[Bug 1429862] Re: Spinning nova testbeds in given security-groups
Celso Providelo
celso.providelo at canonical.com
Tue Mar 10 07:49:30 UTC 2015
Martin,
I've done added few tweaks to your patch (basically enabling the new
option in the `getopt` check and removing quotes from the given
secgroups, nova does not like them).
It works, as requested:
{{{
adt-run libpng -d --- ssh -s nova -- --flavor m1.small --image ubuntu-trusty-14.04-amd64-server-20150305-disk1.img --net-id 415a0839-eb05-4e7a-907c-413c657f4bf5 -k foo -s juju-bootstack-10-testbed -d
}}}
** Patch added: "modified.patch"
https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/1429862/+attachment/4339712/+files/modified.patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to autopkgtest in Ubuntu.
https://bugs.launchpad.net/bugs/1429862
Title:
Spinning nova testbeds in given security-groups
Status in autopkgtest package in Ubuntu:
In Progress
Bug description:
This is a feature request to the current nova-ssh setup support for
having more secure testbeds in wild cloud-environments.
I am looking for a way to spin testbeds that are only accessible from
an specific keypair (already supported by the --key-pair option) and
has access restrictions defined by specifics security group, for
instance:
{{{
nova boot ... --security-groups <testbed-0>
}}}
The 'testbed-0' security group would be created prior to the `adt-run`
allowing only ssh connections from the host and possibly internet
access (for pkgs which needs it). This way the testbed access to other
testbeds or infrastructure components within the same cloud could be
programatically restricted.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/autopkgtest/+bug/1429862/+subscriptions
More information about the foundations-bugs
mailing list