Merge "Fix POD to POD networking with ML2/OVN"

Author: Zuul

magnum/drivers/k8s_fedora_coreos_v1/templates/kubecluster.yaml

@@ -1131,6 +1131,25 @@ resources:
       port_range_max: 65535
       security_group: {get_resource: secgroup_kube_minion}
       remote_group: {get_resource: secgroup_kube_minion}
+  # allow traffic between PODs for ML2/OVN
+  secgroup_rule_tcp_kube_minion_pods_cidr:
+    condition: create_cluster_resources
+    type: OS::Neutron::SecurityGroupRule
+    properties:
+      protocol: tcp
+      port_range_min: 1
+      port_range_max: 65535
+      remote_ip_prefix: {get_param: pods_network_cidr}
+      security_group: {get_resource: secgroup_kube_minion}
+  secgroup_rule_udp_kube_minion_pods_cidr:
+    condition: create_cluster_resources
+    type: OS::Neutron::SecurityGroupRule
+    properties:
+      protocol: udp
+      port_range_min: 1
+      port_range_max: 65535
+      remote_ip_prefix: {get_param: pods_network_cidr}
+      security_group: {get_resource: secgroup_kube_minion}
 
   ######################################################################
   #