File: oci-manila-security-group

package info (click to toggle)
openstack-cluster-installer 43.0.22
  • links: PTS, VCS
  • area: main
  • in suites: forky
  • size: 4,544 kB
  • sloc: php: 19,169; sh: 18,137; ruby: 75; makefile: 31; xml: 8
file content (26 lines) | stat: -rwxr-xr-x 1,050 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
#!/bin/sh

set -e
set -x

#######################
### SECURITY GROUPS ###
#######################
### Create the security groups

MANILA_SEC_GROUP_NAME=manila-security-group
# This is: ssh, nfs, netbios
MANILA_PORT_LIST="22 873 137 138 139 2049"

. /root/manila-openrc
MANILA_SEC_GROUP=$(openstack security group show ${MANILA_SEC_GROUP_NAME} -f value -c id 2>/dev/null || true)
if [ -z "${MANILA_SEC_GROUP}" ] ; then
	openstack security group create ${MANILA_SEC_GROUP_NAME}
	openstack security group rule create --protocol icmp ${MANILA_SEC_GROUP_NAME}
	openstack security group rule create --protocol icmpv6 --ethertype IPv6 --remote-ip ::/0 ${MANILA_SEC_GROUP_NAME}
	for PORT in ${MANILA_PORT_LIST} ; do
		openstack security group rule create --protocol tcp --dst-port ${PORT} ${MANILA_SEC_GROUP_NAME}
		openstack security group rule create --protocol tcp --dst-port ${PORT} --ethertype IPv6 --remote-ip ::/0 ${MANILA_SEC_GROUP_NAME}
	done
	MANILA_SEC_GROUP=$(openstack security group show ${MANILA_SEC_GROUP_NAME} -f value -c id 2>/dev/null)
fi