heat_template_version: 2015-10-15
description: ONAP on Kubernetes using OOM

parameters:
  docker_proxy:
    type: string

  apt_proxy:
    type: string

  public_net_id:
    type: string
    description: The ID of the Public network for floating IP address allocation

  public_net_name:
    type: string
    description: The name of the Public network referred by public_net_id

  oam_network_cidr:
    type: string
    description: CIDR of the OAM ONAP network

  keystone_url:
    type: string
    description: URL of OpenStack Keystone

  openstack_tenant_id:
    type: string
    description: OpenStack tenant ID

  openstack_tenant_name:
    type: string
    description: OpenStack tenant name (matching with the openstack_tenant_id)

  openstack_username:
    type: string
    description: OpenStack username

  openstack_api_key:
    type: string
    description: OpenStack password or API Key

  ubuntu_1404_image:
    type: string
    description: Name of the Ubuntu 14.04 image

  ubuntu_1604_image:
    type: string
    description: Name of the Ubuntu 16.04 image

  centos_7_image:
    type: string
    description: the id/name of the CentOS 7 VM imange

  rancher_vm_flavor:
    type: string
    description: Name of the Ubuntu 14.04 image

  k8s_vm_flavor:
    type: string
    description: Name of the Ubuntu 14.04 image

  dns_forwarder:
    type: string
    description: the forwarder address for setting up ONAP's private DNS server

  external_dns:
    type: string
    description: Public IP of the external DNS for ONAP network

  dnsaas_proxy_enable:
    type: string
    description: whether to enable DNSaaS proxy via multicloud

  dnsaas_region:
    type: string
    description: the region of the cloud instance providing the Designate DNS as a Service

  dnsaas_proxied_keystone_url_path:
    type: string
    description: the proxy keystone URL path for DCAE to use (via MultiCloud)

  dnsaas_keystone_url:
    type: string
    description: the keystone URL of the cloud instance providing the Designate DNS as a Service

  dnsaas_username:
    type: string
    description: the username of the cloud instance providing the Designate DNS as a Service

  dnsaas_password:
    type: string
    description: the password of the cloud instance providing the Designate DNS as a Service

  dnsaas_tenant_id:
    type: string
    description: the ID of the tenant in the cloud instance providing the Designate DNS as a Service

  dnsaas_tenant_name:
    type: string
    description: the name of the tenant in the cloud instance providing the Designate DNS as a Service

resources:
  random-str:
    type: OS::Heat::RandomString
    properties:
      length: 4

  # ONAP security group
  onap_sg:
    type: OS::Neutron::SecurityGroup
    properties:
      name:
        str_replace:
          template: base_rand
          params:
            base: onap_sg
            rand: { get_resource: random-str }
      description: security group used by ONAP
      rules:
        # All egress traffic
        - direction: egress
          ethertype: IPv4
        - direction: egress
          ethertype: IPv6
        # ingress traffic
        # ICMP
        - protocol: icmp
        - protocol: udp
          port_range_min: 1
          port_range_max: 65535
        - protocol: tcp
          port_range_min: 1
          port_range_max: 65535


  # ONAP management private network
  oam_network:
    type: OS::Neutron::Net
    properties:
      name:
        str_replace:
          template: oam_network_rand
          params:
            rand: { get_resource: random-str }

  oam_subnet:
    type: OS::Neutron::Subnet
    properties:
      name:
        str_replace:
          template: oam_network_rand
          params:
            rand: { get_resource: random-str }
      network_id: { get_resource: oam_network }
      cidr: { get_param: oam_network_cidr }
      dns_nameservers: [ get_param: dns_forwarder ]

  router:
    type: OS::Neutron::Router
    properties:
      external_gateway_info:
        network: { get_param: public_net_id }

  router_interface:
    type: OS::Neutron::RouterInterface
    properties:
      router_id: { get_resource: router }
      subnet_id: { get_resource: oam_subnet }

  rancher_private_port:
    type: OS::Neutron::Port
    properties:
      network: { get_resource: oam_network }
      fixed_ips: [{"subnet": { get_resource: oam_subnet }}]
      security_groups:
      - { get_resource: onap_sg }

  rancher_floating_ip:
    type: OS::Neutron::FloatingIP
    properties:
      floating_network_id: { get_param: public_net_id }
      port_id: { get_resource: rancher_private_port }

  rancher_vm:
    type: OS::Nova::Server
    properties:
      name: rancher
      image: { get_param: ubuntu_1604_image }
      flavor: { get_param: rancher_vm_flavor }
      key_name: onap_key
      networks:
      - port: { get_resource: rancher_private_port }
      user_data_format: RAW
      user_data:
        str_replace:
          params:
            __docker_proxy__: { get_param: docker_proxy }
            __apt_proxy__: { get_param: apt_proxy }
          template:
            get_file: rancher_vm_entrypoint.sh

  k8s_private_port:
    type: OS::Neutron::Port
    properties:
      network: { get_resource: oam_network }
      fixed_ips: [{"subnet": { get_resource: oam_subnet }}]
      security_groups:
      - { get_resource: onap_sg }

  k8s_floating_ip:
    type: OS::Neutron::FloatingIP
    properties:
      floating_network_id: { get_param: public_net_id }
      port_id: { get_resource: k8s_private_port }

  k8s_vm:
    type: OS::Nova::Server
    properties:
      name: k8s
      image: { get_param: ubuntu_1604_image }
      flavor: { get_param: k8s_vm_flavor }
      key_name: onap_key
      networks:
      - port: { get_resource: k8s_private_port }
      user_data_format: RAW
      user_data:
        str_replace:
          params:
            __docker_proxy__: { get_param: docker_proxy }
            __apt_proxy__: { get_param: apt_proxy }
            __rancher_ip_addr__: { get_attr: [rancher_floating_ip, floating_ip_address] }
            __k8s_ip_addr__: { get_attr: [k8s_floating_ip, floating_ip_address] }
            __openstack_tenant_id__: { get_param: openstack_tenant_id }
            __openstack_tenant_name__: { get_param: openstack_tenant_name }
            __openstack_username__: { get_param: openstack_username }
            __openstack_api_key__: { get_param : openstack_api_key }
            __public_net_id__: { get_param: public_net_id }
            __public_net_name__: { get_param: public_net_name }
            __oam_network_id__: { get_resource: oam_network }
            __oam_network_cidr__: { get_param: oam_network_cidr }
            __ubuntu_1404_image__: { get_param: ubuntu_1404_image }
            __ubuntu_1604_image__: { get_param: ubuntu_1604_image }
            __centos_7_image__: { get_param: centos_7_image }
            __keystone_url__: { get_param: keystone_url }
            __dns_forwarder__: { get_param: dns_forwarder }
            __external_dns__: { get_param: external_dns }
            __dnsaas_proxy_enable__: { get_param: dnsaas_proxy_enable }
            __dnsaas_proxied_keystone_url_path__: { get_param: dnsaas_proxied_keystone_url_path }
            __dnsaas_keystone_url__: { get_param: dnsaas_keystone_url }
            __dnsaas_region__: { get_param: dnsaas_region }
            __dnsaas_tenant_id__: { get_param: dnsaas_tenant_id }
            __dnsaas_tenant_name__: { get_param: dnsaas_tenant_name }
            __dnsaas_username__: { get_param: dnsaas_username }
            __dnsaas_password__: { get_param: dnsaas_password }
          template:
            get_file: k8s_vm_entrypoint.sh

outputs:
  rancher_vm_ip:
    description: The IP address of the rancher instance
    value: { get_attr: [rancher_floating_ip, floating_ip_address] }

  k8s_vm_ip:
    description: The IP address of the k8s instance
    value: { get_attr: [k8s_floating_ip, floating_ip_address] }