summaryrefslogtreecommitdiffstats
path: root/docs/configurationguide
diff options
context:
space:
mode:
authorBin Hu <bh526r@att.com>2016-08-28 10:10:28 -0700
committerBin Hu <bh526r@att.com>2016-08-28 10:10:28 -0700
commit180aea81852e2e404274dd904c08d49dd10db035 (patch)
tree8094b0c2513ea0a8a31bf1db9118d924f585c0c1 /docs/configurationguide
parent6330b5dbb1c1a3915170b5ba7278023f30b860fe (diff)
Update instructions related to security groups
Change-Id: I92f44aa02d6182596d96692cb79750cdce7a2cab Signed-off-by: Bin Hu <bh526r@att.com>
Diffstat (limited to 'docs/configurationguide')
-rw-r--r--docs/configurationguide/featureconfig.rst12
-rw-r--r--docs/configurationguide/index.rst12
2 files changed, 16 insertions, 8 deletions
diff --git a/docs/configurationguide/featureconfig.rst b/docs/configurationguide/featureconfig.rst
index 5448907..f721a5b 100644
--- a/docs/configurationguide/featureconfig.rst
+++ b/docs/configurationguide/featureconfig.rst
@@ -173,10 +173,12 @@ are not there by default.
# /etc/neutron/plugins/ml2/ml2_conf.ini
[securitygroup]
- enable_security_group = False
+ enable_security_group = True
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
[ml2]
extension_drivers = port_security
+ [agent]
+ prevent_arp_spoofing = False
**OPNFV-NATIVE-SEC-2**: Change the settings in ``/etc/nova/nova.conf`` as follows,
if they are not there by default.
@@ -185,7 +187,7 @@ if they are not there by default.
# /etc/nova/nova.conf
[DEFAULT]
- security_group_api = nova
+ security_group_api = neutron
firewall_driver = nova.virt.firewall.NoopFirewallDriver
**OPNFV-NATIVE-SEC-3**: After updating the settings, you will have to restart the
@@ -597,10 +599,12 @@ are not there by default.
# /etc/neutron/plugins/ml2/ml2_conf.ini
[securitygroup]
- enable_security_group = False
+ enable_security_group = True
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
[ml2]
extension_drivers = port_security
+ [agent]
+ prevent_arp_spoofing = False
**OPNFV-SEC-2**: Change the settings in ``/etc/nova/nova.conf`` as follows,
if they are not there by default.
@@ -609,7 +613,7 @@ if they are not there by default.
# /etc/nova/nova.conf
[DEFAULT]
- security_group_api = nova
+ security_group_api = neutron
firewall_driver = nova.virt.firewall.NoopFirewallDriver
**OPNFV-SEC-3**: After updating the settings, you will have to restart the
diff --git a/docs/configurationguide/index.rst b/docs/configurationguide/index.rst
index 1ad355f..c3d7ed3 100644
--- a/docs/configurationguide/index.rst
+++ b/docs/configurationguide/index.rst
@@ -173,10 +173,12 @@ are not there by default.
# /etc/neutron/plugins/ml2/ml2_conf.ini
[securitygroup]
- enable_security_group = False
+ enable_security_group = True
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
[ml2]
extension_drivers = port_security
+ [agent]
+ prevent_arp_spoofing = False
**OPNFV-NATIVE-SEC-2**: Change the settings in ``/etc/nova/nova.conf`` as follows,
if they are not there by default.
@@ -185,7 +187,7 @@ if they are not there by default.
# /etc/nova/nova.conf
[DEFAULT]
- security_group_api = nova
+ security_group_api = neutron
firewall_driver = nova.virt.firewall.NoopFirewallDriver
**OPNFV-NATIVE-SEC-3**: After updating the settings, you will have to restart the
@@ -597,10 +599,12 @@ are not there by default.
# /etc/neutron/plugins/ml2/ml2_conf.ini
[securitygroup]
- enable_security_group = False
+ enable_security_group = True
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
[ml2]
extension_drivers = port_security
+ [agent]
+ prevent_arp_spoofing = False
**OPNFV-SEC-2**: Change the settings in ``/etc/nova/nova.conf`` as follows,
if they are not there by default.
@@ -609,7 +613,7 @@ if they are not there by default.
# /etc/nova/nova.conf
[DEFAULT]
- security_group_api = nova
+ security_group_api = neutron
firewall_driver = nova.virt.firewall.NoopFirewallDriver
**OPNFV-SEC-3**: After updating the settings, you will have to restart the