7 files changed, 1143 insertions, 976 deletions

diff --git a/heat/ONAP/onap_openstack.env b/heat/ONAP/onap_openstack.env
index 00bdeeec..8ed1986e 100644
--- a/heat/ONAP/onap_openstack.env
+++ b/heat/ONAP/onap_openstack.env
@@ -134,12 +134,12 @@ parameters:
   vnfsdk_branch: master
   music_branch: master
   nbi_branch: master
+  aaf_branch: master
 
   aai_docker: 1.2-STAGING-latest
   aai_sparky_docker: 1.2-STAGING-latest
   appc_docker: 1.3.0-SNAPSHOT-latest
   so_docker: 1.2.1
-  dcae_docker: v1.1.1
   policy_docker: 1.2-STAGING-latest
   portal_docker: 2.1-STAGING-latest
   robot_docker: 1.2-STAGING-latest
@@ -156,9 +156,28 @@ parameters:
   cli_docker: v1.1.0
   music_docker: latest
   oof_docker: latest
-  aaf_docker: latest
+  aaf_docker: 2.1.0-SNAPSHOT
   nbi_docker: latest
 
+  dcae_docker:  1.1.2
+  dcae_snmptrap_docker:  latest
+  dcae_ves_docker:  latest
+  dcae_bootstrap_docker: 1.1.2
+  dcae_cm_docker: latest
+  dcae_k8sbootstrap_docker: latest
+  dcae_redisc_docker: latest
+  dcae_tca_docker: latest
+  dcae_cb_docker: v4.0.0
+  dcae_cbs_docker: latest
+  dcae_dh_docker: latest
+  dcae_inv_docker: latest
+  dcae_ph_docker: latest
+  dcae_sch_docker: latest
+  dcae_heartbeat_docker: latest
+  dcae_prh_docker: latest
+  holmes_rm_docker: v1.0.0
+  holmes_em_docker: v1.0.0
+
   vfc_nokia_docker: 1.1.0-STAGING-latest
   vfc_nokiav2_docker: 1.1.0-STAGING-latest
   vfc_ztevnfmdriver_docker: 1.1.0-STAGING-latest
@@ -206,3 +225,4 @@ parameters:
   vnfsdk_repo: http://gerrit.onap.org/r/vnfsdk/refrepo.git
   music_repo: http://gerrit.onap.org/r/music.git
   nbi_repo: http://gerrit.onap.org/r/externalapi/nbi.git
+  aaf_repo: http://gerrit.onap.org/r/aaf/authz.git
\ No newline at end of file
diff --git a/heat/ONAP/onap_openstack.yaml b/heat/ONAP/onap_openstack.yaml
index 4e8f91d7..1038e326 100644
--- a/heat/ONAP/onap_openstack.yaml
+++ b/heat/ONAP/onap_openstack.yaml
@@ -298,6 +298,8 @@ parameters:
     type: string
   nbi_repo:
     type: string
+  aaf_repo:
+    type: string
 
   ################################
   #                              #
@@ -313,8 +315,79 @@ parameters:
     type: string
   so_docker:
     type: string
+
   dcae_docker:
     type: string
+    default: latest
+  dcae_snmptrap_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.collectors.snmptrap 
+  dcae_ves_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.collectors.ves.vescollector
+  dcae_bootstrap_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.deployments.bootstrap
+  dcae_cm_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.deployments.cm-container
+  dcae_k8sbootstrap_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.deployments.k8s-bootstrap-container
+  dcae_redisc_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.deployments.redis-cluster-container
+  dcae_tca_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.deployments.tca-cdap-container
+  dcae_cb_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.cdapbroker
+  dcae_cbs_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.configbinding
+  dcae_dh_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.deployment-handler
+  dcae_inv_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.inventory-api
+  dcae_ph_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.deployment-handler
+  dcae_sch_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.platform.servicechange-handler
+  dcae_heartbeat_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.services.heartbeat
+  dcae_prh_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/org.dcaegen2.services.prh.prh-app-server  
+  holmes_em_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/holmes/engine-management
+  holmes_rm_docker:
+    type: string
+    default: latest
+    description: Docker image version for onap/holmes/rule-management
+
   policy_docker:
     type: string
   portal_docker:
@@ -422,6 +495,8 @@ parameters:
     type: string
   nbi_branch:
     type: string
+  aaf_branch:
+    type: string
 
 #############
 #           #
@@ -994,6 +1069,7 @@ resources:
             echo "__mr_ip_addr__" > /opt/config/mr_ip_addr.txt
             echo "__policy_ip_addr__" > /opt/config/policy_ip_addr.txt
             echo "__portal_ip_addr__" > /opt/config/portal_ip_addr.txt
+            echo "__portal_ip_addr__" > /opt/config/cli_ip_addr.txt
             echo "__sdc_ip_addr__" > /opt/config/sdc_ip_addr.txt
             echo "__sdc_ip_addr__" > /opt/config/sdc_be_ip_addr.txt
             echo "__sdc_ip_addr__" > /opt/config/sdc_fe_ip_addr.txt
@@ -1699,7 +1775,7 @@ resources:
       flavor: { get_param: flavor_large }
       name:
         str_replace:
-          template: base-dcae-bootstrap
+          template: base-dcae
           params:
             base: { get_param: vm_base_name }
       key_name: { get_resource: vm_key }
@@ -1775,6 +1851,26 @@ resources:
             __policy_floating_ip_addr__: { get_attr: [policy_floating_ip, floating_ip_address] }
             __openo_floating_ip_addr__: { get_attr: [openo_floating_ip, floating_ip_address] }
             __dcae_c_floating_ip_addr__: { get_attr: [dcae_c_floating_ip, floating_ip_address] }
+            # container versions
+            __dcae_docker__:  { get_param: dcae_docker }
+            __dcae_snmptrap_docker__:  { get_param: dcae_snmptrap_docker }
+            __dcae_ves_docker__:  { get_param: dcae_ves_docker }
+            __dcae_bootstrap_docker__:  { get_param: dcae_bootstrap_docker }
+            __dcae_cm_docker__:  { get_param: dcae_cm_docker }
+            __dcae_k8sbootstrap_docker__:  { get_param: dcae_k8sbootstrap_docker }
+            __dcae_redisc_docker__:  { get_param: dcae_redisc_docker }
+            __dcae_tca_docker__:  { get_param: dcae_tca_docker }
+            __dcae_cb_docker__:  { get_param: dcae_cb_docker }
+            __dcae_cbs_docker__:  { get_param: dcae_cbs_docker }
+            __dcae_dh_docker__:  { get_param: dcae_dh_docker }
+            __dcae_inv_docker__:  { get_param: dcae_inv_docker }
+            __dcae_ph_docker__:  { get_param: dcae_ph_docker }
+            __dcae_sch_docker__:  { get_param: dcae_sch_docker }
+            __dcae_heartbeat_docker__:  { get_param: dcae_heartbeat_docker }
+            __dcae_prh_docker__:  { get_param: dcae_prh_docker }
+            __holmes_em_docker__:  { get_param: holmes_em_docker }
+            __holmes_rm_docker__:  { get_param: holmes_rm_docker }
+
 
           template: |
             #!/bin/bash
@@ -1843,6 +1939,25 @@ resources:
             echo "__policy_floating_ip_addr__" > /opt/config/policy_floating_ip_addr.txt
             echo "__openo_floating_ip_addr__" > /opt/config/openo_floating_ip_addr.txt
             echo "__dcae_c_floating_ip_addr__" > /opt/config/dcae_c_floating_ip_addr.txt
+            # container versions
+            echo "__dcae_docker__" > /opt/config/dcae_docker.txt
+            echo "__dcae_snmptrap_docker__" > /opt/config/dcae_docker_snmptrap.txt
+            echo "__dcae_ves_docker__" > /opt/config/dcae_docker_ves.txt
+            echo "__dcae_bootstrap_docker__" > /opt/config/dcae_docker_bootstrap.txt
+            echo "__dcae_cm_docker__" > /opt/config/dcae_docker_cm.txt
+            echo "__dcae_k8sbootstrap_docker__" > /opt/config/dcae_docker_k8sbootstrap.txt
+            echo "__dcae_redisc_docker__" > /opt/config/dcae_docker_redisc.txt
+            echo "__dcae_tca_docker__" > /opt/config/dcae_docker_tca.txt
+            echo "__dcae_cb_docker__" > /opt/config/dcae_docker_cb.txt
+            echo "__dcae_cbs_docker__" > /opt/config/dcae_docker_cbs.txt
+            echo "__dcae_dh_docker__" > /opt/config/dcae_docker_dh.txt
+            echo "__dcae_inv_docker__" > /opt/config/dcae_docker_inv.txt
+            echo "__dcae_ph_docker__" > /opt/config/dcae_docker_ph.txt
+            echo "__dcae_sch_docker__" > /opt/config/dcae_docker_sch.txt
+            echo "__dcae_heartbeat_docker__" > /opt/config/dcae_docker_heartbeat.txt
+            echo "__dcae_prh_docker__" > /opt/config/dcae_docker_prh.txt
+            echo "__holmes_em_docker__" > /opt/config/holmes_docker_em.txt
+            echo "__holmes_rm_docker__" > /opt/config/holmes_docker_rm.txt
 
             # Download and run install script
             curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/dcae2_install.sh -o /opt/dcae2_install.sh
@@ -1999,7 +2114,7 @@ resources:
   aaf_vm:
     type: OS::Nova::Server
     properties:
-      image: { get_param: ubuntu_1404_image }
+      image: { get_param: ubuntu_1604_image }
       flavor: { get_param: flavor_medium }
       name:
         str_replace:
@@ -2022,6 +2137,8 @@ resources:
             __docker_version__: { get_param: aaf_docker }
             __cloud_env__: { get_param: cloud_env }
             __external_dns__: { get_param: external_dns }
+            __aaf_repo__: { get_param: aaf_repo }
+            __gerrit_branch__: { get_param: aaf_branch }
           template: |
             #!/bin/bash
 
@@ -2036,6 +2153,8 @@ resources:
             echo "__docker_version__" > /opt/config/docker_version.txt
             echo "__cloud_env__" > /opt/config/cloud_env.txt
             echo "__external_dns__" > /opt/config/external_dns.txt
+            echo "__aaf_repo__" > /opt/config/remote_repo.txt
+            echo "__gerrit_branch__" > /opt/config/gerrit_branch.txt
 
             # Download and run install script
             curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/aaf_install.sh -o /opt/aaf_install.sh
diff --git a/heat/ONAP/onap_openstack_light.yaml b/heat/ONAP/onap_openstack_light.yaml
index b2ad74cc..0a6c4df0 100644
--- a/heat/ONAP/onap_openstack_light.yaml
+++ b/heat/ONAP/onap_openstack_light.yaml
@@ -294,6 +294,8 @@ parameters:
     type: string
   nbi_repo:
     type: string
+  aaf_repo:
+    type: string
 
   ################################
   #                              #
@@ -416,6 +418,8 @@ parameters:
     type: string
   nbi_branch:
     type: string
+  aaf_branch:
+    type: string
 
 #############
 #           #
@@ -1987,7 +1991,7 @@ resources:
   aaf_vm:
     type: OS::Nova::Server
     properties:
-      image: { get_param: ubuntu_1404_image }
+      image: { get_param: ubuntu_1604_image }
       flavor: { get_param: flavor_medium }
       name:
         str_replace:
@@ -2010,6 +2014,8 @@ resources:
             __docker_version__: { get_param: aaf_docker }
             __cloud_env__: { get_param: cloud_env }
             __external_dns__: { get_param: external_dns }
+            __aaf_repo__: { get_param: aaf_repo }
+            __gerrit_branch__: { get_param: aaf_branch }
           template: |
             #!/bin/bash
 
@@ -2024,6 +2030,8 @@ resources:
             echo "__docker_version__" > /opt/config/docker_version.txt
             echo "__cloud_env__" > /opt/config/cloud_env.txt
             echo "__external_dns__" > /opt/config/external_dns.txt
+            echo "__aaf_repo__" > /opt/config/remote_repo.txt
+            echo "__gerrit_branch__" > /opt/config/gerrit_branch.txt
 
             # Download and run install script
             curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/aaf_install.sh -o /opt/aaf_install.sh
diff --git a/heat/ONAP/onap_openstack_template.env b/heat/ONAP/onap_openstack_template.env
index fbabf097..475efd7c 100644
--- a/heat/ONAP/onap_openstack_template.env
+++ b/heat/ONAP/onap_openstack_template.env
@@ -133,12 +133,12 @@ parameters:
   clamp_branch: master
   vnfsdk_branch: master
   music_branch: master
+  aaf_branch: master
 
   aai_docker: ${AAI_RESOURCES_DOCKER}
   aai_sparky_docker: ${AAI_RESOURCES_DOCKER}
   appc_docker: ${APPC_IMAGE_DOCKER}
   so_docker: ${MSO_DOCKER}
-  dcae_docker: ${BOOTSTRAP_DOCKER}
   policy_docker: ${POLICY_DB_DOCKER}
   portal_docker: ${PORTAL_APP_DOCKER}
   robot_docker: ${TESTSUITE_DOCKER}
@@ -158,6 +158,25 @@ parameters:
   aaf_docker: ${AAF_DOCKER}
   nbi_docker: ${NBI_DOCKER}
 
+  dcae_docker:  ${BOOTSTRAP_DOCKER}
+  dcae_snmptrap_docker:  ${SNMPTRAP_DOCKER}
+  dcae_ves_docker:  ${VESCOLLECTOR_DOCKER}
+  dcae_bootstrap_docker: ${BOOTSTRAP_DOCKER}
+  dcae_cm_docker: ${CM_CONTAINER_DOCKER}
+  dcae_k8sbootstrap_docker: ${K8S_BOOTSTRAP_CONTAINER_DOCKER}
+  dcae_redisc_docker: ${REDIS_CLUSTER_CONTAINER_DOCKER}
+  dcae_tca_docker: ${TCA_CDAP_CONTAINER_DOCKER}
+  dcae_cb_docker: ${CDAPBROKER_DOCKER}
+  dcae_cbs_docker: ${CONFIGBINDING_DOCKER}
+  dcae_dh_docker: ${DEPLOYMENT_HANDLER_DOCKER}
+  dcae_inv_docker: ${INVENTORY_API_DOCKER}
+  dcae_ph_docker: ${POLICY_HANDLER_DOCKER}
+  dcae_sch_docker: ${SERVICECHANGE_HANDLER_DOCKER}
+  dcae_heartbeat_docker: ${HEARTBEAT_DOCKER}
+  dcae_prh_docker: ${PRH_APP_SERVER_DOCKER}
+  holmes_rm_docker: ${RULE_MANAGEMENT_DOCKER}
+  holmes_em_docker: ${ENGINE_MANAGEMENT_DOCKER}
+
   vfc_nokia_docker: ${NOKIA_DOCKER}
   vfc_nokiav2_docker: ${NOKIAV2_DOCKER}
   vfc_ztevnfmdriver_docker: ${ZTEVNFMDRIVER_DOCKER}
@@ -204,3 +223,4 @@ parameters:
   clamp_repo: http://gerrit.onap.org/r/clamp.git
   vnfsdk_repo: http://gerrit.onap.org/r/vnfsdk/refrepo.git
   music_repo: http://gerrit.onap.org/r/music.git
+  aaf_repo: http://gerrit.onap.org/r/aaf/authz.git
\ No newline at end of file
diff --git a/heat/vFW/base_vfw.yaml b/heat/vFW/base_vfw.yaml
index 3d5a22d1..ace7c5e1 100644
--- a/heat/vFW/base_vfw.yaml
+++ b/heat/vFW/base_vfw.yaml
@@ -1,407 +1,407 @@
-##########################################################################

-#

-#==================LICENSE_START==========================================

-#

-#

-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.

-#

-# Licensed under the Apache License, Version 2.0 (the "License");

-# you may not use this file except in compliance with the License.

-# You may obtain a copy of the License at

-#        http://www.apache.org/licenses/LICENSE-2.0

-#

-# Unless required by applicable law or agreed to in writing, software

-# distributed under the License is distributed on an "AS IS" BASIS,

-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-# See the License for the specific language governing permissions and

-# limitations under the License.

-#

-#==================LICENSE_END============================================

-#

-# ECOMP is a trademark and service mark of AT&T Intellectual Property.

-#

-##########################################################################

-

-heat_template_version: 2013-05-23

-

-description: Heat template that deploys vFirewall demo app for ONAP

-

-##############

-#            #

-# PARAMETERS #

-#            #

-##############

-

-parameters:

-  vfw_image_name:

-    type: string

-    label: Image name or ID

-    description: Image to be used for compute instance

-  vfw_flavor_name:

-    type: string

-    label: Flavor

-    description: Type of instance (flavor) to be used

-  public_net_id:

-    type: string

-    label: Public network name or ID

-    description: Public network that enables remote connection to VNF

-  unprotected_private_net_id:

-    type: string

-    label: Unprotected private network name or ID

-    description: Private network that connects vPacketGenerator with vFirewall

-  protected_private_net_id:

-    type: string

-    label: Protected private network name or ID

-    description: Private network that connects vFirewall with vSink

-  onap_private_net_id:

-    type: string

-    label: ONAP management network name or ID

-    description: Private network that connects ONAP components and the VNF

-  onap_private_subnet_id:

-    type: string

-    label: ONAP management sub-network name or ID

-    description: Private sub-network that connects ONAP components and the VNF

-  unprotected_private_net_cidr:

-    type: string

-    label: Unprotected private network CIDR

-    description: The CIDR of the unprotected private network

-  protected_private_net_cidr:

-    type: string

-    label: Protected private network CIDR

-    description: The CIDR of the protected private network

-  onap_private_net_cidr:

-    type: string

-    label: ONAP private network CIDR

-    description: The CIDR of the protected private network

-  vfw_private_ip_0:

-    type: string

-    label: vFirewall private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator

-  vfw_private_ip_1:

-    type: string

-    label: vFirewall private IP address towards the protected network

-    description: Private IP address that is assigned to the vFirewall to communicate with the vSink

-  vfw_private_ip_2:

-    type: string

-    label: vFirewall private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vFirewall to communicate with ONAP components

-  vpg_private_ip_0:

-    type: string

-    label: vPacketGenerator private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall

-  vpg_private_ip_1:

-    type: string

-    label: vPacketGenerator private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components

-  vsn_private_ip_0:

-    type: string

-    label: vSink private IP address towards the protected network

-    description: Private IP address that is assigned to the vSink to communicate with the vFirewall

-  vsn_private_ip_1:

-    type: string

-    label: vSink private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vSink to communicate with ONAP components

-  vfw_name_0:

-    type: string

-    label: vFirewall name

-    description: Name of the vFirewall

-  vpg_name_0:

-    type: string

-    label: vPacketGenerator name

-    description: Name of the vPacketGenerator

-  vsn_name_0:

-    type: string

-    label: vSink name

-    description: Name of the vSink

-  vnf_id:

-    type: string

-    label: VNF ID

-    description: The VNF ID is provided by ONAP

-  vf_module_id:

-    type: string

-    label: vFirewall module ID

-    description: The vFirewall Module ID is provided by ONAP

-  dcae_collector_ip:

-    type: string

-    label: DCAE collector IP address

-    description: IP address of the DCAE collector

-  dcae_collector_port:

-    type: string

-    label: DCAE collector port

-    description: Port of the DCAE collector

-  key_name:

-    type: string

-    label: Key pair name

-    description: Public/Private key pair name

-  pub_key:

-    type: string

-    label: Public key

-    description: Public key to be installed on the compute instance

-  repo_url_blob:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  repo_url_artifacts:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  install_script_version:

-    type: string

-    label: Installation script version number

-    description: Version number of the scripts that install the vFW demo app

-  demo_artifacts_version:

-    type: string

-    label: Artifacts version used in demo vnfs

-    description: Artifacts (jar, tar.gz) version used in demo vnfs

-  cloud_env:

-    type: string

-    label: Cloud environment

-    description: Cloud environment (e.g., openstack, rackspace)

-

-#############

-#           #

-# RESOURCES #

-#           #

-#############

-

-resources:

-  random-str:

-    type: OS::Heat::RandomString

-    properties:

-      length: 4

-

-  my_keypair:

-    type: OS::Nova::KeyPair

-    properties:

-      name:

-        str_replace:

-          template: base_rand

-          params:

-            base: { get_param: key_name }

-            rand: { get_resource: random-str }

-      public_key: { get_param: pub_key }

-      save_private_key: false

-

-  unprotected_private_network:

-    type: OS::Neutron::Net

-    properties:

-      name: { get_param: unprotected_private_net_id }

-

-  protected_private_network:

-    type: OS::Neutron::Net

-    properties:

-      name: { get_param: protected_private_net_id }

-

-  unprotected_private_subnet:

-    type: OS::Neutron::Subnet

-    properties:

-      network_id: { get_resource: unprotected_private_network }

-      cidr: { get_param: unprotected_private_net_cidr }

-

-  protected_private_subnet:

-    type: OS::Neutron::Subnet

-    properties:

-      network_id: { get_resource: protected_private_network }

-      cidr: { get_param: protected_private_net_cidr }

-

-  # Virtual Firewall instantiation

-  vfw_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_resource: unprotected_private_network }

-      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}]

-

-  vfw_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}]

-      network: { get_resource: protected_private_network }

-      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}]

-

-  vfw_private_2_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}]

-

-  vfw_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: vfw_image_name }

-      flavor: { get_param: vfw_flavor_name }

-      name: { get_param: vfw_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vfw_private_0_port }

-        - port: { get_resource: vfw_private_1_port }

-        - port: { get_resource: vfw_private_2_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __dcae_collector_ip__ : { get_param: dcae_collector_ip }

-            __dcae_collector_port__ : { get_param: dcae_collector_port }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __demo_artifacts_version__ : { get_param: demo_artifacts_version }

-            __install_script_version__ : { get_param: install_script_version }

-            __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 }

-            __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 }

-            __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 }

-            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }

-            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt

-            echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt

-            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt

-            echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt

-            echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt

-            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt

-            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_firewall_install.sh -o /opt/v_firewall_install.sh

-            cd /opt

-            chmod +x v_firewall_install.sh

-            ./v_firewall_install.sh

-

-

-  # Virtual Packet Generator instantiation

-  vpg_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_resource: unprotected_private_network }

-      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}]

-

-  vpg_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}]

-

-  vpg_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: vfw_image_name }

-      flavor: { get_param: vfw_flavor_name }

-      name: { get_param: vpg_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vpg_private_0_port }

-        - port: { get_resource: vpg_private_1_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __fw_ipaddr__: { get_param: vfw_private_ip_0 }

-            __protected_net_cidr__: { get_param: protected_private_net_cidr }

-            __sink_ipaddr__: { get_param: vsn_private_ip_0 }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __demo_artifacts_version__ : { get_param: demo_artifacts_version }

-            __install_script_version__ : { get_param: install_script_version }

-            __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 }

-            __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 }

-            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt

-            echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt

-            echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt

-            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt

-            echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt

-            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_packetgen_install.sh -o /opt/v_packetgen_install.sh

-            cd /opt

-            chmod +x v_packetgen_install.sh

-            ./v_packetgen_install.sh

-

-

-  # Virtual Sink instantiation

-  vsn_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_resource: protected_private_network }

-      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}]

-

-  vsn_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}]

-

-  vsn_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: vfw_image_name }

-      flavor: { get_param: vfw_flavor_name }

-      name: { get_param: vsn_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vsn_private_0_port }

-        - port: { get_resource: vsn_private_1_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __protected_net_gw__: { get_param: vfw_private_ip_1 }

-            __unprotected_net__: { get_param: unprotected_private_net_cidr }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __install_script_version__ : { get_param: install_script_version }

-            __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 }

-            __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 }

-            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt

-            echo "__unprotected_net__" > /opt/config/unprotected_net.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt

-            echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt

-            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_sink_install.sh -o /opt/v_sink_install.sh

-            cd /opt

-            chmod +x v_sink_install.sh

+##########################################################################
+#
+#==================LICENSE_START==========================================
+#
+#
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#==================LICENSE_END============================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+##########################################################################
+
+heat_template_version: 2013-05-23
+
+description: Heat template that deploys vFirewall demo app for ONAP
+
+##############
+#            #
+# PARAMETERS #
+#            #
+##############
+
+parameters:
+  vfw_image_name:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+  vfw_flavor_name:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+  public_net_id:
+    type: string
+    label: Public network name or ID
+    description: Public network that enables remote connection to VNF
+  unprotected_private_net_id:
+    type: string
+    label: Unprotected private network name or ID
+    description: Private network that connects vPacketGenerator with vFirewall
+  protected_private_net_id:
+    type: string
+    label: Protected private network name or ID
+    description: Private network that connects vFirewall with vSink
+  onap_private_net_id:
+    type: string
+    label: ONAP management network name or ID
+    description: Private network that connects ONAP components and the VNF
+  onap_private_subnet_id:
+    type: string
+    label: ONAP management sub-network name or ID
+    description: Private sub-network that connects ONAP components and the VNF
+  unprotected_private_net_cidr:
+    type: string
+    label: Unprotected private network CIDR
+    description: The CIDR of the unprotected private network
+  protected_private_net_cidr:
+    type: string
+    label: Protected private network CIDR
+    description: The CIDR of the protected private network
+  onap_private_net_cidr:
+    type: string
+    label: ONAP private network CIDR
+    description: The CIDR of the protected private network
+  vfw_private_ip_0:
+    type: string
+    label: vFirewall private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator
+  vfw_private_ip_1:
+    type: string
+    label: vFirewall private IP address towards the protected network
+    description: Private IP address that is assigned to the vFirewall to communicate with the vSink
+  vfw_private_ip_2:
+    type: string
+    label: vFirewall private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vFirewall to communicate with ONAP components
+  vpg_private_ip_0:
+    type: string
+    label: vPacketGenerator private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall
+  vpg_private_ip_1:
+    type: string
+    label: vPacketGenerator private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components
+  vsn_private_ip_0:
+    type: string
+    label: vSink private IP address towards the protected network
+    description: Private IP address that is assigned to the vSink to communicate with the vFirewall
+  vsn_private_ip_1:
+    type: string
+    label: vSink private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vSink to communicate with ONAP components
+  vfw_name_0:
+    type: string
+    label: vFirewall name
+    description: Name of the vFirewall
+  vpg_name_0:
+    type: string
+    label: vPacketGenerator name
+    description: Name of the vPacketGenerator
+  vsn_name_0:
+    type: string
+    label: vSink name
+    description: Name of the vSink
+  vnf_id:
+    type: string
+    label: VNF ID
+    description: The VNF ID is provided by ONAP
+  vf_module_id:
+    type: string
+    label: vFirewall module ID
+    description: The vFirewall Module ID is provided by ONAP
+  dcae_collector_ip:
+    type: string
+    label: DCAE collector IP address
+    description: IP address of the DCAE collector
+  dcae_collector_port:
+    type: string
+    label: DCAE collector port
+    description: Port of the DCAE collector
+  key_name:
+    type: string
+    label: Key pair name
+    description: Public/Private key pair name
+  pub_key:
+    type: string
+    label: Public key
+    description: Public key to be installed on the compute instance
+  repo_url_blob:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  repo_url_artifacts:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  install_script_version:
+    type: string
+    label: Installation script version number
+    description: Version number of the scripts that install the vFW demo app
+  demo_artifacts_version:
+    type: string
+    label: Artifacts version used in demo vnfs
+    description: Artifacts (jar, tar.gz) version used in demo vnfs
+  cloud_env:
+    type: string
+    label: Cloud environment
+    description: Cloud environment (e.g., openstack, rackspace)
+
+#############
+#           #
+# RESOURCES #
+#           #
+#############
+
+resources:
+  random-str:
+    type: OS::Heat::RandomString
+    properties:
+      length: 4
+
+  my_keypair:
+    type: OS::Nova::KeyPair
+    properties:
+      name:
+        str_replace:
+          template: base_rand
+          params:
+            base: { get_param: key_name }
+            rand: { get_resource: random-str }
+      public_key: { get_param: pub_key }
+      save_private_key: false
+
+  unprotected_private_network:
+    type: OS::Neutron::Net
+    properties:
+      name: { get_param: unprotected_private_net_id }
+
+  protected_private_network:
+    type: OS::Neutron::Net
+    properties:
+      name: { get_param: protected_private_net_id }
+
+  unprotected_private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      network_id: { get_resource: unprotected_private_network }
+      cidr: { get_param: unprotected_private_net_cidr }
+
+  protected_private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      network_id: { get_resource: protected_private_network }
+      cidr: { get_param: protected_private_net_cidr }
+
+  # Virtual Firewall instantiation
+  vfw_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: unprotected_private_network }
+      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}]
+
+  vfw_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}]
+      network: { get_resource: protected_private_network }
+      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}]
+
+  vfw_private_2_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}]
+
+  vfw_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: vfw_image_name }
+      flavor: { get_param: vfw_flavor_name }
+      name: { get_param: vfw_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vfw_private_0_port }
+        - port: { get_resource: vfw_private_1_port }
+        - port: { get_resource: vfw_private_2_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __dcae_collector_ip__ : { get_param: dcae_collector_ip }
+            __dcae_collector_port__ : { get_param: dcae_collector_port }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __demo_artifacts_version__ : { get_param: demo_artifacts_version }
+            __install_script_version__ : { get_param: install_script_version }
+            __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 }
+            __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 }
+            __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 }
+            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }
+            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt
+            echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt
+            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt
+            echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt
+            echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt
+            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt
+            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_firewall_install.sh -o /opt/v_firewall_install.sh
+            cd /opt
+            chmod +x v_firewall_install.sh
+            ./v_firewall_install.sh
+
+
+  # Virtual Packet Generator instantiation
+  vpg_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: unprotected_private_network }
+      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}]
+
+  vpg_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}]
+
+  vpg_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: vfw_image_name }
+      flavor: { get_param: vfw_flavor_name }
+      name: { get_param: vpg_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vpg_private_0_port }
+        - port: { get_resource: vpg_private_1_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __fw_ipaddr__: { get_param: vfw_private_ip_0 }
+            __protected_net_cidr__: { get_param: protected_private_net_cidr }
+            __sink_ipaddr__: { get_param: vsn_private_ip_0 }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __demo_artifacts_version__ : { get_param: demo_artifacts_version }
+            __install_script_version__ : { get_param: install_script_version }
+            __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 }
+            __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 }
+            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt
+            echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt
+            echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt
+            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt
+            echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt
+            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_packetgen_install.sh -o /opt/v_packetgen_install.sh
+            cd /opt
+            chmod +x v_packetgen_install.sh
+            ./v_packetgen_install.sh
+
+
+  # Virtual Sink instantiation
+  vsn_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: protected_private_network }
+      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}]
+
+  vsn_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}]
+
+  vsn_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: vfw_image_name }
+      flavor: { get_param: vfw_flavor_name }
+      name: { get_param: vsn_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vsn_private_0_port }
+        - port: { get_resource: vsn_private_1_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __protected_net_gw__: { get_param: vfw_private_ip_1 }
+            __unprotected_net__: { get_param: unprotected_private_net_cidr }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __install_script_version__ : { get_param: install_script_version }
+            __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 }
+            __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 }
+            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt
+            echo "__unprotected_net__" > /opt/config/unprotected_net.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt
+            echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt
+            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_sink_install.sh -o /opt/v_sink_install.sh
+            cd /opt
+            chmod +x v_sink_install.sh
             ./v_sink_install.sh
\ No newline at end of file
diff --git a/heat/vFWCL/vFWSNK/base_vfw.yaml b/heat/vFWCL/vFWSNK/base_vfw.yaml
index c82e2e56..fe7f8dc6 100644
--- a/heat/vFWCL/vFWSNK/base_vfw.yaml
+++ b/heat/vFWCL/vFWSNK/base_vfw.yaml
@@ -1,343 +1,343 @@
-##########################################################################

-#

-#==================LICENSE_START==========================================

-#

-#

-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.

-#

-# Licensed under the Apache License, Version 2.0 (the "License");

-# you may not use this file except in compliance with the License.

-# You may obtain a copy of the License at

-#        http://www.apache.org/licenses/LICENSE-2.0

-#

-# Unless required by applicable law or agreed to in writing, software

-# distributed under the License is distributed on an "AS IS" BASIS,

-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-# See the License for the specific language governing permissions and

-# limitations under the License.

-#

-#==================LICENSE_END============================================

-#

-# ECOMP is a trademark and service mark of AT&T Intellectual Property.

-#

-##########################################################################

-

-heat_template_version: 2013-05-23

-

-description: Heat template that deploys vFirewall Closed Loop demo app (vFW and vSink) for ONAP

-

-##############

-#            #

-# PARAMETERS #

-#            #

-##############

-

-parameters:

-  image_name:

-    type: string

-    label: Image name or ID

-    description: Image to be used for compute instance

-  flavor_name:

-    type: string

-    label: Flavor

-    description: Type of instance (flavor) to be used

-  public_net_id:

-    type: string

-    label: Public network name or ID

-    description: Public network that enables remote connection to VNF

-  unprotected_private_net_id:

-    type: string

-    label: Unprotected private network name or ID

-    description: Private network that connects vPacketGenerator with vFirewall

-  unprotected_private_subnet_id:

-    type: string

-    label: Unprotected private subnetwork name or ID

-    description: Private subnetwork of the protected network

-  unprotected_private_net_cidr:

-    type: string

-    label: Unprotected private network CIDR

-    description: The CIDR of the unprotected private network

-  protected_private_net_id:

-    type: string

-    label: Protected private network name or ID

-    description: Private network that connects vFirewall with vSink

-  protected_private_subnet_id:

-    type: string

-    label: Protected private subnetwork name or ID

-    description: Private subnetwork of the unprotected network

-  protected_private_net_cidr:

-    type: string

-    label: Protected private network CIDR

-    description: The CIDR of the protected private network

-  onap_private_net_id:

-    type: string

-    label: ONAP management network name or ID

-    description: Private network that connects ONAP components and the VNF

-  onap_private_subnet_id:

-    type: string

-    label: ONAP management sub-network name or ID

-    description: Private sub-network that connects ONAP components and the VNF

-  onap_private_net_cidr:

-    type: string

-    label: ONAP private network CIDR

-    description: The CIDR of the protected private network

-  vfw_private_ip_0:

-    type: string

-    label: vFirewall private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator

-  vfw_private_ip_1:

-    type: string

-    label: vFirewall private IP address towards the protected network

-    description: Private IP address that is assigned to the vFirewall to communicate with the vSink

-  vfw_private_ip_2:

-    type: string

-    label: vFirewall private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vFirewall to communicate with ONAP components

-  vpg_private_ip_0:

-    type: string

-    label: vPacketGenerator private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall

-  vsn_private_ip_0:

-    type: string

-    label: vSink private IP address towards the protected network

-    description: Private IP address that is assigned to the vSink to communicate with the vFirewall

-  vsn_private_ip_1:

-    type: string

-    label: vSink private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vSink to communicate with ONAP components

-  vfw_name_0:

-    type: string

-    label: vFirewall name

-    description: Name of the vFirewall

-  vsn_name_0:

-    type: string

-    label: vSink name

-    description: Name of the vSink

-  vnf_id:

-    type: string

-    label: VNF ID

-    description: The VNF ID is provided by ONAP

-  vf_module_id:

-    type: string

-    label: vFirewall module ID

-    description: The vFirewall Module ID is provided by ONAP

-  dcae_collector_ip:

-    type: string

-    label: DCAE collector IP address

-    description: IP address of the DCAE collector

-  dcae_collector_port:

-    type: string

-    label: DCAE collector port

-    description: Port of the DCAE collector

-  key_name:

-    type: string

-    label: Key pair name

-    description: Public/Private key pair name

-  pub_key:

-    type: string

-    label: Public key

-    description: Public key to be installed on the compute instance

-  repo_url_blob:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  repo_url_artifacts:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  install_script_version:

-    type: string

-    label: Installation script version number

-    description: Version number of the scripts that install the vFW demo app

-  demo_artifacts_version:

-    type: string

-    label: Artifacts version used in demo vnfs

-    description: Artifacts (jar, tar.gz) version used in demo vnfs

-  cloud_env:

-    type: string

-    label: Cloud environment

-    description: Cloud environment (e.g., openstack, rackspace)

-

-#############

-#           #

-# RESOURCES #

-#           #

-#############

-

-resources:

-  random-str:

-    type: OS::Heat::RandomString

-    properties:

-      length: 4

-

-  my_keypair:

-    type: OS::Nova::KeyPair

-    properties:

-      name:

-        str_replace:

-          template: base_rand

-          params:

-            base: { get_param: key_name }

-            rand: { get_resource: random-str }

-      public_key: { get_param: pub_key }

-      save_private_key: false

-

-  unprotected_private_network:

-    type: OS::Neutron::Net

-    properties:

-      name: { get_param: unprotected_private_net_id }

-

-  unprotected_private_subnet:

-    type: OS::Neutron::Subnet

-    properties:

-      name: { get_param: unprotected_private_subnet_id }

-      network_id: { get_resource: unprotected_private_network }

-      cidr: { get_param: unprotected_private_net_cidr }

-

-  protected_private_network:

-    type: OS::Neutron::Net

-    properties:

-      name: { get_param: protected_private_net_id }

-

-  protected_private_subnet:

-    type: OS::Neutron::Subnet

-    properties:

-      name: { get_param: protected_private_subnet_id }

-      network_id: { get_resource: protected_private_network }

-      cidr: { get_param: protected_private_net_cidr }

-

-  # Virtual Firewall instantiation

-  vfw_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_resource: unprotected_private_network }

-      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}]

-

-  vfw_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}]

-      network: { get_resource: protected_private_network }

-      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}]

-

-  vfw_private_2_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}]

-

-  vfw_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: image_name }

-      flavor: { get_param: flavor_name }

-      name: { get_param: vfw_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vfw_private_0_port }

-        - port: { get_resource: vfw_private_1_port }

-        - port: { get_resource: vfw_private_2_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __dcae_collector_ip__ : { get_param: dcae_collector_ip }

-            __dcae_collector_port__ : { get_param: dcae_collector_port }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __demo_artifacts_version__ : { get_param: demo_artifacts_version }

-            __install_script_version__ : { get_param: install_script_version }

-            __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 }

-            __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 }

-            __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 }

-            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }

-            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt

-            echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt

-            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt

-            echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt

-            echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt

-            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt

-            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_firewall_install.sh -o /opt/v_firewall_install.sh

-            cd /opt

-            chmod +x v_firewall_install.sh

-            ./v_firewall_install.sh

-

-

-  # Virtual Sink instantiation

-  vsn_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_resource: protected_private_network }

-      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}]

-

-  vsn_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}]

-

-  vsn_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: image_name }

-      flavor: { get_param: flavor_name }

-      name: { get_param: vsn_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vsn_private_0_port }

-        - port: { get_resource: vsn_private_1_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __protected_net_gw__: { get_param: vfw_private_ip_1 }

-            __unprotected_net__: { get_param: unprotected_private_net_cidr }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __install_script_version__ : { get_param: install_script_version }

-            __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 }

-            __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 }

-            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt

-            echo "__unprotected_net__" > /opt/config/unprotected_net.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt

-            echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt

-            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_sink_install.sh -o /opt/v_sink_install.sh

-            cd /opt

-            chmod +x v_sink_install.sh

-            ./v_sink_install.sh

+##########################################################################
+#
+#==================LICENSE_START==========================================
+#
+#
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#==================LICENSE_END============================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+##########################################################################
+
+heat_template_version: 2013-05-23
+
+description: Heat template that deploys vFirewall Closed Loop demo app (vFW and vSink) for ONAP
+
+##############
+#            #
+# PARAMETERS #
+#            #
+##############
+
+parameters:
+  image_name:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+  flavor_name:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+  public_net_id:
+    type: string
+    label: Public network name or ID
+    description: Public network that enables remote connection to VNF
+  unprotected_private_net_id:
+    type: string
+    label: Unprotected private network name or ID
+    description: Private network that connects vPacketGenerator with vFirewall
+  unprotected_private_subnet_id:
+    type: string
+    label: Unprotected private subnetwork name or ID
+    description: Private subnetwork of the protected network
+  unprotected_private_net_cidr:
+    type: string
+    label: Unprotected private network CIDR
+    description: The CIDR of the unprotected private network
+  protected_private_net_id:
+    type: string
+    label: Protected private network name or ID
+    description: Private network that connects vFirewall with vSink
+  protected_private_subnet_id:
+    type: string
+    label: Protected private subnetwork name or ID
+    description: Private subnetwork of the unprotected network
+  protected_private_net_cidr:
+    type: string
+    label: Protected private network CIDR
+    description: The CIDR of the protected private network
+  onap_private_net_id:
+    type: string
+    label: ONAP management network name or ID
+    description: Private network that connects ONAP components and the VNF
+  onap_private_subnet_id:
+    type: string
+    label: ONAP management sub-network name or ID
+    description: Private sub-network that connects ONAP components and the VNF
+  onap_private_net_cidr:
+    type: string
+    label: ONAP private network CIDR
+    description: The CIDR of the protected private network
+  vfw_private_ip_0:
+    type: string
+    label: vFirewall private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator
+  vfw_private_ip_1:
+    type: string
+    label: vFirewall private IP address towards the protected network
+    description: Private IP address that is assigned to the vFirewall to communicate with the vSink
+  vfw_private_ip_2:
+    type: string
+    label: vFirewall private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vFirewall to communicate with ONAP components
+  vpg_private_ip_0:
+    type: string
+    label: vPacketGenerator private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall
+  vsn_private_ip_0:
+    type: string
+    label: vSink private IP address towards the protected network
+    description: Private IP address that is assigned to the vSink to communicate with the vFirewall
+  vsn_private_ip_1:
+    type: string
+    label: vSink private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vSink to communicate with ONAP components
+  vfw_name_0:
+    type: string
+    label: vFirewall name
+    description: Name of the vFirewall
+  vsn_name_0:
+    type: string
+    label: vSink name
+    description: Name of the vSink
+  vnf_id:
+    type: string
+    label: VNF ID
+    description: The VNF ID is provided by ONAP
+  vf_module_id:
+    type: string
+    label: vFirewall module ID
+    description: The vFirewall Module ID is provided by ONAP
+  dcae_collector_ip:
+    type: string
+    label: DCAE collector IP address
+    description: IP address of the DCAE collector
+  dcae_collector_port:
+    type: string
+    label: DCAE collector port
+    description: Port of the DCAE collector
+  key_name:
+    type: string
+    label: Key pair name
+    description: Public/Private key pair name
+  pub_key:
+    type: string
+    label: Public key
+    description: Public key to be installed on the compute instance
+  repo_url_blob:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  repo_url_artifacts:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  install_script_version:
+    type: string
+    label: Installation script version number
+    description: Version number of the scripts that install the vFW demo app
+  demo_artifacts_version:
+    type: string
+    label: Artifacts version used in demo vnfs
+    description: Artifacts (jar, tar.gz) version used in demo vnfs
+  cloud_env:
+    type: string
+    label: Cloud environment
+    description: Cloud environment (e.g., openstack, rackspace)
+
+#############
+#           #
+# RESOURCES #
+#           #
+#############
+
+resources:
+  random-str:
+    type: OS::Heat::RandomString
+    properties:
+      length: 4
+
+  my_keypair:
+    type: OS::Nova::KeyPair
+    properties:
+      name:
+        str_replace:
+          template: base_rand
+          params:
+            base: { get_param: key_name }
+            rand: { get_resource: random-str }
+      public_key: { get_param: pub_key }
+      save_private_key: false
+
+  unprotected_private_network:
+    type: OS::Neutron::Net
+    properties:
+      name: { get_param: unprotected_private_net_id }
+
+  unprotected_private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      name: { get_param: unprotected_private_subnet_id }
+      network_id: { get_resource: unprotected_private_network }
+      cidr: { get_param: unprotected_private_net_cidr }
+
+  protected_private_network:
+    type: OS::Neutron::Net
+    properties:
+      name: { get_param: protected_private_net_id }
+
+  protected_private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      name: { get_param: protected_private_subnet_id }
+      network_id: { get_resource: protected_private_network }
+      cidr: { get_param: protected_private_net_cidr }
+
+  # Virtual Firewall instantiation
+  vfw_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: unprotected_private_network }
+      fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}]
+
+  vfw_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}]
+      network: { get_resource: protected_private_network }
+      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}]
+
+  vfw_private_2_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}]
+
+  vfw_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image_name }
+      flavor: { get_param: flavor_name }
+      name: { get_param: vfw_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vfw_private_0_port }
+        - port: { get_resource: vfw_private_1_port }
+        - port: { get_resource: vfw_private_2_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __dcae_collector_ip__ : { get_param: dcae_collector_ip }
+            __dcae_collector_port__ : { get_param: dcae_collector_port }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __demo_artifacts_version__ : { get_param: demo_artifacts_version }
+            __install_script_version__ : { get_param: install_script_version }
+            __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 }
+            __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 }
+            __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 }
+            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }
+            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt
+            echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt
+            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt
+            echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt
+            echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt
+            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt
+            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_firewall_install.sh -o /opt/v_firewall_install.sh
+            cd /opt
+            chmod +x v_firewall_install.sh
+            ./v_firewall_install.sh
+
+
+  # Virtual Sink instantiation
+  vsn_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: protected_private_network }
+      fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}]
+
+  vsn_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}]
+
+  vsn_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image_name }
+      flavor: { get_param: flavor_name }
+      name: { get_param: vsn_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vsn_private_0_port }
+        - port: { get_resource: vsn_private_1_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __protected_net_gw__: { get_param: vfw_private_ip_1 }
+            __unprotected_net__: { get_param: unprotected_private_net_cidr }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __install_script_version__ : { get_param: install_script_version }
+            __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 }
+            __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 }
+            __protected_private_net_cidr__ : { get_param: protected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt
+            echo "__unprotected_net__" > /opt/config/unprotected_net.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt
+            echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt
+            echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_sink_install.sh -o /opt/v_sink_install.sh
+            cd /opt
+            chmod +x v_sink_install.sh
+            ./v_sink_install.sh
diff --git a/heat/vFWCL/vPKG/base_vpkg.yaml b/heat/vFWCL/vPKG/base_vpkg.yaml
index 79d35bd3..160331bf 100644
--- a/heat/vFWCL/vPKG/base_vpkg.yaml
+++ b/heat/vFWCL/vPKG/base_vpkg.yaml
@@ -1,221 +1,221 @@
-##########################################################################

-#

-#==================LICENSE_START==========================================

-#

-#

-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.

-#

-# Licensed under the Apache License, Version 2.0 (the "License");

-# you may not use this file except in compliance with the License.

-# You may obtain a copy of the License at

-#        http://www.apache.org/licenses/LICENSE-2.0

-#

-# Unless required by applicable law or agreed to in writing, software

-# distributed under the License is distributed on an "AS IS" BASIS,

-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-# See the License for the specific language governing permissions and

-# limitations under the License.

-#

-#==================LICENSE_END============================================

-#

-# ECOMP is a trademark and service mark of AT&T Intellectual Property.

-#

-##########################################################################

-

-heat_template_version: 2013-05-23

-

-description: Heat template that deploys the vFirewall Traffic Generator demo app for ONAP

-

-##############

-#            #

-# PARAMETERS #

-#            #

-##############

-

-parameters:

-  image_name:

-    type: string

-    label: Image name or ID

-    description: Image to be used for compute instance

-  flavor_name:

-    type: string

-    label: Flavor

-    description: Type of instance (flavor) to be used

-  public_net_id:

-    type: string

-    label: Public network name or ID

-    description: Public network that enables remote connection to VNF

-  unprotected_private_net_id:

-    type: string

-    label: Unprotected private network name or ID

-    description: Private network that connects vPacketGenerator with vFirewall

-  unprotected_private_subnet_id:

-    type: string

-    label: Unprotected private sub-network name or ID

-    description: Private subnetwork for the unprotected network

-  unprotected_private_net_cidr:

-    type: string

-    label: Unprotected private network CIDR

-    description: The CIDR of the unprotected private network

-  protected_private_net_cidr:

-    type: string

-    label: Protected private network CIDR

-    description: The CIDR of the protected private network

-  onap_private_net_id:

-    type: string

-    label: ONAP management network name or ID

-    description: Private network that connects ONAP components and the VNF

-  onap_private_subnet_id:

-    type: string

-    label: ONAP management sub-network name or ID

-    description: Private sub-network that connects ONAP components and the VNF

-  onap_private_net_cidr:

-    type: string

-    label: ONAP private network CIDR

-    description: The CIDR of the protected private network

-  vfw_private_ip_0:

-    type: string

-    label: vFirewall private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator

-  vsn_private_ip_0:

-    type: string

-    label: vSink private IP address towards the protected network

-    description: Private IP address that is assigned to the vSink to communicate with the vFirewall

-  vpg_private_ip_0:

-    type: string

-    label: vPacketGenerator private IP address towards the unprotected network

-    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall

-  vpg_private_ip_1:

-    type: string

-    label: vPacketGenerator private IP address towards the ONAP management network

-    description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components

-  vpg_name_0:

-    type: string

-    label: vPacketGenerator name

-    description: Name of the vPacketGenerator

-  vnf_id:

-    type: string

-    label: VNF ID

-    description: The VNF ID is provided by ONAP

-  vf_module_id:

-    type: string

-    label: vPNG Traffic Generator module ID

-    description: The vPNG Module ID is provided by ONAP

-  key_name:

-    type: string

-    label: Key pair name

-    description: Public/Private key pair name

-  pub_key:

-    type: string

-    label: Public key

-    description: Public key to be installed on the compute instance

-  repo_url_blob:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  repo_url_artifacts:

-    type: string

-    label: Repository URL

-    description: URL of the repository that hosts the demo packages

-  install_script_version:

-    type: string

-    label: Installation script version number

-    description: Version number of the scripts that install the vFW demo app

-  demo_artifacts_version:

-    type: string

-    label: Artifacts version used in demo vnfs

-    description: Artifacts (jar, tar.gz) version used in demo vnfs

-  cloud_env:

-    type: string

-    label: Cloud environment

-    description: Cloud environment (e.g., openstack, rackspace)

-

-#############

-#           #

-# RESOURCES #

-#           #

-#############

-

-resources:

-  random-str:

-    type: OS::Heat::RandomString

-    properties:

-      length: 4

-

-  my_keypair:

-    type: OS::Nova::KeyPair

-    properties:

-      name:

-        str_replace:

-          template: base_rand

-          params:

-            base: { get_param: key_name }

-            rand: { get_resource: random-str }

-      public_key: { get_param: pub_key }

-      save_private_key: false

-

-

-  # Virtual Packet Generator instantiation

-  vpg_private_0_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: unprotected_private_net_id }

-      fixed_ips: [{"subnet": { get_param: unprotected_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_0 }}]

-

-  vpg_private_1_port:

-    type: OS::Neutron::Port

-    properties:

-      network: { get_param: onap_private_net_id }

-      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}]

-

-  vpg_0:

-    type: OS::Nova::Server

-    properties:

-      image: { get_param: image_name }

-      flavor: { get_param: flavor_name }

-      name: { get_param: vpg_name_0 }

-      key_name: { get_resource: my_keypair }

-      networks:

-        - network: { get_param: public_net_id }

-        - port: { get_resource: vpg_private_0_port }

-        - port: { get_resource: vpg_private_1_port }

-      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}

-      user_data_format: RAW

-      user_data:

-        str_replace:

-          params:

-            __fw_ipaddr__: { get_param: vfw_private_ip_0 }

-            __protected_net_cidr__: { get_param: protected_private_net_cidr }

-            __sink_ipaddr__: { get_param: vsn_private_ip_0 }

-            __repo_url_blob__ : { get_param: repo_url_blob }

-            __repo_url_artifacts__ : { get_param: repo_url_artifacts }

-            __demo_artifacts_version__ : { get_param: demo_artifacts_version }

-            __install_script_version__ : { get_param: install_script_version }

-            __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 }

-            __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 }

-            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }

-            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }

-            __cloud_env__ : { get_param: cloud_env }

-          template: |

-            #!/bin/bash

-

-            # Create configuration files

-            mkdir /opt/config

-            echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt

-            echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt

-            echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt

-            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt

-            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt

-            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt

-            echo "__install_script_version__" > /opt/config/install_script_version.txt

-            echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt

-            echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt

-            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt

-            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt

-            echo "__cloud_env__" > /opt/config/cloud_env.txt

-

-            # Download and run install script

-            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_packetgen_install.sh -o /opt/v_packetgen_install.sh

-            cd /opt

-            chmod +x v_packetgen_install.sh

-            ./v_packetgen_install.sh

+##########################################################################
+#
+#==================LICENSE_START==========================================
+#
+#
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#==================LICENSE_END============================================
+#
+# ECOMP is a trademark and service mark of AT&T Intellectual Property.
+#
+##########################################################################
+
+heat_template_version: 2013-05-23
+
+description: Heat template that deploys the vFirewall Traffic Generator demo app for ONAP
+
+##############
+#            #
+# PARAMETERS #
+#            #
+##############
+
+parameters:
+  image_name:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+  flavor_name:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+  public_net_id:
+    type: string
+    label: Public network name or ID
+    description: Public network that enables remote connection to VNF
+  unprotected_private_net_id:
+    type: string
+    label: Unprotected private network name or ID
+    description: Private network that connects vPacketGenerator with vFirewall
+  unprotected_private_subnet_id:
+    type: string
+    label: Unprotected private sub-network name or ID
+    description: Private subnetwork for the unprotected network
+  unprotected_private_net_cidr:
+    type: string
+    label: Unprotected private network CIDR
+    description: The CIDR of the unprotected private network
+  protected_private_net_cidr:
+    type: string
+    label: Protected private network CIDR
+    description: The CIDR of the protected private network
+  onap_private_net_id:
+    type: string
+    label: ONAP management network name or ID
+    description: Private network that connects ONAP components and the VNF
+  onap_private_subnet_id:
+    type: string
+    label: ONAP management sub-network name or ID
+    description: Private sub-network that connects ONAP components and the VNF
+  onap_private_net_cidr:
+    type: string
+    label: ONAP private network CIDR
+    description: The CIDR of the protected private network
+  vfw_private_ip_0:
+    type: string
+    label: vFirewall private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator
+  vsn_private_ip_0:
+    type: string
+    label: vSink private IP address towards the protected network
+    description: Private IP address that is assigned to the vSink to communicate with the vFirewall
+  vpg_private_ip_0:
+    type: string
+    label: vPacketGenerator private IP address towards the unprotected network
+    description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall
+  vpg_private_ip_1:
+    type: string
+    label: vPacketGenerator private IP address towards the ONAP management network
+    description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components
+  vpg_name_0:
+    type: string
+    label: vPacketGenerator name
+    description: Name of the vPacketGenerator
+  vnf_id:
+    type: string
+    label: VNF ID
+    description: The VNF ID is provided by ONAP
+  vf_module_id:
+    type: string
+    label: vPNG Traffic Generator module ID
+    description: The vPNG Module ID is provided by ONAP
+  key_name:
+    type: string
+    label: Key pair name
+    description: Public/Private key pair name
+  pub_key:
+    type: string
+    label: Public key
+    description: Public key to be installed on the compute instance
+  repo_url_blob:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  repo_url_artifacts:
+    type: string
+    label: Repository URL
+    description: URL of the repository that hosts the demo packages
+  install_script_version:
+    type: string
+    label: Installation script version number
+    description: Version number of the scripts that install the vFW demo app
+  demo_artifacts_version:
+    type: string
+    label: Artifacts version used in demo vnfs
+    description: Artifacts (jar, tar.gz) version used in demo vnfs
+  cloud_env:
+    type: string
+    label: Cloud environment
+    description: Cloud environment (e.g., openstack, rackspace)
+
+#############
+#           #
+# RESOURCES #
+#           #
+#############
+
+resources:
+  random-str:
+    type: OS::Heat::RandomString
+    properties:
+      length: 4
+
+  my_keypair:
+    type: OS::Nova::KeyPair
+    properties:
+      name:
+        str_replace:
+          template: base_rand
+          params:
+            base: { get_param: key_name }
+            rand: { get_resource: random-str }
+      public_key: { get_param: pub_key }
+      save_private_key: false
+
+
+  # Virtual Packet Generator instantiation
+  vpg_private_0_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: unprotected_private_net_id }
+      fixed_ips: [{"subnet": { get_param: unprotected_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_0 }}]
+
+  vpg_private_1_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: onap_private_net_id }
+      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}]
+
+  vpg_0:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image_name }
+      flavor: { get_param: flavor_name }
+      name: { get_param: vpg_name_0 }
+      key_name: { get_resource: my_keypair }
+      networks:
+        - network: { get_param: public_net_id }
+        - port: { get_resource: vpg_private_0_port }
+        - port: { get_resource: vpg_private_1_port }
+      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }}
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __fw_ipaddr__: { get_param: vfw_private_ip_0 }
+            __protected_net_cidr__: { get_param: protected_private_net_cidr }
+            __sink_ipaddr__: { get_param: vsn_private_ip_0 }
+            __repo_url_blob__ : { get_param: repo_url_blob }
+            __repo_url_artifacts__ : { get_param: repo_url_artifacts }
+            __demo_artifacts_version__ : { get_param: demo_artifacts_version }
+            __install_script_version__ : { get_param: install_script_version }
+            __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 }
+            __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 }
+            __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr }
+            __onap_private_net_cidr__ : { get_param: onap_private_net_cidr }
+            __cloud_env__ : { get_param: cloud_env }
+          template: |
+            #!/bin/bash
+
+            # Create configuration files
+            mkdir /opt/config
+            echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt
+            echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt
+            echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt
+            echo "__repo_url_blob__" > /opt/config/repo_url_blob.txt
+            echo "__repo_url_artifacts__" > /opt/config/repo_url_artifacts.txt
+            echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt
+            echo "__install_script_version__" > /opt/config/install_script_version.txt
+            echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt
+            echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt
+            echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt
+            echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt
+            echo "__cloud_env__" > /opt/config/cloud_env.txt
+
+            # Download and run install script
+            curl -k __repo_url_blob__/org.onap.demo/vnfs/vfw/__install_script_version__/v_packetgen_install.sh -o /opt/v_packetgen_install.sh
+            cd /opt
+            chmod +x v_packetgen_install.sh
+            ./v_packetgen_install.sh