diff options
Diffstat (limited to 'deployment/heat/onap-oom')
-rw-r--r-- | deployment/heat/onap-oom/env/tlab/ETE-OOM-Test.env | 4 | ||||
-rw-r--r-- | deployment/heat/onap-oom/onap-oom.yaml | 32 |
2 files changed, 34 insertions, 2 deletions
diff --git a/deployment/heat/onap-oom/env/tlab/ETE-OOM-Test.env b/deployment/heat/onap-oom/env/tlab/ETE-OOM-Test.env index f56c25b56..391a0a834 100644 --- a/deployment/heat/onap-oom/env/tlab/ETE-OOM-Test.env +++ b/deployment/heat/onap-oom/env/tlab/ETE-OOM-Test.env @@ -14,13 +14,13 @@ parameters: docker_proxy: nexus3.onap.org:10001 rancher_vm_flavor: m1.small - k8s_vm_flavor: m1.xlarge + k8s_vm_flavor: m2.xxlarge public_net_id: fbe8fd92-6636-4e63-ab28-bb6a5b0888a9 public_net_name: admin-vpn-floating oam_network_cidr: 10.0.0.0/16 - dns_forwarder: 8.8.8.8 + dns_forwarder: 204.178.3.230 external_dns: 8.8.8.8 dnsaas_proxy_enable: "false" diff --git a/deployment/heat/onap-oom/onap-oom.yaml b/deployment/heat/onap-oom/onap-oom.yaml index 42c12a77a..760a9575d 100644 --- a/deployment/heat/onap-oom/onap-oom.yaml +++ b/deployment/heat/onap-oom/onap-oom.yaml @@ -106,6 +106,34 @@ resources: properties: length: 4 + # ONAP security group + onap_sg: + type: OS::Neutron::SecurityGroup + properties: + name: + str_replace: + template: base_rand + params: + base: onap_sg + rand: { get_resource: random-str } + description: security group used by ONAP + rules: + # All egress traffic + - direction: egress + ethertype: IPv4 + - direction: egress + ethertype: IPv6 + # ingress traffic + # ICMP + - protocol: icmp + - protocol: udp + port_range_min: 1 + port_range_max: 65535 + - protocol: tcp + port_range_min: 1 + port_range_max: 65535 + + # ONAP management private network oam_network: type: OS::Neutron::Net @@ -145,6 +173,8 @@ resources: properties: network: { get_resource: oam_network } fixed_ips: [{"subnet": { get_resource: oam_subnet }}] + security_groups: + - { get_resource: onap_sg } rancher_floating_ip: type: OS::Neutron::FloatingIP @@ -175,6 +205,8 @@ resources: properties: network: { get_resource: oam_network } fixed_ips: [{"subnet": { get_resource: oam_subnet }}] + security_groups: + - { get_resource: onap_sg } k8s_floating_ip: type: OS::Neutron::FloatingIP |