From 01c8936db705a36149780a1b28a99fa7bf05f0b6 Mon Sep 17 00:00:00 2001 From: Magnus Andersson Date: Tue, 16 Jan 2024 07:40:38 +0100 Subject: [PATCH] Futureproof securitygroup logic. --- iac_vars.yaml | 4 ++++ kubenodes.yaml | 11 +++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/iac_vars.yaml b/iac_vars.yaml index 0bb3650..4579913 100644 --- a/iac_vars.yaml +++ b/iac_vars.yaml @@ -1 +1,5 @@ numnodes: 3 +kubesecgroups: + - allegress + - kubenode + - ssh-from-jumphost diff --git a/kubenodes.yaml b/kubenodes.yaml index f3edc80..08e8acf 100644 --- a/kubenodes.yaml +++ b/kubenodes.yaml @@ -25,10 +25,12 @@ name: kube{{ item }}-matrix-test-sunet-se-port network: public security_groups: |- - {%- set secgroupallegress=secgroups.security_groups|selectattr('name', 'equalto', 'allegress')| first -%} - {% set secgroupkubenode=secgroups.security_groups|selectattr('name', 'equalto', 'kubenode')| first -%} - {% set secgroupssh=secgroups.security_groups|selectattr('name', 'equalto', 'ssh-from-jumphost')| first -%} - {{ secgroupallegress['id'] }},{{secgroupkubenode['id']}},{{secgroupssh['id'] -}} + {%- set secgrlist = [] -%} + {%- for sg in kubesecgroups -%} + {% set sgdict=secgroups.security_groups|selectattr('name', 'equalto', sg )| first -%} + {{- secgrlist.append(sgdict['id']) -}} + {%- endfor -%} + {{ secgrlist | join(',') }} loop: "{{ range(1, numnodes + 1 )|list }}" - name: Launch kubernetes instances @@ -42,6 +44,7 @@ - "kube{{ item }}-matrix-test-sunet-se-snapvol" nics: - port-name: "kube{{ item }}-matrix-test-sunet-se-port" + security_groups: "{{ kubesecgroups | join(',') }}" userdata: | {{ lookup('ansible.builtin.template', 'kubenodes-user.yaml.j2') | indent(4, False ) }} loop: "{{ range(1, numnodes + 1 )|list }}"