1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
heat_template_version: 2013-05-23
description: Heat template to deploy a FreeRadius
parameters:
# Metadata required by ONAP
vnf_name:
type: string
label: VM name
description: The VM name
vnf_id:
type: string
label: VNF ID
description: The VNF ID is provided by ONAP
vf_module_id:
type: string
label: VF module ID
description: The VF Module ID is provided by ONAP
# Server parameters, naming required by ONAP
image_name:
type: string
label: Image name or ID
description: Image to be used for compute instance
flavor_name:
type: string
label: Flavor
description: Type of instance (flavor) to be used
pub_key:
type: string
label: Public key
description: Public key to be installed on the compute instance
key_name:
type: string
label: Public key name
description: Public key name to be installed on the compute instance
freeRadius_name_0:
type: string
label: VM name
description: The VM name
# Network parameters, naming required by ONAP
onap_private_net_id:
type: string
label: management network
description: The management network
onap_private_subnet_id:
type: string
label: management network
description: The management network
public_net_id:
type: string
label: control plane network
description: The control plane network
freeradius_ip:
type: string
label: freeradius vm ip address
description: freeradius vm ip address
resources:
random-str:
type: OS::Heat::RandomString
properties:
length: 4
freeRadius_key:
type: OS::Nova::KeyPair
properties:
name: { get_param: key_name }
public_key: { get_param: pub_key }
save_private_key: false
freeRadius_oam_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: security group
name:
str_replace:
template: pre_base_rand
params:
pre: oam_sg_
base: { get_param: vnf_name }
rand: { get_resource: random-str }
rules: [
{remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22},
{remote_ip_prefix: 0.0.0.0/0, protocol: icmp}]
freeRadius_control_plane_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: security group
name:
str_replace:
template: pre_base_rand
params:
pre: cp_sg_
base: { get_param: vnf_name }
rand: { get_resource: random-str }
rules: [
{remote_ip_prefix: 0.0.0.0/0, protocol: tcp, port_range_min: 22, port_range_max: 22},
{remote_ip_prefix: 0.0.0.0/0, protocol: icmp}]
freeRadius_0_oam_port_0:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: pre_base_rand
params:
pre: oam_port_
base: { get_param: vnf_name }
rand: { get_resource: random-str }
network: { get_param: onap_private_net_id }
fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: freeradius_ip }}]
security_groups: [{ get_resource: freeRadius_oam_security_group }]
freeRadius_0_control_plane_port_0:
type: OS::Neutron::Port
properties:
name:
str_replace:
template: pre_base_rand
params:
pre: cp_port_
base: { get_param: vnf_name }
rand: { get_resource: random-str }
network: { get_param: public_net_id }
security_groups: [{ get_resource: freeRadius_control_plane_security_group }]
freeRadius_VM_settings:
type: OS::Heat::SoftwareConfig
properties:
config: |
#!/bin/bash
apt-get update
apt-get install -y freeradius
echo -e "password\npassword" | passwd cloud
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
service ssh restart
freeRadius_server_0:
type: OS::Nova::Server
properties:
image: { get_param: image_name }
flavor: { get_param: flavor_name }
name: { get_param: freeRadius_name_0 }
metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }, vnf_name: { get_param: vnf_name }}
key_name: { get_resource: freeRadius_key }
networks:
- port: { get_resource: freeRadius_0_oam_port_0 }
- port: { get_resource: freeRadius_0_control_plane_port_0 }
user_data_format: RAW
user_data: |
#!/bin/bash
echo "!!! Install FreeRadius"
apt-get update
apt-get install -y freeradius
echo "!!! Setup password authentication for user cloud"
echo -e "password\npassword" | passwd cloud
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/' /etc/ssh/sshd_config
service ssh restart
echo "!!! Done"
|