From 5ca4bddf27d9453add36e18aa99c18a6087707b8 Mon Sep 17 00:00:00 2001 From: earthmant Date: Mon, 5 Jun 2017 14:05:22 +0300 Subject: [PATCH 1/4] update circle.yml vcloud vsphere bps --- circle.yml | 4 +++- vsphere.yaml => vsphere-blueprint.yaml | 0 2 files changed, 3 insertions(+), 1 deletion(-) rename vsphere.yaml => vsphere-blueprint.yaml (100%) diff --git a/circle.yml b/circle.yml index 0bb8e95..2d7c813 100644 --- a/circle.yml +++ b/circle.yml @@ -16,7 +16,7 @@ dependencies: - pip install https://github.com/cloudify-cosmo/cloudify-rest-client/archive/master.zip - pip install https://github.com/cloudify-cosmo/cloudify-dsl-parser/archive/master.zip - pip install https://github.com/cloudify-cosmo/cloudify-plugins-common/archive/master.zip - - pip install https://github.com/cloudify-cosmo/cloudify-script-plugin/archive/1.4.zip + - pip install https://github.com/cloudify-cosmo/cloudify-script-plugin/archive/master.zip - pip install https://github.com/cloudify-cosmo/cloudify-cli/archive/master.zip test: @@ -25,6 +25,8 @@ test: - cfy blueprints validate openstack-blueprint.yaml - cfy blueprints validate aws-blueprint.yaml - cfy blueprints validate azure-blueprint.yaml + - cfy blueprints validate vcloud-blueprint.yaml + - cfy blueprints validate vsphere-blueprint.yaml deployment: release: diff --git a/vsphere.yaml b/vsphere-blueprint.yaml similarity index 100% rename from vsphere.yaml rename to vsphere-blueprint.yaml From 9eebe2452c53387e31f214f9408c2c2793721aaf Mon Sep 17 00:00:00 2001 From: earthmant Date: Mon, 5 Jun 2017 23:00:39 +0300 Subject: [PATCH 2/4] update aws azure os --- application-blueprint.yaml | 2 +- aws-blueprint.yaml | 155 ++++---- azure-blueprints.yaml | 214 ++++------- openstack-blueprint.yaml | 519 +++++++++++++-------------- scripts/cloud_config/create.py | 28 ++ types/aws.yaml | 23 +- types/azure.yaml | 42 ++- types/cloud_config/cloud-config.yaml | 13 + types/openstack.yaml | 19 +- 9 files changed, 482 insertions(+), 533 deletions(-) create mode 100644 scripts/cloud_config/create.py create mode 100644 types/cloud_config/cloud-config.yaml diff --git a/application-blueprint.yaml b/application-blueprint.yaml index 8fed265..bc58c28 100644 --- a/application-blueprint.yaml +++ b/application-blueprint.yaml @@ -3,7 +3,7 @@ tosca_definitions_version: cloudify_dsl_1_3 ######################################################## imports: - - http://www.getcloudify.org/spec/cloudify/4.0/types.yaml + - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - types/clearwater-monitoring.yaml - types/clearwater.yaml diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml index c4d8fb9..3a5ba07 100644 --- a/aws-blueprint.yaml +++ b/aws-blueprint.yaml @@ -3,54 +3,27 @@ tosca_definitions_version: cloudify_dsl_1_3 ######################################################## imports: - - http://www.getcloudify.org/spec/aws-plugin/1.4.4/plugin.yaml + - http://getcloudify.org.s3.amazonaws.com/spec/aws-plugin/1.4.10/plugin.yaml - application-blueprint.yaml - types/aws.yaml - types/policy.yaml + - types/cloud_config/cloud-config.yaml inputs: - key_name: - default: clearwater-blueprint-key - - private_key_path: - default: ~/.ssh/clearwater-blueprint-key.pem - - vpc_id: - type: string - - vpc_cidr_block: - type: string - - public_subnet_id: - type: string - - public_subnet_cidr: - type: string - - private_subnet_id: - type: string - - private_subnet_cidr: - type: string - - ec2_region_name: - default: us-east-1 - - ec2_region_endpoint: - default: ec2.us-east-1.amazonaws.com - - availability_zone: - default: us-east-1e - ami: description: > - Amazon Ubuntu 14.04 AMI + An AWS AMI. Tested with a Ubuntu 14.04 image. + default: { get_secret: ubuntu_trusty_image } instance_type: - default: m3.medium + description: > + The AWS instance_type. Tested with m3.medium, although that is unnecessarily large. + default: m3.large agent_user: + description: > + The username of the agent running on the instance created from the image. default: ubuntu dsl_definitions: @@ -58,8 +31,8 @@ dsl_definitions: aws_config: &aws_config aws_access_key_id: { get_secret: aws_access_key_id } aws_secret_access_key: { get_secret: aws_secret_access_key } - ec2_region_name: { get_input: ec2_region_name } - ec2_region_endpoint: { get_input: ec2_region_endpoint } + ec2_region_name: { get_secret: ec2_region_name } + ec2_region_endpoint: { get_secret: ec2_region_endpoint } node_templates: @@ -111,7 +84,7 @@ node_templates: - ip_protocol: tcp from_port: 0 to_port: 65535 - cidr_ip: { get_input: vpc_cidr_block } + cidr_ip: 0.0.0.0/0 - ip_protocol: udp from_port: 161 to_port: 162 @@ -422,45 +395,6 @@ node_templates: aws_config: *aws_config domain: vpc - vpc: - type: cloudify.aws.nodes.VPC - properties: - aws_config: *aws_config - use_external_resource: true - resource_id: { get_input: vpc_id } - cidr_block: { get_input: vpc_cidr_block } - - public_subnet: - type: cloudify.aws.nodes.Subnet - properties: - aws_config: *aws_config - use_external_resource: true - resource_id: { get_input: public_subnet_id } - cidr_block: { get_input: public_subnet_cidr } - availability_zone: { get_input: availability_zone } - relationships: - - type: cloudify.aws.relationships.subnet_contained_in_vpc - target: vpc - - private_subnet: - type: cloudify.aws.nodes.Subnet - properties: - aws_config: *aws_config - use_external_resource: true - resource_id: { get_input: private_subnet_id } - cidr_block: { get_input: private_subnet_cidr } - availability_zone: { get_input: availability_zone } - relationships: - - type: cloudify.aws.relationships.subnet_contained_in_vpc - target: vpc - - key: - type: cloudify.aws.nodes.KeyPair - properties: - aws_config: *aws_config - resource_id: { get_input: key_name } - private_key_path: { get_input: private_key_path } - ellis_vm: type: clearwater.nodes.MonitoredServer properties: @@ -476,8 +410,6 @@ node_templates: target: all_nodes_external - type: cloudify.aws.relationships.instance_connected_to_security_group target: ellis_vm_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: public_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -498,8 +430,6 @@ node_templates: target: bono_vm_security_group - type: cloudify.aws.relationships.instance_connected_to_security_group target: bono_to_others_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: public_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -516,8 +446,6 @@ node_templates: target: sprout_vm_security_group - type: cloudify.aws.relationships.instance_connected_to_security_group target: sprout_to_others_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: private_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -534,8 +462,6 @@ node_templates: target: homestead_vm_security_group - type: cloudify.aws.relationships.instance_connected_to_security_group target: homestead_to_others_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: private_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -552,8 +478,6 @@ node_templates: target: homer_vm_security_group - type: cloudify.aws.relationships.instance_connected_to_security_group target: homer_to_others_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: private_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -570,8 +494,6 @@ node_templates: target: ralf_vm_security_group - type: cloudify.aws.relationships.instance_connected_to_security_group target: ralf_to_others_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: private_subnet type: cloudify.aws.relationships.instance_contained_in_subnet @@ -586,11 +508,60 @@ node_templates: target: all_nodes_external - type: cloudify.aws.relationships.instance_connected_to_security_group target: bind_host_security_group - - type: cloudify.aws.relationships.instance_connected_to_keypair - target: key - target: private_subnet type: cloudify.aws.relationships.instance_contained_in_subnet + + public_subnet: + type: cloudify.aws.nodes.Subnet + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: public_subnet_id } + cidr_block: N/A + availability_zone: N/A + relationships: + - type: cloudify.aws.relationships.subnet_contained_in_vpc + target: vpc + + private_subnet: + type: cloudify.aws.nodes.Subnet + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: private_subnet_id } + cidr_block: N/A + availability_zone: N/A + relationships: + - type: cloudify.aws.relationships.subnet_contained_in_vpc + target: vpc + + vpc: + type: cloudify.aws.nodes.VPC + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: vpc_id } + cidr_block: N/A + relationships: + - type: cloudify.relationships.depends_on + target: cloudify_host_cloud_config + + cloudify_host_cloud_config: + type: cloudify.nodes.CloudConfig + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + cloud_config: + users: + - name: { get_input: agent_user } + groups: sudo + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } + ######################################################## bono: diff --git a/azure-blueprints.yaml b/azure-blueprints.yaml index bbc61e5..8988f09 100644 --- a/azure-blueprints.yaml +++ b/azure-blueprints.yaml @@ -3,101 +3,44 @@ tosca_definitions_version: cloudify_dsl_1_3 ######################################################## imports: - - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/1.4.2/plugin.yaml + - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/1.4.3/plugin.yaml - application-blueprint.yaml - types/azure.yaml - types/policy.yaml +inputs: + inputs: resource_prefix: default: clr resource_suffix: - default: '1' - - location: - type: string - required: true - default: eastus + default: '0' retry_after: type: integer default: 60 - # Existing manager resources - mgr_resource_group_name: - type: string - required: true - - mgr_virtual_network_name: - type: string - required: true - - mgr_subnet_name: - type: string - required: true - - # Virtual Machine information - - vm_size: - type: string - required: true - default: Standard_A0 - - vm_os_family: - type: string - required: true - default: linux - - vm_image_publisher: - type: string - required: true - default: Canonical - - vm_image_offer: - type: string - required: true - default: UbuntuServer - - vm_image_sku: - type: string - required: true - default: 14.04.4-LTS + size: + default: { get_secret: small_image_size } - vm_image_version: - type: string - required: true - default: 14.04.201604060 + image: + default: + publisher: { get_secret: ubuntu_trusty_image_publisher } + offer: { get_secret: ubuntu_trusty_image_offer } + sku: { get_secret: ubuntu_trusty_image_sku } + version: { get_secret: ubuntu_trusty_image_version } agent_user: - description: > - Username to create as the VM's administrator user - type: string - required: true - default: cloudify - - vm_os_password: - description: > - Password to use for the VM's administrator user - type: string - required: true - default: Cl0ud1fy! - - agent_user_public_key_data: - default: ssh-rsa AAAAA3----your-key-here----aabbzz - - vm_os_pubkeys: + description: The user name of the agent on the instance created from the image. + default: ubuntu + + ssh_public_keys: description: the public key default: - path: {concat:[ '/home/', { get_input: agent_user }, '/.ssh/authorized_keys' ]} - keyData: { get_input: agent_user_public_key_data } - - vm_os_pubkey_auth_only: - default: true - - cloudify_manager_agent_key_path: - default: /home/cloudify/.ssh/id_rsa + keyData: { get_secret: agent_key_public } dsl_definitions: @@ -231,55 +174,11 @@ node_templates: - type: cloudify.azure.relationships.connected_to_nic target: bind_host_nic - resource_group: - type: cloudify.azure.nodes.ResourceGroup - properties: - name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config - - storage_account: - type: cloudify.azure.nodes.storage.StorageAccount - properties: - name: {concat:[{get_input: resource_prefix},asa,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } - resource_config: - accountType: Standard_LRS - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - virtual_network: - type: cloudify.azure.nodes.network.VirtualNetwork - properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_virtual_network_name } - azure_config: *azure_config - use_external_resource: true - location: { get_input: location } - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - subnet: - type: cloudify.azure.nodes.network.Subnet - properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_subnet_name } - azure_config: *azure_config - use_external_resource: true - location: { get_input: location } - relationships: - - type: cloudify.azure.relationships.contained_in_virtual_network - target: virtual_network - network_security_group: type: cloudify.azure.nodes.network.NetworkSecurityGroup properties: name: {concat:[{get_input: resource_prefix},nsg,{get_input: resource_suffix}]} - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -314,7 +213,7 @@ node_templates: type: cloudify.azure.nodes.compute.AvailabilitySet properties: name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -324,7 +223,7 @@ node_templates: ellis_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -338,7 +237,7 @@ node_templates: bono_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -352,7 +251,7 @@ node_templates: sprout_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -366,7 +265,7 @@ node_templates: homestead_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -380,7 +279,7 @@ node_templates: homer_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -394,7 +293,7 @@ node_templates: ralf_vm_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -408,7 +307,7 @@ node_templates: bind_host_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -422,7 +321,7 @@ node_templates: ellis_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -436,7 +335,7 @@ node_templates: bono_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -450,7 +349,7 @@ node_templates: sprout_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -462,7 +361,7 @@ node_templates: homestead_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -474,7 +373,7 @@ node_templates: homer_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -486,7 +385,7 @@ node_templates: ralf_vm_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -498,7 +397,7 @@ node_templates: bind_host_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -511,7 +410,7 @@ node_templates: type: cloudify.azure.nodes.network.PublicIPAddress properties: name: {concat:[{get_input: resource_prefix},ellis_pip,{get_input: resource_suffix}]} - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -524,7 +423,7 @@ node_templates: type: cloudify.azure.nodes.network.PublicIPAddress properties: name: {concat:[{get_input: resource_prefix},bono_pip,{get_input: resource_suffix}]} - location: { get_input: location } + location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -533,6 +432,49 @@ node_templates: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group + subnet: + type: cloudify.azure.nodes.network.Subnet + properties: + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_subnet_name } + azure_config: *azure_config + use_external_resource: true + location: { get_secret: location } + relationships: + - type: cloudify.azure.relationships.contained_in_virtual_network + target: virtual_network + + virtual_network: + type: cloudify.azure.nodes.network.VirtualNetwork + properties: + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_virtual_network_name } + azure_config: *azure_config + use_external_resource: true + location: { get_secret: location } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + storage_account: + type: cloudify.azure.nodes.storage.StorageAccount + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + accountType: Standard_LRS + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + resource_group: + type: cloudify.azure.nodes.ResourceGroup + properties: + name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} + location: { get_secret: location } + azure_config: *azure_config + ######################################################### bono: diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index 4bb08c2..209f5ae 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -3,55 +3,32 @@ tosca_definitions_version: cloudify_dsl_1_3 ######################################################## imports: - - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - - types/openstack.yaml - types/policy.yaml - application-blueprint.yaml + - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml + - types/openstack.yaml + - types/cloud_config/cloud-config.yaml ######################################################## inputs: image: - description: Image to be used when launching agent VM's + description: > + An Openstack Image ID. Tested with a Ubuntu 14.04 image. + default: { get_secret: ubuntu_trusty_image } flavor: - description: Flavor of the agent VM's + description: > + An Openstack Flavor ID. + default: { get_secret: small_image_flavor } agent_user: - description: > - User for connecting to agent VM's + description: The user name of the agent on the instance created from the image. default: ubuntu - key_name: - default: clearwater-blueprint-key - - private_key_path: - default: ~/.ssh/clearwater-blueprint-key.pem - - external_network_name: - default: external - - router_name: - description: The Router Name - - public_network_name: - description: The name of the Openstack public network. - - public_subnet_name: - description: The name of the public network subnet. - - private_network_name: - description: The name of the Openstack private network. - - private_subnet_name: - description: The name of the private network subnet. - - region: - default: '' - subnet_cidr: - default: 192.168.120.0/24 + default: 0.0.0.0/0 dsl_definitions: @@ -60,12 +37,196 @@ dsl_definitions: password: { get_secret: keystone_password } tenant_name: { get_secret: keystone_tenant_name } auth_url: { get_secret: keystone_url } - region: { get_input: region } + region: { get_secret: region } ######################################################## node_templates: + ellis_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + management_network_name: { get_property: [ public_network, resource_id ] } + relationships: + - target: ellis_vm_port + type: cloudify.openstack.server_connected_to_port + + bono_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + management_network_name: { get_property: [ public_network, resource_id ] } + relationships: + - target: bono_vm_port + type: cloudify.openstack.server_connected_to_port + + sprout_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + relationships: + - target: sprout_vm_port + type: cloudify.openstack.server_connected_to_port + + homestead_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + relationships: + - target: homestead_vm_port + type: cloudify.openstack.server_connected_to_port + + homer_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + relationships: + - target: homer_vm_port + type: cloudify.openstack.server_connected_to_port + + ralf_vm: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + relationships: + - target: ralf_vm_port + type: cloudify.openstack.server_connected_to_port + + bind_host: + type: clearwater.nodes.MonitoredServer + properties: + openstack_config: *openstack_config + relationships: + - target: bind_host_port + type: cloudify.openstack.server_connected_to_port + + bind_host_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: private_network + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: bind_host_security_group + + ralf_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: private_network + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: ralf_vm_security_group + - type: cloudify.openstack.port_connected_to_security_group + target: ralf_to_others_security_group + + homer_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: private_network + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: homer_vm_security_group + - type: cloudify.openstack.port_connected_to_security_group + target: homer_to_others_security_group + + sprout_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: private_network + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: sprout_vm_security_group + - type: cloudify.openstack.port_connected_to_security_group + target: sprout_to_others_security_group + + ellis_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: public_network + - type: cloudify.relationships.depends_on + target: public_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: ellis_vm_security_group + - type: cloudify.openstack.port_connected_to_floating_ip + target: ellis_ip + + bono_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: public_network + - type: cloudify.relationships.depends_on + target: public_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: bono_vm_security_group + - type: cloudify.openstack.port_connected_to_security_group + target: bono_to_others_security_group + - type: cloudify.openstack.port_connected_to_floating_ip + target: bono_ip + + homestead_vm_port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: private_network + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_internal + - type: cloudify.openstack.port_connected_to_security_group + target: all_nodes_external + - type: cloudify.openstack.port_connected_to_security_group + target: homestead_vm_security_group + - type: cloudify.openstack.port_connected_to_security_group + target: homestead_to_others_security_group + all_nodes_external: type: cloudify.openstack.nodes.SecurityGroup properties: @@ -312,239 +473,12 @@ node_templates: floatingip: floating_network_name: { get_property: [ external_network, resource_id ] } -########################################################################## - - policy_node: - type: policy_node_type - properties: - nodes_to_monitor: - - ellis_vm - - bono_vm - - sprout_vm - - homestead_vm - - homer_vm - - ralf_vm - - bind_host - relationships: - - type: cloudify.relationships.depends_on - target: ellis_vm - - type: cloudify.relationships.depends_on - target: bono_vm - - type: cloudify.relationships.depends_on - target: sprout_vm - - type: cloudify.relationships.depends_on - target: homestead_vm - - type: cloudify.relationships.depends_on - target: homer_vm - - type: cloudify.relationships.depends_on - target: ralf_vm - - type: cloudify.relationships.depends_on - target: bind_host - - ellis_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: public_network - - type: cloudify.relationships.depends_on - target: public_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: ellis_vm_security_group - - type: cloudify.openstack.port_connected_to_floating_ip - target: ellis_ip - - ellis_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - management_network_name: { get_property: [ public_network, resource_id ] } - relationships: - - target: key - type: cloudify.openstack.server_connected_to_keypair - - target: ellis_vm_port - type: cloudify.openstack.server_connected_to_port - - bono_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: public_network - - type: cloudify.relationships.depends_on - target: public_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: bono_vm_security_group - - type: cloudify.openstack.port_connected_to_security_group - target: bono_to_others_security_group - - type: cloudify.openstack.port_connected_to_floating_ip - target: bono_ip - - bono_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - management_network_name: { get_property: [ public_network, resource_id ] } - relationships: - - target: key - type: cloudify.openstack.server_connected_to_keypair - - target: bono_vm_port - type: cloudify.openstack.server_connected_to_port - - sprout_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: private_network - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: sprout_vm_security_group - - type: cloudify.openstack.port_connected_to_security_group - target: sprout_to_others_security_group - - sprout_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - relationships: - - target: key - type: cloudify.openstack.server_connected_to_keypair - - target: sprout_vm_port - type: cloudify.openstack.server_connected_to_port - - homestead_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: private_network - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: homestead_vm_security_group - - type: cloudify.openstack.port_connected_to_security_group - target: homestead_to_others_security_group - - homestead_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - relationships: - - target: key - type: cloudify.openstack.server_connected_to_keypair - - target: homestead_vm_port - type: cloudify.openstack.server_connected_to_port - - homer_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: private_network - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: homer_vm_security_group - - type: cloudify.openstack.port_connected_to_security_group - target: homer_to_others_security_group - - homer_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - relationships: - - target: homer_vm_port - type: cloudify.openstack.server_connected_to_port - - target: key - type: cloudify.openstack.server_connected_to_keypair - - ralf_vm_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: private_network - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: ralf_vm_security_group - - type: cloudify.openstack.port_connected_to_security_group - target: ralf_to_others_security_group - - ralf_vm: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - relationships: - - target: ralf_vm_port - type: cloudify.openstack.server_connected_to_port - - target: key - type: cloudify.openstack.server_connected_to_keypair - - bind_host_port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: private_network - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_internal - - type: cloudify.openstack.port_connected_to_security_group - target: all_nodes_external - - type: cloudify.openstack.port_connected_to_security_group - target: bind_host_security_group - - bind_host: - type: clearwater.nodes.MonitoredServer - properties: - openstack_config: *openstack_config - relationships: - - target: bind_host_port - type: cloudify.openstack.server_connected_to_port - - target: key - type: cloudify.openstack.server_connected_to_keypair - private_subnet: type: cloudify.openstack.nodes.Subnet properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: private_subnet_name } + resource_id: { get_secret: private_subnet_name } relationships: - target: private_network type: cloudify.relationships.contained_in @@ -554,14 +488,14 @@ node_templates: properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: private_network_name } + resource_id: { get_secret: private_network_name } public_subnet: type: cloudify.openstack.nodes.Subnet properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: public_subnet_name } + resource_id: { get_secret: public_subnet_name } relationships: - target: public_network type: cloudify.relationships.contained_in @@ -573,14 +507,14 @@ node_templates: properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: public_network_name } + resource_id: { get_secret: public_network_name } router: type: cloudify.openstack.nodes.Router properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: router_name } + resource_id: { get_secret: router_name } relationships: - target: external_network type: cloudify.relationships.connected_to @@ -590,14 +524,24 @@ node_templates: properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_input: external_network_name } + resource_id: { get_secret: external_network_name } + relationships: + - type: cloudify.relationships.depends_on + target: cloudify_host_cloud_config - key: - type: cloudify.openstack.nodes.KeyPair - properties: - openstack_config: *openstack_config - resource_id: { get_input: key_name } - private_key_path: { get_input: private_key_path } + cloudify_host_cloud_config: + type: cloudify.nodes.CloudConfig + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + cloud_config: + users: + - name: { get_input: agent_user } + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } ######################################################## @@ -691,6 +635,33 @@ node_templates: - type: cloudify.relationships.contained_in target: bind_host + policy_node: + type: policy_node_type + properties: + nodes_to_monitor: + - ellis_vm + - bono_vm + - sprout_vm + - homestead_vm + - homer_vm + - ralf_vm + - bind_host + relationships: + - type: cloudify.relationships.depends_on + target: ellis_vm + - type: cloudify.relationships.depends_on + target: bono_vm + - type: cloudify.relationships.depends_on + target: sprout_vm + - type: cloudify.relationships.depends_on + target: homestead_vm + - type: cloudify.relationships.depends_on + target: homer_vm + - type: cloudify.relationships.depends_on + target: ralf_vm + - type: cloudify.relationships.depends_on + target: bind_host + ######################################################## outputs: diff --git a/scripts/cloud_config/create.py b/scripts/cloud_config/create.py new file mode 100644 index 0000000..c9051f7 --- /dev/null +++ b/scripts/cloud_config/create.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python + +try: + import yaml +except ImportError: + import pip + pip.main(['install', 'pyyaml']) + import yaml + +import base64 +from cloudify import ctx +from cloudify.state import ctx_parameters as inputs + + +if __name__ == '__main__': + + cloud_config = inputs['cloud_config'] + ctx.logger.debug('cloud_config: {0}'.format(cloud_config)) + cloud_config_yaml = yaml.dump(cloud_config) + cloud_config_string = str(cloud_config_yaml).replace('!!python/unicode ', '') + cloud_config_string = '#cloud-config\n' + cloud_config_string + ctx.logger.debug('cloud_config_string: {0}'.format(cloud_config_string)) + + if ctx.node.properties['resource_config'].get('encode_base64'): + cloud_config_string = base64.encodestring(cloud_config_string) + ctx.logger.debug('cloud_config_string: {0}'.format(cloud_config_string)) + + ctx.instance.runtime_properties['cloud_config'] = cloud_config_string diff --git a/types/aws.yaml b/types/aws.yaml index baa3696..625a89b 100644 --- a/types/aws.yaml +++ b/types/aws.yaml @@ -2,19 +2,28 @@ node_types: clearwater.nodes.MonitoredServer: derived_from: cloudify.aws.nodes.Instance properties: - agent_config: - default: - install_method: remote - user: { get_input: agent_user } - key: { get_input: private_key_path } image_id: default: { get_input: ami } instance_type: default: { get_input: instance_type } - parameters: + agent_config: default: - placement: { get_input: availability_zone } + install_method: remote + user: { get_input: agent_user } + port: 22 + key: { get_secret: agent_key_private } interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: aws.cloudify_aws.ec2.instance.create + inputs: + args: + default: + block_device_map: + '/dev/sda1': + delete_on_termination: true + placement: { get_secret: availability_zone } + user_data: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } cloudify.interfaces.monitoring_agent: install: implementation: diamond.diamond_agent.tasks.install diff --git a/types/azure.yaml b/types/azure.yaml index 7f01468..debadb0 100644 --- a/types/azure.yaml +++ b/types/azure.yaml @@ -3,34 +3,40 @@ node_types: derived_from: cloudify.azure.nodes.compute.VirtualMachine properties: location: - default: { get_input: location } + default: { get_secret: location } retry_after: default: { get_input: retry_after } os_family: - default: { get_input: vm_os_family } + default: linux resource_config: default: - hardwareProfile: - vmSize: { get_input: vm_size } - storageProfile: - imageReference: - publisher: { get_input: vm_image_publisher } - offer: { get_input: vm_image_offer } - sku: { get_input: vm_image_sku } - version: { get_input: vm_image_version } - osProfile: - adminUsername: { get_input: agent_user } - adminPassword: { get_input: vm_os_password } - linuxConfiguration: - ssh: - publicKeys: { get_input: vm_os_pubkeys } - disablePasswordAuthentication: { get_input: vm_os_pubkey_auth_only } + hardwareProfile: {} + storageProfile: {} + osProfile: {} agent_config: default: user: { get_input: agent_user } - key: { get_input: cloudify_manager_agent_key_path } install_method: remote + port: 22 + key: { get_secret: agent_key_private } interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: pkg.cloudify_azure.resources.compute.virtualmachine.create + inputs: + args: + default: + hardwareProfile: + vmSize: { get_input: size } + storageProfile: + imageReference: { get_input: image} + osProfile: + adminUsername: { get_input: agent_user } + adminPassword: '' + linuxConfiguration: + ssh: + publicKeys: { get_input: ssh_public_keys } + disablePasswordAuthentication: true cloudify.interfaces.monitoring_agent: install: implementation: diamond.diamond_agent.tasks.install diff --git a/types/cloud_config/cloud-config.yaml b/types/cloud_config/cloud-config.yaml new file mode 100644 index 0000000..2fe4b20 --- /dev/null +++ b/types/cloud_config/cloud-config.yaml @@ -0,0 +1,13 @@ +node_types: + + cloudify.nodes.CloudConfig: + derived_from: cloudify.nodes.Root + properties: + resource_config: + default: + encode_base64: false + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: scripts/cloud_config/create.py + executor: central_deployment_agent diff --git a/types/openstack.yaml b/types/openstack.yaml index 622bcae..6765a9d 100644 --- a/types/openstack.yaml +++ b/types/openstack.yaml @@ -4,16 +4,17 @@ node_types: properties: agent_config: default: - install_method: remote user: { get_input: agent_user } - key: { get_property: [ key, private_key_path ] } + install_method: remote + port: 22 + key: { get_secret: agent_key_private } server: default: + key_name: '' image: { get_input: image } flavor: { get_input: flavor } management_network_name: - default: - { get_property: [ private_network, resource_id ] } + default: { get_property: [ private_network, resource_id ] } interfaces: cloudify.interfaces.monitoring_agent: install: @@ -25,4 +26,12 @@ node_types: start: diamond.diamond_agent.tasks.start stop: diamond.diamond_agent.tasks.stop uninstall: diamond.diamond_agent.tasks.uninstall - + cloudify.interfaces.lifecycle: + create: + implementation: openstack.nova_plugin.server.create + inputs: + args: + default: + image: { get_input: image } + flavor: { get_input: flavor } + userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } From b9666b0e376e18ba2d16f0e749271fba93e6e405 Mon Sep 17 00:00:00 2001 From: earthmant Date: Tue, 6 Jun 2017 10:56:24 +0300 Subject: [PATCH 3/4] vcloud correction --- vcloud-blueprint.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/vcloud-blueprint.yaml b/vcloud-blueprint.yaml index 4cc6b65..32d6fa5 100644 --- a/vcloud-blueprint.yaml +++ b/vcloud-blueprint.yaml @@ -1,10 +1,8 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - http://www.getcloudify.org/spec/cloudify/4.0/types.yaml - https://raw.githubusercontent.com/cloudify-cosmo/tosca-vcloud-plugin/1.4/plugin.yaml - types/vcloud.yaml -# - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - types/policy.yaml - application-blueprint.yaml From bbfe05b222b8a90cd7e0ff6776a3a73a9af6f0fa Mon Sep 17 00:00:00 2001 From: earthmant Date: Tue, 6 Jun 2017 11:01:49 +0300 Subject: [PATCH 4/4] rename azure blueprint --- azure-blueprints.yaml => azure-blueprint.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename azure-blueprints.yaml => azure-blueprint.yaml (100%) diff --git a/azure-blueprints.yaml b/azure-blueprint.yaml similarity index 100% rename from azure-blueprints.yaml rename to azure-blueprint.yaml