Security Groups
This text shortly sums up the use and configuration of Security Groups in MetaCloud.
The Concept of Security Groups
VMs are assigned to security groups depending on which ports need to remain open for communication over network. Simply put, a VM is assigned to one security group for each task or role it is supposed to play. For instance, assigning a VM to group Web Server opens TCP ports 80 (HTTP) and 443 (HTTPs).
All security groups defined in the infrastructure can be displayed by clicking Network -> "Security Groups" in the menu as the following figure shows.
Default settings
All VMs instantiated in MetaCentrum allow remote access ports (SSH, RDP) and ports for routine service protocols such as DHCP or ICMP. Current security groups applied to a VM can be displayed as a detail of its network interface settings. OpenNebula allows assigning different network interfaces to different security groups.
Display a list of selected security groups by clicking the arrow symbol next to your selected network interface in the Network tab as shown in the following figure:
Changing Security Groups Settings
Security group application is adequately explained in OpenNebula's documentation.