OpenStack Dashboard (Horizon)

Improved Security Group and Rule Creation

Bug #1326411 reported by Matt
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Invalid
Undecided
Unassigned
OpenStack Dashboard (Horizon)
Invalid
Undecided
Unassigned

Bug Description

It would be nice if Horizon gave more flexibility around security group and rule creation. Adding them one at a time through the UI can be very tedious, and it doesn't seem like there's an easy way to take a security group you set up in one instance and use it in a different instance of OpenStack, other than manually recreating each piece of it. It might be useful to allow importing and exporting rule sets. If there are common sets of ports to open, perhaps we could offer prebuilt sets that users could then extend if needed or pull into existing security groups?

Just seems like there's more we could do in this area to make it easier to get the ports open that you need to, and ensure that those settings are portable. If someone has a test environment they're playing around with, and they then set up production OpenStack, is there a good way for them to pull those security groups they set up and tested from test/dev into prod currently?

I can't speak towards if that's a legitimate use case, but it seems reasonable to me.

Tags: ux
Revision history for this message
Eugene Nikanorov (enikanorov) wrote :

I think this request doesn't affect neutron directly.
This seems like an improvement for Horizon only.
Removing neutron

no longer affects: neutron
Revision history for this message
Ana Krivokapić (akrivoka) wrote :

This feature request seems reasonable to me, however I think it makes sense to track it in a blueprint rather than a bug. Matt, would you mind opening a bp for it?

Revision history for this message
Matt (mreid) wrote :

Corresponding blueprint is https://blueprints.launchpad.net/horizon/+spec/horizon-improved-security-group-and-rule-creation

Julie Pichon (jpichon)
Changed in horizon:
importance: Undecided → Wishlist
Revision history for this message
Sean Dague (sdague) wrote :

not a nova feature

Changed in nova:
status: New → Invalid
Revision history for this message
Julie Pichon (jpichon) wrote :

Although it'd be nice to make security group rules creation/re-creation easier on CLI too, I think adding a simple import/export feature only to Horizon would be acceptable and a nice improvement to the user experience in this case, even if there's no direct API for it. It doesn't require Horizon to have storage, we can simply read the existing rules for export (kinda like we do for the CSV Usage Download, which isn't a direct API) and create them one by one using the usual APIs. End users can then share their rules for the common cases if they wish to.

Nikunj Aggarwal (nikunj2512)
Changed in horizon:
assignee: nobody → Nikunj Aggarwal (nikunj2512)
Revision history for this message
Rob Cresswell (robcresswell-deactivatedaccount) wrote :

This would need to be a blueprint, not a bug.

Changed in horizon:
status: New → Invalid
Matthias Runge (mrunge)
Changed in horizon:
assignee: Nikunj Aggarwal (nikunj2512) → nobody
importance: Wishlist → Undecided
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.