Manage Security Groups of an Instance
Note
The openstack CLI will need to be setup to interact with the FlexiHPC system. Please read Setting up your CLI environment to interact with FlexiHPC to get started.
When adding or removing Security Groups from an instance via the CLI there are few details you will need, the Instance ID for the compute instance you want to adjust and the Security Group ID you want to add or remove from the instance.
Run the following command to return a list of servers within your project space
+--------------------------------------+-----------+--------+-------------------------------+-------------------------------+--------------------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-----------+--------+-------------------------------+-------------------------------+--------------------+
| 4f69a45d-78ad-48e7-b427-5694c8b09e45 | kahu-test | ACTIVE | NeSI-Training-Prod=10.1.0.250 | NeSI-FlexiHPC-Rocky-9.3_cloud | balanced1.2cpu4ram |
+--------------------------------------+-----------+--------+-------------------------------+-------------------------------+--------------------+
Taking note of the Instance ID
Note
For this example we will use 4f69a45d-78ad-48e7-b427-5694c8b09e45
Then run the following command to return a list of Security Groups
+--------------------------------------+----------------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+----------------+------------------------+----------------------------------+------+
| 050e0ec4-1416-46f2-98a0-b492f2c8d81b | ssh-allow-all | | 1b899a2883da444fa6b31172dcebbc56 | [] |
| 08749b3c-f8aa-443e-a881-80f6009fff59 | http | | 1b899a2883da444fa6b31172dcebbc56 | [] |
| 0ed77965-05bf-438e-b4e4-89060f814c4c | SSH Allow All | | 1b899a2883da444fa6b31172dcebbc56 | [] |
| b713d80c-1b7d-4991-b387-514261e59b94 | 6443_Allow_ALL | | 1b899a2883da444fa6b31172dcebbc56 | [] |
| cdad3d6b-a726-4020-a6a3-7c20b1afc79f | https | | 1b899a2883da444fa6b31172dcebbc56 | [] |
| e73a47e9-cc3a-4986-95f9-c3d101c3d448 | default | Default security group | 1b899a2883da444fa6b31172dcebbc56 | [] |
+--------------------------------------+----------------+------------------------+----------------------------------+------+
Take note of the ID
Note
For this example we will use the id 050e0ec4-1416-46f2-98a0-b492f2c8d81b to add ssh-allow-all to our instance
Adding a Security Group to an Instance
Taking the Instance ID and Security Group ID we will add those to the following command
Using our example values the command will look like this
openstack server add security group 4f69a45d-78ad-48e7-b427-5694c8b09e45 050e0ec4-1416-46f2-98a0-b492f2c8d81b
You will not get a response from the endpoint on success
So you will want to run the following command to see if the Security Group was added
This will return the server details and there will be the security_groups field with the newly added group
Removing a Security Group to an Instance
Taking the Instance ID and Security Group ID we will add those to the following command
Using our example values the command will look like this
openstack server remove security group 4f69a45d-78ad-48e7-b427-5694c8b09e45 050e0ec4-1416-46f2-98a0-b492f2c8d81b
You will not get a response from the endpoint on success
So you will want to run the following command to see if the Security Group was removed
This will return the server details and there will be the security_groups field with the removed group not present