An Config option to simply allow nested VM access

[rp-]

The required feature described as a wish

As asked in this discusssion: #10225

I would like to have an easier way to allow network traffic to nested VM's in basic networking installations.

Currently you would need to manually "hack" the security_group.py script to just not execute anything at all.
This would be useful for inhouse non security sensitive installation where people could simply host e.g. test CloudStack installations
or other virtualization platforms to test.

[DaanHoogland]

@rp- , do you have any implementation design in mind?
And do you have plans to do this yourself?

[rp-]

@rp- , do you have any implementation design in mind? And do you have plans to do this yourself?

I may find time to do it myself, but may design would be rather simple, introduce some config option either on the management server or in the agent.properties and simply don't call the security_group.py?
But maybe there are better options or some parts of the security_group.py are useful to execute?
I would need some opinions or dig deeper into it.

[DaanHoogland]

go for simple first, we can extend later as users (read you ;) see extra requirements. We only need to take care not to paint ourselves in a corner.