diff --git a/playbooks/groups/overcloud-config.yml b/playbooks/groups/overcloud-config.yml index 42ba1de619..07f324678e 100644 --- a/playbooks/groups/overcloud-config.yml +++ b/playbooks/groups/overcloud-config.yml @@ -215,6 +215,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Allow nagios checks" @@ -236,6 +237,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "209.132.181.35/32" + project: "{{item}}" with_items: - persistent @@ -260,6 +262,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "172.25.32.1/20" + project: "{{item}}" with_items: - copr - coprdev @@ -292,6 +295,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "{{ item.prefix }}" + project: "{{item}}" with_items: - { name: copr, prefix: '172.25.80.1/20' } - { name: coprdev, prefix: '172.25.80.1/20' } @@ -322,6 +326,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'web-443-anywhere' security group" @@ -343,6 +348,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'oci-registry-5000-anywhere' security group" @@ -364,6 +370,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'wide-open' security group" @@ -385,6 +392,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: add rule to new security group (ssh-from-persistent) @@ -397,6 +405,7 @@ ethertype: "IPv4" protocol: "udp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'ALL ICMP' security group" @@ -416,6 +425,7 @@ ethertype: "IPv4" protocol: "icmp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'keygen-persistent' security group" @@ -425,6 +435,9 @@ cloud: "{{ os_cloud }}" description: "rules for copr-keygen" project: "persistent" + with_items: + - copr + - coprdev - name: add rule to new security group (ssh-from-persistent) os_security_group_rule: @@ -436,6 +449,10 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "172.25.32.1/20" + project: "{{item}}" + with_items: + - copr + - coprdev - name: add rule to new security group (ssh-from-persistent) os_security_group_rule: @@ -447,6 +464,10 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "172.25.32.1/20" + project: "{{item}}" + with_items: + - copr + - coprdev - name: "Create 'pg-5432-anywhere' security group" os_security_group: @@ -467,6 +488,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "0.0.0.0/0" + project: "{{item}}" with_items: "{{all_projects}}" - name: "Create 'fedmsg-relay-persistent' security group" @@ -488,6 +510,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "172.25.80.1/16" + project: "{{item}}" with_items: "{{all_projects}}" - name: add rule to new security group (ssh-from-persistent) @@ -500,6 +523,7 @@ ethertype: "IPv4" protocol: "tcp" remote_ip_prefix: "172.25.80.1/16" + project: "{{item}}" with_items: "{{all_projects}}" #########