summaryrefslogtreecommitdiffstats
path: root/docs/guides/onap-user/design/parameter_resolution/freeradius_example/after_enrichment/HEAT_freeradius/radius.yaml
blob: a699ca00e3554a079f35d14daaea8a5ea3f51a4b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

heat_template_version: 2013-05-23

description: Heat template to deploy a FreeRadius

parameters:
# Metadata required by ONAP
  vnf_name:
    type: string
    label: VM name
    description: The VM name
  vnf_id:
    type: string
    label: VNF ID
    description: The VNF ID is provided by ONAP
  vf_module_id:
    type: string
    label: VF module ID
    description: The VF Module ID is provided by ONAP

# Server parameters, naming required by ONAP
  image_name:
    type: string
    label: Image name or ID
    description: Image to be used for compute instance
  flavor_name:
    type: string
    label: Flavor
    description: Type of instance (flavor) to be used
  pub_key:
    type: string
    label: Public key
    description: Public key to be installed on the compute instance
  key_name:
    type: string
    label: Public key name
    description: Public key name to be installed on the compute instance    
  freeRadius_name_0:
    type: string
    label: VM name
    description: The VM name

# Network parameters, naming required by ONAP
  onap_private_net_id:
    type: string
    label: management network
    description: The management network
  onap_private_subnet_id:
    type: string
    label: management network
    description: The management network
  public_net_id:
    type: string
    label: control plane network
    description: The control plane network
  freeradius_ip:
    type: string
    label: freeradius vm ip address
    description: freeradius vm ip address

resources:
  random-str:
    type: OS::Heat::RandomString
    properties:
      length: 4
      
  freeRadius_key:
    type: OS::Nova::KeyPair
    properties:
      name: { get_param: key_name } 
      public_key: { get_param: pub_key }
      save_private_key: false

  freeRadius_oam_security_group:
    type: OS::Neutron::SecurityGroup
    properties:
      description: security group
      name:
        str_replace:
          template: pre_base_rand
          params:
            pre: oam_sg_
            base: { get_param: vnf_name }
            rand: { get_resource: random-str }
      rules: [
        {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22},
        {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}]

  freeRadius_control_plane_security_group:
    type: OS::Neutron::SecurityGroup
    properties:
      description: security group
      name:
        str_replace:
          template: pre_base_rand
          params:
            pre: cp_sg_
            base: { get_param: vnf_name }
            rand: { get_resource: random-str }
      rules: [
        {remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22},
        {remote_ip_prefix: 0.0.0.0/0, protocol: icmp}]

  freeRadius_0_oam_port_0:
    type: OS::Neutron::Port
    properties:
      name:
        str_replace:
          template: pre_base_rand
          params:
            pre: oam_port_
            base: { get_param: vnf_name }
            rand: { get_resource: random-str }
      network: { get_param: onap_private_net_id }
      fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: freeradius_ip }}]
      security_groups: [{ get_resource: freeRadius_oam_security_group }]

  freeRadius_0_control_plane_port_0:
    type: OS::Neutron::Port
    properties:
      name:
        str_replace:
          template: pre_base_rand
          params:
            pre: cp_port_
            base: { get_param: vnf_name }
            rand: { get_resource: random-str }
      network: { get_param: public_net_id }
      security_groups: [{ get_resource: freeRadius_control_plane_security_group }]

  freeRadius_VM_settings:
    type: OS::Heat::SoftwareConfig
    properties:
      config: |
            #!/bin/bash
            apt-get update
            apt-get install -y freeradius
            echo -e "password\npassword" | passwd cloud
            sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config 
            service ssh restart


  freeRadius_server_0:
    type: OS::Nova::Server
    properties:
      image: { get_param: image_name }
      flavor: { get_param: flavor_name }
      name: { get_param: freeRadius_name_0 }
      metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }}
      key_name: { get_resource: freeRadius_key }
      networks:
        - port: { get_resource: freeRadius_0_oam_port_0 }
        - port: { get_resource: freeRadius_0_control_plane_port_0 }
      user_data_format: RAW
      user_data: |
        #!/bin/bash
        echo "!!! Install FreeRadius"
        apt-get update
        apt-get install -y freeradius
        echo "!!! Setup password authentication for user cloud"
        echo -e "password\npassword" | passwd cloud
        sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config 
        service ssh restart
        echo "!!! Done"