Add security group to extra node port security template

Without this it will be inaccessible.
2018-09-13 17:59:44 -05:00 · 2018-09-13 17:59:44 -05:00 · f0e22b7292
parent 6fd59a05d4
commit f0e22b7292
1 changed files with 19 additions and 0 deletions
--- a/templates/baremetal-ports-extra-node-fip-port-security.yaml
+++ b/templates/baremetal-ports-extra-node-fip-port-security.yaml
@ -24,6 +24,23 @@ parameters:

 resources:

+  extra_node_sg:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name:
+        list_join:
+        - '_'
+        - - 'extranode'
+        - - {get_param: baremetal_prefix}
+          - {get_param: suffix}
+          - 'sg'
+      description: Ping, SSH
+      rules:
+      - protocol: icmp
+      - protocol: tcp
+        port_range_min: 22
+        port_range_max: 22
+
  private_port:
    type: OS::Neutron::Port
    properties:
@ -34,6 +51,8 @@ resources:
          - {get_param: baremetal_prefix}
          - {get_param: suffix}
      network: {get_param: private_net}
+      security_groups:
+      - {get_resource: extra_node_sg}

  provision_port:
    type: OS::Neutron::Port