Add some notes and clarify some details:
- You don't *have* to specify an IP protocol: non-IP Ethertypes are
possible
- It is not possible to automatically create ports *without* the default
SG (nor will it ever be possible - proxy APIs are bad)
- Remove the default SG can break access to the metadata service
Change-Id: Id66a92bdfd6e1663acddca830b2a9e99ac23a758
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
I did not have a clear understanding of when a security group would or
would not be applied to a port and reading the documentation did not
help. Massively expand the security groups document, adding a couple of
important notes along the way as well as references to the nova-specific
security group operations. The document is moved from the admin guide to
the user guide (with redirects) since these are not admin-only
operations by default.
Change-Id: I212bc99112aad2f1e3057befca381a26d702be2e
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Stephen Finucane