# Security groups for external acccess k8s control nodes in dco. resource "openstack_networking_secgroup_v2" "k8s-external-control-dco" { name = "k8s-external" description = "External ingress traffic to k8s control nodes." provider=openstack.dco } # Security groups for external acccess k8s control nodes in sto3. resource "openstack_networking_secgroup_v2" "k8s-external-control-sto3" { name = "k8s-external" description = "External ingress traffic to k8s control nodes." provider=openstack.sto3 } # Security groups for external acccess k8s control nodes in sto4. resource "openstack_networking_secgroup_v2" "k8s-external-control-sto4" { name = "k8s-external" description = "External ingress traffic to k8s control nodes." provider=openstack.sto4 } # Rules dco resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_dco" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "16443" port_range_max = "16443" provider = openstack.dco remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-control-dco.id } # Rules sto3 resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_sto3" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "16443" port_range_max = "16443" provider = openstack.sto3 remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-control-sto3.id } # Rules sto4 resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_control_rule1_v4_sto4" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "16443" port_range_max = "16443" provider = openstack.sto4 remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-control-sto4.id } # Security groups for external acccess k8s worker nodes in dco. resource "openstack_networking_secgroup_v2" "k8s-external-worker-dco" { name = "k8s-external-worker" description = "External ingress traffic to k8s worker nodes." provider=openstack.dco } # Security groups for external acccess k8s worker nodes in sto3. resource "openstack_networking_secgroup_v2" "k8s-external-worker-sto3" { name = "k8s-external-worker" description = "External ingress traffic to k8s worker nodes." provider=openstack.sto3 } # Security groups for external acccess k8s worker nodes in sto4. resource "openstack_networking_secgroup_v2" "k8s-external-worker-sto4" { name = "k8s-external-worker" description = "External ingress traffic to k8s worker nodes." provider=openstack.sto4 } # Rules dco resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_dco" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "443" port_range_max = "443" provider = openstack.dco remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id } # Rules sto3 resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_sto3" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "443" port_range_max = "443" provider = openstack.sto3 remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-sto3.id } # Rules sto4 resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule1_v4_sto4" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "443" port_range_max = "443" provider = openstack.sto4 remote_ip_prefix = "89.47.191.43/32" security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-sto4.id } # Rules sto4 resource "openstack_networking_secgroup_rule_v2" "k8s_external_ingress_worker_rule2_v4_dco" { direction = "ingress" ethertype = "IPv4" protocol = "tcp" port_range_min = "443" port_range_max = "443" provider = openstack.dco remote_ip_prefix = "0.0.0.0/0" security_group_id = openstack_networking_secgroup_v2.k8s-external-worker-dco.id }