diff --git a/magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml b/magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml index f5506b132d..6881b029f2 100644 --- a/magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml +++ b/magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml @@ -233,7 +233,7 @@ resources: # sorts. # - secgroup_base: + secgroup_master: type: OS::Neutron::SecurityGroup properties: rules: @@ -243,11 +243,6 @@ resources: port_range_max: 22 - protocol: tcp remote_mode: remote_group_id - - secgroup_mesos: - type: OS::Neutron::SecurityGroup - properties: - rules: - protocol: tcp port_range_min: 5050 port_range_max: 5050 @@ -255,6 +250,14 @@ resources: port_range_min: 8080 port_range_max: 8080 + secgroup_slave_all_open: + type: OS::Neutron::SecurityGroup + properties: + rules: + - protocol: icmp + - protocol: tcp + - protocol: udp + ###################################################################### # # Master SoftwareConfig. @@ -412,8 +415,7 @@ resources: external_network: {get_param: external_network} fixed_network: {get_resource: fixed_network} fixed_subnet: {get_resource: fixed_subnet} - secgroup_base_id: {get_resource: secgroup_base} - secgroup_mesos_id: {get_resource: secgroup_mesos} + secgroup_mesos_id: {get_resource: secgroup_master} api_pool_id: {get_resource: api_pool} ###################################################################### @@ -441,7 +443,7 @@ resources: external_network: {get_param: external_network} wait_condition_timeout: {get_param: wait_condition_timeout} executor_registration_timeout: {get_param: executor_registration_timeout} - secgroup_base_id: {get_resource: secgroup_base} + secgroup_slave_all_open_id: {get_resource: secgroup_slave_all_open} http_proxy: {get_param: http_proxy} https_proxy: {get_param: https_proxy} no_proxy: {get_param: no_proxy} diff --git a/magnum/drivers/mesos_ubuntu_v1/templates/mesosmaster.yaml b/magnum/drivers/mesos_ubuntu_v1/templates/mesosmaster.yaml index 5ebf3cda07..f2d636e3e4 100644 --- a/magnum/drivers/mesos_ubuntu_v1/templates/mesosmaster.yaml +++ b/magnum/drivers/mesos_ubuntu_v1/templates/mesosmaster.yaml @@ -31,10 +31,6 @@ parameters: type: string description: Subnet from which to allocate fixed addresses. - secgroup_base_id: - type: string - description: ID of the security group for base. - secgroup_mesos_id: type: string description: ID of the security group for mesos master. @@ -68,7 +64,6 @@ resources: properties: network: {get_param: fixed_network} security_groups: - - {get_param: secgroup_base_id} - {get_param: secgroup_mesos_id} fixed_ips: - subnet: {get_param: fixed_subnet} diff --git a/magnum/drivers/mesos_ubuntu_v1/templates/mesosslave.yaml b/magnum/drivers/mesos_ubuntu_v1/templates/mesosslave.yaml index f6932bbcb9..5c422cf885 100644 --- a/magnum/drivers/mesos_ubuntu_v1/templates/mesosslave.yaml +++ b/magnum/drivers/mesos_ubuntu_v1/templates/mesosslave.yaml @@ -127,9 +127,9 @@ parameters: type: string description: Subnet from which to allocate fixed addresses. - secgroup_base_id: + secgroup_slave_all_open_id: type: string - description: ID of the security group for base. + description: ID of the security group for slave. resources: @@ -143,14 +143,6 @@ resources: handle: {get_resource: slave_wait_handle} timeout: {get_param: wait_condition_timeout} - secgroup_all_open: - type: OS::Neutron::SecurityGroup - properties: - rules: - - protocol: icmp - - protocol: tcp - - protocol: udp - ###################################################################### # # software configs. these are components that are combined into @@ -254,8 +246,7 @@ resources: properties: network: {get_param: fixed_network} security_groups: - - get_resource: secgroup_all_open - - get_param: secgroup_base_id + - get_param: secgroup_slave_all_open_id fixed_ips: - subnet: {get_param: fixed_subnet} replacement_policy: AUTO