aboutsummaryrefslogtreecommitdiffstats
path: root/deployment/noheat/infra-openstack/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'deployment/noheat/infra-openstack/ansible')
-rw-r--r--deployment/noheat/infra-openstack/ansible/create.yml1
-rw-r--r--deployment/noheat/infra-openstack/ansible/destroy.yml1
-rw-r--r--deployment/noheat/infra-openstack/ansible/group_vars/all.yml5
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml2
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml19
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml4
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml5
-rw-r--r--deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml4
8 files changed, 41 insertions, 0 deletions
diff --git a/deployment/noheat/infra-openstack/ansible/create.yml b/deployment/noheat/infra-openstack/ansible/create.yml
index a2665f911..38f2f9d20 100644
--- a/deployment/noheat/infra-openstack/ansible/create.yml
+++ b/deployment/noheat/infra-openstack/ansible/create.yml
@@ -5,5 +5,6 @@
gather_facts: False
roles:
- openstack/create_devstack_network
+ - openstack/create_devstack_securitygroup
- openstack/create_devstack_keypair
- openstack/create_devstack_hosts
diff --git a/deployment/noheat/infra-openstack/ansible/destroy.yml b/deployment/noheat/infra-openstack/ansible/destroy.yml
index 4576125c4..6091e597d 100644
--- a/deployment/noheat/infra-openstack/ansible/destroy.yml
+++ b/deployment/noheat/infra-openstack/ansible/destroy.yml
@@ -7,3 +7,4 @@
- openstack/destroy_devstack_hosts
- openstack/destroy_devstack_keypair
- openstack/destroy_devstack_network
+ - openstack/destroy_devstack_securitygroup
diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml
index 1da1e8f78..40fdabf94 100644
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml
@@ -6,9 +6,14 @@ network:
keypair:
name: &keypair_name "onap_ci_lab"
+securitygroup:
+ name: &securitygroup_name "onap_ci_lab"
+ remote_ip_prefix: "172.24.4.0/24"
+
hosts:
- name: "operator0"
image: "cirros-0.5.1-x86_64-disk"
flavor: "cirros256"
keypair: *keypair_name
network: *network_name
+ securitygroup: *securitygroup_name
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
index 847150f36..c164d7144 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml
@@ -7,3 +7,5 @@
flavor: "{{ host.flavor }}"
key_name: "{{ host.keypair }}"
network: "{{ host.network }}"
+ security_groups:
+ - "{{ host.securitygroup }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
new file mode 100644
index 000000000..d6b78d1f4
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
@@ -0,0 +1,19 @@
+---
+- name: "Create {{ secgrp.name }} security group"
+ os_security_group:
+ state: present
+ name: "{{ secgrp.name }}"
+
+- name: "Create {{ secgrp.name }} security group rule for ping"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: icmp
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+
+- name: "Create {{ secgrp.name }} security group rule for SSH"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
new file mode 100644
index 000000000..da125cbc4
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: create_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml
new file mode 100644
index 000000000..eb86f9bc2
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml
@@ -0,0 +1,5 @@
+---
+- name: "Destroy {{ secgrp.name }} security group"
+ os_security_group:
+ state: absent
+ name: "{{ secgrp.name }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml
new file mode 100644
index 000000000..586e18067
--- /dev/null
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- include: destroy_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"