aboutsummaryrefslogtreecommitdiffstats
path: root/openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/test/resources/mock/heat/nested/nestedundervolume/inputs/base_ocg.yaml
blob: fc07aae4df9f0f0d71fbb6964414246d861a6849 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

heat_template_version: 2015-04-30
#OCG Base Template
#AUTHORS:
description: >
  Base HOT template to create The Security Group for the the OCG VNF

#####################
parameters:
#####################

## GLOBAL//Basic Parameters
  vnf_name:
    type: string
    description: Unique name for this VF instance
#   For manual spinups, value must be in the ENV file. Must be removed from ENV before uploading to ASDC

#####################
resources:
#####################

  OCGAPP_SECURITY_GROUP:
    type: OS::Neutron::SecurityGroup
    properties:
      description: ocg app security group
      name:
        str_replace:
            template: VF_NAME_sec_grp_OCGAPP
            params:
                VF_NAME:    {get_param: vnf_name}
      rules: [{"direction": egress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": egress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": egress, "ethertype": IPv4, "protocol": icmp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "protocol": icmp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": egress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": "::/0"},
              {"direction": egress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": "::/0"},
              {"direction": egress, "ethertype": IPv6, "protocol": icmp, "remote_ip_prefix": "::/0"},
              {"direction": ingress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": "::/0"},
              {"direction": ingress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": "::/0"},
              {"direction": ingress, "ethertype": IPv6, "protocol": icmp, "remote_ip_prefix": "::/0"}
             ]

  OCGMGR_SECURITY_GROUP:
    type: OS::Neutron::SecurityGroup
    properties:
      description: ocg mgr security group
      name:
        str_replace:
            template: VF_NAME_sec_grp_OCGMGR
            params:
                VF_NAME:    {get_param: vnf_name}
      rules: [{"direction": egress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": egress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": egress, "ethertype": IPv4, "protocol": icmp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": 0.0.0.0/0},
              {"direction": ingress, "ethertype": IPv4, "protocol": icmp, "remote_ip_prefix": 0.0.0.0/0},
              #{"direction": egress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": "::/0"},
              #{"direction": egress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": "::/0"},
              #{"direction": egress, "ethertype": IPv6, "protocol": icmp, "remote_ip_prefix": "::/0"},
              #{"direction": ingress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": tcp, "remote_ip_prefix": "::/0"},
              #{"direction": ingress, "ethertype": IPv6, "port_range_min": 1, "port_range_max": 65535, "protocol": udp, "remote_ip_prefix": "::/0"},
              #{"direction": ingress, "ethertype": IPv6, "protocol": icmp, "remote_ip_prefix": "::/0"}
              ]

  ocg_RSG:
    type: OS::Nova::ServerGroup
    properties:
      name:
        str_replace:
          template: VF_NAME_server_grp_OCG
          params:
              VF_NAME: {get_param: vnf_name}
      policies:
        - anti-affinity
        
outputs:
  ocgapp_shared_sec_grp_id:
    description: UUID of OCG APP Resource SecurityGroup
    value: { get_resource: OCGAPP_SECURITY_GROUP }

  ocgmgr_shared_sec_grp_id:
    description: UUID of OCG MGR Resource SecutiryGroup
    value: {get_resource: OCGMGR_SECURITY_GROUP}
    
  ocg_shared_server_grp_id:
    description: UUID of OCG anti-affinity server group
    value: {get_resource: ocg_RSG}