github.com/SUSE/skuba@v1.4.17/ci/infra/openstack/security-groups-master.tf

github.com/SUSE/skuba@v1.4.17/ci/infra/openstack/security-groups-master.tf (about)

     1  resource "openstack_networking_secgroup_v2" "master_nodes" {
     2    name        = "${var.stack_name}-caasp_master_nodes_secgroup"
     3    description = "Common security group for CaaSP master nodes"
     4  }
     5  
     6  resource "openstack_networking_secgroup_rule_v2" "etcd_client_communication" {
     7    direction         = "ingress"
     8    ethertype         = "IPv4"
     9    protocol          = "tcp"
    10    port_range_min    = 2379
    11    port_range_max    = 2379
    12    remote_ip_prefix  = var.subnet_cidr
    13    security_group_id = openstack_networking_secgroup_v2.master_nodes.id
    14  }
    15  
    16  resource "openstack_networking_secgroup_rule_v2" "etcd_server_to_server" {
    17    direction         = "ingress"
    18    ethertype         = "IPv4"
    19    protocol          = "tcp"
    20    port_range_min    = 2380
    21    port_range_max    = 2380
    22    remote_ip_prefix  = var.subnet_cidr
    23    security_group_id = openstack_networking_secgroup_v2.master_nodes.id
    24  }
    25  
    26  resource "openstack_networking_secgroup_rule_v2" "api_server" {
    27    direction         = "ingress"
    28    ethertype         = "IPv4"
    29    protocol          = "tcp"
    30    port_range_min    = 6443
    31    port_range_max    = 6443
    32    remote_ip_prefix  = "0.0.0.0/0"
    33    security_group_id = openstack_networking_secgroup_v2.master_nodes.id
    34  }
    35