diff options
Diffstat (limited to 'reference_templates/DockerBP.yaml-template')
-rw-r--r-- | reference_templates/DockerBP.yaml-template | 345 |
1 files changed, 345 insertions, 0 deletions
diff --git a/reference_templates/DockerBP.yaml-template b/reference_templates/DockerBP.yaml-template new file mode 100644 index 0000000..e655063 --- /dev/null +++ b/reference_templates/DockerBP.yaml-template @@ -0,0 +1,345 @@ +# -*- indent-tabs-mode: nil -*- # vi: set expandtab: +# +# ============LICENSE_START==================================================== +# org.onap.dcae +# ============================================================================= +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# ============================================================================= +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END====================================================== + +tosca_definitions_version: cloudify_dsl_1_3 + +imports: + - http://www.getcloudify.org/spec/cloudify/3.4/types.yaml + - http://www.getcloudify.org/spec/openstack-plugin/1.4/plugin.yaml + - http://www.getcloudify.org/spec/fabric-plugin/1.4.1/plugin.yaml + - {{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk_platform_plugins_releases }}/type_files/dnsdesig/dns_types.yaml + - {{ ONAPTEMPLATE_RAWREPOURL_org_onap_ccsdk_platform_plugins_releases }}/type_files/sshkeyshare/sshkey_types.yaml + - {{ ONAPTEMPLATE_RAWREPOURL_org_onap_dcaegen2_platform_plugins_releases }}/relationshipplugin/1.0.0/relationshipplugin_types.yaml + - {{ ONAPTEMPLATE_RAWREPOURL_org_onap_dcaegen2_platform_plugins_releases }}/type_files/dockerplugin/2/dockerplugin_types.yaml + + + +inputs: + registered_dockerhost_name: + description: the name that this Dockerhost is registered as + location_id: + description: the location ID for the location where the Docker hsot is being deployed + type: string + target_datacenter: + description: |- + This is the name of the target Consul datacenter that the docker host will try to join + type: string + registrator_image: + description: |- + Full uri to registrator Docker image. Note! You should be using the forked version of + registrator in order to have Consul health checks for Docker containers. + type: string + centos7image_id: + type: string + default: '' + ubuntu1604image_id: + type: string + flavor_id: + type: string + security_group: + type: string + public_net: + type: string + private_net: + type: string + openstack: {} + keypair: + type: string + location_prefix: + type: string + location_domain: + type: string + node_name: + description: Used to construct the fqdn of the docker host + type: string + default: dokr00 + key_filename: + type: string + codesource_url: + type: string + codesource_version: + type: string + vm_init_dokr_00: + type: string + default: |- + #!/bin/sh + set -x + DATACENTER= + vm_init_dokr_01: + type: string + default: |- + REGNAME= + vm_init_dokr_fqdn: + type: string + description: |- + The FQDN environment variable is to be used in the cloud init script for the Docker host. + This is to be applied as metadata on the Consul node for the Docker host under the key + "fqdn". + default: |- + FQDN= + vm_init_dokr_service_tags: + type: string + description: |- + Environment variable assigned to a list of strings that are to be used as tags to label + the docker host. These tags are used when registering the docker host as a service in + Consul. The format of this input parameter is a string that is a shell script variable + assignment of the variable SERVICE_TAGS. It must be either null or a json array of strings. + Here is a valid example of when the value is a json array: + + 'SERVICE_TAGS="[\"foo\", \"bar\"]"' + + Note how the double quotes per array element are escaped. + default: "SERVICE_TAGS=null" + vm_init_dokr_02: + type: string + default: | + MYIP=`wget -qO- http://169.254.169.254/2009-04-04/meta-data/local-ipv4` + while [ -z "$MYPUB" ]; do + MYPUB=`wget -qO- http://169.254.169.254/2009-04-04/meta-data/public-ipv4` + sleep 5 + done + echo "My public IP: $MYPUB" + MYNAME=`hostname` + echo >>/etc/hosts + echo $MYIP $MYNAME >>/etc/hosts + + # Grab nameservers to be used to setup recursors for Consul + cat <<EOF > /tmp/grab_nameservers.py + with open("/etc/resolv.conf", "r") as f: + nss = [line.split(" ")[1].strip() for line in f.readlines() if line.startswith("nameserver")] + print("[\"{0}\"]".format("\",\"".join(nss))) + EOF + NAMESERVERS=$(python3 /tmp/grab_nameservers.py) + + mkdir -p /opt/consul/config /opt/consul/data /opt/consul/bin + # Download Consul from Nexus + apt-get update + DEBIAN_FRONTEND=noninteractive apt-get install -y -q unzip + CONSUL_BIN_DIR=/opt/consul/bin + curl -Ss https://releases.hashicorp.com/consul/0.8.3/consul_0.8.3_linux_amd64.zip > $CONSUL_BIN_DIR/consul_0.8.3_linux_amd64.zip + unzip $CONSUL_BIN_DIR/consul_0.8.3_linux_amd64.zip -d $CONSUL_BIN_DIR + # NOTE: The health check for the docker host is a simple existence look up for + # registrator (name is hardcoded). It does not check if registrator is running. + # This would require a script health check which means we might need to turn on + # "enable_script_check". + # NOTE: At the time of this change, there is no issue but there could be a + # chicken-and-egg issue where the health check might depend upon future downstream + # nodes (registrator) that downstream node requires a *healthy* docker host. + cat <<EOF > /opt/consul/config/consul.json + { + "bind_addr" : "0.0.0.0", + "client_addr" : "0.0.0.0", + "advertise_addr" : "$MYIP", + "data_dir" : "/opt/consul/data", + "datacenter": "$DATACENTER", + "http_api_response_headers": { + "Access-Control-Allow-Origin" : "*" + }, + "rejoin_after_leave": true, + "server": false, + "ui": false, + "enable_syslog": true, + "log_level": "info", + "ports": { + "dns": 53 + }, + "recursors": $NAMESERVERS, + "service" : { + "id": "$REGNAME", + "name": "$REGNAME", + "address": "$MYPUB", + "port": 2376, + "tags": $SERVICE_TAGS, + "checks": [ + { + "http": "http://$MYPUB:2376/containers/registrator/json", + "interval": "30s" + } + ] + }, + "node_meta": { + "fqdn": "$FQDN" + } + } + EOF + + # Specify DOCKER_HOST environment variable to support healthchecks for Docker containers + # in Consul. Tried using the local unix socket but that did not work (possible bug in Consul) + # so forcing to use the http connection to Docker engine. + cat <<EOF > /lib/systemd/system/consul.service + [Unit] + Description=Consul + Requires=network-online.target + After=network.target + [Service] + Type=simple + Environment=DOCKER_HOST=tcp://localhost:2376 + ExecStart=/opt/consul/bin/consul agent -config-dir=/opt/consul/config + ExecReload=/bin/kill -HUP \$MAINPID + [Install] + WantedBy=multi-user.target + EOF + systemctl enable consul + systemctl start consul + until /opt/consul/bin/consul join "cloudify-manager-${DATACENTER}" + do + echo Waiting to join Consul cluster + sleep 60 + done + + DEBIAN_FRONTEND=noninteractive apt-get install -y -q linux-image-extra-`uname -r` linux-image-extra-virtual apparmor dirmngr + DEBIAN_FRONTEND=noninteractive apt-get install -y -q docker.io + echo 'DOCKER_OPTS="--raw-logs -H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock"' >>/etc/default/docker + systemctl restart docker +node_templates: + key_pair: + type: cloudify.openstack.nodes.KeyPair + properties: + private_key_path: { get_input: key_filename } + use_external_resource: True + resource_id: { get_input: keypair } + openstack_config: &open_conf + get_input: openstack + private_net: + type: cloudify.openstack.nodes.Network + properties: + use_external_resource: True + resource_id: { get_input: private_net } + openstack_config: *open_conf + security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + use_external_resource: True + resource_id: { get_input: security_group } + openstack_config: *open_conf + fixedip_dokr00: + type: cloudify.openstack.nodes.Port + properties: + port: + extra_dhcp_opts: + - opt_name: 'domain-name' + opt_value: { get_input: location_domain } + openstack_config: *open_conf + relationships: + - type: cloudify.relationships.contained_in + target: private_net + floatingip_dokr00: + type: cloudify.openstack.nodes.FloatingIP + properties: + openstack_config: *open_conf + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + args: + floating_network_name: { get_input: public_net } + dns_dokr00: + type: ccsdk.nodes.dns.arecord + properties: + fqdn: { concat: [ { get_input: location_prefix }, { get_input: node_name }, '.', { get_input: location_domain } ] } + openstack: *open_conf + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + args: + ip_addresses: + - { get_attribute: [ floatingip_dokr00, floating_ip_address ] } + relationships: + - type: cloudify.relationships.depends_on + target: floatingip_dokr00 + host_dokr00: + type: cloudify.openstack.nodes.Server + properties: + install_agent: false + image: { get_input: ubuntu1604image_id } + flavor: { get_input: flavor_id } + management_network_name: { get_input: private_net } + openstack_config: *open_conf + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + args: + name: { concat: [ { get_input: location_prefix }, { get_input: node_name }] } + userdata: + concat: + - { get_input: vm_init_dokr_00 } + - { get_input: target_datacenter } + - |+ + + - { get_input: vm_init_dokr_01 } + - { get_input: registered_dockerhost_name } + - |+ + + - { get_input: vm_init_dokr_fqdn } + - { get_property: [ dns_dokr00, fqdn ] } + - |+ + + - { get_input: vm_init_dokr_service_tags } + - |+ + + - { get_input: vm_init_dokr_02 } + relationships: + - type: cloudify.openstack.server_connected_to_port + target: fixedip_dokr00 + - type: cloudify.openstack.server_connected_to_security_group + target: security_group + - type: cloudify.openstack.server_connected_to_floating_ip + target: floatingip_dokr00 + - type: cloudify.openstack.server_connected_to_keypair + target: key_pair + - type: cloudify.relationships.depends_on + target: dns_dokr00 + + registrator: + type: dcae.nodes.DockerContainer + properties: + name: + 'registrator' + image: + { get_input: registrator_image } + relationships: + - type: dcae.relationships.component_contained_in + target: docker_host + interfaces: + cloudify.interfaces.lifecycle: + start: + inputs: + envs: + EXTERNAL_IP: + get_attribute: [ floatingip_dokr00, floating_ip_address ] + volumes: + - host: + path: '/var/run/docker.sock' + container: + bind: '/tmp/docker.sock' + mode: 'ro' + + docker_host: + type: dcae.nodes.SelectedDockerHost + properties: + location_id: + { get_input: location_id } + docker_host_override: + { get_input: registered_dockerhost_name } + relationships: + - type: cloudify.relationships.depends_on #this is to avoid a race condition + target: host_dokr00 |