Managing security groups
At this point, you may think that you should be able to connect to your instance. Not quite yet. There is a layer of security built into OpenStack called security groups. Security groups are tenant-level firewalls. You can define multiple security groups; you can even assign multiple security groups to a running instance. A security group named default is created for each tenant when the tenant is created. Let's list that default group:
control# neutron security-group-list
To see the rules defined in a security group, list the rules. This command lists all the rules in the tenant. If you want to see the rules for a specific security group, you'll have to filter out the security group you are interested in; grep is a good tool for this. Here are the commands to accomplish this:
control# neutron security-group-rule-list control# neutron security-group-rule-list | grep sec_group_name
As illustrated, the default rules added to the default security group are pretty basic...
