Allow using multiple remote IP prefixes for security groups

author Pawel Wieczorek <p.wieczorek2@samsung.com>

Wed, 30 Dec 2020 14:21:11 +0000 (15:21 +0100)

committer Bartek Grzybowski <b.grzybowski@partner.samsung.com>

Thu, 7 Jan 2021 10:34:50 +0000 (10:34 +0000)
author Pawel Wieczorek <p.wieczorek2@samsung.com>
Wed, 30 Dec 2020 14:21:11 +0000 (15:21 +0100)
committer Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Thu, 7 Jan 2021 10:34:50 +0000 (10:34 +0000)
diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample

index c2d551d..7ca72de 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample
@@ -8,7 +8,9 @@ keypair:
  
  securitygroup:
    name: &securitygroup_name "onap_ci_lab"
-  remote_ip_prefix: "172.24.4.0/24"
+  remote_ip_prefix:
+    - "172.24.4.0/24"
+    - "192.168.1.0/24"
  
  image:
    name: &image_name "Ubuntu_18.04"
diff --git a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap

index c6ded56..e3ae6b3 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
+++ b/deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap
@@ -8,7 +8,8 @@ keypair:
  
  securitygroup:
    name: &securitygroup_name "onap_ci_lab"
-  remote_ip_prefix: "0.0.0.0/0"
+  remote_ip_prefix:
+    - "0.0.0.0/0"
  
  image:
    name: &image_name "Ubuntu_18.04"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml

index d6b78d1..bd8abf5 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
@@ -8,7 +8,8 @@
    os_security_group_rule:
      security_group: "{{ secgrp.name }}"
      protocol: icmp
-    remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+    remote_ip_prefix: "{{ item }}"
+  loop: "{{ secgrp.remote_ip_prefix }}"
  
  - name: "Create {{ secgrp.name }} security group rule for SSH"
    os_security_group_rule:
@@ -16,4 +17,5 @@
      protocol: tcp
      port_range_min: 22
      port_range_max: 22
-    remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+    remote_ip_prefix: "{{ item }}"
+  loop: "{{ secgrp.remote_ip_prefix }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml

index 3ce0e18..d04b72c 100644 (file)
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
@@ -1,4 +1,6 @@
  ---
-- include: create_securitygroup.yml secgrp={{ item }}
+- include: create_securitygroup.yml
    loop:
      - "{{ securitygroup }}"
+  loop_control:
+    loop_var: secgrp
author	Pawel Wieczorek <p.wieczorek2@samsung.com>
	Wed, 30 Dec 2020 14:21:11 +0000 (15:21 +0100)
committer	Bartek Grzybowski <b.grzybowski@partner.samsung.com>
	Thu, 7 Jan 2021 10:34:50 +0000 (10:34 +0000)
deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sample		patch \| blob \| history
deployment/noheat/infra-openstack/ansible/group_vars/all.yml.sm-onap		patch \| blob \| history
deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml		patch \| blob \| history
deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml		patch \| blob \| history