Add security group for neutron ports

During testing of scale heat rally test for neutron
(HeatStack.create_and_delete_stack) is falling because neutron
creates multiple security groups but nova cannot define which one
should it use. As a result nova cannot boot an instance.
The fix defines default security group in the
server_with_ports.yaml.template, so nova will choose
the one specific group.
In addition, the deprecated attribute network_id in the template
has been replaced with the network attribute.

Change-Id: I5e610f0fe3817fdbf6acd1e62ef7a5de3273874a
Closes-bug: #1428066
This commit is contained in:
kairat_kushaev 2015-03-05 13:32:02 +03:00
parent 08f4dabbbc
commit de3c40ffed
2 changed files with 24 additions and 2 deletions

View File

@ -45,9 +45,20 @@ resources:
network: { get_resource: private_net } network: { get_resource: private_net }
cidr: {get_param: cidr} cidr: {get_param: cidr}
port_security_group:
type: OS::Neutron::SecurityGroup
properties:
name: default_port_security_group
description: >
Default security group assigned to port. The neutron default group is not
used because neutron creates several groups with the same name=default and
nova cannot chooses which one should it use.
server_port: server_port:
type: OS::Neutron::Port type: OS::Neutron::Port
properties: properties:
network: {get_resource: private_net} network: {get_resource: private_net}
fixed_ips: fixed_ips:
- subnet_id: { get_resource: private_subnet } - subnet: { get_resource: private_subnet }
security_groups:
- { get_resource: port_security_group }

View File

@ -45,9 +45,20 @@ resources:
network: { get_resource: private_net } network: { get_resource: private_net }
cidr: {get_param: cidr} cidr: {get_param: cidr}
port_security_group:
type: OS::Neutron::SecurityGroup
properties:
name: default_port_security_group
description: >
Default security group assigned to port. The neutron default group is not
used because neutron creates several groups with the same name=default and
nova cannot chooses which one should it use.
server_port: server_port:
type: OS::Neutron::Port type: OS::Neutron::Port
properties: properties:
network: {get_resource: private_net} network: {get_resource: private_net}
fixed_ips: fixed_ips:
- subnet_id: { get_resource: private_subnet } - subnet: { get_resource: private_subnet }
security_groups:
- { get_resource: port_security_group }