- play_arrow Overview
- play_arrow Understanding Contrail Controller
-
- play_arrow Installing and Upgrading Contrail
- play_arrow Supported Platforms and Server Requirements
- play_arrow Installing Contrail and Provisioning Roles
- Introduction to Containerized Contrail Modules
- Downloading Installation Software
- Installing the Operating System and Contrail Packages
- Installing Containerized Contrail Clusters Using Server Manager
- Installing Containerized Contrail Using Server Manager Lite (SM-Lite)
- Supporting Multiple Interfaces on Servers and Nodes
- Configuring the Control Node with BGP
- Adding a New Node to an Existing Containerized Contrail Cluster
- Using contrailctl to Configure Services Within Containers
- Contrail Global Controller
- Role and Resource-Based Access Control
- play_arrow Installation and Configuration Scenarios
- Setting Up and Using a Simple Virtual Gateway with Contrail 4.0
- Simple Underlay Connectivity without Gateway
- Configuring MD5 Authentication for BGP Sessions
- Configuring the Data Plane Development Kit (DPDK) Integrated with Contrail vRouter
- Configuring Single Root I/O Virtualization (SR-IOV)
- Provisioning DPDK SRIOV with Server Manager
- Configuring Virtual Networks for Hub-and-Spoke Topology
- Configuring Transport Layer Security-Based XMPP in Contrail
- Configuring Graceful Restart and Long-lived Graceful Restart
- play_arrow Using Contrail with Kubernetes
- play_arrow Using VMware vCenter with Containerized Contrail, Release 4.0.1 and Greater
- play_arrow Using Contrail with Red Hat
- Deploying Contrail with Red Hat OpenStack Platform Director 10
- Installing Red Hat OpenShift Container Platform with Contrail Networking
- Upgrade Procedure for RHOSP-based Contrail 3.2.x to Contrail 4.1
- Upgrade Procedure for RHOSP-based Contrail 4.1.1 to Contrail 4.1.2
- Upgrade Procedure for RHOSP-based Contrail 4.1.2 to Contrail 4.1.3
- Upgrade Procedure for RHOSP-based Contrail 4.1.3 to Contrail 4.1.4
- Restoring Contrail Nodes in a RHOSP-based Environment
- play_arrow Using Server Manager to Automate Provisioning
- play_arrow Extending Contrail to Physical Routers, Bare Metal Servers, Switches, and Interfaces
- Using ToR Switches and OVSDB to Extend the Contrail Cluster to Other Instances
- Configuring High Availability for the Contrail OVSDB ToR Agent
- Using Device Manager to Manage Physical Routers
- SR-IOV VF as the Physical Interface of vRouter
- Using Gateway Mode to Support Remote Instances
- REST APIs for Extending the Contrail Cluster to Physical Routers, and Physical and Logical Interfaces
- play_arrow Installing and Using Contrail Storage
- play_arrow Upgrading Contrail Software
- Upgrading Contrail 4.0 to 4.1
- Upgrade Procedure for RHOSP-based Contrail 4.1.2 to Contrail 4.1.3
- Upgrade Procedure for Ubuntu-based Contrail 4.1.3 to Contrail 4.1.4 Using Juju with Netronome SmartNIC
- Upgrade Procedure for RHOSP-based Contrail 4.1.3 to Contrail 4.1.4
- Dynamic Kernel Module Support (DKMS) for vRouter
- Backup and Restore Contrail Configuration Database
-
- play_arrow Monitoring and Troubleshooting Contrail
- play_arrow Configuring Traffic Mirroring to Monitor Network Traffic
- play_arrow Understanding Contrail Analytics
- play_arrow Configuring Contrail Analytics
- Analytics Scalability
- High Availability for Analytics
- Role-Based Access Control for Analytics
- System Log Receiver in Contrail Analytics
- Sending Flow Messages to the Contrail System Log
- More Efficient Flow Queries
- Ceilometer Support in a Contrail Cloud
- User Configuration for Analytics Alarms and Log Statistics
- Alarms History
- Node Memory and CPU Information
- Role- and Resource-Based Access Control for the Contrail Analytics API
- Configuring Analytics as a Standalone Solution
- Configuring Secure Sandesh and Introspect for Contrail Analytics
- play_arrow Using Contrail Analytics to Monitor and Troubleshoot the Network
- Monitoring the System
- Debugging Processes Using the Contrail Introspect Feature
- Monitor > Infrastructure > Dashboard
- Monitor > Infrastructure > Control Nodes
- Monitor > Infrastructure > Virtual Routers
- Monitor > Infrastructure > Analytics Nodes
- Monitor > Infrastructure > Config Nodes
- Monitor > Networking
- Query > Flows
- Query > Logs
- Understanding Flow Sampling
- Example: Debugging Connectivity Using Monitoring for Troubleshooting
- play_arrow Common Support Answers
-
- play_arrow Contrail Commands and APIs
- play_arrow Contrail Commands
- play_arrow Contrail Application Programming Interfaces (APIs)
-
Using Security Groups with Virtual Machines (Instances)
Security Groups Overview
A security group is a container for security group rules. Security groups and security group rules allow administrators to specify the type of traffic that is allowed to pass through a port. When a virtual machine (VM) is created in a virtual network (VN), a security group can be associated with the VM when it is launched. If a security group is not specified, a port is associated with a default security group. The default security group allows both ingress and egress traffic. Security rules can be added to the default security group to change the traffic behavior.
Creating Security Groups and Adding Rules
A default security group is created for each project. You can add security rules to the default security group and you can create additional security groups and add rules to them. The security groups are then associated with a VM, when the VM is launched or at a later date.
To add rules to a security group: