Add security rule for octavia healthmanager
Amphora does report back it's status to Octavia healthmanager through octavia_health_manager_port. This outgoing traffic from Amphora must be allowed to show LB stats and operational_status. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-plugins/+/896017 Change-Id: Ib6b8547b69949f7af0ba0f7f436b4286d3baccb7
This commit is contained in:
Dmitriy Rabotyagov
Dmitriy Rabotyagov
parent
3a7c5e6634
commit
ce5c701ab4
@ -78,6 +78,29 @@
|
||||
retries: 5
|
||||
delay: 10
|
||||
|
||||
- name: Create security group rule for healthmanager
|
||||
openstack.cloud.security_group_rule:
|
||||
auth:
|
||||
auth_url: "{{ keystone_service_adminurl }}"
|
||||
username: "{{ octavia_service_user_name }}"
|
||||
password: "{{ octavia_service_password }}"
|
||||
project_name: "{{ octavia_service_project_name }}"
|
||||
user_domain_name: "{{ octavia_service_user_domain_id }}"
|
||||
project_domain_name: "{{ octavia_service_project_domain_id }}"
|
||||
state: present
|
||||
security_group: "{{ octavia_security_group_name }}"
|
||||
protocol: udp
|
||||
port_range_min: "{{ octavia_health_manager_port }}"
|
||||
port_range_max: "{{ octavia_health_manager_port }}"
|
||||
remote_ip_prefix: "{{ octavia_security_group_rule_cidr }}"
|
||||
direction: egress
|
||||
interface: admin
|
||||
verify: "{{ not keystone_service_adminuri_insecure }}"
|
||||
register: add_security_group_rule
|
||||
until: add_security_group_rule is success
|
||||
retries: 5
|
||||
delay: 10
|
||||
|
||||
- name: Create security group rule for ssh
|
||||
openstack.cloud.security_group_rule:
|
||||
auth:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user