From 3ddd88cf4cb92f5b8e0eebca9afe806f96a09fba Mon Sep 17 00:00:00 2001
From: Marco Platania <platania@research.att.com>
Date: Thu, 2 Aug 2018 14:52:45 -0400
Subject: Add security group to vFW, vLB

- Extend the ONAP sec group to support the vLB/vDNS use case
- Add sec group to  vFW, vFWCL, vLB, vLBMS

Change-Id: Ica89840cf40249990d6df2dfff9a7712c094ab3a
Issue-ID: INT-526
Signed-off-by: Marco Platania <platania@research.att.com>
---
 heat/vLBMS/base_vlb.env    |  1 +
 heat/vLBMS/base_vlb.yaml   | 17 +++++++++++++++++
 heat/vLBMS/dnsscaling.env  |  1 +
 heat/vLBMS/dnsscaling.yaml |  7 +++++++
 4 files changed, 26 insertions(+)

(limited to 'heat/vLBMS')

diff --git a/heat/vLBMS/base_vlb.env b/heat/vLBMS/base_vlb.env
index 32b88474..d41fa184 100644
--- a/heat/vLBMS/base_vlb.env
+++ b/heat/vLBMS/base_vlb.env
@@ -33,3 +33,4 @@ parameters:
   key_name: vlb_key
   pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN
   cloud_env: PUT openstack OR backspace HERE
+  sec_group: PUT THE ONAP SECURITY GROUP HERE
diff --git a/heat/vLBMS/base_vlb.yaml b/heat/vLBMS/base_vlb.yaml
index 749bc0bb..ca3db36c 100644
--- a/heat/vLBMS/base_vlb.yaml
+++ b/heat/vLBMS/base_vlb.yaml
@@ -173,6 +173,9 @@ parameters:
     type: string
     description: Root URL for the Nexus repository for Maven artifacts.
     default: "https://nexus.onap.org"
+  sec_group:
+    type: string
+    description: ONAP Security Group
 
 #############
 #           #
@@ -228,18 +231,24 @@ resources:
     properties:
       network: { get_resource: vlb_private_network }
       fixed_ips: [{"subnet": { get_resource: vlb_private_subnet }, "ip_address": { get_param: vlb_private_ip_0 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vlb_private_1_port:
     type: OS::Neutron::Port
     properties:
       network: { get_param: onap_private_net_id }
       fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vlb_private_ip_1 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vlb_private_2_port:
     type: OS::Neutron::Port
     properties:
       network: { get_resource: pktgen_private_network }
       fixed_ips: [{"subnet": { get_resource: pktgen_private_subnet }, "ip_address": { get_param: vlb_private_ip_2 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vlb_0:
     type: OS::Nova::Server
@@ -321,12 +330,16 @@ resources:
     properties:
       network: { get_resource: vlb_private_network }
       fixed_ips: [{"subnet": { get_resource: vlb_private_subnet }, "ip_address": { get_param: vdns_private_ip_0 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vdns_private_1_port:
     type: OS::Neutron::Port
     properties:
       network: { get_param: onap_private_net_id }
       fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vdns_private_ip_1 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vdns_0:
     type: OS::Nova::Server
@@ -389,12 +402,16 @@ resources:
     properties:
       network: { get_resource: pktgen_private_network }
       fixed_ips: [{"subnet": { get_resource: pktgen_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vpg_private_1_port:
     type: OS::Neutron::Port
     properties:
       network: { get_param: onap_private_net_id }
       fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vpg_0:
     type: OS::Nova::Server
diff --git a/heat/vLBMS/dnsscaling.env b/heat/vLBMS/dnsscaling.env
index 6706b7ec..54661ae0 100644
--- a/heat/vLBMS/dnsscaling.env
+++ b/heat/vLBMS/dnsscaling.env
@@ -22,3 +22,4 @@ parameters:
   key_name: vlb_key_scaling
   pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN
   cloud_env: PUT openstack OR backspace HERE
+  sec_group: PUT THE ONAP SECURITY GROUP HERE
diff --git a/heat/vLBMS/dnsscaling.yaml b/heat/vLBMS/dnsscaling.yaml
index 29c1010a..f0a9a2d5 100644
--- a/heat/vLBMS/dnsscaling.yaml
+++ b/heat/vLBMS/dnsscaling.yaml
@@ -125,6 +125,9 @@ parameters:
     type: string
     description: Root URL for the Nexus repository for Maven artifacts.
     default: "https://nexus.onap.org"
+  sec_group:
+    type: string
+    description: ONAP Security Group
 
 #############
 #           #
@@ -156,12 +159,16 @@ resources:
     properties:
       network: { get_param: vlb_private_net_id }
       fixed_ips: [{"subnet": { get_param: vlb_private_net_id }, "ip_address": { get_param: vdns_private_ip_0 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vdns_2_private_1_port:
     type: OS::Neutron::Port
     properties:
       network: { get_param: onap_private_net_id }
       fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vdns_private_ip_1 }}]
+      security_groups:
+      - { get_param: sec_group }
 
   vdns_2:
     type: OS::Nova::Server
-- 
cgit 1.2.3-korg