aboutsummaryrefslogtreecommitdiffstats
path: root/deployment/noheat/infra-openstack/ansible/roles/openstack
diff options
context:
space:
mode:
Diffstat (limited to 'deployment/noheat/infra-openstack/ansible/roles/openstack')
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml2
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml19
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml4
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml5
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml4
5 files changed, 34 insertions, 0 deletions
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
index 847150f36..c164d7144 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
@@ -7,3 +7,5 @@
flavor: "{{ host.flavor }}"
key_name: "{{ host.keypair }}"
network: "{{ host.network }}"
+ security_groups:
+ - "{{ host.securitygroup }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
new file mode 100644
index 000000000..d6b78d1f4
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
@@ -0,0 +1,19 @@
+---
+- name: "Create {{ secgrp.name }} security group"
+ os_security_group:
+ state: present
+ name: "{{ secgrp.name }}"
+
+- name: "Create {{ secgrp.name }} security group rule for ping"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: icmp
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+
+- name: "Create {{ secgrp.name }} security group rule for SSH"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
new file mode 100644
index 000000000..da125cbc4
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: create_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml
new file mode 100644
index 000000000..eb86f9bc2
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml
@@ -0,0 +1,5 @@
+---
+- name: "Destroy {{ secgrp.name }} security group"
+ os_security_group:
+ state: absent
+ name: "{{ secgrp.name }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml
new file mode 100644
index 000000000..586e18067
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: destroy_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"