stackoom
  简体   繁体   中英

How to use the security group existing in horizon in heat template

 原文  2018-08-13 15:00:33       yaml/ openstack

Question

I'm newbies on heat yaml template loaded by OpenStack I've got this command which works fine : 

openstack server create --image RHEL-7.4   --flavor std.cpu1ram1 --nic net-id=network-name.admin-network --security-group security-name.group-sec-default   value instance-name

I tried to write this heat file with the command above : 

heat_template_version: 2014-10-16

description: Simple template to deploy a single compute instance with an attached volume

resources:
  my_instance:
    type: OS::Nova::Server
    properties:
      name: instance-name
      image: RHEL-7.4
      flavor: std.cpu1ram1
      networks:
        - network: network-name.admin-network
      security_group: 
        - security_group: security-name.group-sec-default

security-group: 
  type: OS::Neutron::SecurityGroup
properties:
  rules: security-name.group-sec-default

  my_volume:
    type: OS::Cinder::Volume
    properties:
      size: 10

  my_attachment:
      type: OS::Cinder::VolumeAttachment
      properties:
        instance_uuid:  { get_resource: my_instance }
        volume_id: { get_resource: my_volume }
        mountpoint: /dev/vdb

The stack creation failed with the following message error : 

 openstack stack create -t my_first.yaml First_stack
 openstack stack show First_stack
.../...
   | stack_status_reason   | Resource CREATE failed: BadRequest: resources.my_instance: Unable to find security_group with name or id 'sec_group1' (HTTP 400) (Request-ID: req-1c5d041c-2254-4e43-8785-c421319060d0) 
.../...

Thanks for helping,

2 answers

solution1
 1 ACCPTED  2018-08-14 14:10:44

After digging, I finally found what was wrong in my heat file. I had to declare my instance like this : 

my_instance:
    type: OS::Nova::Server
    properties:
      name: instance-name
      image: RHEL-7.4
      flavor: std.cpu1ram1
      networks:
        - network: network-name.admin-network
      security_groups: [security-name.group-sec-default]

Thanks for your support

solution2
 0  2018-08-14 06:08:25

According to the template guide it is expecting the rules type is of list .

在此处输入图片说明

So, change the content of template as below for security-group : 

security-group: 
  type: OS::Neutron::SecurityGroup
  properties:
    rules: [security-name.group-sec-default]

OR 

security-group: 
  type: OS::Neutron::SecurityGroup
  properties:
    rules: 
      - security-name.group-sec-default

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use existing VPC in AWS CloudFormation template for new SecurityGroup Passing Security Group Ids and Subnet Ids in a Clould Formation template How to reference existing resources in CloudFormation yaml template? Use an existing Elastic IP in CloudFormation template instead of generating a new one? How to add a new statement to an existing SQS QueuePolicy from another template? How to use Parameters in CloudWatch Dashboard template How to make use of `template` section in kurfile properly? how to use existing github yml files for Azure devops pipelines How to regex-match a comma delimited list containing AWS Security Group IDs? How to Terminate multiple ec2 instances belonging to same security group with ansible?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM