Bug 1883298
| Summary: | [RFE] [OVN] [OSP 16.2] Security Groups Logging | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Anita Tragler <atragler> |
| Component: | python-networking-ovn | Assignee: | Elvira <egarciar> |
| Status: | CLOSED ERRATA | QA Contact: | Maor <mblue> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 16.2 (Train) | CC: | apevec, bcafarel, egarciar, ekuris, gthiemon, gurpsing, jamsmith, jelynch, jjoyce, jlibosva, lhh, ltamagno, majopela, mariel, mblue, njohnston, pgrist, scohen |
| Target Milestone: | z6 | Keywords: | FutureFeature, Reopened, TechPreview, Triaged |
| Target Release: | 16.2 (Train on RHEL 8.4) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | python-networking-ovn-7.4.2-2.20220409154881.el8ost | Doc Type: | Technology Preview |
| Doc Text: |
This update introduces a Technology Preview of the security group logging feature in RHOSP 16.2.6. To monitor traffic flows and attempts into and out of an instance, you can configure Networking service packet logging for security groups.
+
You can associate any instance port with one or more security groups and define one or more rules for each security group. For example, you can create a rule to drop inbound SSH traffic to any instance in the finance security group. You can create another rule to allow instances in that group to send and respond to ICMP (ping) messages. Then you can configure packet logging to record combinations of accepted and dropped packet flows.
+
In 16.2, you can use security group logging for stateful security groups. Logged events are stored on the Compute nodes that host the instances, in the file `/var/log/containers/stdouts/ovn_controller.log`.
+
For more information about Technology Preview features, see https://access.redhat.com/support/offerings/production/scope_moredetail[Scope of Coverage Details].
+
For more information about security group logging known issues and workarounds, see https://bugzilla.redhat.com/show_bug.cgi?id=2241184 and https://bugzilla.redhat.com/show_bug.cgi?id=2192918.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-11-08 19:18:30 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2192918, 2241184, 1619266, 2215344, 2238507 | ||
| Bug Blocks: | |||
|
Comment 2
Jakub Libosvar
2021-01-20 14:32:11 UTC
Hi Elvira Is this intended for 16.x? What is the status? based on comment 12 I am setting the exception? flag Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat OpenStack Platform 16.2.6 (Train) bug fix and enhancement advisory), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:6307 |