search

usegalaxy-eu / infrastructure

All of Galaxyproject EU's cloud infrastructure.
8 stars 25 forks source link

create htcondor shared port secgroup and attach it to the maintenance node #191

Closed sanjaysrikakulam closed 7 months ago

sanjaysrikakulam commented 7 months ago

This is needed as the condor_q -global will not fetch the queued jobs from the maintenance node due to blocked access to the scheduler.

This PR will create the required security group and add an ingress rule (opens port 9628, which is configured at the moment as the htcondor_port, see issue) and then attach the group to the maintenance node.

usegalaxy-eu-bot commented 7 months ago 


Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # openstack_compute_instance_v2.maintenance will be updated in-place
  ~ resource "openstack_compute_instance_v2" "maintenance" {
        id                  = "2b47a7ab-9066-4e7d-aece-522eded73a01"
        name                = "maintenance.galaxyproject.eu"
      ~ security_groups     = [
          + "htcondor_shared_port",
            # (2 unchanged elements hidden)
        ]
        tags                = []
        # (13 unchanged attributes hidden)

        # (2 unchanged blocks hidden)
    }

  # openstack_networking_secgroup_rule_v2.htcondor_shared_port_ingress_ipv4 will be created
  + resource "openstack_networking_secgroup_rule_v2" "htcondor_shared_port_ingress_ipv4" {
      + direction         = "ingress"
      + ethertype         = "IPv4"
      + id                = (known after apply)
      + port_range_max    = 9628
      + port_range_min    = 9628
      + protocol          = "tcp"
      + region            = (known after apply)
      + remote_group_id   = (known after apply)
      + remote_ip_prefix  = (known after apply)
      + security_group_id = (known after apply)
      + tenant_id         = (known after apply)
    }

  # openstack_networking_secgroup_v2.htcondor_shared_port will be created
  + resource "openstack_networking_secgroup_v2" "htcondor_shared_port" {
      + all_tags             = (known after apply)
      + delete_default_rules = true
      + description          = "[tf] HTCcondor shared port profile"
      + id                   = (known after apply)
      + name                 = "htcondor_shared_port"
      + region               = (known after apply)
      + tenant_id            = (known after apply)
    }

Plan: 2 to add, 1 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf.plan" ```