Security Groups

From MetaCentrum
Jump to navigation Jump to search

(Česká verze)

This text shortly sums up the use and configuration of Security Groups in MetaCloud.

The Concept of Security Groups

VMs are assigned to security groups depending on which ports need to remain open for communication over network. Simply put, a VM is assigned to one security group for each task or role it is supposed to play. For instance, assigning a VM to group Web Server opens TCP ports 80 (HTTP) and 443 (HTTPs).

All security groups defined in the infrastructure can be displayed by clicking Network -> "Security Groups" in the menu as the following figure shows.

Opennebula security group list.png

Default settings

All VMs instantiated in MetaCentrum allow remote access ports (SSH, RDP) and ports for routine service protocols such as DHCP or ICMP. Current security groups applied to a VM can be displayed as a detail of its network interface settings. OpenNebula allows assigning different network interfaces to different security groups.

Display a list of selected security groups by clicking the arrow symbol next to your selected network interface in the Network tab as shown in the following figure:

Opennebula security groups assigned.png

Changing Security Groups Settings

Security group application is adequately explained in OpenNebula's documentation.