Spinning nova testbeds in given security-groups
Bug #1429862 reported by
Celso Providelo
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
autopkgtest (Ubuntu) |
Fix Released
|
Medium
|
Martin Pitt |
Bug Description
This is a feature request to the current nova-ssh setup support for having more secure testbeds in wild cloud-environments.
I am looking for a way to spin testbeds that are only accessible from an specific keypair (already supported by the --key-pair option) and has access restrictions defined by specifics security group, for instance:
{{{
nova boot ... --security-groups <testbed-0>
}}}
The 'testbed-0' security group would be created prior to the `adt-run` allowing only ssh connections from the host and possibly internet access (for pkgs which needs it). This way the testbed access to other testbeds or infrastructure components within the same cloud could be programatically restricted.
Changed in autopkgtest (Ubuntu): | |
assignee: | nobody → Martin Pitt (pitti) |
status: | New → In Progress |
importance: | Undecided → Medium |
tags: | added: patch |
To post a comment you must log in.
Hey Celso,
this is a proposed patch against the current nova setup script. As I cannot test this myself (no cloud access) and don't want to commit it blindly, would you mind giving this a spin?
Thanks!