You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cloudstack.apache.org by "Wido den Hollander (JIRA)" <ji...@apache.org> on 2013/02/05 21:13:13 UTC

[jira] [Created] (CLOUDSTACK-1164) Use libvirt for security groups for KVM

Wido den Hollander created CLOUDSTACK-1164:
----------------------------------------------

             Summary: Use libvirt for security groups for KVM
                 Key: CLOUDSTACK-1164
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1164
             Project: CloudStack
          Issue Type: Wish
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Hypervisor Controller, KVM
    Affects Versions: 4.0.0, 4.1.0
            Reporter: Wido den Hollander
             Fix For: Future


The current implementation for the security groups uses a custom Python script which applies iptable and ebtable rules to the hypervisor.

Libvirt also supports this with network filters: http://libvirt.org/formatnwfilter.html

It might be cleaner to do this via libvirt, but the downside is that a lot of functions are only supported by libvirt 0.9.8 and higher.

This might not be possible at this moment, but it might be worth a shot at a later stadium.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira