Change default CIDR for security_group

At the moment security group allows to access Amphora SSH/API
from any network which is insecure. We're changing default for
security groups to allow access only from Octavia Management
network.

Change-Id: I6ea6ab4ec1c28a3b354d40f6744434eefb05fcfe

defaults/main.yml

@@ -273,7 +273,7 @@ octavia_amp_image_upload_enabled: "{{ octavia_download_artefact }}"
 # Name of the Octavia security group
 octavia_security_group_name: octavia_sec_grp
 # Restrict access to only authorized hosts
-octavia_security_group_rule_cidr:
+octavia_security_group_rule_cidr: "{{ octavia_management_net_subnet_cidr }}"
 # ssh enabled - switch to True if you need ssh access to the amphora
 octavia_ssh_enabled: False
 octavia_ssh_key_name: octavia_key

releasenotes/notes/octavia_security_group_rule_cidr_default-dbf0cdfd17731a73.yaml

@@ -0,0 +1,7 @@
+---
+upgrade:
+  - |
+    Default value for ``octavia_security_group_rule_cidr`` is changed and
+    defined to the CIDR of Octavia management network.
+    To preserve previous behaviour, please override the variable to
+    `0.0.0.0/0`.