Browse Source

Enable security group on the Octavia management port

A dedicated security group (lb-health-mgr-sec-grp) is created for the
Octavia management port but it was unused as the port was created with
no-security-groups.
This commit enables this security group of the health-manager port.

Change-Id: Ib7ec0d194d9858b115ba9343a7117aa1f4d264ea
changes/26/801626/1
Gregory Thiemonge 1 year ago
parent
commit
a767d65dbc
  1. 3
      tripleo_ansible/roles/octavia_controller_config/tasks/netport.yml

3
tripleo_ansible/roles/octavia_controller_config/tasks/netport.yml

@ -5,8 +5,7 @@
port_id="$(openstack port show octavia-health-manager-{{ node_hostname }}-listen-port -f value -c id 2> /dev/null)"
if [[ -z "${port_id}" ]]; then
neutron port-create {{ lb_mgmt_net_name }} --binding:host_id={{ node_hostname }} \
--no-security-groups \
--port-security-enabled=False \
--security-group {{ lb_health_mgr_sec_grp_name }} \
--device-owner Octavia:health-mgr \
--name octavia-health-manager-{{ node_hostname }}-listen-port \
-f value \

Loading…
Cancel
Save