gather_facts: False
roles:
- openstack/create_devstack_network
+ - openstack/create_devstack_securitygroup
- openstack/create_devstack_keypair
- openstack/create_devstack_hosts
- openstack/destroy_devstack_hosts
- openstack/destroy_devstack_keypair
- openstack/destroy_devstack_network
+ - openstack/destroy_devstack_securitygroup
keypair:
name: &keypair_name "onap_ci_lab"
+securitygroup:
+ name: &securitygroup_name "onap_ci_lab"
+ remote_ip_prefix: "172.24.4.0/24"
+
hosts:
- name: "operator0"
image: "cirros-0.5.1-x86_64-disk"
flavor: "cirros256"
keypair: *keypair_name
network: *network_name
+ securitygroup: *securitygroup_name
flavor: "{{ host.flavor }}"
key_name: "{{ host.keypair }}"
network: "{{ host.network }}"
+ security_groups:
+ - "{{ host.securitygroup }}"
--- /dev/null
+---
+- name: "Create {{ secgrp.name }} security group"
+ os_security_group:
+ state: present
+ name: "{{ secgrp.name }}"
+
+- name: "Create {{ secgrp.name }} security group rule for ping"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: icmp
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+
+- name: "Create {{ secgrp.name }} security group rule for SSH"
+ os_security_group_rule:
+ security_group: "{{ secgrp.name }}"
+ protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
--- /dev/null
+---
+- include: create_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"
--- /dev/null
+---
+- name: "Destroy {{ secgrp.name }} security group"
+ os_security_group:
+ state: absent
+ name: "{{ secgrp.name }}"
--- /dev/null
+---
+- include: destroy_securitygroup.yml secgrp={{ item }}
+ with_items:
+ - "{{ securitygroup }}"
--- /dev/null
+"onap_ci_lab"
--- /dev/null
+#!/bin/sh
+
+export SECURITYGROUP_NAME='onap_ci_lab'
+
+export VAGRANT_CWD='..'
+
+set_up() {
+ vagrant up --provision-with=run_playbook_destroy
+ vagrant up --provision-with=run_playbook_create
+}
+
+check() {
+ local secgrp="$1"
+ vagrant ssh operator --no-tty -c \
+ "export OS_CLOUD=openstack; openstack security group list -fcsv" \
+ | grep "$secgrp" \
+ | cut -d',' -f2
+}
+
+set_up >/dev/null # drop provisioning output
+check "$SECURITYGROUP_NAME"
--- /dev/null
+Security group onap_ci_lab not found.
--- /dev/null
+#!/bin/sh
+
+export SECURITYGROUP_NAME='onap_ci_lab'
+
+export VAGRANT_CWD='..'
+
+set_up() {
+ vagrant up --provision-with=run_playbook_create
+ vagrant up --provision-with=run_playbook_destroy
+}
+
+check() {
+ local secgrp="$1"
+ vagrant ssh operator --no-tty -c \
+ "export OS_CLOUD=openstack; openstack security group list -fcsv" \
+ | grep "$secgrp" \
+ || echo "Security group ${secgrp} not found."
+}
+
+set_up >/dev/null # drop provisioning output
+check "$SECURITYGROUP_NAME"