diff --git a/IaC-test/nodes.tf b/IaC-test/nodes.tf index aeffc57..f9bbb6c 100644 --- a/IaC-test/nodes.tf +++ b/IaC-test/nodes.tf @@ -12,7 +12,7 @@ resource "openstack_networking_port_v2" "kubecport" { security_group_ids = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.id, data.openstack_networking_secgroup_v2.allegress.id, - resource.openstack_networking_secgroup_v2.microk8s.id, + resource.openstack_networking_secgroup_v2.microk8s-old.id, resource.openstack_networking_secgroup_v2.microk8s-dco.id, resource.openstack_networking_secgroup_v2.https.id ] @@ -36,7 +36,7 @@ resource "openstack_compute_instance_v2" "controller-nodes" { security_groups = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.name, data.openstack_networking_secgroup_v2.allegress.name, - resource.openstack_networking_secgroup_v2.microk8s.id, + resource.openstack_networking_secgroup_v2.microk8s-old.id, resource.openstack_networking_secgroup_v2.microk8s-dco.id, resource.openstack_networking_secgroup_v2.https.name ] @@ -67,7 +67,7 @@ resource "openstack_networking_port_v2" "kubewport" { security_group_ids = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.id, data.openstack_networking_secgroup_v2.allegress.id, - resource.openstack_networking_secgroup_v2.microk8s.id + resource.openstack_networking_secgroup_v2.microk8s-old.id ] admin_state_up = "true" } @@ -98,7 +98,7 @@ resource "openstack_compute_instance_v2" "worker-nodes" { security_groups = [ data.openstack_networking_secgroup_v2.sshfromjumphosts.name, data.openstack_networking_secgroup_v2.allegress.name, - resource.openstack_networking_secgroup_v2.microk8s.name + resource.openstack_networking_secgroup_v2.microk8s-old.name ] block_device { diff --git a/IaC-test/securitygroups-k8s-dco.tf b/IaC-test/securitygroups-k8s-dco.tf index 489da4e..69e7b71 100644 --- a/IaC-test/securitygroups-k8s-dco.tf +++ b/IaC-test/securitygroups-k8s-dco.tf @@ -1,5 +1,5 @@ -# Security groups sto3 +# Security groups dco resource "openstack_networking_secgroup_v2" "microk8s-dco" { name = "microk8s" description = "Traffic to allow between microk8s hosts" diff --git a/IaC-test/securitygroups.tf b/IaC-test/securitygroups.tf index 9703642..20e6425 100644 --- a/IaC-test/securitygroups.tf +++ b/IaC-test/securitygroups.tf @@ -7,8 +7,8 @@ data "openstack_networking_secgroup_v2" "allegress" { name = "allegress" } -resource "openstack_networking_secgroup_v2" "microk8s" { - name = "microk8s" +resource "openstack_networking_secgroup_v2" "microk8s-old" { + name = "microk8s-old" description = "Traffic to allow between microk8s hosts" } @@ -18,8 +18,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule1" { protocol = "tcp" port_range_min = 16443 port_range_max = 16443 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule2" { direction = "ingress" @@ -27,8 +27,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule2" { protocol = "tcp" port_range_min = 16443 port_range_max = 16443 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule3" { @@ -37,8 +37,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule3" { protocol = "tcp" port_range_min = 10250 port_range_max = 10250 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule4" { direction = "ingress" @@ -46,8 +46,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule4" { protocol = "tcp" port_range_min = 10250 port_range_max = 10250 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule5" { @@ -56,8 +56,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule5" { protocol = "tcp" port_range_min = 10255 port_range_max = 10255 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule6" { direction = "ingress" @@ -65,8 +65,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule6" { protocol = "tcp" port_range_min = 10255 port_range_max = 10255 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule7" { direction = "ingress" @@ -74,8 +74,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule7" { protocol = "tcp" port_range_min = 25000 port_range_max = 25000 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule8" { direction = "ingress" @@ -83,8 +83,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule8" { protocol = "tcp" port_range_min = 25000 port_range_max = 25000 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule9" { direction = "ingress" @@ -92,8 +92,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule9" { protocol = "tcp" port_range_min = 12379 port_range_max = 12379 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule10" { direction = "ingress" @@ -101,8 +101,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule10" { protocol = "tcp" port_range_min = 12379 port_range_max = 12379 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule11" { direction = "ingress" @@ -110,8 +110,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule11" { protocol = "tcp" port_range_min = 10257 port_range_max = 10257 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule12" { direction = "ingress" @@ -119,8 +119,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule12" { protocol = "tcp" port_range_min = 10257 port_range_max = 10257 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule13" { direction = "ingress" @@ -128,8 +128,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule13" { protocol = "tcp" port_range_min = 10259 port_range_max = 10259 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule14" { direction = "ingress" @@ -137,8 +137,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule14" { protocol = "tcp" port_range_min = 10259 port_range_max = 10259 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule15" { direction = "ingress" @@ -146,8 +146,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule15" { protocol = "tcp" port_range_min = 19001 port_range_max = 19001 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule16" { direction = "ingress" @@ -155,8 +155,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule16" { protocol = "tcp" port_range_min = 19001 port_range_max = 19001 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule17" { direction = "ingress" @@ -164,8 +164,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule17" { protocol = "udp" port_range_min = 4789 port_range_max = 4789 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" { direction = "ingress" @@ -173,8 +173,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule18" { protocol = "udp" port_range_min = 4789 port_range_max = 4789 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule19" { direction = "ingress" @@ -182,8 +182,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule19" { protocol = "udp" port_range_min = 51820 port_range_max = 51820 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_rule_v2" "microk8s_rule20" { direction = "ingress" @@ -191,8 +191,8 @@ resource "openstack_networking_secgroup_rule_v2" "microk8s_rule20" { protocol = "udp" port_range_min = 51820 port_range_max = 51820 - remote_group_id = openstack_networking_secgroup_v2.microk8s.id - security_group_id = openstack_networking_secgroup_v2.microk8s.id + remote_group_id = openstack_networking_secgroup_v2.microk8s-old.id + security_group_id = openstack_networking_secgroup_v2.microk8s-old.id } resource "openstack_networking_secgroup_v2" "https" {