Futureproof securitygroup logic.

This commit is contained in:
Magnus Andersson 2024-01-16 07:40:38 +01:00
parent d5cad0d824
commit 01c8936db7
Signed by: mandersson
GPG key ID: 19CB2C58E1F19B16
2 changed files with 11 additions and 4 deletions

View file

@ -1 +1,5 @@
numnodes: 3 numnodes: 3
kubesecgroups:
- allegress
- kubenode
- ssh-from-jumphost

View file

@ -25,10 +25,12 @@
name: kube{{ item }}-matrix-test-sunet-se-port name: kube{{ item }}-matrix-test-sunet-se-port
network: public network: public
security_groups: |- security_groups: |-
{%- set secgroupallegress=secgroups.security_groups|selectattr('name', 'equalto', 'allegress')| first -%} {%- set secgrlist = [] -%}
{% set secgroupkubenode=secgroups.security_groups|selectattr('name', 'equalto', 'kubenode')| first -%} {%- for sg in kubesecgroups -%}
{% set secgroupssh=secgroups.security_groups|selectattr('name', 'equalto', 'ssh-from-jumphost')| first -%} {% set sgdict=secgroups.security_groups|selectattr('name', 'equalto', sg )| first -%}
{{ secgroupallegress['id'] }},{{secgroupkubenode['id']}},{{secgroupssh['id'] -}} {{- secgrlist.append(sgdict['id']) -}}
{%- endfor -%}
{{ secgrlist | join(',') }}
loop: "{{ range(1, numnodes + 1 )|list }}" loop: "{{ range(1, numnodes + 1 )|list }}"
- name: Launch kubernetes instances - name: Launch kubernetes instances
@ -42,6 +44,7 @@
- "kube{{ item }}-matrix-test-sunet-se-snapvol" - "kube{{ item }}-matrix-test-sunet-se-snapvol"
nics: nics:
- port-name: "kube{{ item }}-matrix-test-sunet-se-port" - port-name: "kube{{ item }}-matrix-test-sunet-se-port"
security_groups: "{{ kubesecgroups | join(',') }}"
userdata: | userdata: |
{{ lookup('ansible.builtin.template', 'kubenodes-user.yaml.j2') | indent(4, False ) }} {{ lookup('ansible.builtin.template', 'kubenodes-user.yaml.j2') | indent(4, False ) }}
loop: "{{ range(1, numnodes + 1 )|list }}" loop: "{{ range(1, numnodes + 1 )|list }}"