Question

我是OpenStack加载的Heat Yaml模板的新手我有此命令，它工作正常：

openstack server create --image RHEL-7.4   --flavor std.cpu1ram1 --nic net-id=network-name.admin-network --security-group security-name.group-sec-default   value instance-name

我尝试使用上面的命令编写此热量文件：

heat_template_version: 2014-10-16

description: Simple template to deploy a single compute instance with an attached volume

resources:
  my_instance:
    type: OS::Nova::Server
    properties:
      name: instance-name
      image: RHEL-7.4
      flavor: std.cpu1ram1
      networks:
        - network: network-name.admin-network
      security_group: 
        - security_group: security-name.group-sec-default

security-group: 
  type: OS::Neutron::SecurityGroup
properties:
  rules: security-name.group-sec-default

  my_volume:
    type: OS::Cinder::Volume
    properties:
      size: 10

  my_attachment:
      type: OS::Cinder::VolumeAttachment
      properties:
        instance_uuid:  { get_resource: my_instance }
        volume_id: { get_resource: my_volume }
        mountpoint: /dev/vdb

堆栈创建失败，并显示以下消息错误：

 openstack stack create -t my_first.yaml First_stack
 openstack stack show First_stack
.../...
   | stack_status_reason   | Resource CREATE failed: BadRequest: resources.my_instance: Unable to find security_group with name or id 'sec_group1' (HTTP 400) (Request-ID: req-1c5d041c-2254-4e43-8785-c421319060d0) 
.../...

感谢您的帮助，

Answer 1

经过挖掘，我终于在热量文件中发现了问题所在。我必须这样声明我的实例：

my_instance:
    type: OS::Nova::Server
    properties:
      name: instance-name
      image: RHEL-7.4
      flavor: std.cpu1ram1
      networks:
        - network: network-name.admin-network
      security_groups: [security-name.group-sec-default]

感谢您的支持

Answer 2

根据模板指南，期望规则类型为list。

因此，如下更改security-group的模板内容：

security-group: 
  type: OS::Neutron::SecurityGroup
  properties:
    rules: [security-name.group-sec-default]

OR

security-group: 
  type: OS::Neutron::SecurityGroup
  properties:
    rules: 
      - security-name.group-sec-default

如何使用热量模板中存在于地平线中的安全组

2 个答案: