Hi Jake,

Yeah I gave that a try, and it does work. Though when I've tried similar it causes problems with removing a cluster, failing on not being able to remove the cluster security group because something other than the cluster is using it. Mostly that is the answer that I was looking for, that this feature doesn't exist. So I can add and remove the security group manually, and can probably do something better in terraform, but we're not quite there yet :)

Thank you!

On Tue, Mar 7, 2023 at 8:16 PM Jake Yip <jake.yip@ardc.edu.au> wrote:

Hi Vivian,

I'm not aware of that, sorry.

As an alternative, have you tried adding the security group of the
workers to the NFS server instead?

Regards,
Jake

On 4/3/2023 5:09 am, Vivian Rook wrote:
> Is there an option for adding security groups to a given magnum
> template, and thus the nodes that such a template would create?
>
> I have an NFS server, and it is setup to only allow connections from
> nodes with the "nfs" security group. A few pods in my cluster mount the
> NFS server, and are blocked as a result. Is it possible to setup magnum
> so that it adds the "nfs" security group to the worker nodes (it would
> be alright if it has to be worker and control nodes)?
>
> Thank you!
>
> --
> *Vivian Rook (They/Them)
> *
> Site Reliability Engineer
> Wikimedia Foundation <https://wikimediafoundation.org/>
>