Working with FWaaS
Like LBaaS, FWaaS requires a specific workflow to properly implement firewall policies. First, firewall rules are created and inserted into policies. Then, a firewall is created and associated with a firewall policy. Once a firewall policy has been applied, the rules are immediately put in place on all routers that exist within the tenant. In Havana, a hard-set quota exists that allows only one active firewall policy per tenant.
Firewall policies can be shared amongst tenants, which means that whenever a policy is updated, it results in the immediate updating of any firewall that is associated with the policy. The FWaaS API is considered experimental in Havana and Icehouse, and it may exhibit unexpected behavior. Therefore, it ...
Get Learning OpenStack Networking (Neutron) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.