Revert "Remove security group from extra node port template"

This doesn't do what I thought it did, and it prevents all access to the extra node. This reverts commit 9f93f422c3.
2018-09-13 17:57:21 -05:00 · 2018-09-13 17:57:21 -05:00 · 6fd59a05d4
parent 9f93f422c3
commit 6fd59a05d4
1 changed files with 19 additions and 0 deletions
--- a/templates/baremetal-ports-extra-node-port-security.yaml
+++ b/templates/baremetal-ports-extra-node-port-security.yaml
@ -21,6 +21,23 @@ parameters:

 resources:

+  extra_node_sg:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name:
+        list_join:
+        - '_'
+        - - 'extranode'
+        - - {get_param: baremetal_prefix}
+          - {get_param: suffix}
+          - 'sg'
+      description: Ping, SSH
+      rules:
+      - protocol: icmp
+      - protocol: tcp
+        port_range_min: 22
+        port_range_max: 22
+
  private_port:
    type: OS::Neutron::Port
    properties:
@ -31,6 +48,8 @@ resources:
          - {get_param: baremetal_prefix}
          - {get_param: suffix}
      network: {get_param: private_net}
+      security_groups:
+      - {get_resource: extra_node_sg}

  provision_port:
    type: OS::Neutron::Port