[mesos]remove redundant security group

This patch move security group out of mesos slave resource group.
Security group should only declear once, and use it for the rest part.
Closes-Bug: #1646676

Change-Id: I4ea5af1fda5eea452a21151daad5ec2815389824

magnum/drivers/mesos_ubuntu_v1/templates/mesoscluster.yaml

@@ -233,7 +233,7 @@ resources:
   # sorts.
   #
 
-  secgroup_base:
+  secgroup_master:
     type: OS::Neutron::SecurityGroup
     properties:
       rules:
@@ -243,11 +243,6 @@ resources:
           port_range_max: 22
         - protocol: tcp
           remote_mode: remote_group_id
-
-  secgroup_mesos:
-    type: OS::Neutron::SecurityGroup
-    properties:
-      rules:
         - protocol: tcp
           port_range_min: 5050
           port_range_max: 5050
@@ -255,6 +250,14 @@ resources:
           port_range_min: 8080
           port_range_max: 8080
 
+  secgroup_slave_all_open:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      rules:
+        - protocol: icmp
+        - protocol: tcp
+        - protocol: udp
+
   ######################################################################
   #
   # Master SoftwareConfig.
@@ -412,8 +415,7 @@ resources:
           external_network: {get_param: external_network}
           fixed_network: {get_resource: fixed_network}
           fixed_subnet: {get_resource: fixed_subnet}
-          secgroup_base_id: {get_resource: secgroup_base}
-          secgroup_mesos_id: {get_resource: secgroup_mesos}
+          secgroup_mesos_id: {get_resource: secgroup_master}
           api_pool_id: {get_resource: api_pool}
 
   ######################################################################
@@ -441,7 +443,7 @@ resources:
           external_network: {get_param: external_network}
           wait_condition_timeout: {get_param: wait_condition_timeout}
           executor_registration_timeout: {get_param: executor_registration_timeout}
-          secgroup_base_id: {get_resource: secgroup_base}
+          secgroup_slave_all_open_id: {get_resource: secgroup_slave_all_open}
           http_proxy: {get_param: http_proxy}
           https_proxy: {get_param: https_proxy}
           no_proxy: {get_param: no_proxy}

magnum/drivers/mesos_ubuntu_v1/templates/mesosmaster.yaml

@@ -31,10 +31,6 @@ parameters:
     type: string
     description: Subnet from which to allocate fixed addresses.
 
-  secgroup_base_id:
-    type: string
-    description: ID of the security group for base.
-
   secgroup_mesos_id:
     type: string
     description: ID of the security group for mesos master.
@@ -68,7 +64,6 @@ resources:
     properties:
       network: {get_param: fixed_network}
       security_groups:
-        - {get_param: secgroup_base_id}
         - {get_param: secgroup_mesos_id}
       fixed_ips:
         - subnet: {get_param: fixed_subnet}

magnum/drivers/mesos_ubuntu_v1/templates/mesosslave.yaml

@@ -127,9 +127,9 @@ parameters:
     type: string
     description: Subnet from which to allocate fixed addresses.
 
-  secgroup_base_id:
+  secgroup_slave_all_open_id:
     type: string
-    description: ID of the security group for base.
+    description: ID of the security group for slave.
 
 resources:
 
@@ -143,14 +143,6 @@ resources:
       handle: {get_resource: slave_wait_handle}
       timeout: {get_param: wait_condition_timeout}
 
-  secgroup_all_open:
-    type: OS::Neutron::SecurityGroup
-    properties:
-      rules:
-        - protocol: icmp
-        - protocol: tcp
-        - protocol: udp
-
   ######################################################################
   #
   # software configs.  these are components that are combined into
@@ -254,8 +246,7 @@ resources:
     properties:
       network: {get_param: fixed_network}
       security_groups:
-        - get_resource: secgroup_all_open
-        - get_param: secgroup_base_id
+        - get_param: secgroup_slave_all_open_id
       fixed_ips:
         - subnet: {get_param: fixed_subnet}
       replacement_policy: AUTO