the >>> security groups for every tenant. If you want to list the security groups >>> for just one particular tenant you can do this: >>> >>> >>> quantum security-group-list -- --tenant-id=<tenant_id> >>> >>> >>> Aaron >>> >>> >>> >>> On Thu, Jun 27, 2013 at 5:54 AM, Rahul Sharma >>> <rahulsharma...@gmail.com>wrote: >>> >>>> Hi All, >>>> >>>> I have a query regarding the security-groups. Whenever I create a new >>>> tenant, a default security-group is created for that tenant. Now I want to >>>> find out which security-group is for which tenant? If I run "quantum >>>> security-group-list", then it shows me the security-groups is below >>>> format:- >>>> root@controller1:~# quantum security-group-list >>>> >>>> +--------------------------------------+-----------------+-------------------------------------+ >>>> | id | name | >>>> description | >>>> >>>> +--------------------------------------+-----------------+-------------------------------------+ >>>> | 429f8e9e-edfc-4173-b599-9d91d9f7cb7d | default | >>>> default | >>>> | 47cbba23-6a73-44dc-b7c4-46794ed7aa5a | default | >>>> default | >>>> | 5ea93a09-6d96-4688-8005-99f8de4f20d7 | default | >>>> default | >>>> | 81cb819c-ffc2-4c26-b390-8e24b11f3443 | default | >>>> default | >>>> | 83778bc4-bbd2-4e02-9131-c5d4cf8a9e9b | default | >>>> default | >>>> | 9ca14384-00f0-4597-acd4-00bdec10ab5c | default | >>>> default | >>>> | a0e42478-ff76-4513-a698-7d7b0450a878 | default | >>>> default | >>>> | da2cb126-520e-475b-81f3-5d0d2f053333 | default | >>>> default | >>>> >>>> +--------------------------------------+-----------------+-------------------------------------+ >>>> >>>> How can I figure out the default security-group to a particular >>>> tenant/user? There is no option to show security-groups bound to particular >>>> tenant. Is there any CLI command to figure out the same? >>>> >>>> Thanks and Regards >>>> Rahul Sharma >>>> >>>> _______________________________________________ >>>> Mailing list: https://launchpad.net/~openstack >>>> Post to : openstack@lists.launchpad.net >>>> Unsubscribe : https://launchpad.net/~openstack >>>> More help : https://help.launchpad.net/ListHelp >>>> >>>> >>> >> >
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
