diff options
Diffstat (limited to 'deployment/noheat/infra-openstack/ansible')
8 files changed, 41 insertions, 0 deletions
diff --git a/deployment/noheat/infra-openstack/ansible/create.yml b/deployment/noheat/infra-openstack/ansible/create.yml index a2665f911..38f2f9d20 100644 --- a/deployment/noheat/infra-openstack/ansible/create.yml +++ b/deployment/noheat/infra-openstack/ansible/create.yml @@ -5,5 +5,6 @@ gather_facts: False roles: - openstack/create_devstack_network + - openstack/create_devstack_securitygroup - openstack/create_devstack_keypair - openstack/create_devstack_hosts diff --git a/deployment/noheat/infra-openstack/ansible/destroy.yml b/deployment/noheat/infra-openstack/ansible/destroy.yml index 4576125c4..6091e597d 100644 --- a/deployment/noheat/infra-openstack/ansible/destroy.yml +++ b/deployment/noheat/infra-openstack/ansible/destroy.yml @@ -7,3 +7,4 @@ - openstack/destroy_devstack_hosts - openstack/destroy_devstack_keypair - openstack/destroy_devstack_network + - openstack/destroy_devstack_securitygroup diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml index 1da1e8f78..40fdabf94 100644 --- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml +++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml @@ -6,9 +6,14 @@ network: keypair: name: &keypair_name "onap_ci_lab" +securitygroup: + name: &securitygroup_name "onap_ci_lab" + remote_ip_prefix: "172.24.4.0/24" + hosts: - name: "operator0" image: "cirros-0.5.1-x86_64-disk" flavor: "cirros256" keypair: *keypair_name network: *network_name + securitygroup: *securitygroup_name diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml index 847150f36..c164d7144 100644 --- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_hosts/tasks/create_host.yml @@ -7,3 +7,5 @@ flavor: "{{ host.flavor }}" key_name: "{{ host.keypair }}" network: "{{ host.network }}" + security_groups: + - "{{ host.securitygroup }}" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml new file mode 100644 index 000000000..d6b78d1f4 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml @@ -0,0 +1,19 @@ +--- +- name: "Create {{ secgrp.name }} security group" + os_security_group: + state: present + name: "{{ secgrp.name }}" + +- name: "Create {{ secgrp.name }} security group rule for ping" + os_security_group_rule: + security_group: "{{ secgrp.name }}" + protocol: icmp + remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}" + +- name: "Create {{ secgrp.name }} security group rule for SSH" + os_security_group_rule: + security_group: "{{ secgrp.name }}" + protocol: tcp + port_range_min: 22 + port_range_max: 22 + remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml new file mode 100644 index 000000000..da125cbc4 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- include: create_securitygroup.yml secgrp={{ item }} + with_items: + - "{{ securitygroup }}" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml new file mode 100644 index 000000000..eb86f9bc2 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/destroy_securitygroup.yml @@ -0,0 +1,5 @@ +--- +- name: "Destroy {{ secgrp.name }} security group" + os_security_group: + state: absent + name: "{{ secgrp.name }}" diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml new file mode 100644 index 000000000..586e18067 --- /dev/null +++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/destroy_devstack_securitygroup/tasks/main.yml @@ -0,0 +1,4 @@ +--- +- include: destroy_securitygroup.yml secgrp={{ item }} + with_items: + - "{{ securitygroup }}" |