From 1734df85e304d37366dd1922bdc7e633647bb880 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miroslav=20Such=C3=BD?= <msuchy@redhat.com>
Date: Mon, 16 Mar 2015 14:12:39 +0000
Subject: [PATCH] create "ALL ICMP" sec-group

---
 .../fed-cloud09.cloud.fedoraproject.org.yml   | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
index 95ff70f399..69fccfebe1 100644
--- a/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
+++ b/playbooks/hosts/fed-cloud09.cloud.fedoraproject.org.yml
@@ -909,6 +909,33 @@
       - scratch
       - transient
 
+  - name: "Create 'ALL ICMP' security group"
+    neutron_sec_group:
+      login_username: "admin"
+      login_password: "{{ ADMIN_PASS }}"
+      login_tenant_name: "admin"
+      auth_url: "https://{{controller_hostname}}:35357/v2.0"
+      state: "present"
+      name: 'all-icmp-{{item}}'
+      description: "allow all ICMP traffic"
+      tenant_name: "{{item}}"
+      rules:
+        - direction: "ingress"
+          ethertype: "IPv4"
+          protocol: "icmp"
+          remote_ip_prefix: "0.0.0.0/0"
+    with_items:
+      - cloudintern
+      - cloudsig
+      - copr
+      - coprdev
+      - infrastructure
+      - persistent
+      - pythonbots
+      - qa
+      - scratch
+      - transient
+
   # Update quota for Copr
   #   SEE:
   #   nova quota-defaults