diff options
| author |   mrichomme <morgan.richomme@orange.com> | 2019-04-26 11:27:05 +0200 |
|---|---|---|
| committer | mrichomme <morgan.richomme@orange.com> | 2019-04-26 11:27:05 +0200 |
| commit | c194953d5477fc069cba1e115c237bb0d163db30 (patch) | |
| tree | dbcaa0fa9cee01394a8230fd00a41c259e09807c | |
| parent | e3dd7c24232b7060500fee8805416551fe98c92e (diff) | |
Add vIMS heat template in demo repository
this use case is used in OOM gating End to End non regression tests
in addition to the healthcheck robot test cases
Issue-ID: INT-1049
Change-Id: I37b0c91ea5295c2d16973ea25a364e71ecb569a3
Signed-off-by: mrichomme <morgan.richomme@orange.com>
| -rw-r--r-- | heat/vIMS/README | 24 | ||||
| -rw-r--r-- | heat/vIMS/base_clearwater.env | 35 | ||||
| -rw-r--r-- | heat/vIMS/base_clearwater.yaml | 421 | ||||
| -rw-r--r-- | heat/vIMS/bono.yaml | 234 | ||||
| -rw-r--r-- | heat/vIMS/dime.yaml | 225 | ||||
| -rw-r--r-- | heat/vIMS/dns.yaml | 204 | ||||
| -rw-r--r-- | heat/vIMS/ellis.yaml | 282 | ||||
| -rw-r--r-- | heat/vIMS/homer.yaml | 223 | ||||
| -rw-r--r-- | heat/vIMS/sprout.yaml | 252 | ||||
| -rw-r--r-- | heat/vIMS/vellum.yaml | 227 |
10 files changed, 2127 insertions, 0 deletions
diff --git a/heat/vIMS/README b/heat/vIMS/README new file mode 100644 index 00000000..37d05ce5 --- /dev/null +++ b/heat/vIMS/README @@ -0,0 +1,24 @@ +This heat template allows the deployement of the clearwater vIMS [1], +a fully functional open source vIMS solution. + +The current heat template is derivated from the heat templates published +by Metaswitch [2]. +Initial templates have been adapted to be VVP compliant (they are tested +through VVP linting in onap-tests repository [3]) + +These templates still require Ubuntu 14.04 as base image and would need some +adaptations to be upgraded with more recent ubuntu base images to perform +the userdata part at boot. + +They are integrated in Orange Openlab onap-tests CI chains and part of +the non regression end to end tests used at ONAP gating for OOM [4] [5]. + +It has been succesfully tested on ONAP Beijing, Casablanca and Master. + +Contacts: morgan.richomme AT orange.com + +[1]: https://www.projectclearwater.org/ +[2]: https://github.com/Metaswitch/clearwater-heat +[3]: https://gitlab.com/Orange-OpenSource/lfn/onap/onap-tests +[4]: https://gitlab.com/Orange-OpenSource/lfn/onap/xtesting-onap +[5]: https://wiki.onap.org/display/DW/OOM+Gating diff --git a/heat/vIMS/base_clearwater.env b/heat/vIMS/base_clearwater.env new file mode 100644 index 00000000..07b5412a --- /dev/null +++ b/heat/vIMS/base_clearwater.env @@ -0,0 +1,35 @@ +parameters: +# Metadata required by ONAP + vnf_name: vIMS + vf_module_id: "654321" + vnf_id: "123456" + +# Server parameters, naming required by ONAP + bono_flavor_name: "onap.medium" + bono_image_name: "ubuntu-14.04-daily" + dime_flavor_name: "onap.medium" + dime_image_name: "ubuntu-14.04-daily" + dns_flavor_name: "onap.medium" + dns_image_name: "ubuntu-14.04-daily" + ellis_flavor_name: "onap.medium" + ellis_image_name: "ubuntu-14.04-daily" + homer_flavor_name: "onap.medium" + homer_image_name: "ubuntu-14.04-daily" + robot_flavor_name: "onap.medium" + robot_image_name: "ubuntu-14.04-daily" + sprout_flavor_name: "onap.medium" + sprout_image_name: "ubuntu-14.04-daily" + vellum_flavor_name: "onap.medium" + vellum_image_name: "ubuntu-14.04-daily" + +# Network parameters, naming required by ONAP + admin_plane_net_name: "admin" + +# Additional parameters + clearwater_key_name: vims_demo + clearwater_pub_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDY15cdBmIs2XOpe4EiFCsaY6bmUmK/GysMoLl4UG51JCfJwvwoWCoA+6mDIbymZxhxq9IGxilp/yTA6WQ9s/5pBag1cUMJmFuda9PjOkXl04jgqh5tR6I+GZ97AvCg93KAECis5ubSqw1xOCj4utfEUtPoF1OuzqM/lE5mY4N6VKXn+fT7pCD6cifBEs6JHhVNvs5OLLp/tO8Pa3kKYQOdyS0xc3rh+t2lrzvKUSWGZbX+dLiFiEpjsUL3tDqzkEMNUn4pdv69OJuzWHCxRWPfdrY9Wg0j3mJesP29EBht+w+EC9/kBKq+1VKdmsXUXAcjEvjovVL8l1BrX3BY0R8D imported-openssh-key + repo_url: "http://repo.cw-ngv.com/stable" + dnssec_key: "9FPdYTWhk5+LbhrqtTPQKw==" + dn_range_length: "10000" + dn_range_start: "2425550000" + zone: "vimstest.onap.org" diff --git a/heat/vIMS/base_clearwater.yaml b/heat/vIMS/base_clearwater.yaml new file mode 100644 index 00000000..f290a719 --- /dev/null +++ b/heat/vIMS/base_clearwater.yaml @@ -0,0 +1,421 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2015-04-30 + +description: > + Base Project Clearwater Nazgul deployment on ONAP (Open Network Automation Platform) + +parameters: +# Metadata required by ONAP + vnf_name: + type: string + label: VNF name + description: Unique name for this VNF instance + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + +# flavor parameters, naming required by ONAP + bono_flavor_name: + type: string + description: VM flavor for bono VMs + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + sprout_flavor_name: + type: string + description: VM flavor for sprout VMs + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + vellum_flavor_name: + type: string + description: VM flavor for homestead VMs + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + homer_flavor_name: + type: string + description: VM flavor for homer VMs + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + dime_flavor_name: + type: string + description: VM flavor for dime VMs + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + ellis_flavor_name: + type: string + description: VM flavor for ellis VM + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + dns_flavor_name: + type: string + description: VM flavor for dns VM + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + robot_flavor_name: + type: string + description: VM flavor for robot_test VM + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + +# image parameters, naming required by ONAP + bono_image_name: + type: string + description: Name of image for bono VMs + sprout_image_name: + type: string + description: Name of image for sprout VMs + vellum_image_name: + type: string + description: Name of image for homestead VMs + homer_image_name: + type: string + description: Name of image for homer VMs + dime_image_name: + type: string + description: Name of image for dime VMs + ellis_image_name: + type: string + description: Name of image for ellis VM + dns_image_name: + type: string + description: Name of image for dns VMs + robot_image_name: + type: string + description: Name of image for robot_test VMs + +# overall clearwater parameters, naming required by ONAP + clearwater_key_name: + type: string + label: openSSH Key name + description: openSSH key name + clearwater_pub_key: + type: string + label: Public key + description: Public key to be installed on the compute instance + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dn_range_start: + type: string + description: First directory number in pool + constraints: + - allowed_pattern: "[0-9]+" + description: Must be numeric + dn_range_length: + type: string + description: Number of directory numbers to add to pool + constraints: + - allowed_pattern: "[0-9]+" + description: Must be numeric + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded +# names parameters + bono_name_0: + type: string + description: The VM name + sprout_name_0: + type: string + description: The VM name + vellum_name_0: + type: string + description: The VM name + homer_name_0: + type: string + description: The VM name + dime_name_0: + type: string + description: The VM name + ellis_name_0: + type: string + description: The VM name + dns_name_0: + type: string + description: The VM name + + +# Network parameters, naming required by ONAP + admin_plane_net_name: + type: string + label: external management network + description: The external management network + + +resources: + + clearwater_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + clearwater_instantiated_key_name: + type: OS::Nova::KeyPair + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: key_ + base: { get_param: vnf_name } + rand: { get_resource: clearwater_random_str } + public_key: { get_param: clearwater_pub_key } + save_private_key: false + + dns: + type: dns.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + dns_flavor_name: { get_param: dns_flavor_name } + dns_image_name: { get_param: dns_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + zone: { get_param: zone } + dnssec_key: { get_param: dnssec_key } + dns_name_0: { get_param: dns_name_0 } + + + ellis: + type: ellis.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + ellis_flavor_name: { get_param: ellis_flavor_name } + ellis_image_name: { get_param: ellis_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dn_range_start: { get_param: dn_range_start } + dn_range_length: { get_param: dn_range_length } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: "" #for ellis etcd_ip is empty + ellis_name_0: { get_param: ellis_name_0 } + + bono: + type: bono.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + bono_flavor_name: { get_param: bono_flavor_name } + bono_image_name: { get_param: bono_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: { get_attr: [ ellis, ellis_ip ] } + bono_name_0: { get_param: bono_name_0 } + + sprout: + type: sprout.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + sprout_flavor_name: { get_param: sprout_flavor_name } + sprout_image_name: { get_param: sprout_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: { get_attr: [ ellis, ellis_ip ] } + sprout_name_0: { get_param: sprout_name_0 } + + + homer: + type: homer.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + homer_flavor_name: { get_param: homer_flavor_name } + homer_image_name: { get_param: homer_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: { get_attr: [ ellis, ellis_ip ] } + homer_name_0: { get_param: homer_name_0 } + + vellum: + type: vellum.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + vellum_flavor_name: { get_param: vellum_flavor_name } + vellum_image_name: { get_param: vellum_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: { get_attr: [ ellis, ellis_ip ] } + vellum_name_0: { get_param: vellum_name_0 } + + dime: + type: dime.yaml + properties: + vnf_id: { get_param: vnf_id } + vf_module_id: { get_param: vf_module_id } + vnf_name: { get_param: vnf_name } + public_net_id: { get_param: admin_plane_net_name } + dime_flavor_name: { get_param: dime_flavor_name } + dime_image_name: { get_param: dime_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + repo_url: { get_param: repo_url } + zone: { get_param: zone } + dns_ip: { get_attr: [ dns, dns_ip ] } + dnssec_key: { get_param: dnssec_key } + etcd_ip: { get_attr: [ ellis, ellis_ip ] } + dime_name_0: { get_param: dime_name_0 } + + robot_0_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: robot_sg_ + base: { get_param: vnf_name } + rand: { get_resource: clearwater_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 443, port_range_max: 443}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + robot_0_admin_plane_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: clearwater_random_str } + network: { get_param: admin_plane_net_name } + security_groups: [{ get_resource: robot_0_security_group }] + + robot_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: robot_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: clearwater_random_str } + flavor: { get_param: robot_flavor_name } + image: { get_param: robot_image_name } + key_name: { get_resource: clearwater_instantiated_key_name } + networks: + - port: { get_resource: robot_0_admin_plane_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __zone__: { get_param: zone } + __DNS_IP_ADDR__: { get_attr: [ dns, dns_ip ] } + + template: | + #!/bin/bash + + ## activate debug + set -x + + ## install 'clearwater-live-test' in ubuntu home directory + ## without this all is installed in root dir + mkdir /home/ubuntu -p + cd /home/ubuntu + + sudo apt-get update + sudo apt-get install build-essential git --yes + curl -sSL https://rvm.io/mpapis.asc | gpg --import - + curl -L https://get.rvm.io | bash -s stable + source /etc/profile.d/rvm.sh + rvm autolibs enable + rvm install 1.9.3 + rvm use 1.9.3 + + git config --global url."https://".insteadOf git:// + git config --global url."https://github.com/Metaswitch".insteadOf "git@github.com:Metaswitch" + git clone -b stable https://github.com/Metaswitch/clearwater-live-test.git --recursive + cd clearwater-live-test + sudo apt-get install bundler --yes + sudo bundle install + + ##update dns + echo "nameserver __DNS_IP_ADDR__" >> /etc/resolvconf/resolv.conf.d/head + resolvconf -u + + echo "To start live-test run: rake test[__zone__] SIGNUP_CODE=secret" + + #rake test[vimstest.onap.org] SIGNUP_CODE=secret PROXY=84.39.37.62 ELLIS=84.39.34.60 diff --git a/heat/vIMS/bono.yaml b/heat/vIMS/bono.yaml new file mode 100644 index 00000000..25a974df --- /dev/null +++ b/heat/vIMS/bono.yaml @@ -0,0 +1,234 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + Clearwater Bono node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + bono_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + bono_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dns_ip: + type: string + description: IP address for DNS server on management network + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + +resources: + + bono_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + bono_Sec_Grp: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: bono_sg_ + base: { get_param: vnf_name } + rand: { get_resource: bono_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 3478, port_range_max: 3478}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 3478, port_range_max: 3478}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 5060, port_range_max: 5060}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 5060, port_range_max: 5060}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 5062, port_range_max: 5062}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 32768, port_range_max: 65535}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 5058, port_range_max: 5058}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + bono_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: bono_admin_ + base: { get_param: vnf_name } + rand: { get_resource: bono_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: bono_Sec_Grp }] + + bono_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: bono_ + base: { get_param: vnf_name } + rand: { get_resource: bono_random_str } + image: { get_param: bono_image_name } + flavor: { get_param: bono_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: bono_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-bono.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + management_local_ip=$PUBLIC_ADDR + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=__index__.bono.__zone__ + etcd_cluster=$etcd_ip + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install bono restund --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add bono-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add __index__.bono.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add __zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add __zone__. 30 NAPTR 0 0 "s" "SIP+D2T" "" _sip._tcp.__zone__. + update add __zone__. 30 NAPTR 0 0 "s" "SIP+D2U" "" _sip._udp.__zone__. + update add _sip._tcp.__zone__. 30 SRV 0 0 5060 __index__.bono.__zone__. + update add _sip._udp.__zone__. 30 SRV 0 0 5060 __index__.bono.__zone__. + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + + +outputs: + bono_ip: + description: IP address in public network + value: { get_attr: [ bono_server_0, networks, { get_param: public_net_id }, 0 ] } diff --git a/heat/vIMS/dime.yaml b/heat/vIMS/dime.yaml new file mode 100644 index 00000000..b86a60dc --- /dev/null +++ b/heat/vIMS/dime.yaml @@ -0,0 +1,225 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + Clearwater dime node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + dime_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + dime_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dns_ip: + type: string + description: IP address for DNS server + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + +resources: + + dime_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + dime_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: dime_sg_ + base: { get_param: vnf_name } + rand: { get_resource: dime_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 8888, port_range_max: 8888}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 8889, port_range_max: 8889}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 10888, port_range_max: 10888}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + dime_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: dime_admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: dime_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: dime_security_group }] + + dime_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: dime_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: dime_random_str } + image: { get_param: dime_image_name } + flavor: { get_param: dime_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: dime_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-dime.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + management_local_ip=$PUBLIC_ADDR + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=dime-__index__.__zone__ + etcd_cluster=$etcd_ip + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install dime clearwater-prov-tools --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add dime-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add dime.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add hs.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add ralf.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + +outputs: + dime_ip: + description: IP address in public network + value: { get_attr: [ dime_server_0, networks, { get_param: public_net_id }, 0 ] } diff --git a/heat/vIMS/dns.yaml b/heat/vIMS/dns.yaml new file mode 100644 index 00000000..0eb0704b --- /dev/null +++ b/heat/vIMS/dns.yaml @@ -0,0 +1,204 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + DNS server exposing dynamic DNS using DNSSEC + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + dns_name_0: + type: string + description: Name of server to use + dns_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + dns_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + zone: + type: string + description: DNS zone + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + +resources: + + dns_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + dns_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: dns_sg_ + base: { get_param: vnf_name } + rand: { get_resource: dns_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 53, port_range_max: 53}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 53, port_range_max: 53}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + dns_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: base_rand + params: + base: dns_admin_port_0 + rand: { get_resource: dns_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: dns_security_group }] + + dns_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: dns_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: dns_random_str } + image: { get_param: dns_image_name } + flavor: { get_param: dns_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: dns_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __zone__: { get_param: zone } + __dnssec_key__: { get_param: dnssec_key } + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-dns.log) 2>&1 + set -x + + # Install BIND. + apt-get update + DEBIAN_FRONTEND=noninteractive apt-get install bind9 --yes + + # Get the IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Update BIND configuration with the specified zone and key. + cat >> /etc/bind/named.conf.local << EOF + key __zone__. {properties + algorithm "HMAC-MD5"; + secret "__dnssec_key__"; + }; + + zone "__zone__" IN { + type master; + file "/var/lib/bind/db.__zone__"; + allow-update { + key __zone__.; + }; + }; + EOF + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Create basic zone configuration. + cat > /var/lib/bind/db.__zone__ << EOF + \$ORIGIN __zone__. + \$TTL 1h + @ IN SOA ns admin\@__zone__. ( $(date +%Y%m%d%H) 1d 2h 1w 30s ) + @ NS ns + ns $(ip2rr $PUBLIC_ADDR) + EOF + chown root:bind /var/lib/bind/db.__zone__ + + # Now that BIND configuration is correct, kick it to reload. + service bind9 reload + + +outputs: + dns_ip: + description: IP address of DNS server + value: { get_attr: [ dns_server_0, networks, { get_param: public_net_id }, 0 ] } + zone: + description: DNS zone + value: { get_param: zone } + dnssec_key: + description: DNSSEC private key (Base64-encoded) + value: { get_param: dnssec_key } diff --git a/heat/vIMS/ellis.yaml b/heat/vIMS/ellis.yaml new file mode 100644 index 00000000..9010c0c8 --- /dev/null +++ b/heat/vIMS/ellis.yaml @@ -0,0 +1,282 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + Clearwater Ellis node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + ellis_name_0: + type: string + description: Name of server to use + ellis_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + ellis_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dn_range_start: + type: string + description: First directory number in pool + constraints: + - allowed_pattern: "[0-9]+" + description: Must be numeric + dn_range_length: + type: string + description: Number of directory numbers to add to pool + constraints: + - allowed_pattern: "[0-9]+" + description: Must be numeric + dns_ip: + type: string + description: IP address for DNS server + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + +resources: + + ellis_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + ellis_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: ellis_sg_ + base: { get_param: vnf_name } + rand: { get_resource: ellis_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 80, port_range_max: 80}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 443, port_range_max: 443}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + ellis_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: ellis_admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: ellis_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: ellis_security_group }] + + ellis_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: ellis_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: ellis_random_str } + image: { get_param: ellis_image_name } + flavor: { get_param: ellis_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: ellis_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dn_range_start__: { get_param: dn_range_start } + __dn_range_length__: { get_param: dn_range_length } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-ellis.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. Add xdms_hostname here to use Homer's management + # hostname instead of signaling. This will override shared_config. This works around + # https://github.com/Metaswitch/ellis/issues/153. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=ellis-__index__.__zone__ + etcd_cluster=$etcd_ip + xdms_hostname=homer-0.__zone__:7888 + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install ellis --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Wait until etcd is up and running before uploading the shared_config + /usr/share/clearwater/clearwater-etcd/scripts/wait_for_etcd + + # Configure and upload /etc/clearwater/shared_config. + cat > /etc/clearwater/shared_config << EOF + # Deployment definitions + home_domain=__zone__ + sprout_hostname=sprout.__zone__ + sprout_registration_store=vellum.__zone__ + hs_hostname=hs.__zone__:8888 + hs_provisioning_hostname=hs.__zone__:8889 + sprout_impi_store=vellum.__zone__ + homestead_impu_store=vellum.__zone__ + ralf_hostname=ralf.__zone__:10888 + ralf_session_store=vellum.__zone__ + xdms_hostname=homer.__zone__:7888 + chronos_hostname=vellum.__zone__ + cassandra_hostname=vellum.__zone__ + + # Email server configuration + smtp_smarthost=localhost + smtp_username=username + smtp_password=password + email_recovery_sender=clearwater@example.org + + # Keys + signup_key=secret + turn_workaround=secret + ellis_api_key=secret + ellis_cookie_key=secret + EOF + sudo /usr/share/clearwater/clearwater-config-manager/scripts/upload_shared_config + + # Allocate a pool of numbers to assign to users. Before we do this, + # restart clearwater-infrastructure to make sure that + # local_settings.py runs to pick up the configuration changes. + service clearwater-infrastructure restart + service ellis stop + /usr/share/clearwater/ellis/env/bin/python /usr/share/clearwater/ellis/src/metaswitch/ellis/tools/create_numbers.py --start __dn_range_start__ --count __dn_range_length__ + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add ellis-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add ellis.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + + +outputs: + ellis_ip: + description: IP address in public network + value: { get_attr: [ ellis_server_0, networks, { get_param: public_net_id }, 0 ] } diff --git a/heat/vIMS/homer.yaml b/heat/vIMS/homer.yaml new file mode 100644 index 00000000..c93a240d --- /dev/null +++ b/heat/vIMS/homer.yaml @@ -0,0 +1,223 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + Clearwater Homer node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + homer_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + homer_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dns_ip: + type: string + description: IP address for DNS server on management network + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + +resources: + + homer_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + homer_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: homer_sg_ + base: { get_param: vnf_name } + rand: { get_resource: homer_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 7888, port_range_max: 7888}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + homer_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: homer_admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: homer_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: homer_security_group }] + + homer_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: homer_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: homer_random_str } + image: { get_param: homer_image_name } + flavor: { get_param: homer_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: homer_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-homer.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + management_local_ip=$PUBLIC_ADDR + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=homer-__index__.__zone__ + etcd_cluster=$etcd_ip + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install homer --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add homer-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add homer.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + + +outputs: + homer_ip: + description: IP address in public network + value: { get_attr: [ homer_server_0, networks, { get_param: public_net_id }, 0 ] } diff --git a/heat/vIMS/sprout.yaml b/heat/vIMS/sprout.yaml new file mode 100644 index 00000000..4a8518f7 --- /dev/null +++ b/heat/vIMS/sprout.yaml @@ -0,0 +1,252 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2014-10-16 + +description: > + Clearwater Sprout node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + sprout_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + sprout_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dns_ip: + type: string + description: IP address for DNS server on network + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + +resources: + + sprout_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + sprout_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: sprout_sg_ + base: { get_param: vnf_name } + rand: { get_resource: sprout_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 5054, port_range_max: 5054}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 5052, port_range_max: 5052}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 9888, port_range_max: 9888}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 443, port_range_max: 443}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + sprout_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: sprout_admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: sprout_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: sprout_security_group }] + + sprout_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: sprout_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: sprout_random_str } + image: { get_param: sprout_image_name } + flavor: { get_param: sprout_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: sprout_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-sprout.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + management_local_ip=$PUBLIC_ADDR + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=__index__.sprout.__zone__ + etcd_cluster=$etcd_ip + EOF + + # Create /etc/chronos/chronos.conf. + mkdir -p /etc/chronos + cat > /etc/chronos/chronos.conf << EOF + [http] + bind-address = $PUBLIC_ADDR + bind-port = 7253 + threads = 50 + + [logging] + folder = /var/log/chronos + level = 2 + + [alarms] + enabled = true + + [exceptions] + max_ttl = 600 + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install sprout --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add sprout-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add __index__.sprout.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add sprout.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add scscf.sprout.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add icscf.sprout.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add sprout.__zone__. 30 NAPTR 0 0 "s" "SIP+D2T" "" _sip._tcp.sprout.__zone__. + update add _sip._tcp.sprout.__zone__. 30 SRV 0 0 5054 __index__.sprout.__zone__. + update add icscf.sprout.__zone__. 30 NAPTR 0 0 "s" "SIP+D2T" "" _sip._tcp.icscf.sprout.__zone__. + update add _sip._tcp.icscf.sprout.__zone__. 30 SRV 0 0 5052 __index__.sprout.__zone__. + update add scscf.sprout.__zone__. 30 NAPTR 0 0 "s" "SIP+D2T" "" _sip._tcp.scscf.sprout.__zone__. + update add _sip._tcp.scscf.sprout.__zone__. 30 SRV 0 0 5054 __index__.sprout.__zone__. + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + +outputs: + sprout_ip: + description: IP address in public network + value: { get_attr: [ sprout_server_0, networks, { get_param: public_net_id }, 0 ] } diff --git a/heat/vIMS/vellum.yaml b/heat/vIMS/vellum.yaml new file mode 100644 index 00000000..ab6329b8 --- /dev/null +++ b/heat/vIMS/vellum.yaml @@ -0,0 +1,227 @@ +# Project Clearwater - IMS in the Cloud +# Copyright (C) 2015 Metaswitch Networks Ltd +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version, along with the "Special Exception" for use of +# the program along with SSL, set forth below. This program is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; +# without even the implied warranty of MERCHANTABILITY or FITNESS FOR +# A PARTICULAR PURPOSE. See the GNU General Public License for more +# details. You should have received a copy of the GNU General Public +# License along with this program. If not, see +# <http://www.gnu.org/licenses/>. +# +# The author can be reached by email at clearwater@metaswitch.com or by +# post at Metaswitch Networks Ltd, 100 Church St, Enfield EN2 6BQ, UK +# +# Special Exception +# Metaswitch Networks Ltd grants you permission to copy, modify, +# propagate, and distribute a work formed by combining OpenSSL with The +# Software, or a work derivative of such a combination, even if such +# copying, modification, propagation, or distribution would otherwise +# violate the terms of the GPL. You must comply with the GPL in all +# respects for all of the code used other than OpenSSL. +# "OpenSSL" means OpenSSL toolkit software distributed by the OpenSSL +# Project and licensed under the OpenSSL Licenses, or a work based on such +# software and licensed under the OpenSSL Licenses. +# "OpenSSL Licenses" means the OpenSSL License and Original SSLeay License +# under which the OpenSSL Project distributes the OpenSSL toolkit software, +# as those licenses appear in the file LICENSE-OPENSSL. + +heat_template_version: 2015-04-30 + +description: > + Clearwater Vellum node + +parameters: + vnf_name: + type: string + label: VNF ID + description: The VNF name provided by ONAP + vnf_id: + type: string + label: VNF ID + description: The VNF ID provided by ONAP + vf_module_id: + type: string + label: VNF module ID + description: The VNF module ID provided by ONAP + public_net_id: + type: string + description: ID of public network + constraints: + - custom_constraint: neutron.network + description: Must be a valid network ID + vellum_flavor_name: + type: string + description: Flavor to use + constraints: + - custom_constraint: nova.flavor + description: Must be a valid flavor name + vellum_image_name: + type: string + description: Name of image to use + key_name: + type: string + description: Name of keypair to assign + constraints: + - custom_constraint: nova.keypair + description: Must be a valid keypair name + repo_url: + type: string + description: URL for Clearwater repository + zone: + type: string + description: DNS zone + dns_ip: + type: string + description: IP address for DNS server on management network + dnssec_key: + type: string + description: DNSSEC private key (Base64-encoded) + constraints: + - allowed_pattern: "[0-9A-Za-z+/=]+" + description: Must be Base64-encoded + etcd_ip: + type: string + description: IP address of an existing member of the etcd cluster + + +resources: + + vellum_random_str: + type: OS::Heat::RandomString + properties: + length: 4 + + vellum_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: security group + name: + str_replace: + template: pre_base_rand + params: + pre: vellum_sg_ + base: { get_param: vnf_name } + rand: { get_resource: vellum_random_str } + rules: [ + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22}, + {remote_ip_prefix: 0.0.0.0/0, protocol: udp, port_range_min: 161, port_range_max: 162}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 2380, port_range_max: 2380}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 4000, port_range_max: 4000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 7253, port_range_max: 7253}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 11211, port_range_max: 11211}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 7000, port_range_max: 7000}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 11311, port_range_max: 11311}, + {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 9160, port_range_max: 9160}, + {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}] + + vellum_admin_port_0: + type: OS::Neutron::Port + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: vellum_admin_port_0_ + base: { get_param: vnf_name } + rand: { get_resource: vellum_random_str } + network: { get_param: public_net_id } + security_groups: [{ get_resource: vellum_security_group }] + + vellum_server_0: + type: OS::Nova::Server + properties: + name: + str_replace: + template: pre_base_rand + params: + pre: vellum_server_0_ + base: { get_param: vnf_name } + rand: { get_resource: vellum_random_str } + image: { get_param: vellum_image_name } + flavor: { get_param: vellum_flavor_name } + key_name: { get_param: key_name } + networks: + - port: { get_resource: vellum_admin_port_0 } + metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }} + user_data_format: RAW + user_data: + str_replace: + params: + __repo_url__: { get_param: repo_url } + __zone__: { get_param: zone } + __dns_ip__: { get_param: dns_ip } + __dnssec_key__: { get_param: dnssec_key } + __etcd_ip__ : { get_param: etcd_ip } + __index__ : 0 + template: | + #!/bin/bash + + # Log all output to file. + exec > >(tee -a /var/log/clearwater-heat-vellum.log) 2>&1 + set -x + + # Configure the APT software source. + echo 'deb __repo_url__ binary/' > /etc/apt/sources.list.d/clearwater.list + curl -L http://repo.cw-ngv.com/repo_key | apt-key add - + apt-get update + + # Get the public IP address from eth0 + sudo apt-get install ipcalc + ADDR=`ip addr show eth0 | awk '/inet /{print $2}'` + PUBLIC_ADDR=`ipcalc -n -b $ADDR | awk '/Address:/{print $2}'` + + # Configure /etc/clearwater/local_config. + mkdir -p /etc/clearwater + etcd_ip=__etcd_ip__ + [ -n "$etcd_ip" ] || etcd_ip=$PUBLIC_ADDR + cat > /etc/clearwater/local_config << EOF + management_local_ip=$PUBLIC_ADDR + local_ip=$PUBLIC_ADDR + public_ip=$PUBLIC_ADDR + public_hostname=vellum-__index__.__zone__ + etcd_cluster=$etcd_ip + EOF + + # Now install the software. + DEBIAN_FRONTEND=noninteractive apt-get install vellum --yes --force-yes + DEBIAN_FRONTEND=noninteractive apt-get install clearwater-management --yes --force-yes + + # Function to give DNS record type and IP address for specified IP address + ip2rr() { + if echo $1 | grep -q -e '[^0-9.]' ; then + echo AAAA $1 + else + echo A $1 + fi + } + + # Update DNS + retries=0 + while ! { nsupdate -y "__zone__:__dnssec_key__" -v << EOF + server __dns_ip__ + update add vellum-__index__.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + update add vellum.__zone__. 30 $(ip2rr $PUBLIC_ADDR) + send + EOF + } && [ $retries -lt 10 ] + do + retries=$((retries + 1)) + echo 'nsupdate failed - retrying (retry '$retries')...' + sleep 5 + done + + # Use the DNS server. + echo 'nameserver __dns_ip__' > /etc/dnsmasq.resolv.conf + echo 'RESOLV_CONF=/etc/dnsmasq.resolv.conf' >> /etc/default/dnsmasq + service dnsmasq force-reload + + +outputs: + vellum_ip: + description: IP address in public network + value: { get_attr: [ vellum_server_0, networks, { get_param: public_net_id }, 0 ] } |