Swarm security groups block container traffic
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Magnum |
Fix Released
|
Critical
|
Daneyon Hansen |
Bug Description
The swarm baytype implements the following security groups:
https:/
https:/
Since the security group only allows icmp, ssh and swarm-mgr traffic, traffic between containers is being blocked. For example:
1. I deploy the test image:
$ docker -H tcp://10.0.0.3:2376 --tlsverify --tlscacert=
I verify the container is running:
# docker -H tcp://10.0.0.3:2376 --tlsverify --tlscacert=
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
11ee90039924 larsks/
I should be able to curl the container using 10.0.0.4:49153, but I can't because neutron is blocking the traffic.
Changed in magnum: | |
assignee: | nobody → Daneyon Hansen (danehans) |
Changed in magnum: | |
status: | In Progress → Triaged |
importance: | Undecided → Critical |
milestone: | none → liberty-3 |
Changed in magnum: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. openstack. org/229134
Review: https:/