[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[neutron] Security groups with SR-IOV as a second ML2 mechanism driver


On Mon, Oct 05, 2020 at 05:12:20PM -0500, GABRIEL OMAR GAMERO MONTENEGRO wrote:
> Dear all,
> I'm planning to use the SR-IOV Networking L2 Agent
> with another L2 Agent as Open vSwitch or Linux Bridge
> (a configuration with multiple ML2 mechanism drivers).
> Does anybody know if I can use the Open vSwitch or
> Linux Bridge L2 agents with security group feature (implemented
> with iptables firewall driver or Native Open vSwitch firewall driver)?
> Or am I restricted to apply no security to my instances because
> SR-IOV L2 agent is being used as a second mechanism driver
> in the same OpenStack deployment?

Yes, it should works fine if You will use SG for ports which are bound by
Linuxbridge or Openvswitch mech drivers.

> Thanks in advance,
> Gabriel Gamero

Slawek Kaplonski
Principal Software Engineer
Red Hat