Added security group rules for server

Added a new resource "server_security_group" for adding the security rules to server. Added the property "security_groups" for each servers. Now able to ping the created server with its floating IP. Change-Id: Ic801d9fc6c933f022cc0997a69a96fcc68057ba9 Implements: security group rule Closes-Bug: #1309082
2014-06-03 16:57:35 +05:30 · 2014-06-03 16:57:35 +05:30 · 567b258aa0
parent 1718862503
commit 567b258aa0
1 changed files with 15 additions and 0 deletions
--- a/hot/servers_in_existing_neutron_net.yaml
+++ b/hot/servers_in_existing_neutron_net.yaml
@ -43,6 +43,7 @@ resources:
      network_id: { get_param: private_net_id }
      fixed_ips:
        - subnet_id: { get_param: private_subnet_id }
+      security_groups: [{ get_resource: server_security_group }]

  server1_floating_ip:
    type: OS::Neutron::FloatingIP
@ -66,6 +67,7 @@ resources:
      network_id: { get_param: private_net_id }
      fixed_ips:
        - subnet_id: { get_param: private_subnet_id }
+      security_groups: [{ get_resource: server_security_group }]

  server2_floating_ip:
    type: OS::Neutron::FloatingIP
@ -73,6 +75,19 @@ resources:
      floating_network_id: { get_param: public_net_id }
      port_id: { get_resource: server2_port }

+  server_security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      description: Add security group rules for server
+      name: security-group
+      rules:
+        - remote_ip_prefix: 0.0.0.0/0
+          protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+        - remote_ip_prefix: 0.0.0.0/0
+          protocol: icmp
+
 outputs:
  server1_private_ip:
    description: IP address of server1 in private network