diff options
author | Marco Platania <platania@research.att.com> | 2018-08-02 14:52:45 -0400 |
---|---|---|
committer | Marco Platania <platania@research.att.com> | 2018-08-02 14:55:52 -0400 |
commit | 3ddd88cf4cb92f5b8e0eebca9afe806f96a09fba (patch) | |
tree | b5abafefc59f9bbc77333d548c02bab6ea880b56 /heat/vFW | |
parent | d4c5f6b933e2ba449cb1ddf39355f03affec9b53 (diff) |
Add security group to vFW, vLB
- Extend the ONAP sec group to support the vLB/vDNS use case
- Add sec group to vFW, vFWCL, vLB, vLBMS
Change-Id: Ica89840cf40249990d6df2dfff9a7712c094ab3a
Issue-ID: INT-526
Signed-off-by: Marco Platania <platania@research.att.com>
Diffstat (limited to 'heat/vFW')
-rw-r--r-- | heat/vFW/base_vfw.env | 1 | ||||
-rw-r--r-- | heat/vFW/base_vfw.yaml | 17 |
2 files changed, 18 insertions, 0 deletions
diff --git a/heat/vFW/base_vfw.env b/heat/vFW/base_vfw.env index a547ee4c..f41a7122 100644 --- a/heat/vFW/base_vfw.env +++ b/heat/vFW/base_vfw.env @@ -29,3 +29,4 @@ parameters: key_name: vfw_key pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN cloud_env: PUT openstack OR rackspace HERE + sec_group: PUT THE ONAP SECURITY GROUP HERE diff --git a/heat/vFW/base_vfw.yaml b/heat/vFW/base_vfw.yaml index 6f2f8909..e8a05555 100644 --- a/heat/vFW/base_vfw.yaml +++ b/heat/vFW/base_vfw.yaml @@ -157,6 +157,9 @@ parameters: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) + sec_group: + type: string + description: ONAP Security Group ############# # # @@ -210,6 +213,8 @@ resources: properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] + security_groups: + - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port @@ -217,12 +222,16 @@ resources: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] + security_groups: + - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] + security_groups: + - { get_param: sec_group } vfw_0: type: OS::Nova::Server @@ -289,12 +298,16 @@ resources: properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] + security_groups: + - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] + security_groups: + - { get_param: sec_group } vpg_0: type: OS::Nova::Server @@ -358,12 +371,16 @@ resources: properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] + security_groups: + - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] + security_groups: + - { get_param: sec_group } vsn_0: type: OS::Nova::Server |