diff options
author | QiLiang <liangqi1@huawei.com> | 2015-12-25 08:24:44 +0000 |
---|---|---|
committer | QiLiang <liangqi1@huawei.com> | 2015-12-25 08:24:44 +0000 |
commit | 0409b2b8b7e18efd94b6101c1a5e489f7a4f4bfc (patch) | |
tree | 52312cf8ebaa545f45f1a5b3310decbf1f7373c9 | |
parent | d279cef1affea34e8c542066c78f0f1046cd25f3 (diff) |
Rubbos heat template add security_groups
Current rules is open all icmp tcp udp ports.
Refine it later to just open specific used ports.
JIRA: BOTTLENECK-33
Change-Id: I2fb1b57760d1ebef681fa036af1c5a2249bcfc12
Signed-off-by: QiLiang <liangqi1@huawei.com>
-rw-r--r-- | utils/infra_setup/heat_template/bottlenecks_rubbos_hot.yaml | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/utils/infra_setup/heat_template/bottlenecks_rubbos_hot.yaml b/utils/infra_setup/heat_template/bottlenecks_rubbos_hot.yaml index 8233356c..1b55de5a 100644 --- a/utils/infra_setup/heat_template/bottlenecks_rubbos_hot.yaml +++ b/utils/infra_setup/heat_template/bottlenecks_rubbos_hot.yaml @@ -88,6 +88,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_control_floating_ip: type: OS::Neutron::FloatingIP @@ -111,6 +112,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_mysql1: type: OS::Nova::Server @@ -128,6 +130,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_tomcat1: type: OS::Nova::Server @@ -145,6 +148,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_client1: type: OS::Nova::Server @@ -162,6 +166,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_client2: type: OS::Nova::Server @@ -179,6 +184,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_client3: type: OS::Nova::Server @@ -196,6 +202,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_client4: type: OS::Nova::Server @@ -213,6 +220,7 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] rubbos_benchmark: type: OS::Nova::Server @@ -230,6 +238,24 @@ resources: network_id: { get_resource: private_net } fixed_ips: - subnet_id: { get_resource: private_subnet } + security_groups: [{ get_resource: server_security_group }] + + server_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: Rubbos group for servers access. + name: rubbos-security-group + rules: [ + {remote_ip_prefix: 0.0.0.0/0, + protocol: tcp, + port_range_min: 1, + port_range_max: 65535}, + {remote_ip_prefix: 0.0.0.0/0, + protocol: udp, + port_range_min: 1, + port_range_max: 65535}, + {remote_ip_prefix: 0.0.0.0/0, + protocol: icmp}] outputs: rubbos_control_private_ip: |