Futureproof securitygroup logic.

2024-01-16 07:40:38 +01:00 · 2024-01-16 07:40:38 +01:00 · 01c8936db7
parent d5cad0d824
commit 01c8936db7
2 changed files with 11 additions and 4 deletions
--- a/iac_vars.yaml
+++ b/iac_vars.yaml
@ -1 +1,5 @@
 numnodes: 3
+kubesecgroups:
+  - allegress
+  - kubenode
+  - ssh-from-jumphost
--- a/kubenodes.yaml
+++ b/kubenodes.yaml
@ -25,10 +25,12 @@
    name: kube{{ item }}-matrix-test-sunet-se-port
    network: public
    security_groups: |-
-      {%- set secgroupallegress=secgroups.security_groups|selectattr('name', 'equalto', 'allegress')| first -%}
-      {% set secgroupkubenode=secgroups.security_groups|selectattr('name', 'equalto', 'kubenode')| first -%}
-      {% set secgroupssh=secgroups.security_groups|selectattr('name', 'equalto', 'ssh-from-jumphost')| first -%}
-      {{ secgroupallegress['id'] }},{{secgroupkubenode['id']}},{{secgroupssh['id'] -}}
+      {%- set secgrlist = [] -%}
+      {%- for sg in kubesecgroups -%}
+      {% set sgdict=secgroups.security_groups|selectattr('name', 'equalto', sg )| first -%}
+      {{- secgrlist.append(sgdict['id']) -}}
+      {%- endfor -%}
+      {{ secgrlist | join(',') }}
  loop: "{{ range(1, numnodes + 1 )|list }}"

 - name: Launch kubernetes instances
@ -42,6 +44,7 @@
      - "kube{{ item }}-matrix-test-sunet-se-snapvol"
    nics: 
      - port-name: "kube{{ item }}-matrix-test-sunet-se-port"
+    security_groups: "{{ kubesecgroups | join(',') }}"
    userdata: |
      {{ lookup('ansible.builtin.template', 'kubenodes-user.yaml.j2') | indent(4, False ) }}
  loop: "{{ range(1, numnodes + 1 )|list }}"