| # ============LICENSE_START========================================== |
| # =================================================================== |
| # Copyright (c) 2017 AT&T |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| #============LICENSE_END============================================ |
| |
| tosca_definitions_version: cloudify_dsl_1_3 |
| |
| description: > |
| This blueprint creates a Kubernetes Cluster. |
| It is based on this documentation: https://kubernetes.io/docs/getting-started-guides/kubeadm/ |
| |
| imports: |
| - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.1/resources/rest-service/cloudify/types/types.yaml |
| - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-openstack-plugin/2.2.0/plugin.yaml |
| - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.2.5/plugin.yaml |
| - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-fabric-plugin/1.5/plugin.yaml |
| - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-diamond-plugin/1.3.5/plugin.yaml |
| - imports/cloud-config.yaml |
| - imports/kubernetes.yaml |
| |
| inputs: |
| |
| image: |
| description: Image to be used when launching agent VMs |
| default: { get_secret: centos_core_image } |
| |
| flavor: |
| description: Flavor of the agent VMs |
| default: { get_secret: large_image_flavor } |
| |
| agent_user: |
| description: > |
| User for connecting to agent VMs |
| default: centos |
| |
| helm_version: |
| description: helm version to be installed |
| default: v2.9.1 |
| |
| dsl_definitions: |
| |
| openstack_config: &openstack_config |
| username: { get_secret: keystone_username } |
| password: { get_secret: keystone_password } |
| tenant_name: { get_secret: keystone_tenant_name } |
| auth_url: { get_secret: keystone_url } |
| region: { get_secret: region } |
| |
| node_templates: |
| |
| nfs_server: |
| type: cloudify.nodes.SoftwareComponent |
| properties: |
| interfaces: |
| cloudify.interfaces.lifecycle: |
| start: |
| implementation: fabric.fabric_plugin.tasks.run_script |
| inputs: |
| script_path: scripts/nfs.sh |
| use_sudo: true |
| process: |
| args: |
| fabric_env: |
| host_string: { get_attribute: [ kubernetes_master_host, ip ] } |
| user: { get_input: agent_user } |
| key: { get_secret: agent_key_private } |
| relationships: |
| - type: cloudify.relationships.contained_in |
| target: kubernetes_master_host |
| |
| k8s_tools: |
| type: cloudify.nodes.SoftwareComponent |
| properties: |
| interfaces: |
| cloudify.interfaces.lifecycle: |
| start: |
| implementation: fabric.fabric_plugin.tasks.run_script |
| inputs: |
| script_path: scripts/k8s_tools.sh |
| process: |
| args: [{ get_input: helm_version }] |
| fabric_env: |
| host_string: { get_attribute: [ kubernetes_master_host, ip ] } |
| user: { get_input: agent_user } |
| key: { get_secret: agent_key_private } |
| relationships: |
| - type: cloudify.relationships.contained_in |
| target: kubernetes_master |
| |
| kubernetes_master_host: |
| type: cloudify.openstack.nodes.Server |
| properties: |
| openstack_config: *openstack_config |
| agent_config: |
| user: { get_input: agent_user } |
| install_method: remote |
| port: 22 |
| key: { get_secret: agent_key_private } |
| server: |
| key_name: '' |
| image: '' |
| flavor: '' |
| management_network_name: { get_property: [ public_network, resource_id ] } |
| interfaces: |
| cloudify.interfaces.lifecycle: |
| create: |
| inputs: |
| args: |
| image: { get_input: image } |
| flavor: { get_input: flavor } |
| userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } |
| relationships: |
| - target: kubernetes_master_port |
| type: cloudify.openstack.server_connected_to_port |
| - type: cloudify.relationships.depends_on |
| target: cloudify_host_cloud_config |
| |
| kubernetes_node_host: |
| type: cloudify.openstack.nodes.Server |
| properties: |
| openstack_config: *openstack_config |
| agent_config: |
| user: { get_input: agent_user } |
| install_method: remote |
| port: 22 |
| key: { get_secret: agent_key_private } |
| server: |
| key_name: '' |
| image: '' |
| flavor: '' |
| management_network_name: { get_property: [ private_network, resource_id ] } |
| relationships: |
| - type: cloudify.relationships.contained_in |
| target: k8s_node_scaling_tier |
| - target: kubernetes_node_port |
| type: cloudify.openstack.server_connected_to_port |
| interfaces: |
| cloudify.interfaces.lifecycle: |
| create: |
| inputs: |
| args: |
| image: { get_input: image } |
| flavor: { get_input: flavor } |
| userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } |
| cloudify.interfaces.monitoring_agent: |
| install: |
| implementation: diamond.diamond_agent.tasks.install |
| inputs: |
| diamond_config: |
| interval: 1 |
| start: diamond.diamond_agent.tasks.start |
| stop: diamond.diamond_agent.tasks.stop |
| uninstall: diamond.diamond_agent.tasks.uninstall |
| cloudify.interfaces.monitoring: |
| start: |
| implementation: diamond.diamond_agent.tasks.add_collectors |
| inputs: |
| collectors_config: |
| CPUCollector: {} |
| MemoryCollector: {} |
| LoadAverageCollector: {} |
| DiskUsageCollector: |
| config: |
| devices: x?vd[a-z]+[0-9]*$ |
| NetworkCollector: {} |
| ProcessResourcesCollector: |
| config: |
| enabled: true |
| unit: B |
| measure_collector_time: true |
| cpu_interval: 0.5 |
| process: |
| hyperkube: |
| name: hyperkube |
| |
| kubernetes_security_group: |
| type: cloudify.openstack.nodes.SecurityGroup |
| properties: |
| openstack_config: *openstack_config |
| security_group: |
| name: kubernetes_security_group |
| description: kubernetes master security group |
| rules: |
| - remote_ip_prefix: 0.0.0.0/0 |
| port_range_min: 1 |
| port_range_max: 65535 |
| protocol: tcp |
| direction: ingress |
| ethertype: IPv4 |
| - remote_ip_prefix: 0.0.0.0/0 |
| port_range_min: 1 |
| port_range_max: 65535 |
| protocol: tcp |
| direction: egress |
| ethertype: IPv4 |
| - remote_ip_prefix: 0.0.0.0/0 |
| port_range_min: 1 |
| port_range_max: 65535 |
| protocol: udp |
| direction: ingress |
| ethertype: IPv4 |
| - remote_ip_prefix: 0.0.0.0/0 |
| port_range_min: 1 |
| port_range_max: 65535 |
| protocol: udp |
| direction: egress |
| ethertype: IPv4 |
| |
| kubernetes_master_port: |
| type: cloudify.openstack.nodes.Port |
| properties: |
| openstack_config: *openstack_config |
| relationships: |
| - type: cloudify.relationships.contained_in |
| target: public_network |
| - type: cloudify.relationships.depends_on |
| target: public_subnet |
| - type: cloudify.openstack.port_connected_to_security_group |
| target: kubernetes_security_group |
| - type: cloudify.openstack.port_connected_to_floating_ip |
| target: kubernetes_master_ip |
| |
| kubernetes_node_port: |
| type: cloudify.openstack.nodes.Port |
| properties: |
| openstack_config: *openstack_config |
| relationships: |
| - type: cloudify.relationships.contained_in |
| target: k8s_node_scaling_tier |
| - type: cloudify.relationships.connected_to |
| target: private_network |
| - type: cloudify.relationships.depends_on |
| target: private_subnet |
| - type: cloudify.openstack.port_connected_to_security_group |
| target: kubernetes_security_group |
| |
| private_subnet: |
| type: cloudify.openstack.nodes.Subnet |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: private_subnet_name } |
| relationships: |
| - target: private_network |
| type: cloudify.relationships.contained_in |
| |
| private_network: |
| type: cloudify.openstack.nodes.Network |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: private_network_name } |
| |
| public_subnet: |
| type: cloudify.openstack.nodes.Subnet |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: public_subnet_name } |
| relationships: |
| - target: public_network |
| type: cloudify.relationships.contained_in |
| - target: router |
| type: cloudify.openstack.subnet_connected_to_router |
| |
| public_network: |
| type: cloudify.openstack.nodes.Network |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: public_network_name } |
| |
| router: |
| type: cloudify.openstack.nodes.Router |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: router_name } |
| relationships: |
| - target: external_network |
| type: cloudify.relationships.connected_to |
| |
| external_network: |
| type: cloudify.openstack.nodes.Network |
| properties: |
| openstack_config: *openstack_config |
| use_external_resource: true |
| resource_id: { get_secret: external_network_name } |
| |
| k8s_node_scaling_tier: |
| type: cloudify.nodes.Root |
| |
| kubernetes_master_ip: |
| type: cloudify.openstack.nodes.FloatingIP |
| properties: |
| openstack_config: *openstack_config |
| floatingip: |
| floating_network_name: { get_property: [ external_network, resource_id ] } |
| |
| groups: |
| |
| k8s_node_group: |
| members: |
| - kubernetes_node_host |
| - kubernetes_node_port |
| |
| policies: |
| |
| kubernetes_node_vms_scaling_policy: |
| type: cloudify.policies.scaling |
| properties: |
| default_instances: 6 |
| targets: [k8s_node_group] |
| |
| outputs: |
| |
| kubernetes_master_public_ip: |
| value: { get_attribute: [ kubernetes_master_ip, floating_ip_address ] } |