In this post I will introduce and showcase how security groups can be used to enable certain scenarios.
Security groups allow fine-grained access control to – and from – the oVirt VMs attached to external OVN networks.
The Networking API v2 defines security groups as a white list of rules – the user specifies in it which traffic is allowed. That means, that when the rule list is empty, neither incoming nor outgoing traffic is allowed (from the VMs perspective).
A demo recording of the security group feature can be found below.