Bootstrap Cloudify
Change-Id: Ice60018516175b364ecd024158af14a7b51d7998
Issue-ID: OOM-1350
Signed-off-by: jh245g <jh245g@att.com>
diff --git a/TOSCA/cloudify-environment-setup/openstack.yaml b/TOSCA/cloudify-environment-setup/openstack.yaml
new file mode 100644
index 0000000..d794a9e
--- /dev/null
+++ b/TOSCA/cloudify-environment-setup/openstack.yaml
@@ -0,0 +1,399 @@
+# ============LICENSE_START==========================================
+# ===================================================================
+# Copyright (c) 2018 AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#============LICENSE_END============================================
+
+tosca_definitions_version: cloudify_dsl_1_3
+
+imports:
+ - http://www.getcloudify.org/spec/cloudify/4.3.1/types.yaml
+ - http://www.getcloudify.org/spec/openstack-plugin/2.7.4/plugin.yaml
+ - http://www.getcloudify.org/spec/utilities-plugin/1.5.2/plugin.yaml
+ - http://www.getcloudify.org/spec/fabric-plugin/1.5.1/plugin.yaml
+ - imports/manager-configuration.yaml
+
+inputs:
+
+ helm_version:
+ default: v2.9.1
+
+ username:
+ description: OS_USERNAME as specified in Openstack RC file.
+
+ keystone_password:
+ description: Openstack user password.
+
+ tenant_name:
+ description: OS_TENANT_NAME as specified in Openstack RC file.
+
+ auth_url:
+ description: OS_AUTH_URL as specified in Openstack RC file.
+
+ region:
+ description: OS_REGION_NAME as specified in Openstack RC file.
+
+ external_network_name:
+ description: Openstack tenant external network name.
+
+ local_ssh_directory:
+ default: '~/.ssh/'
+
+ manager_key_name:
+ default: cfy-manager-key-os
+
+ agent_key_name:
+ default: cfy-agent-key-os
+
+ cloudify_key_file:
+ default: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name } ] }
+
+ nameservers:
+ default: [8.8.4.4, 8.8.8.8]
+
+ public_network_subnet_cidr:
+ default: 192.168.120.0/24
+
+ public_network_subnet_allocation_pools:
+ default:
+ - start: 192.168.120.2
+ end: 192.168.120.254
+
+ private_network_subnet_cidr:
+ default: 192.168.121.0/24
+
+ private_network_subnet_allocation_pools:
+ default:
+ - start: 192.168.121.2
+ end: 192.168.121.254
+
+ large_image_flavor:
+ type: string
+
+ small_image_flavor:
+ type: string
+
+ cloudify_image_username:
+ default: centos
+
+ centos_core_image:
+ type: string
+
+ ubuntu_trusty_image:
+ type: string
+
+ private_ip:
+ description: >
+ Resolving the IP for manager setup.
+ default: { get_attribute: [ cloudify_host, ip ] }
+
+ public_ip:
+ description: >
+ Resolving the IP for manager setup.
+ default: { get_attribute: [ public_network_subnet_port_fip, floating_ip_address ] }
+
+ secrets:
+ description: >
+ key, value pairs of secrets used in AWS blueprint examples.
+ default:
+ - key: keystone_username
+ value: { get_input: username }
+ - key: keystone_password
+ value: { get_input: keystone_password }
+ - key: keystone_tenant_name
+ value: { get_input: tenant_name }
+ - key: keystone_url
+ value: { get_input: auth_url }
+ - key: region
+ value: { get_input: region }
+ - key: keystone_region
+ value: { get_input: region }
+ - key: external_network_name
+ value: { get_property: [ external_network, resource_id ] }
+ - key: router_name
+ value: { get_attribute: [ public_network_router, external_name ] }
+ - key: public_network_name
+ value: { get_attribute: [ public_network, external_name ] }
+ - key: private_network_name
+ value: { get_attribute: [ private_network, external_name ] }
+ - key: public_subnet_name
+ value: { get_attribute: [ public_network_subnet, external_name ] }
+ - key: private_subnet_name
+ value: { get_attribute: [ private_network_subnet, external_name ] }
+ - key: ubuntu_trusty_image
+ value: { get_input: ubuntu_trusty_image }
+ - key: centos_core_image
+ value: { get_input: centos_core_image }
+ - key: small_image_flavor
+ value: { get_input: small_image_flavor }
+ - key: large_image_flavor
+ value: { get_input: large_image_flavor }
+ - key: agent_key_public
+ value: { get_attribute: [ agent_key, public_key_export ] }
+ - key: agent_key_private
+ value: { get_attribute: [ agent_key, private_key_export ] }
+
+dsl_definitions:
+
+ client_config: &client_config
+ username: { get_input: username }
+ password: { get_input: keystone_password }
+ tenant_name: { get_input: tenant_name }
+ auth_url: { get_input: auth_url }
+ region: { get_input: region }
+
+node_templates:
+
+ manager_key:
+ type: cloudify.keys.nodes.RSAKey
+ properties:
+ resource_config:
+ public_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name }, '.pub' ] }
+ private_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name } ] }
+ openssh_format: true
+ use_secret_store: false
+ key_name: { get_input: manager_key_name }
+ interfaces:
+ cloudify.interfaces.lifecycle:
+ create:
+ implementation: keys.cloudify_ssh_key.operations.create
+ inputs:
+ store_private_key_material: true
+
+ agent_key:
+ type: cloudify.keys.nodes.RSAKey
+ properties:
+ resource_config:
+ public_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: agent_key_name }, '.pub' ] }
+ private_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: agent_key_name } ] }
+ openssh_format: true
+ use_secret_store: false
+ key_name: { get_input: agent_key_name }
+ interfaces:
+ cloudify.interfaces.lifecycle:
+ create:
+ implementation: keys.cloudify_ssh_key.operations.create
+ inputs:
+ store_private_key_material: true
+
+ external_network:
+ type: cloudify.openstack.nodes.Network
+ properties:
+ openstack_config: *client_config
+ use_external_resource: true
+ resource_id: { get_input: external_network_name }
+
+ public_network_subnet_port_fip:
+ type: cloudify.openstack.nodes.FloatingIP
+ properties:
+ openstack_config: *client_config
+ floatingip:
+ floating_network_name: { get_input: external_network_name }
+
+ public_network:
+ type: cloudify.openstack.nodes.Network
+ properties:
+ openstack_config: *client_config
+
+ private_network:
+ type: cloudify.openstack.nodes.Network
+ properties:
+ openstack_config: *client_config
+
+ public_network_router:
+ type: cloudify.openstack.nodes.Router
+ properties:
+ openstack_config: *client_config
+ relationships:
+ - type: cloudify.relationships.connected_to
+ target: external_network
+
+ public_network_subnet:
+ type: cloudify.openstack.nodes.Subnet
+ properties:
+ openstack_config: *client_config
+ subnet:
+ ip_version: 4
+ cidr: { get_input: public_network_subnet_cidr }
+ dns_nameservers: { get_input: nameservers }
+ allocation_pools: { get_input: public_network_subnet_allocation_pools }
+ relationships:
+ - type: cloudify.relationships.contained_in
+ target: public_network
+ - type: cloudify.openstack.subnet_connected_to_router
+ target: public_network_router
+
+ private_network_subnet:
+ type: cloudify.openstack.nodes.Subnet
+ properties:
+ openstack_config: *client_config
+ subnet:
+ ip_version: 4
+ cidr: { get_input: private_network_subnet_cidr }
+ dns_nameservers: { get_input: nameservers }
+ allocation_pools: { get_input: private_network_subnet_allocation_pools }
+ relationships:
+ - type: cloudify.relationships.contained_in
+ target: private_network
+ - type: cloudify.openstack.subnet_connected_to_router
+ target: public_network_router
+
+ cloudify_security_group:
+ type: cloudify.openstack.nodes.SecurityGroup
+ properties:
+ openstack_config: *client_config
+ rules:
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: null
+ port_range_max: null
+ protocol: icmp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 22
+ port_range_max: 22
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 80
+ port_range_max: 80
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 443
+ port_range_max: 443
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 5671
+ port_range_max: 5671
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 8086
+ port_range_max: 8086
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 8101
+ port_range_max: 8101
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 8300
+ port_range_max: 8301
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 8500
+ port_range_max: 8500
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 15432
+ port_range_max: 15432
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 22000
+ port_range_max: 22000
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 53229
+ port_range_max: 53229
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 53333
+ port_range_max: 53333
+ protocol: tcp
+ - remote_ip_prefix: 0.0.0.0/0
+ port_range_min: 30000
+ port_range_max: 40000
+ protocol: tcp
+
+ public_network_subnet_port:
+ type: cloudify.openstack.nodes.Port
+ properties:
+ openstack_config: *client_config
+ relationships:
+ - type: cloudify.relationships.contained_in
+ target: public_network
+ - type: cloudify.relationships.depends_on
+ target: public_network_subnet
+ - type: cloudify.openstack.port_connected_to_security_group
+ target: cloudify_security_group
+ - type: cloudify.openstack.port_connected_to_floating_ip
+ target: public_network_subnet_port_fip
+
+ private_network_subnet_port:
+ type: cloudify.openstack.nodes.Port
+ properties:
+ openstack_config: *client_config
+ relationships:
+ - type: cloudify.relationships.contained_in
+ target: private_network
+ - type: cloudify.relationships.depends_on
+ target: private_network_subnet
+ - type: cloudify.openstack.port_connected_to_security_group
+ target: cloudify_security_group
+
+ cloudify_host_cloud_config:
+ type: cloudify.nodes.CloudInit.CloudConfig
+ interfaces:
+ cloudify.interfaces.lifecycle:
+ create:
+ inputs:
+ resource_config:
+ users:
+ - name: { get_input: cloudify_image_username }
+ primary-group: wheel
+ shell: /bin/bash
+ sudo: ['ALL=(ALL) NOPASSWD:ALL']
+ ssh-authorized-keys:
+ - { get_attribute: [ manager_key, public_key_export ] }
+ packages:
+ - wget
+ runcmd:
+ - { concat: [ 'usermod -aG wheel ', { get_input: cloudify_image_username } ] }
+ - yum install -y python-backports-ssl_match_hostname python-setuptools python-backports
+ - { concat: [ 'wget http://storage.googleapis.com/kubernetes-helm/helm-', { get_input: helm_version }, -linux-amd64.tar.gz ] }
+ - { concat: [ 'tar -zxvf helm-', { get_input: helm_version }, '-linux-amd64.tar.gz' ] }
+ - mv linux-amd64/helm /usr/bin/helm
+ relationships:
+ - type: cloudify.relationships.depends_on
+ target: manager_key
+ - type: cloudify.relationships.depends_on
+ target: public_network_subnet_port
+ - type: cloudify.relationships.depends_on
+ target: private_network_subnet_port
+
+ cloudify_host:
+ type: cloudify.openstack.nodes.Server
+ properties:
+ openstack_config: *client_config
+ agent_config:
+ install_method: none
+ server:
+ key_name: ''
+ image: { get_input: centos_core_image }
+ flavor: { get_input: large_image_flavor }
+ interfaces:
+ cloudify.interfaces.lifecycle:
+ create:
+ inputs:
+ args:
+ image: { get_input: centos_core_image }
+ flavor: { get_input: large_image_flavor }
+ userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] }
+ nics:
+ - port-id: { get_attribute: [ public_network_subnet_port, external_id ] }
+ # - port-id: { get_attribute: [ private_network_subnet_port, external_id ] }
+ relationships:
+ # Implicitly dependent on ports.
+ - type: cloudify.relationships.depends_on
+ target: cloudify_host_cloud_config
+
+outputs:
+
+ manager_ip:
+ value: { get_input: public_ip }