From 567b258aa050f3ad36c772acea2c466cf1a3167b Mon Sep 17 00:00:00 2001
From: Petersingh Anburaj <petersingh_anburaj@persistent.co.in>
Date: Tue, 3 Jun 2014 16:57:35 +0530
Subject: [PATCH] Added security group rules for server

Added a new resource "server_security_group" for adding the security rules to server.
Added the property "security_groups" for each servers.
Now able to ping the created server with its floating IP.

Change-Id: Ic801d9fc6c933f022cc0997a69a96fcc68057ba9
Implements: security group rule
Closes-Bug: #1309082
---
 hot/servers_in_existing_neutron_net.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/hot/servers_in_existing_neutron_net.yaml b/hot/servers_in_existing_neutron_net.yaml
index 8b5ca79a..1bbe5315 100644
--- a/hot/servers_in_existing_neutron_net.yaml
+++ b/hot/servers_in_existing_neutron_net.yaml
@@ -43,6 +43,7 @@ resources:
       network_id: { get_param: private_net_id }
       fixed_ips:
         - subnet_id: { get_param: private_subnet_id }
+      security_groups: [{ get_resource: server_security_group }]
 
   server1_floating_ip:
     type: OS::Neutron::FloatingIP
@@ -66,6 +67,7 @@ resources:
       network_id: { get_param: private_net_id }
       fixed_ips:
         - subnet_id: { get_param: private_subnet_id }
+      security_groups: [{ get_resource: server_security_group }]
 
   server2_floating_ip:
     type: OS::Neutron::FloatingIP
@@ -73,6 +75,19 @@ resources:
       floating_network_id: { get_param: public_net_id }
       port_id: { get_resource: server2_port }
 
+  server_security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      description: Add security group rules for server
+      name: security-group
+      rules:
+        - remote_ip_prefix: 0.0.0.0/0
+          protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+        - remote_ip_prefix: 0.0.0.0/0
+          protocol: icmp
+
 outputs:
   server1_private_ip:
     description: IP address of server1 in private network