blob: 3219791c0d80fc362dd3ac106b59d8cb897e56c8 [file] [log] [blame]
Jun Hu9e45abc2018-01-17 17:07:36 -05001# ============LICENSE_START==========================================
2# ===================================================================
Jun (Nicolas) Hu8cbcb302018-02-21 14:18:44 -05003# Copyright (c) 2017 AT&T
Jun Hu9e45abc2018-01-17 17:07:36 -05004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16#============LICENSE_END============================================
17
18tosca_definitions_version: cloudify_dsl_1_3
19
20description: >
21 This blueprint creates a Kubernetes Cluster.
22 It is based on this documentation: https://kubernetes.io/docs/getting-started-guides/kubeadm/
23
24imports:
25 - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.1/resources/rest-service/cloudify/types/types.yaml
26 - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-openstack-plugin/2.2.0/plugin.yaml
27 - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.2.5/plugin.yaml
28 - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-fabric-plugin/1.5/plugin.yaml
29 - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-diamond-plugin/1.3.5/plugin.yaml
30 - imports/cloud-config.yaml
31 - imports/kubernetes.yaml
32
33inputs:
34
35 image:
36 description: Image to be used when launching agent VMs
37 default: { get_secret: centos_core_image }
38
39 flavor:
40 description: Flavor of the agent VMs
41 default: { get_secret: large_image_flavor }
42
43 agent_user:
44 description: >
45 User for connecting to agent VMs
46 default: centos
47
Hong Guan8ba58622018-02-22 10:54:22 -050048 helm_version:
49 description: helm version to be installed
50 default: v2.7.0
51
Jun Hu9e45abc2018-01-17 17:07:36 -050052dsl_definitions:
53
54 openstack_config: &openstack_config
55 username: { get_secret: keystone_username }
56 password: { get_secret: keystone_password }
57 tenant_name: { get_secret: keystone_tenant_name }
58 auth_url: { get_secret: keystone_url }
59 region: { get_secret: region }
60
61node_templates:
62
63 nfs_server:
64 type: cloudify.nodes.SoftwareComponent
65 properties:
66 interfaces:
67 cloudify.interfaces.lifecycle:
68 start:
69 implementation: fabric.fabric_plugin.tasks.run_script
70 inputs:
71 script_path: scripts/nfs.sh
72 use_sudo: true
73 process:
74 args:
75 fabric_env:
76 host_string: { get_attribute: [ kubernetes_master_host, ip ] }
77 user: { get_input: agent_user }
78 key: { get_secret: agent_key_private }
79 relationships:
80 - type: cloudify.relationships.contained_in
81 target: kubernetes_master_host
82
Hong Guan8ba58622018-02-22 10:54:22 -050083 k8s_tools:
84 type: cloudify.nodes.SoftwareComponent
85 properties:
86 interfaces:
87 cloudify.interfaces.lifecycle:
88 start:
89 implementation: fabric.fabric_plugin.tasks.run_script
90 inputs:
91 script_path: scripts/k8s_tools.sh
92 process:
93 args: [{ get_input: helm_version }]
94 fabric_env:
95 host_string: { get_attribute: [ kubernetes_master_host, ip ] }
96 user: { get_input: agent_user }
97 key: { get_secret: agent_key_private }
98 relationships:
99 - type: cloudify.relationships.contained_in
100 target: kubernetes_master
101
Jun Hu9e45abc2018-01-17 17:07:36 -0500102 kubernetes_master_host:
103 type: cloudify.openstack.nodes.Server
104 properties:
105 openstack_config: *openstack_config
106 agent_config:
107 user: { get_input: agent_user }
108 install_method: remote
109 port: 22
110 key: { get_secret: agent_key_private }
111 server:
112 key_name: ''
113 image: ''
114 flavor: ''
115 management_network_name: { get_property: [ public_network, resource_id ] }
116 interfaces:
117 cloudify.interfaces.lifecycle:
118 create:
119 inputs:
120 args:
121 image: { get_input: image }
122 flavor: { get_input: flavor }
123 userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] }
124 relationships:
125 - target: kubernetes_master_port
126 type: cloudify.openstack.server_connected_to_port
127 - type: cloudify.relationships.depends_on
128 target: cloudify_host_cloud_config
129
130 kubernetes_node_host:
131 type: cloudify.openstack.nodes.Server
132 properties:
133 openstack_config: *openstack_config
134 agent_config:
135 user: { get_input: agent_user }
136 install_method: remote
137 port: 22
138 key: { get_secret: agent_key_private }
139 server:
140 key_name: ''
141 image: ''
142 flavor: ''
143 management_network_name: { get_property: [ private_network, resource_id ] }
144 relationships:
145 - type: cloudify.relationships.contained_in
146 target: k8s_node_scaling_tier
147 - target: kubernetes_node_port
148 type: cloudify.openstack.server_connected_to_port
149 interfaces:
150 cloudify.interfaces.lifecycle:
151 create:
152 inputs:
153 args:
154 image: { get_input: image }
155 flavor: { get_input: flavor }
156 userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] }
157 cloudify.interfaces.monitoring_agent:
158 install:
159 implementation: diamond.diamond_agent.tasks.install
160 inputs:
161 diamond_config:
162 interval: 1
163 start: diamond.diamond_agent.tasks.start
164 stop: diamond.diamond_agent.tasks.stop
165 uninstall: diamond.diamond_agent.tasks.uninstall
166 cloudify.interfaces.monitoring:
167 start:
168 implementation: diamond.diamond_agent.tasks.add_collectors
169 inputs:
170 collectors_config:
171 CPUCollector: {}
172 MemoryCollector: {}
173 LoadAverageCollector: {}
174 DiskUsageCollector:
175 config:
176 devices: x?vd[a-z]+[0-9]*$
177 NetworkCollector: {}
178 ProcessResourcesCollector:
179 config:
180 enabled: true
181 unit: B
182 measure_collector_time: true
183 cpu_interval: 0.5
184 process:
185 hyperkube:
186 name: hyperkube
187
188 kubernetes_security_group:
189 type: cloudify.openstack.nodes.SecurityGroup
190 properties:
191 openstack_config: *openstack_config
192 security_group:
193 name: kubernetes_security_group
194 description: kubernetes master security group
195 rules:
196 - remote_ip_prefix: 0.0.0.0/0
197 port_range_min: 1
198 port_range_max: 65535
199 protocol: tcp
200 direction: ingress
201 ethertype: IPv4
202 - remote_ip_prefix: 0.0.0.0/0
203 port_range_min: 1
204 port_range_max: 65535
205 protocol: tcp
206 direction: egress
207 ethertype: IPv4
208 - remote_ip_prefix: 0.0.0.0/0
209 port_range_min: 1
210 port_range_max: 65535
211 protocol: udp
212 direction: ingress
213 ethertype: IPv4
214 - remote_ip_prefix: 0.0.0.0/0
215 port_range_min: 1
216 port_range_max: 65535
217 protocol: udp
218 direction: egress
219 ethertype: IPv4
220
221 kubernetes_master_port:
222 type: cloudify.openstack.nodes.Port
223 properties:
224 openstack_config: *openstack_config
225 relationships:
226 - type: cloudify.relationships.contained_in
227 target: public_network
228 - type: cloudify.relationships.depends_on
229 target: public_subnet
230 - type: cloudify.openstack.port_connected_to_security_group
231 target: kubernetes_security_group
232 - type: cloudify.openstack.port_connected_to_floating_ip
233 target: kubernetes_master_ip
234
235 kubernetes_node_port:
236 type: cloudify.openstack.nodes.Port
237 properties:
238 openstack_config: *openstack_config
239 relationships:
240 - type: cloudify.relationships.contained_in
241 target: k8s_node_scaling_tier
242 - type: cloudify.relationships.connected_to
243 target: private_network
244 - type: cloudify.relationships.depends_on
245 target: private_subnet
246 - type: cloudify.openstack.port_connected_to_security_group
247 target: kubernetes_security_group
248
249 private_subnet:
250 type: cloudify.openstack.nodes.Subnet
251 properties:
252 openstack_config: *openstack_config
253 use_external_resource: true
254 resource_id: { get_secret: private_subnet_name }
255 relationships:
256 - target: private_network
257 type: cloudify.relationships.contained_in
258
259 private_network:
260 type: cloudify.openstack.nodes.Network
261 properties:
262 openstack_config: *openstack_config
263 use_external_resource: true
264 resource_id: { get_secret: private_network_name }
265
266 public_subnet:
267 type: cloudify.openstack.nodes.Subnet
268 properties:
269 openstack_config: *openstack_config
270 use_external_resource: true
271 resource_id: { get_secret: public_subnet_name }
272 relationships:
273 - target: public_network
274 type: cloudify.relationships.contained_in
275 - target: router
276 type: cloudify.openstack.subnet_connected_to_router
277
278 public_network:
279 type: cloudify.openstack.nodes.Network
280 properties:
281 openstack_config: *openstack_config
282 use_external_resource: true
283 resource_id: { get_secret: public_network_name }
284
285 router:
286 type: cloudify.openstack.nodes.Router
287 properties:
288 openstack_config: *openstack_config
289 use_external_resource: true
290 resource_id: { get_secret: router_name }
291 relationships:
292 - target: external_network
293 type: cloudify.relationships.connected_to
294
295 external_network:
296 type: cloudify.openstack.nodes.Network
297 properties:
298 openstack_config: *openstack_config
299 use_external_resource: true
300 resource_id: { get_secret: external_network_name }
301
302 k8s_node_scaling_tier:
303 type: cloudify.nodes.Root
304
305 kubernetes_master_ip:
306 type: cloudify.openstack.nodes.FloatingIP
307 properties:
308 openstack_config: *openstack_config
309 floatingip:
310 floating_network_name: { get_property: [ external_network, resource_id ] }
311
312groups:
313
314 k8s_node_group:
315 members:
316 - kubernetes_node_host
317 - kubernetes_node_port
318
319policies:
320
321 kubernetes_node_vms_scaling_policy:
322 type: cloudify.policies.scaling
323 properties:
324 default_instances: 6
325 targets: [k8s_node_group]
326
327outputs:
328
329 kubernetes_master_public_ip:
330 value: { get_attribute: [ kubernetes_master_ip, floating_ip_address ] }