From 14ba812213396388ad8c403da5be8aacfab7913f Mon Sep 17 00:00:00 2001 From: Isaac Shabtay Date: Thu, 11 May 2017 14:01:20 -0700 Subject: [PATCH 1/8] Removed reliance on provider context, updated documentation --- README.md | 13 ++- blueprint.yaml | 90 ----------------- include/inputs.yaml | 5 + include/openstack-inputs.yaml | 21 ++++ include/scaling.yaml | 16 +++ no-monitoring-singlehost-blueprint.yaml | 22 +++-- openstack-blueprint.yaml | 125 ++++++++++++++---------- openstack-windows-blueprint.yaml | 76 +++++++++----- openstack-windows-winrm-blueprint.yaml | 93 ++++++++++++++---- singlehost-blueprint.yaml | 27 +++-- 10 files changed, 272 insertions(+), 216 deletions(-) delete mode 100644 blueprint.yaml create mode 100644 include/inputs.yaml create mode 100644 include/openstack-inputs.yaml create mode 100644 include/scaling.yaml diff --git a/README.md b/README.md index 9d638892..765facc6 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,17 @@ [![Circle CI](https://circleci.com/gh/cloudify-cosmo/cloudify-hello-world-example/tree/master.svg?&style=shield)](https://circleci.com/gh/cloudify-cosmo/cloudify-hello-world-example/tree/master) -This repository contains a Hello World example blueprint based on OpenStack. +This repository contains Hello World example blueprints, for OpenStack, AWS and existing hosts. -This example creates a VM on OpenStack and starts an HTTP server using a bash script. +All blueprints start an HTTP server on a VM: + +* [ec2-blueprint.yaml](ec2-blueprint.yaml) creates a Linux VM on AWS +* [ec2-windows-blueprint.yaml](ec2-windows-blueprint.yaml) creates a Windows VM on AWS +* [openstack-blueprint.yaml](openstack-blueprint.yaml) creates a Linux VM on OpenStack +* [openstack-windows-blueprint.yaml](openstack-windows-blueprint.yaml) creates a Windows VM on OpenStack +* [openstack-windows-winrm-blueprint.yaml](openstack-windows-winrm-blueprint.yaml) creates a Windows VM on OpenStack +* [singlehost-blueprint.yaml](singlehost-blueprint.yaml) creates no infrastructure (installs the app on an existing VM) +* [no-monitoring-singlehost-blueprint.yaml](no-monitoring-singlehost-blueprint.yaml) similar to `singlehost-blueprint.yaml`, + however does not include monitoring configuration If you're only now starting to work with Cloudify see our [Getting Started Guide](http://docs.getcloudify.org/latest/intro/getting-started/). diff --git a/blueprint.yaml b/blueprint.yaml deleted file mode 100644 index 99dd5dbe..00000000 --- a/blueprint.yaml +++ /dev/null @@ -1,90 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - The blueprint describes an OpenStack vm created using Cloudify's OpenStack plugin - and simple web server started using Cloudify's script plugin. - In addition, an OpenStack floating ip and security group are created and associated with the created vm. - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - -inputs: - webserver_port: - description: The HTTP web server port - default: 8080 - agent_user: - description: User name used when SSH-ing into the started machine - image: - description: Openstack image name or id to use for the new server - flavor: - description: Openstack flavor name or id to use for the new server - -node_templates: - virtual_ip: - type: cloudify.openstack.nodes.FloatingIP - security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - rules: - - remote_ip_prefix: 0.0.0.0/0 - port: { get_property: [ http_web_server, port ] } - vm: - type: cloudify.openstack.nodes.Server - properties: - agent_config: - user: { get_input: agent_user } - image: { get_input: image } - flavor: { get_input: flavor } - relationships: - - type: cloudify.openstack.server_connected_to_floating_ip - target: virtual_ip - - type: cloudify.openstack.server_connected_to_security_group - target: security_group - interfaces: - ########################################################### - # We are infact telling cloudify to install a diamond - # monitoring agent on the server. - # - # (see https://github.com/BrightcoveOS/Diamond) - ########################################################### - cloudify.interfaces.monitoring_agent: - install: - implementation: diamond.diamond_agent.tasks.install - inputs: - diamond_config: - interval: 1 - start: diamond.diamond_agent.tasks.start - stop: diamond.diamond_agent.tasks.stop - uninstall: diamond.diamond_agent.tasks.uninstall - cloudify.interfaces.monitoring: - start: - implementation: diamond.diamond_agent.tasks.add_collectors - inputs: - collectors_config: - CPUCollector: {} - MemoryCollector: {} - LoadAverageCollector: {} - DiskUsageCollector: - config: - devices: x?vd[a-z]+[0-9]*$ - NetworkCollector: {} - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: scripts/configure.sh - start: scripts/start.sh - stop: scripts/stop.sh - -outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [virtual_ip, floating_ip_address] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/include/inputs.yaml b/include/inputs.yaml new file mode 100644 index 00000000..1e0b2a61 --- /dev/null +++ b/include/inputs.yaml @@ -0,0 +1,5 @@ +inputs: + webserver_port: + description: > + The HTTP web server port. + default: 8080 diff --git a/include/openstack-inputs.yaml b/include/openstack-inputs.yaml new file mode 100644 index 00000000..362f259b --- /dev/null +++ b/include/openstack-inputs.yaml @@ -0,0 +1,21 @@ +inputs: + keystone_username: + type: string + keystone_password: + type: string + keystone_tenant_name: + type: string + keystone_url: + type: string + region: + type: string + floating_network_name: + description: The name of the network to use for allocating a floating ip + image: + description: Openstack image name or id to use for the new server + flavor: + description: Openstack flavor name or id to use for the new server + network_name: + description: Openstack network name the new server will be connected to + agents_security_group_name: + description: Name of security group to be created, to enabled access to agent hosts. diff --git a/include/scaling.yaml b/include/scaling.yaml new file mode 100644 index 00000000..dc7a5515 --- /dev/null +++ b/include/scaling.yaml @@ -0,0 +1,16 @@ +inputs: + default_scale_count: + type: integer + description: Number of scale units to deploy by default + default: 1 + +groups: + vm_and_ip: + members: [vm, public_ip] + +policies: + scale_policy: + type: cloudify.policies.scaling + properties: + default_instances: { get_input: default_scale_count } + targets: [vm_and_ip] diff --git a/no-monitoring-singlehost-blueprint.yaml b/no-monitoring-singlehost-blueprint.yaml index 8057357f..4faf99ff 100644 --- a/no-monitoring-singlehost-blueprint.yaml +++ b/no-monitoring-singlehost-blueprint.yaml @@ -1,27 +1,31 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - This blueprint installs a simple web server on the manager VM using Cloudify's script plugin. + This blueprint installs a simple web server on a pre-existing machine. It is similar to the blueprint + "singlehost-blueprint.yaml", except that this one omits the monitoring-related configuration. + IMPORTANT: The VM being used must be associated with a security group (or multiple security groups) + that, cumulatively, allows TCP access via the port specified by the "webserver_port" input (defaults to 8080), + as well as TCP access for the Cloudify Agent installation process. imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - include/inputs.yaml inputs: server_ip: description: > - The ip of the server the application will be deployed on. + The ip of the machine that the application will be installed on. agent_user: description: > - User name used when SSH-ing into the started machine. + User account used when SSH-ing into the existing machine for the purpose + of Cloudify Agent installation. agent_private_key_path: description: > - Path to a private key that resides on the management machine. - SSH-ing into agent machines will be done with this key. - webserver_port: - description: > - The HTTP web server port. - default: 8080 + Path to a private key to use when SSH-ing into the existing machine for + agent installation. This path must be available on the machine that is executing the + installation workflow (that is, the Cloudify Manager machine in a managed environment, + or the local machine in a local invocation). node_templates: vm: diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index f97eedc2..214675f3 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -1,62 +1,80 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - The blueprint describes an OpenStack vm created using Cloudify's OpenStack plugin - and simple web server started using Cloudify's script plugin. - In addition, an OpenStack floating ip and security group are created and associated with the created vm. + The blueprint installs a simple web server on a Linux virtual machine under OpenStack. + Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. + This blueprint assumes that a security group for Cloudify Agents already exists; its name should + be provided for the "agents_security_group" input. imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - include/openstack-inputs.yaml + - include/inputs.yaml + - include/scaling.yaml inputs: - webserver_port: - description: The HTTP web server port - default: 8080 agent_user: - description: User name used when SSH-ing into the started machine - image: - description: Openstack image name or id to use for the new server - flavor: - description: Openstack flavor name or id to use for the new server - network_name: - description: Openstack network name the new server will be connected to - floating_network_id: - description: The id of the network to use for allocating a floating ip - key_pair_name: + description: > + User account used when SSH-ing into the existing machine for the purpose + of Cloudify Agent installation. + agent_key_pair_name: + default: 'hello-world' description: Openstack key pair name of the key to associate with the new server - private_key_path: + agent_private_key_path: + default: '~/hw.pem' description: | Path to the private key which will be used for connecting to the server on the manager or machine running CLI if running in local mode. +dsl_definitions: + openstack_configuration: &openstack_configuration + username: { get_input: keystone_username } + password: { get_input: keystone_password } + tenant_name: { get_input: keystone_tenant_name } + auth_url: { get_input: keystone_url } + region: { get_input: region } + node_templates: - virtual_ip: + public_ip: type: cloudify.openstack.nodes.FloatingIP properties: + openstack_config: *openstack_configuration floatingip: - floating_network_id: { get_input: floating_network_id } + floating_network_name: { get_input: floating_network_name } - security_group: + agents_security_group: type: cloudify.openstack.nodes.SecurityGroup properties: + openstack_config: *openstack_configuration + resource_id: { get_input: agents_security_group_name } rules: - - port: { get_property: [ http_web_server, port ] } - remote_ip_prefix: 0.0.0.0/0 - port: 22 remote_ip_prefix: 0.0.0.0/0 + - port_range_min: 5985 + port_range_max: 5986 + remote_ip_prefix: 0.0.0.0/0 + + app_security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + openstack_config: *openstack_configuration + rules: + - port: { get_property: [ http_web_server, port ] } + remote_ip_prefix: 0.0.0.0/0 keypair: type: cloudify.openstack.nodes.KeyPair properties: - use_external_resource: true - resource_id: { get_input: key_pair_name } - private_key_path: { get_input: private_key_path } + openstack_config: *openstack_configuration + resource_id: { get_input: agent_key_pair_name } + private_key_path: { get_input: agent_private_key_path } vm: type: cloudify.openstack.nodes.Server properties: + openstack_config: *openstack_configuration agent_config: user: { get_input: agent_user } key: { get_property: [ keypair, private_key_path ] } @@ -67,42 +85,41 @@ node_templates: - type: cloudify.openstack.server_connected_to_keypair target: keypair - type: cloudify.openstack.server_connected_to_floating_ip - target: virtual_ip + target: public_ip - type: cloudify.openstack.server_connected_to_security_group - target: security_group + target: agents_security_group + - type: cloudify.openstack.server_connected_to_security_group + target: app_security_group interfaces: cloudify.interfaces.lifecycle: create: inputs: args: - security_groups: [{ get_attribute: [ security_group, external_name ]}] - ########################################################### - # We are infact telling cloudify to install a diamond - # monitoring agent on the server. - # - # (see https://github.com/BrightcoveOS/Diamond) - ########################################################### + # Needed until JIRA issue OPENSTACK-38 is resolved. + security_groups: + - { get_attribute: [ agents_security_group, external_name ]} + - { get_attribute: [ app_security_group, external_name ]} cloudify.interfaces.monitoring_agent: - install: - implementation: diamond.diamond_agent.tasks.install - inputs: - diamond_config: - interval: 1 - start: diamond.diamond_agent.tasks.start - stop: diamond.diamond_agent.tasks.stop - uninstall: diamond.diamond_agent.tasks.uninstall + install: + implementation: diamond.diamond_agent.tasks.install + inputs: + diamond_config: + interval: 1 + start: diamond.diamond_agent.tasks.start + stop: diamond.diamond_agent.tasks.stop + uninstall: diamond.diamond_agent.tasks.uninstall cloudify.interfaces.monitoring: - start: - implementation: diamond.diamond_agent.tasks.add_collectors - inputs: - collectors_config: - CPUCollector: {} - MemoryCollector: {} - LoadAverageCollector: {} - DiskUsageCollector: - config: - devices: x?vd[a-z]+[0-9]*$ - NetworkCollector: {} + start: + implementation: diamond.diamond_agent.tasks.add_collectors + inputs: + collectors_config: + CPUCollector: {} + MemoryCollector: {} + LoadAverageCollector: {} + DiskUsageCollector: + config: + devices: x?vd[a-z]+[0-9]*$ + NetworkCollector: {} http_web_server: type: cloudify.nodes.WebServer @@ -120,5 +137,5 @@ node_templates: outputs: http_endpoint: description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [virtual_ip, floating_ip_address] }, + value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, ':', { get_property: [http_web_server, port] }] } diff --git a/openstack-windows-blueprint.yaml b/openstack-windows-blueprint.yaml index efce3ea2..5628b9d5 100644 --- a/openstack-windows-blueprint.yaml +++ b/openstack-windows-blueprint.yaml @@ -1,59 +1,78 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - The blueprint describes an OpenStack Windows vm created using Cloudify's OpenStack plugin - and simple web server started using Cloudify's script plugin. - In addition, an OpenStack floating ip and security group are created and associated with the created vm. + The blueprint installs a simple web server on a Linux virtual machine under OpenStack. + Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. + This blueprint assumes that a security group for Cloudify Agents already exists; its name should + be provided for the "agents_security_group" input. + The Windows VM's agent installation process uses the "init_script" agent installation method, which uses a built-in + script to install the agent. This script is sufficient in most cases. The advantage here is that WinRM is not being + used at all, which means that the WinRM port is not required to be open on the agent VM. imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml + - include/openstack-inputs.yaml + - include/inputs.yaml + - include/scaling.yaml inputs: - webserver_port: - description: The HTTP web server port - default: 8080 - image: - description: Openstack image name or id to use for the new server - flavor: - description: Openstack flavor name or id to use for the new server - network_name: - description: Openstack network name the new server will be connected to - floating_network_id: - description: The id of the network to use for allocating a floating ip key_pair_name: + default: 'hello-world' description: Openstack key pair name of the key to associate with the new server private_key_path: + default: '~/hw.pem' description: | - Path to the private key which will be used for decrypting the VMs password - generated by OpenStack. + Path to the private key which will be used for connecting to the server + on the manager or machine running CLI if running in local mode. + +dsl_definitions: + openstack_configuration: &openstack_configuration + username: { get_input: keystone_username } + password: { get_input: keystone_password } + tenant_name: { get_input: keystone_tenant_name } + auth_url: { get_input: keystone_url } + region: { get_input: region } node_templates: - virtual_ip: + public_ip: type: cloudify.openstack.nodes.FloatingIP properties: + openstack_config: *openstack_configuration floatingip: - floating_network_id: { get_input: floating_network_id } + floating_network_name: { get_input: floating_network_name } - security_group: + agents_security_group: type: cloudify.openstack.nodes.SecurityGroup properties: + openstack_config: *openstack_configuration + resource_id: { get_input: agents_security_group_name } + rules: + - port: 22 + remote_ip_prefix: 0.0.0.0/0 + - port_range_min: 5985 + port_range_max: 5986 + remote_ip_prefix: 0.0.0.0/0 + + app_security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + openstack_config: *openstack_configuration rules: - remote_ip_prefix: 0.0.0.0/0 port: { get_property: [ http_web_server, port ] } - - remote_ip_prefix: 0.0.0.0/0 - port: 5985 keypair: type: cloudify.openstack.nodes.KeyPair properties: - use_external_resource: true + openstack_config: *openstack_configuration resource_id: { get_input: key_pair_name } private_key_path: { get_input: private_key_path } vm: type: cloudify.openstack.nodes.WindowsServer properties: + openstack_config: *openstack_configuration agent_config: install_method: init_script image: { get_input: image } @@ -63,15 +82,20 @@ node_templates: - type: cloudify.openstack.server_connected_to_keypair target: keypair - type: cloudify.openstack.server_connected_to_floating_ip - target: virtual_ip + target: public_ip + - type: cloudify.openstack.server_connected_to_security_group + target: app_security_group - type: cloudify.openstack.server_connected_to_security_group - target: security_group + target: agents_security_group interfaces: cloudify.interfaces.lifecycle: create: inputs: args: - security_groups: [{ get_attribute: [ security_group, external_name ]}] + # Needed until JIRA issue OPENSTACK-38 is resolved. + security_groups: + - { get_attribute: [ agents_security_group, external_name ]} + - { get_attribute: [ app_security_group, external_name ]} http_web_server: type: cloudify.nodes.WebServer @@ -101,5 +125,5 @@ node_templates: outputs: http_endpoint: description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [virtual_ip, floating_ip_address] }, + value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, ':', { get_property: [http_web_server, port] }] } diff --git a/openstack-windows-winrm-blueprint.yaml b/openstack-windows-winrm-blueprint.yaml index 702f8b1e..3c62dfa5 100644 --- a/openstack-windows-winrm-blueprint.yaml +++ b/openstack-windows-winrm-blueprint.yaml @@ -1,45 +1,86 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - The blueprint describes an OpenStack Windows vm created using Cloudify's OpenStack plugin - and simple web server started using winrm. - In addition, an OpenStack floating ip and security group are created and associated with the created vm. + The blueprint installs a simple web server on a Linux virtual machine under OpenStack. + Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. + This blueprint assumes that a security group for Cloudify Agents already exists; its name should + be provided for the "agents_security_group" input. + The Windows VM's agent installation process is done using WinRM. The userdata passed to the new VM + ensures that WinRM is configured in a way that is compatible with Cloudify's agent installation process. + This approach should only be used in special cases; it is recommended to use the "init_script" approach which + is demonstrated in "openstack-windows-blueprint.yaml". imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml + - include/openstack-inputs.yaml + - include/inputs.yaml + - include/scaling.yaml inputs: - webserver_port: - description: The HTTP web server port - default: 8080 agent_user: description: User name used when SSH-ing into the started machine - image: - description: Openstack image name or id to use for the new server - flavor: - description: Openstack flavor name or id to use for the new server + agent_key_pair_name: + default: 'hello-world' + description: Openstack key pair name of the key to associate with the new server + agent_private_key_path: + default: '~/hw.pem' + description: | + Path to the private key which will be used for connecting to the server + on the manager or machine running CLI if running in local mode. + +dsl_definitions: + openstack_configuration: &openstack_configuration + username: { get_input: keystone_username } + password: { get_input: keystone_password } + tenant_name: { get_input: keystone_tenant_name } + auth_url: { get_input: keystone_url } + region: { get_input: region } node_templates: - virtual_ip: + public_ip: type: cloudify.openstack.nodes.FloatingIP - security_group: + properties: + openstack_config: *openstack_configuration + floatingip: + floating_network_name: { get_input: floating_network_name } + + agents_security_group: type: cloudify.openstack.nodes.SecurityGroup properties: + openstack_config: *openstack_configuration + resource_id: { get_input: agents_security_group_name } + rules: + - port: 22 + remote_ip_prefix: 0.0.0.0/0 + - port_range_min: 5985 + port_range_max: 5986 + remote_ip_prefix: 0.0.0.0/0 + + app_security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + openstack_config: *openstack_configuration rules: - remote_ip_prefix: 0.0.0.0/0 port: { get_property: [ http_web_server, port ] } - - remote_ip_prefix: 0.0.0.0/0 - port: 5985 - - remote_ip_prefix: 0.0.0.0/0 - port: 5986 + + keypair: + type: cloudify.openstack.nodes.KeyPair + properties: + openstack_config: *openstack_configuration + resource_id: { get_input: agent_key_pair_name } + private_key_path: { get_input: agent_private_key_path } + vm: type: cloudify.openstack.nodes.WindowsServer properties: + openstack_config: *openstack_configuration agent_config: user: { get_input: agent_user } image: { get_input: image } flavor: { get_input: flavor } + management_network_name: { get_input: network_name } server: userdata: | #ps1_sysnative @@ -51,10 +92,23 @@ node_templates: &netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow &netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow relationships: + - type: cloudify.openstack.server_connected_to_keypair + target: keypair - type: cloudify.openstack.server_connected_to_floating_ip - target: virtual_ip + target: public_ip + - type: cloudify.openstack.server_connected_to_security_group + target: app_security_group - type: cloudify.openstack.server_connected_to_security_group - target: security_group + target: agents_security_group + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + args: + # Needed until JIRA issue OPENSTACK-38 is resolved. + security_groups: + - { get_attribute: [ agents_security_group, external_name ]} + - { get_attribute: [ app_security_group, external_name ]} http_web_server: type: cloudify.nodes.WebServer @@ -84,6 +138,5 @@ node_templates: outputs: http_endpoint: description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [virtual_ip, floating_ip_address] }, + value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, ':', { get_property: [http_web_server, port] }] } - diff --git a/singlehost-blueprint.yaml b/singlehost-blueprint.yaml index c83a8374..1b663d10 100644 --- a/singlehost-blueprint.yaml +++ b/singlehost-blueprint.yaml @@ -1,27 +1,30 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - This blueprint installs a simple web server on the manager VM using Cloudify's script plugin. + This blueprint installs a simple web server on a pre-existing machine. + IMPORTANT: The VM being used must be associated with a security group (or multiple security groups) + that, cumulatively, allows TCP access via the port specified by the "webserver_port" input (defaults to 8080), + as well as TCP access for the Cloudify Agent installation process. imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - include/inputs.yaml inputs: server_ip: description: > - The ip of the server the application will be deployed on. + The ip of the machine that the application will be installed on. agent_user: description: > - User name used when SSH-ing into the started machine. + User account used when SSH-ing into the existing machine for the purpose + of Cloudify Agent installation. agent_private_key_path: description: > - Path to a private key that resides on the management machine. - SSH-ing into agent machines will be done with this key. - webserver_port: - description: > - The HTTP web server port. - default: 8080 + Path to a private key to use when SSH-ing into the existing machine for + agent installation. This path must be available on the machine that is executing the + installation workflow (that is, the Cloudify Manager machine in a managed environment, + or the local machine in a local invocation). node_templates: vm: @@ -32,12 +35,6 @@ node_templates: user: { get_input: agent_user } key: { get_input: agent_private_key_path } interfaces: - ########################################################### - # We are infact telling cloudify to install a diamond - # monitoring agent on the server. - # - # (see https://github.com/BrightcoveOS/Diamond) - ########################################################### cloudify.interfaces.monitoring_agent: install: implementation: diamond.diamond_agent.tasks.install From 5c033ec165197193ed43b17eeb7218101753e9a4 Mon Sep 17 00:00:00 2001 From: earthmant Date: Thu, 25 May 2017 23:57:06 +0300 Subject: [PATCH 2/8] removing stuff, adding aws --- aws-blueprint.yaml | 188 +++++++++++ azure-blueprint.yaml | 429 ++++++++++++++++++++++++ circle.yml | 20 +- ec2-blueprint.yaml | 96 ------ ec2-windows-blueprint.yaml | 93 ----- no-monitoring-singlehost-blueprint.yaml | 55 --- openstack-windows-blueprint.yaml | 129 ------- openstack-windows-winrm-blueprint.yaml | 142 -------- scripts/cloud_config/create.py | 28 ++ singlehost-blueprint.yaml | 76 ----- types/cloud_config/cloud-config.yaml | 13 + 11 files changed, 666 insertions(+), 603 deletions(-) create mode 100644 aws-blueprint.yaml create mode 100644 azure-blueprint.yaml delete mode 100644 ec2-blueprint.yaml delete mode 100644 ec2-windows-blueprint.yaml delete mode 100644 no-monitoring-singlehost-blueprint.yaml delete mode 100644 openstack-windows-blueprint.yaml delete mode 100644 openstack-windows-winrm-blueprint.yaml create mode 100644 scripts/cloud_config/create.py delete mode 100644 singlehost-blueprint.yaml create mode 100644 types/cloud_config/cloud-config.yaml diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml new file mode 100644 index 00000000..a03e78c1 --- /dev/null +++ b/aws-blueprint.yaml @@ -0,0 +1,188 @@ +tosca_definitions_version: cloudify_dsl_1_3 + +imports: + - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml + - http://www.getcloudify.org/spec/aws-plugin/1.4.9/plugin.yaml + - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - types/cloud_config/cloud-config.yaml + +inputs: + + webserver_port: + description: The HTTP web server port + default: 8080 + + agent_user: + description: > + The username of the agent running on the instance created from the image. + default: ubuntu + + ami: + description: > + An AWS AMI. Tested with a Ubuntu 14.04 image. + default: { get_secret: ubuntu_trusty_image } + + instance_type: + description: > + The AWS instance_type. Tested with m3.medium, although that is unnecessarily large. + default: t2.micro + +dsl_definitions: + + aws_config: &aws_config + aws_access_key_id: { get_secret: aws_access_key_id } + aws_secret_access_key: { get_secret: aws_secret_access_key } + ec2_region_name: { get_secret: ec2_region_name } + ec2_region_endpoint: { get_secret: ec2_region_endpoint } + +node_templates: + + http_web_server: + type: cloudify.nodes.WebServer + properties: + port: { get_input: webserver_port } + relationships: + - type: cloudify.relationships.contained_in + target: vm + interfaces: + cloudify.interfaces.lifecycle: + configure: scripts/configure.sh + start: scripts/start.sh + stop: scripts/stop.sh + + vm: + type: cloudify.aws.nodes.Instance + properties: + aws_config: *aws_config + image_id: { get_input: ami } + instance_type: { get_input: instance_type } + agent_config: + install_method: remote + user: { get_input: agent_user } + port: 22 + key: { get_secret: agent_key_private } + relationships: + - type: cloudify.aws.relationships.instance_connected_to_elastic_ip + target: elastic_ip + - type: cloudify.aws.relationships.instance_connected_to_security_group + target: security_group + - type: cloudify.aws.relationships.instance_contained_in_subnet + target: public_subnet + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: aws.cloudify_aws.ec2.instance.create + inputs: + args: + block_device_map: + '/dev/sda1': + delete_on_termination: true + placement: { get_secret: availability_zone } + user_data: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } + cloudify.interfaces.monitoring_agent: + install: + implementation: diamond.diamond_agent.tasks.install + inputs: + diamond_config: + interval: 1 + start: diamond.diamond_agent.tasks.start + stop: diamond.diamond_agent.tasks.stop + uninstall: diamond.diamond_agent.tasks.uninstall + cloudify.interfaces.monitoring: + start: + implementation: diamond.diamond_agent.tasks.add_collectors + inputs: + collectors_config: + CPUCollector: {} + MemoryCollector: {} + LoadAverageCollector: {} + DiskUsageCollector: + config: + devices: x?vd[a-z]+[0-9]*$ + NetworkCollector: {} + + public_subnet: + type: cloudify.aws.nodes.Subnet + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: public_subnet_id } + cidr_block: N/A + availability_zone: N/A + relationships: + - type: cloudify.aws.relationships.subnet_contained_in_vpc + target: vpc + + private_subnet: + type: cloudify.aws.nodes.Subnet + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: private_subnet_id } + cidr_block: N/A + availability_zone: N/A + relationships: + - type: cloudify.aws.relationships.subnet_contained_in_vpc + target: vpc + + security_group: + type: cloudify.aws.nodes.SecurityGroup + properties: + aws_config: *aws_config + description: Security group for Hello World VM + rules: + - ip_protocol: tcp + cidr_ip: 0.0.0.0/0 + from_port: 22 + to_port: 22 + - ip_protocol: tcp + cidr_ip: 0.0.0.0/0 + from_port: { get_property: [ http_web_server, port ] } + to_port: { get_property: [ http_web_server, port ] } + relationships: + - type: cloudify.aws.relationships.security_group_contained_in_vpc + target: vpc + + vpc: + type: cloudify.aws.nodes.VPC + properties: + aws_config: *aws_config + use_external_resource: true + resource_id: { get_secret: vpc_id } + cidr_block: N/A + relationships: + - type: cloudify.relationships.depends_on + target: cloudify_host_cloud_config + + cloudify_host_cloud_config: + type: cloudify.nodes.CloudConfig + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + cloud_config: + users: + - name: { get_input: agent_user } + groups: sudo + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } + + elastic_ip: + type: cloudify.aws.nodes.ElasticIP + properties: + aws_config: *aws_config + domain: vpc + +outputs: + + endpoint: + description: Web application endpoint + value: + concat: + - 'http://' + - { get_attribute: [elastic_ip, aws_resource_id] } + - ':' + - { get_property: [http_web_server, port] } + - '/' diff --git a/azure-blueprint.yaml b/azure-blueprint.yaml new file mode 100644 index 00000000..574ff0b4 --- /dev/null +++ b/azure-blueprint.yaml @@ -0,0 +1,429 @@ +tosca_definitions_version: cloudify_dsl_1_3 + +description: > + This Blueprint installs the nodecellar application on an Azure Cloud environment. + +imports: + - http://www.getcloudify.org/spec/cloudify/4.0/types.yaml + - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/1.4.3/plugin.yaml + - http://www.getcloudify.org/spec/diamond-plugin/1.3.3/plugin.yaml + - types/nodecellar.yaml + - types/azure-types.yaml + - types/haproxy/haproxy.yaml + - types/scale/scale.yaml + +inputs: + + resource_prefix: + default: nc + + resource_suffix: + default: '0' + + retry_after: + type: integer + default: 60 + + size: + default: { get_secret: small_image_size } + + image: + default: + publisher: { get_secret: ubuntu_trusty_image_publisher } + offer: { get_secret: ubuntu_trusty_image_offer } + sku: { get_secret: ubuntu_trusty_image_sku } + version: { get_secret: ubuntu_trusty_image_version } + + agent_user: + description: The user name of the agent on the instance created from the image. + default: ubuntu + + ssh_public_keys: + description: the public key + default: + - path: {concat:[ '/home/', { get_input: agent_user }, '/.ssh/authorized_keys' ]} + keyData: { get_secret: agent_key_public } + + webserver_port: + description: The external web server port + default: 8080 + +dsl_definitions: + azure_config: &azure_config + subscription_id: { get_secret: subscription_id } + tenant_id: { get_secret: tenant_id } + client_id: { get_secret: client_id } + client_secret: { get_secret: client_secret } + +node_templates: + + nodecellar: + type: nodecellar.nodes.NodecellarApplicationModule + relationships: + - type: node_connected_to_mongo + target: mongod + - type: node_contained_in_nodejs + target: nodejs + - type: app_connected_to_haproxy + target: haproxy + + mongod: + type: nodecellar.nodes.MonitoredMongoDatabase + relationships: + - type: cloudify.relationships.contained_in + target: mongo_host + + nodejs: + type: nodecellar.nodes.NodeJSServer + relationships: + - type: cloudify.relationships.contained_in + target: nodejs_host + + haproxy: + type: nodecellar.nodes.MonitoredHAProxy + properties: + backend_app_port: { get_property: [ nodecellar, port ] } + relationships: + - target: haproxy_frontend_host + type: cloudify.relationships.contained_in + + haproxy_frontend_host: + type: nodecellar.nodes.MonitoredServer + properties: + azure_config: *azure_config + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.connected_to_storage_account + target: storage_account + - type: cloudify.azure.relationships.connected_to_availability_set + target: availability_set + - type: cloudify.azure.relationships.connected_to_nic + target: haproxy_host_nic + + mongo_host: + type: nodecellar.nodes.MonitoredServer + properties: + azure_config: *azure_config + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.connected_to_storage_account + target: storage_account + - type: cloudify.azure.relationships.connected_to_availability_set + target: availability_set + - type: cloudify.azure.relationships.connected_to_nic + target: mongo_host_nic + + nodejs_host: + type: nodecellar.nodes.MonitoredServer + properties: + azure_config: *azure_config + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.connected_to_storage_account + target: storage_account + - type: cloudify.azure.relationships.connected_to_availability_set + target: availability_set + - type: cloudify.azure.relationships.connected_to_nic + target: nodejs_host_nic + + resource_group: + type: cloudify.azure.nodes.ResourceGroup + properties: + name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} + location: { get_secret: location } + azure_config: *azure_config + + storage_account: + type: cloudify.azure.nodes.storage.StorageAccount + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + accountType: Standard_LRS + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + virtual_network: + type: cloudify.azure.nodes.network.VirtualNetwork + properties: + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_virtual_network_name } + azure_config: *azure_config + use_external_resource: true + location: { get_secret: location } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + subnet: + type: cloudify.azure.nodes.network.Subnet + properties: + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_subnet_name } + azure_config: *azure_config + use_external_resource: true + location: { get_secret: location } + relationships: + - type: cloudify.azure.relationships.contained_in_virtual_network + target: virtual_network + + network_security_group: + type: cloudify.azure.nodes.network.NetworkSecurityGroup + properties: + name: {concat:[{get_input: resource_prefix},nsg,{get_input: resource_suffix}]} + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + securityRules: + - name: njssg_ssh + properties: + description: SSH access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: 22 + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 102 + access: Allow + direction: Inbound + - name: njssg_http + properties: + description: HTTP access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: { get_property: [ nodecellar, port ] } + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 103 + access: Allow + direction: Inbound + - name: njssg_mongoa + properties: + description: Mongo access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: { get_property: [ mongod, port ] } + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 104 + access: Allow + direction: Inbound + - name: njssg_mongob + properties: + description: Mongo API access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: 28017 + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 105 + access: Allow + direction: Inbound + - name: njssg_hapweb + properties: + description: HAPROXY Web access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: { get_property: [ haproxy, frontend_port ]} + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 106 + access: Allow + direction: Inbound + - name: njssg_hapapi + properties: + description: HAPROXY API access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: { get_property: [ haproxy, statistics_port ]} + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 107 + access: Allow + direction: Inbound + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + availability_set: + type: cloudify.azure.nodes.compute.AvailabilitySet + properties: + name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + mongo_host_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: mongo_host_nic_ip_cfg + + nodejs_host_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: nodejs_host_nic_ip_cfg + + haproxy_host_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: haproxy_host_nic_ip_cfg + + mongo_host_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + relationships: + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: subnet + + nodejs_host_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + relationships: + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: subnet + + haproxy_host_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + relationships: + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: subnet + - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip + target: nodecellar_ip + + nodecellar_ip: + type: cloudify.azure.nodes.network.PublicIPAddress + properties: + location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + publicIPAllocationMethod: Static + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + +outputs: + + endpoint: + description: Web application endpoint + value: + concat: + - 'http://' + - { get_attribute: [ haproxy_frontend_host, public_ip ] } + - ':' + - { get_property: [ haproxy, frontend_port ] } + - '/' + + +groups: + + scale_up_group: + members: [nodejs_host] + policies: + auto_scale_up: + type: scale_policy_type + properties: + policy_operates_on_group: true + scale_limit: 6 + scale_direction: '<' + scale_threshold: 3 + service_selector: .*nodejs_host.*.process.node.cpu.percent + cooldown_time: 60 + triggers: + execute_scale_workflow: + type: cloudify.policies.triggers.execute_workflow + parameters: + workflow: scale + workflow_parameters: + delta: 1 + scalable_entity_name: nodejs_host + + scale_down_group: + members: [nodejs_host] + policies: + auto_scale_down: + type: scale_policy_type + properties: + scale_limit: 2 + scale_direction: '>' + scale_threshold: 1 + service_selector: .*nodejs_host.*.process.node.cpu.percent + cooldown_time: 60 + triggers: + execute_scale_workflow: + type: cloudify.policies.triggers.execute_workflow + parameters: + workflow: scale + workflow_parameters: + delta: -1 + scalable_entity_name: nodejs_host + + heal_group: + members: [nodejs_host] + policies: + simple_autoheal_policy: + type: cloudify.policies.types.host_failure + properties: + service: + - .*nodejs_host.*.cpu.total.system + interval_between_workflows: 60 + triggers: + auto_heal_trigger: + type: cloudify.policies.triggers.execute_workflow + parameters: + workflow: heal + workflow_parameters: + node_instance_id: { 'get_property': [ SELF, node_id ] } + diagnose_value: { 'get_property': [ SELF, diagnose ] } diff --git a/circle.yml b/circle.yml index cd1941a0..f211addc 100644 --- a/circle.yml +++ b/circle.yml @@ -13,22 +13,18 @@ checkout: dependencies: override: - - pip install https://github.com/cloudify-cosmo/cloudify-rest-client/archive/4.0.1.zip - - pip install https://github.com/cloudify-cosmo/cloudify-dsl-parser/archive/4.0.1.zip - - pip install https://github.com/cloudify-cosmo/cloudify-plugins-common/archive/4.0.1.zip - - pip install https://github.com/cloudify-cosmo/cloudify-script-plugin/archive/1.4.zip - - pip install https://github.com/cloudify-cosmo/cloudify-cli/archive/4.0.1.zip - - pip install https://github.com/cloudify-cosmo/cloudify-aws-plugin/archive/1.4.zip + - pip install https://github.com/cloudify-cosmo/cloudify-rest-client/archive/master.zip + - pip install https://github.com/cloudify-cosmo/cloudify-dsl-parser/archive/master.zip + - pip install https://github.com/cloudify-cosmo/cloudify-plugins-common/archive/master.zip + - pip install https://github.com/cloudify-cosmo/cloudify-script-plugin/archive/master.zip + - pip install https://github.com/cloudify-cosmo/cloudify-cli/archive/master.zip + - pip install https://github.com/cloudify-cosmo/cloudify-aws-plugin/archive/master.zip test: override: - - cfy blueprints validate blueprint.yaml - cfy blueprints validate openstack-blueprint.yaml - - cfy blueprints validate openstack-windows-blueprint.yaml - - cfy blueprints validate singlehost-blueprint.yaml - - cfy blueprints validate ec2-blueprint.yaml - - cfy blueprints validate ec2-windows-blueprint.yaml - - cfy blueprints validate openstack-windows-winrm-blueprint.yaml + - cfy blueprints validate aws-blueprint.yaml + - cfy blueprints validate azure-blueprint.yaml deployment: release: diff --git a/ec2-blueprint.yaml b/ec2-blueprint.yaml deleted file mode 100644 index 0f467873..00000000 --- a/ec2-blueprint.yaml +++ /dev/null @@ -1,96 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - This blueprint defines a EC2 VM created using Cloudify's AWS plugin - and a simple web server started using Cloudify's script plugin. - In addition, an elastic IP and a security group are created and associated with the created VM. - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/aws-plugin/1.4.3/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - -inputs: - webserver_port: - description: The HTTP web server port - default: 8080 - agent_user: - description: User name used when SSH-ing into the started machine - default: ec2-user - image_id: - description: AWS EC2 image id to use for the server - instance_type: - description: AWS EC2 instance type to use for the server - default: m3.medium - -node_templates: - elastic_ip: - type: cloudify.aws.nodes.ElasticIP - - security_group: - type: cloudify.aws.nodes.SecurityGroup - properties: - description: Security group for Hello World VM - rules: - - ip_protocol: tcp - cidr_ip: 0.0.0.0/0 - from_port: { get_property: [ http_web_server, port ] } - to_port: { get_property: [ http_web_server, port ] } - vm: - type: cloudify.aws.nodes.Instance - properties: - agent_config: - user: { get_input: agent_user } - image_id: { get_input: image_id } - instance_type: { get_input: instance_type } - relationships: - - type: cloudify.aws.relationships.instance_connected_to_elastic_ip - target: elastic_ip - - type: cloudify.aws.relationships.instance_connected_to_security_group - target: security_group - interfaces: - ########################################################### - # We are infact telling cloudify to install a diamond - # monitoring agent on the server. - # - # (see https://github.com/BrightcoveOS/Diamond) - ########################################################### - cloudify.interfaces.monitoring_agent: - install: - implementation: diamond.diamond_agent.tasks.install - inputs: - diamond_config: - interval: 1 - start: diamond.diamond_agent.tasks.start - stop: diamond.diamond_agent.tasks.stop - uninstall: diamond.diamond_agent.tasks.uninstall - cloudify.interfaces.monitoring: - start: - implementation: diamond.diamond_agent.tasks.add_collectors - inputs: - collectors_config: - CPUCollector: {} - MemoryCollector: {} - LoadAverageCollector: {} - DiskUsageCollector: - config: - devices: x?vd[a-z]+[0-9]*$ - NetworkCollector: {} - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: scripts/configure.sh - start: scripts/start.sh - stop: scripts/stop.sh - -outputs: - http_endpoint: - description: Web server's external endpoint - value: { concat: ['http://', { get_attribute: [elastic_ip, aws_resource_id] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/ec2-windows-blueprint.yaml b/ec2-windows-blueprint.yaml deleted file mode 100644 index de021444..00000000 --- a/ec2-windows-blueprint.yaml +++ /dev/null @@ -1,93 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - This blueprint defines a Windows Server 2012 R2 VM on AWS EC2 and an elastic IP - and a security group are also created and associated with the VM all using Cloudify's AWS plugin. - In addition, a simple web server is created and started using Cloudify's script plugin. - Note: This blueprint can also work with a Windows Server 2008 R2 VM on AWS EC2. - To do so omit the single quotes in the vm user_data under the node_templates section below. - - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/aws-plugin/1.4.3/plugin.yaml - -inputs: - webserver_port: - description: The HTTP web server port - default: 8080 - agent_user: - description: User name used to access the AWS EC2 VM - default: Administrator - image_id: - description: AWS EC2 image id to use for the server - instance_type: - description: AWS EC2 instance type to use for the server - default: m3.medium - -node_templates: - elastic_ip: - type: cloudify.aws.nodes.ElasticIP - - security_group: - type: cloudify.aws.nodes.SecurityGroup - properties: - description: Security group for Hello World VM - rules: - - ip_protocol: tcp - cidr_ip: 0.0.0.0/0 - from_port: { get_property: [ http_web_server, port ] } - to_port: { get_property: [ http_web_server, port ] } - vm: - type: cloudify.aws.nodes.WindowsInstance - properties: - agent_config: - user: { get_input: agent_user } - image_id: { get_input: image_id } - instance_type: { get_input: instance_type } - parameters: - user_data: | - - &winrm quickconfig -q - &winrm set winrm/config '@{MaxTimeoutms="1800000"}' - &winrm set winrm/config/winrs '@{MaxShellsPerUser="2147483647"}' - &winrm set winrm/config/service '@{AllowUnencrypted="true";MaxConcurrentOperationsPerUser="4294967295"}' - &winrm set winrm/config/service/auth '@{Basic="true"}' - &netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow - &netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow - Set-ExecutionPolicy Unrestricted - - relationships: - - type: cloudify.aws.relationships.instance_connected_to_elastic_ip - target: elastic_ip - - type: cloudify.aws.relationships.instance_connected_to_security_group - target: security_group - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: - implementation: scripts/powershell/configure.ps1 - inputs: - process: - command_prefix: powershell - start: - implementation: scripts/powershell/start.ps1 - inputs: - process: - command_prefix: powershell - stop: - implementation: scripts/powershell/stop.ps1 - inputs: - process: - command_prefix: powershell -outputs: - http_endpoint: - description: Web server's external endpoint - value: { concat: ['http://', { get_attribute: [elastic_ip, aws_resource_id] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/no-monitoring-singlehost-blueprint.yaml b/no-monitoring-singlehost-blueprint.yaml deleted file mode 100644 index 4faf99ff..00000000 --- a/no-monitoring-singlehost-blueprint.yaml +++ /dev/null @@ -1,55 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - This blueprint installs a simple web server on a pre-existing machine. It is similar to the blueprint - "singlehost-blueprint.yaml", except that this one omits the monitoring-related configuration. - IMPORTANT: The VM being used must be associated with a security group (or multiple security groups) - that, cumulatively, allows TCP access via the port specified by the "webserver_port" input (defaults to 8080), - as well as TCP access for the Cloudify Agent installation process. - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - include/inputs.yaml - -inputs: - server_ip: - description: > - The ip of the machine that the application will be installed on. - agent_user: - description: > - User account used when SSH-ing into the existing machine for the purpose - of Cloudify Agent installation. - agent_private_key_path: - description: > - Path to a private key to use when SSH-ing into the existing machine for - agent installation. This path must be available on the machine that is executing the - installation workflow (that is, the Cloudify Manager machine in a managed environment, - or the local machine in a local invocation). - -node_templates: - vm: - type: cloudify.nodes.Compute - properties: - ip: { get_input: server_ip } - agent_config: - user: { get_input: agent_user } - key: { get_input: agent_private_key_path } - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: scripts/configure.sh - start: scripts/start.sh - stop: scripts/stop.sh - -outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_property: [ vm, ip ] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/openstack-windows-blueprint.yaml b/openstack-windows-blueprint.yaml deleted file mode 100644 index 5628b9d5..00000000 --- a/openstack-windows-blueprint.yaml +++ /dev/null @@ -1,129 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - The blueprint installs a simple web server on a Linux virtual machine under OpenStack. - Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. - This blueprint assumes that a security group for Cloudify Agents already exists; its name should - be provided for the "agents_security_group" input. - The Windows VM's agent installation process uses the "init_script" agent installation method, which uses a built-in - script to install the agent. This script is sufficient in most cases. The advantage here is that WinRM is not being - used at all, which means that the WinRM port is not required to be open on the agent VM. - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - - include/openstack-inputs.yaml - - include/inputs.yaml - - include/scaling.yaml - -inputs: - key_pair_name: - default: 'hello-world' - description: Openstack key pair name of the key to associate with the new server - private_key_path: - default: '~/hw.pem' - description: | - Path to the private key which will be used for connecting to the server - on the manager or machine running CLI if running in local mode. - -dsl_definitions: - openstack_configuration: &openstack_configuration - username: { get_input: keystone_username } - password: { get_input: keystone_password } - tenant_name: { get_input: keystone_tenant_name } - auth_url: { get_input: keystone_url } - region: { get_input: region } - -node_templates: - public_ip: - type: cloudify.openstack.nodes.FloatingIP - properties: - openstack_config: *openstack_configuration - floatingip: - floating_network_name: { get_input: floating_network_name } - - agents_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - resource_id: { get_input: agents_security_group_name } - rules: - - port: 22 - remote_ip_prefix: 0.0.0.0/0 - - port_range_min: 5985 - port_range_max: 5986 - remote_ip_prefix: 0.0.0.0/0 - - app_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - rules: - - remote_ip_prefix: 0.0.0.0/0 - port: { get_property: [ http_web_server, port ] } - - keypair: - type: cloudify.openstack.nodes.KeyPair - properties: - openstack_config: *openstack_configuration - resource_id: { get_input: key_pair_name } - private_key_path: { get_input: private_key_path } - - vm: - type: cloudify.openstack.nodes.WindowsServer - properties: - openstack_config: *openstack_configuration - agent_config: - install_method: init_script - image: { get_input: image } - flavor: { get_input: flavor } - management_network_name: { get_input: network_name } - relationships: - - type: cloudify.openstack.server_connected_to_keypair - target: keypair - - type: cloudify.openstack.server_connected_to_floating_ip - target: public_ip - - type: cloudify.openstack.server_connected_to_security_group - target: app_security_group - - type: cloudify.openstack.server_connected_to_security_group - target: agents_security_group - interfaces: - cloudify.interfaces.lifecycle: - create: - inputs: - args: - # Needed until JIRA issue OPENSTACK-38 is resolved. - security_groups: - - { get_attribute: [ agents_security_group, external_name ]} - - { get_attribute: [ app_security_group, external_name ]} - - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: - implementation: scripts/powershell/configure.ps1 - inputs: - process: - command_prefix: powershell - start: - implementation: scripts/powershell/start.ps1 - inputs: - process: - command_prefix: powershell - stop: - implementation: scripts/powershell/stop.ps1 - inputs: - process: - command_prefix: powershell - -outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/openstack-windows-winrm-blueprint.yaml b/openstack-windows-winrm-blueprint.yaml deleted file mode 100644 index 3c62dfa5..00000000 --- a/openstack-windows-winrm-blueprint.yaml +++ /dev/null @@ -1,142 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - The blueprint installs a simple web server on a Linux virtual machine under OpenStack. - Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. - This blueprint assumes that a security group for Cloudify Agents already exists; its name should - be provided for the "agents_security_group" input. - The Windows VM's agent installation process is done using WinRM. The userdata passed to the new VM - ensures that WinRM is configured in a way that is compatible with Cloudify's agent installation process. - This approach should only be used in special cases; it is recommended to use the "init_script" approach which - is demonstrated in "openstack-windows-blueprint.yaml". - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - - include/openstack-inputs.yaml - - include/inputs.yaml - - include/scaling.yaml - -inputs: - agent_user: - description: User name used when SSH-ing into the started machine - agent_key_pair_name: - default: 'hello-world' - description: Openstack key pair name of the key to associate with the new server - agent_private_key_path: - default: '~/hw.pem' - description: | - Path to the private key which will be used for connecting to the server - on the manager or machine running CLI if running in local mode. - -dsl_definitions: - openstack_configuration: &openstack_configuration - username: { get_input: keystone_username } - password: { get_input: keystone_password } - tenant_name: { get_input: keystone_tenant_name } - auth_url: { get_input: keystone_url } - region: { get_input: region } - -node_templates: - public_ip: - type: cloudify.openstack.nodes.FloatingIP - properties: - openstack_config: *openstack_configuration - floatingip: - floating_network_name: { get_input: floating_network_name } - - agents_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - resource_id: { get_input: agents_security_group_name } - rules: - - port: 22 - remote_ip_prefix: 0.0.0.0/0 - - port_range_min: 5985 - port_range_max: 5986 - remote_ip_prefix: 0.0.0.0/0 - - app_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - rules: - - remote_ip_prefix: 0.0.0.0/0 - port: { get_property: [ http_web_server, port ] } - - keypair: - type: cloudify.openstack.nodes.KeyPair - properties: - openstack_config: *openstack_configuration - resource_id: { get_input: agent_key_pair_name } - private_key_path: { get_input: agent_private_key_path } - - vm: - type: cloudify.openstack.nodes.WindowsServer - properties: - openstack_config: *openstack_configuration - agent_config: - user: { get_input: agent_user } - image: { get_input: image } - flavor: { get_input: flavor } - management_network_name: { get_input: network_name } - server: - userdata: | - #ps1_sysnative - winrm quickconfig -q - winrm set winrm/config '@{MaxTimeoutms="1800000"}' - winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}' - winrm set winrm/config/service '@{AllowUnencrypted="true"}' - winrm set winrm/config/service/auth '@{Basic="true"}' - &netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow - &netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow - relationships: - - type: cloudify.openstack.server_connected_to_keypair - target: keypair - - type: cloudify.openstack.server_connected_to_floating_ip - target: public_ip - - type: cloudify.openstack.server_connected_to_security_group - target: app_security_group - - type: cloudify.openstack.server_connected_to_security_group - target: agents_security_group - interfaces: - cloudify.interfaces.lifecycle: - create: - inputs: - args: - # Needed until JIRA issue OPENSTACK-38 is resolved. - security_groups: - - { get_attribute: [ agents_security_group, external_name ]} - - { get_attribute: [ app_security_group, external_name ]} - - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: - implementation: scripts/powershell/configure.ps1 - inputs: - process: - command_prefix: powershell - start: - implementation: scripts/powershell/start.ps1 - inputs: - process: - command_prefix: powershell - stop: - implementation: scripts/powershell/stop.ps1 - inputs: - process: - command_prefix: powershell - -outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/scripts/cloud_config/create.py b/scripts/cloud_config/create.py new file mode 100644 index 00000000..c9051f70 --- /dev/null +++ b/scripts/cloud_config/create.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python + +try: + import yaml +except ImportError: + import pip + pip.main(['install', 'pyyaml']) + import yaml + +import base64 +from cloudify import ctx +from cloudify.state import ctx_parameters as inputs + + +if __name__ == '__main__': + + cloud_config = inputs['cloud_config'] + ctx.logger.debug('cloud_config: {0}'.format(cloud_config)) + cloud_config_yaml = yaml.dump(cloud_config) + cloud_config_string = str(cloud_config_yaml).replace('!!python/unicode ', '') + cloud_config_string = '#cloud-config\n' + cloud_config_string + ctx.logger.debug('cloud_config_string: {0}'.format(cloud_config_string)) + + if ctx.node.properties['resource_config'].get('encode_base64'): + cloud_config_string = base64.encodestring(cloud_config_string) + ctx.logger.debug('cloud_config_string: {0}'.format(cloud_config_string)) + + ctx.instance.runtime_properties['cloud_config'] = cloud_config_string diff --git a/singlehost-blueprint.yaml b/singlehost-blueprint.yaml deleted file mode 100644 index 1b663d10..00000000 --- a/singlehost-blueprint.yaml +++ /dev/null @@ -1,76 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -description: > - This blueprint installs a simple web server on a pre-existing machine. - IMPORTANT: The VM being used must be associated with a security group (or multiple security groups) - that, cumulatively, allows TCP access via the port specified by the "webserver_port" input (defaults to 8080), - as well as TCP access for the Cloudify Agent installation process. - -imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - include/inputs.yaml - -inputs: - server_ip: - description: > - The ip of the machine that the application will be installed on. - agent_user: - description: > - User account used when SSH-ing into the existing machine for the purpose - of Cloudify Agent installation. - agent_private_key_path: - description: > - Path to a private key to use when SSH-ing into the existing machine for - agent installation. This path must be available on the machine that is executing the - installation workflow (that is, the Cloudify Manager machine in a managed environment, - or the local machine in a local invocation). - -node_templates: - vm: - type: cloudify.nodes.Compute - properties: - ip: { get_input: server_ip } - agent_config: - user: { get_input: agent_user } - key: { get_input: agent_private_key_path } - interfaces: - cloudify.interfaces.monitoring_agent: - install: - implementation: diamond.diamond_agent.tasks.install - inputs: - diamond_config: - interval: 1 - start: diamond.diamond_agent.tasks.start - stop: diamond.diamond_agent.tasks.stop - uninstall: diamond.diamond_agent.tasks.uninstall - cloudify.interfaces.monitoring: - start: - implementation: diamond.diamond_agent.tasks.add_collectors - inputs: - collectors_config: - CPUCollector: {} - MemoryCollector: {} - LoadAverageCollector: {} - DiskUsageCollector: - config: - devices: x?vd[a-z]+[0-9]*$ - NetworkCollector: {} - http_web_server: - type: cloudify.nodes.WebServer - properties: - port: { get_input: webserver_port } - relationships: - - type: cloudify.relationships.contained_in - target: vm - interfaces: - cloudify.interfaces.lifecycle: - configure: scripts/configure.sh - start: scripts/start.sh - stop: scripts/stop.sh - -outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_property: [ vm, ip ] }, - ':', { get_property: [http_web_server, port] }] } diff --git a/types/cloud_config/cloud-config.yaml b/types/cloud_config/cloud-config.yaml new file mode 100644 index 00000000..2fe4b20f --- /dev/null +++ b/types/cloud_config/cloud-config.yaml @@ -0,0 +1,13 @@ +node_types: + + cloudify.nodes.CloudConfig: + derived_from: cloudify.nodes.Root + properties: + resource_config: + default: + encode_base64: false + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: scripts/cloud_config/create.py + executor: central_deployment_agent From 232622fe4a28733388bde9ed3dd5d9f6c22ef498 Mon Sep 17 00:00:00 2001 From: earthmant Date: Fri, 26 May 2017 00:24:22 +0300 Subject: [PATCH 3/8] updating reademe --- README.md | 84 +++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 72 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 765facc6..2ccb7dfe 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,78 @@ +[![CircleCI](https://circleci.com/gh/cloudify-examples/cloudify-hello-world-example.svg?style=svg)](https://circleci.com/gh/cloudify-examples/cloudify-hello-world-example) + # Cloudify Hello World Example -[![Circle CI](https://circleci.com/gh/cloudify-cosmo/cloudify-hello-world-example/tree/master.svg?&style=shield)](https://circleci.com/gh/cloudify-cosmo/cloudify-hello-world-example/tree/master) +This blueprint deploys a python webserver that says "hello world", with a cute Cloudify logo. + +## prerequisites + +You will need a *Cloudify Manager* running in either AWS, Azure, or Openstack. + +If you have not already, set up the [example Cloudify environment](https://github.com/cloudify-examples/cloudify-environment-setup). Installing that blueprint and following all of the configuration instructions will ensure you have all of the prerequisites, including keys, plugins, and secrets. + + +### Step 1: Install the demo application + +In this step, you will run a *Cloudify CLI* command, which uploads the demo application blueprint to the manager, creates a deployment, and starts an install workflow. + +When it is finished, you will be able to play with the wine store application. + + +#### For AWS run: + +```shell +$ cfy install \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + -b hello-world \ + -n aws-blueprint.yaml +``` + + +#### For Azure run: + +```shell +$ cfy install \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + -b hello-world \ + -n azure-blueprint.yaml +``` + + +#### For Openstack run: + +```shell +$ cfy install \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + -b hello-world \ + -n openstack-blueprint.yaml +``` + + +### Step 2: Verify the demo installed and started. + +Once the workflow execution is complete, we can view the application endpoint by running:
+ +```shell +$ cfy deployments outputs hello-world +``` + +You should see an output like this: + +```shell +Retrieving outputs for deployment hello-world... + - "endpoint": + Description: Web application endpoint + Value: http://10.239.0.18:8080/ +``` + +Use the URL from the endpoint output and visit that URL in a browser. -This repository contains Hello World example blueprints, for OpenStack, AWS and existing hosts. -All blueprints start an HTTP server on a VM: +### Step 4: Uninstall the demo application -* [ec2-blueprint.yaml](ec2-blueprint.yaml) creates a Linux VM on AWS -* [ec2-windows-blueprint.yaml](ec2-windows-blueprint.yaml) creates a Windows VM on AWS -* [openstack-blueprint.yaml](openstack-blueprint.yaml) creates a Linux VM on OpenStack -* [openstack-windows-blueprint.yaml](openstack-windows-blueprint.yaml) creates a Windows VM on OpenStack -* [openstack-windows-winrm-blueprint.yaml](openstack-windows-winrm-blueprint.yaml) creates a Windows VM on OpenStack -* [singlehost-blueprint.yaml](singlehost-blueprint.yaml) creates no infrastructure (installs the app on an existing VM) -* [no-monitoring-singlehost-blueprint.yaml](no-monitoring-singlehost-blueprint.yaml) similar to `singlehost-blueprint.yaml`, - however does not include monitoring configuration +Now run the `uninstall` workflow. This will uninstall the application, +as well as delete all related resources.
-If you're only now starting to work with Cloudify see our [Getting Started Guide](http://docs.getcloudify.org/latest/intro/getting-started/). +```shell +$ cfy uninstall --allow-custom-parameters -p ignore_failure=true hello-world +``` From cf7b96feeeea9de4648351535390f8c48a99d992 Mon Sep 17 00:00:00 2001 From: earthmant Date: Mon, 5 Jun 2017 13:12:12 +0300 Subject: [PATCH 4/8] updated azure,aws,os --- LICENSE | 202 --------------------- README.md | 8 +- aws-blueprint.yaml | 12 -- azure-blueprint.yaml | 367 ++++++++++----------------------------- openstack-blueprint.yaml | 235 +++++++++++++------------ 5 files changed, 223 insertions(+), 601 deletions(-) delete mode 100644 LICENSE diff --git a/LICENSE b/LICENSE deleted file mode 100644 index e06d2081..00000000 --- a/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ -Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/README.md b/README.md index 2ccb7dfe..fdfbe7ba 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ When it is finished, you will be able to play with the wine store application. ```shell $ cfy install \ - https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1.1.zip \ -b hello-world \ -n aws-blueprint.yaml ``` @@ -32,7 +32,7 @@ $ cfy install \ ```shell $ cfy install \ - https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1.1.zip \ -b hello-world \ -n azure-blueprint.yaml ``` @@ -42,7 +42,7 @@ $ cfy install \ ```shell $ cfy install \ - https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1-pre.zip \ + https://github.com/cloudify-examples/cloudify-hello-world-example/archive/4.0.1.1.zip \ -b hello-world \ -n openstack-blueprint.yaml ``` @@ -62,7 +62,7 @@ You should see an output like this: Retrieving outputs for deployment hello-world... - "endpoint": Description: Web application endpoint - Value: http://10.239.0.18:8080/ + Value: http://**.***.*.**:8080/ ``` Use the URL from the endpoint output and visit that URL in a browser. diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml index a03e78c1..41ef86b1 100644 --- a/aws-blueprint.yaml +++ b/aws-blueprint.yaml @@ -113,18 +113,6 @@ node_templates: - type: cloudify.aws.relationships.subnet_contained_in_vpc target: vpc - private_subnet: - type: cloudify.aws.nodes.Subnet - properties: - aws_config: *aws_config - use_external_resource: true - resource_id: { get_secret: private_subnet_id } - cidr_block: N/A - availability_zone: N/A - relationships: - - type: cloudify.aws.relationships.subnet_contained_in_vpc - target: vpc - security_group: type: cloudify.aws.nodes.SecurityGroup properties: diff --git a/azure-blueprint.yaml b/azure-blueprint.yaml index 574ff0b4..72697801 100644 --- a/azure-blueprint.yaml +++ b/azure-blueprint.yaml @@ -1,21 +1,14 @@ tosca_definitions_version: cloudify_dsl_1_3 -description: > - This Blueprint installs the nodecellar application on an Azure Cloud environment. - imports: - http://www.getcloudify.org/spec/cloudify/4.0/types.yaml - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/1.4.3/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.3/plugin.yaml - - types/nodecellar.yaml - - types/azure-types.yaml - - types/haproxy/haproxy.yaml - - types/scale/scale.yaml inputs: resource_prefix: - default: nc + default: hw resource_suffix: default: '0' @@ -57,68 +50,35 @@ dsl_definitions: node_templates: - nodecellar: - type: nodecellar.nodes.NodecellarApplicationModule - relationships: - - type: node_connected_to_mongo - target: mongod - - type: node_contained_in_nodejs - target: nodejs - - type: app_connected_to_haproxy - target: haproxy - - mongod: - type: nodecellar.nodes.MonitoredMongoDatabase - relationships: - - type: cloudify.relationships.contained_in - target: mongo_host - - nodejs: - type: nodecellar.nodes.NodeJSServer - relationships: - - type: cloudify.relationships.contained_in - target: nodejs_host - - haproxy: - type: nodecellar.nodes.MonitoredHAProxy - properties: - backend_app_port: { get_property: [ nodecellar, port ] } - relationships: - - target: haproxy_frontend_host - type: cloudify.relationships.contained_in - - haproxy_frontend_host: - type: nodecellar.nodes.MonitoredServer + http_web_server: + type: cloudify.nodes.WebServer properties: - azure_config: *azure_config + port: { get_input: webserver_port } relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - type: cloudify.azure.relationships.connected_to_storage_account - target: storage_account - - type: cloudify.azure.relationships.connected_to_availability_set - target: availability_set - - type: cloudify.azure.relationships.connected_to_nic - target: haproxy_host_nic - - mongo_host: - type: nodecellar.nodes.MonitoredServer - properties: - azure_config: *azure_config - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - type: cloudify.azure.relationships.connected_to_storage_account - target: storage_account - - type: cloudify.azure.relationships.connected_to_availability_set - target: availability_set - - type: cloudify.azure.relationships.connected_to_nic - target: mongo_host_nic + - type: cloudify.relationships.contained_in + target: host + interfaces: + cloudify.interfaces.lifecycle: + configure: scripts/configure.sh + start: scripts/start.sh + stop: scripts/stop.sh - nodejs_host: - type: nodecellar.nodes.MonitoredServer + host: + type: cloudify.azure.nodes.compute.VirtualMachine properties: + location: { get_secret: location } + retry_after: { get_input: retry_after } + os_family: linux azure_config: *azure_config + resource_config: + hardwareProfile: {} + storageProfile: {} + osProfile: {} + agent_config: + user: { get_input: agent_user } + install_method: remote + port: 22 + key: { get_secret: agent_key_private } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group @@ -127,50 +87,49 @@ node_templates: - type: cloudify.azure.relationships.connected_to_availability_set target: availability_set - type: cloudify.azure.relationships.connected_to_nic - target: nodejs_host_nic - - resource_group: - type: cloudify.azure.nodes.ResourceGroup - properties: - name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} - location: { get_secret: location } - azure_config: *azure_config + target: host_nic + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: pkg.cloudify_azure.resources.compute.virtualmachine.create + inputs: + args: + hardwareProfile: + vmSize: { get_input: size } + storageProfile: + imageReference: { get_input: image} + osProfile: + adminUsername: { get_input: agent_user } + adminPassword: '' + linuxConfiguration: + ssh: + publicKeys: { get_input: ssh_public_keys } + disablePasswordAuthentication: true - storage_account: - type: cloudify.azure.nodes.storage.StorageAccount + availability_set: + type: cloudify.azure.nodes.compute.AvailabilitySet properties: + name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } - resource_config: - accountType: Standard_LRS relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - virtual_network: - type: cloudify.azure.nodes.network.VirtualNetwork + host_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - resource_group_name: { get_secret: mgr_resource_group_name } - name: { get_secret: mgr_virtual_network_name } - azure_config: *azure_config - use_external_resource: true location: { get_secret: location } + azure_config: *azure_config + retry_after: { get_input: retry_after } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - subnet: - type: cloudify.azure.nodes.network.Subnet - properties: - resource_group_name: { get_secret: mgr_resource_group_name } - name: { get_secret: mgr_subnet_name } - azure_config: *azure_config - use_external_resource: true - location: { get_secret: location } - relationships: - - type: cloudify.azure.relationships.contained_in_virtual_network - target: virtual_network + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: host_nic_ip_cfg network_security_group: type: cloudify.azure.nodes.network.NetworkSecurityGroup @@ -181,7 +140,7 @@ node_templates: retry_after: { get_input: retry_after } resource_config: securityRules: - - name: njssg_ssh + - name: hw_ssh properties: description: SSH access protocol: Tcp @@ -192,157 +151,72 @@ node_templates: priority: 102 access: Allow direction: Inbound - - name: njssg_http + - name: hw_http properties: description: HTTP access protocol: Tcp sourcePortRange: '*' - destinationPortRange: { get_property: [ nodecellar, port ] } + destinationPortRange: { get_input: webserver_port } sourceAddressPrefix: '*' destinationAddressPrefix: '*' priority: 103 access: Allow direction: Inbound - - name: njssg_mongoa - properties: - description: Mongo access - protocol: Tcp - sourcePortRange: '*' - destinationPortRange: { get_property: [ mongod, port ] } - sourceAddressPrefix: '*' - destinationAddressPrefix: '*' - priority: 104 - access: Allow - direction: Inbound - - name: njssg_mongob - properties: - description: Mongo API access - protocol: Tcp - sourcePortRange: '*' - destinationPortRange: 28017 - sourceAddressPrefix: '*' - destinationAddressPrefix: '*' - priority: 105 - access: Allow - direction: Inbound - - name: njssg_hapweb - properties: - description: HAPROXY Web access - protocol: Tcp - sourcePortRange: '*' - destinationPortRange: { get_property: [ haproxy, frontend_port ]} - sourceAddressPrefix: '*' - destinationAddressPrefix: '*' - priority: 106 - access: Allow - direction: Inbound - - name: njssg_hapapi - properties: - description: HAPROXY API access - protocol: Tcp - sourcePortRange: '*' - destinationPortRange: { get_property: [ haproxy, statistics_port ]} - sourceAddressPrefix: '*' - destinationAddressPrefix: '*' - priority: 107 - access: Allow - direction: Inbound relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - availability_set: - type: cloudify.azure.nodes.compute.AvailabilitySet + host_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration properties: - name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: subnet + - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip + target: ip - mongo_host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard + subnet: + type: cloudify.azure.nodes.network.Subnet properties: - location: { get_secret: location } + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_subnet_name } azure_config: *azure_config - retry_after: { get_input: retry_after } - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - - type: cloudify.azure.relationships.nic_connected_to_ip_configuration - target: mongo_host_nic_ip_cfg - - nodejs_host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard - properties: + use_external_resource: true location: { get_secret: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - - type: cloudify.azure.relationships.nic_connected_to_ip_configuration - target: nodejs_host_nic_ip_cfg + - type: cloudify.azure.relationships.contained_in_virtual_network + target: virtual_network - haproxy_host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard + virtual_network: + type: cloudify.azure.nodes.network.VirtualNetwork properties: - location: { get_secret: location } + resource_group_name: { get_secret: mgr_resource_group_name } + name: { get_secret: mgr_virtual_network_name } azure_config: *azure_config - retry_after: { get_input: retry_after } + use_external_resource: true + location: { get_secret: location } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - - type: cloudify.azure.relationships.nic_connected_to_ip_configuration - target: haproxy_host_nic_ip_cfg - - mongo_host_nic_ip_cfg: - type: cloudify.azure.nodes.network.IPConfiguration - properties: - location: { get_secret: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } - resource_config: - privateIPAllocationMethod: Dynamic - relationships: - - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet - - nodejs_host_nic_ip_cfg: - type: cloudify.azure.nodes.network.IPConfiguration - properties: - location: { get_secret: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } - resource_config: - privateIPAllocationMethod: Dynamic - relationships: - - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet - haproxy_host_nic_ip_cfg: - type: cloudify.azure.nodes.network.IPConfiguration + storage_account: + type: cloudify.azure.nodes.storage.StorageAccount properties: location: { get_secret: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: - privateIPAllocationMethod: Dynamic + accountType: Standard_LRS relationships: - - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet - - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip - target: nodecellar_ip + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group - nodecellar_ip: + ip: type: cloudify.azure.nodes.network.PublicIPAddress properties: location: { get_secret: location } @@ -354,6 +228,13 @@ node_templates: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group + resource_group: + type: cloudify.azure.nodes.ResourceGroup + properties: + name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} + location: { get_secret: location } + azure_config: *azure_config + outputs: endpoint: @@ -361,69 +242,7 @@ outputs: value: concat: - 'http://' - - { get_attribute: [ haproxy_frontend_host, public_ip ] } + - { get_attribute: [ host, public_ip ] } - ':' - - { get_property: [ haproxy, frontend_port ] } + - { get_input: webserver_port } - '/' - - -groups: - - scale_up_group: - members: [nodejs_host] - policies: - auto_scale_up: - type: scale_policy_type - properties: - policy_operates_on_group: true - scale_limit: 6 - scale_direction: '<' - scale_threshold: 3 - service_selector: .*nodejs_host.*.process.node.cpu.percent - cooldown_time: 60 - triggers: - execute_scale_workflow: - type: cloudify.policies.triggers.execute_workflow - parameters: - workflow: scale - workflow_parameters: - delta: 1 - scalable_entity_name: nodejs_host - - scale_down_group: - members: [nodejs_host] - policies: - auto_scale_down: - type: scale_policy_type - properties: - scale_limit: 2 - scale_direction: '>' - scale_threshold: 1 - service_selector: .*nodejs_host.*.process.node.cpu.percent - cooldown_time: 60 - triggers: - execute_scale_workflow: - type: cloudify.policies.triggers.execute_workflow - parameters: - workflow: scale - workflow_parameters: - delta: -1 - scalable_entity_name: nodejs_host - - heal_group: - members: [nodejs_host] - policies: - simple_autoheal_policy: - type: cloudify.policies.types.host_failure - properties: - service: - - .*nodejs_host.*.cpu.total.system - interval_between_workflows: 60 - triggers: - auto_heal_trigger: - type: cloudify.policies.triggers.execute_workflow - parameters: - workflow: heal - workflow_parameters: - node_instance_id: { 'get_property': [ SELF, node_id ] } - diagnose_value: { 'get_property': [ SELF, diagnose ] } diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index 214675f3..c61a88c8 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -1,141 +1,158 @@ tosca_definitions_version: cloudify_dsl_1_3 -description: > - The blueprint installs a simple web server on a Linux virtual machine under OpenStack. - Other than a VM, this blueprint creates a keypair, a security group, and a floating IP for the application. - This blueprint assumes that a security group for Cloudify Agents already exists; its name should - be provided for the "agents_security_group" input. - imports: - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - include/openstack-inputs.yaml - - include/inputs.yaml - - include/scaling.yaml + - types/cloud_config/cloud-config.yaml inputs: + + webserver_port: + description: The HTTP web server port + default: 8080 + agent_user: description: > - User account used when SSH-ing into the existing machine for the purpose - of Cloudify Agent installation. - agent_key_pair_name: - default: 'hello-world' - description: Openstack key pair name of the key to associate with the new server - agent_private_key_path: - default: '~/hw.pem' - description: | - Path to the private key which will be used for connecting to the server - on the manager or machine running CLI if running in local mode. + The username of the agent running on the instance created from the image. + default: ubuntu -dsl_definitions: - openstack_configuration: &openstack_configuration - username: { get_input: keystone_username } - password: { get_input: keystone_password } - tenant_name: { get_input: keystone_tenant_name } - auth_url: { get_input: keystone_url } - region: { get_input: region } + image: + description: > + An Openstack Image ID. Tested with a Ubuntu 14.04 image. + default: { get_secret: ubuntu_trusty_image } -node_templates: - public_ip: - type: cloudify.openstack.nodes.FloatingIP - properties: - openstack_config: *openstack_configuration - floatingip: - floating_network_name: { get_input: floating_network_name } + flavor: + description: > + An Openstack Flavor ID. + default: { get_secret: small_image_flavor } - agents_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - resource_id: { get_input: agents_security_group_name } - rules: - - port: 22 - remote_ip_prefix: 0.0.0.0/0 - - port_range_min: 5985 - port_range_max: 5986 - remote_ip_prefix: 0.0.0.0/0 +dsl_definitions: - app_security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_configuration - rules: - - port: { get_property: [ http_web_server, port ] } - remote_ip_prefix: 0.0.0.0/0 + openstack_config: &openstack_config + username: { get_secret: keystone_username } + password: { get_secret: keystone_password } + tenant_name: { get_secret: keystone_tenant_name } + auth_url: { get_secret: keystone_url } + region: { get_secret: region } + +node_templates: - keypair: - type: cloudify.openstack.nodes.KeyPair + http_web_server: + type: cloudify.nodes.WebServer properties: - openstack_config: *openstack_configuration - resource_id: { get_input: agent_key_pair_name } - private_key_path: { get_input: agent_private_key_path } + port: { get_input: webserver_port } + relationships: + - type: cloudify.relationships.contained_in + target: host + interfaces: + cloudify.interfaces.lifecycle: + configure: scripts/configure.sh + start: scripts/start.sh + stop: scripts/stop.sh - vm: + host: type: cloudify.openstack.nodes.Server properties: - openstack_config: *openstack_configuration + openstack_config: *openstack_config agent_config: user: { get_input: agent_user } - key: { get_property: [ keypair, private_key_path ] } - image: { get_input: image } - flavor: { get_input: flavor } - management_network_name: { get_input: network_name } - relationships: - - type: cloudify.openstack.server_connected_to_keypair - target: keypair - - type: cloudify.openstack.server_connected_to_floating_ip - target: public_ip - - type: cloudify.openstack.server_connected_to_security_group - target: agents_security_group - - type: cloudify.openstack.server_connected_to_security_group - target: app_security_group + install_method: remote + port: 22 + key: { get_secret: agent_key_private } + server: + key_name: '' + image: { get_input: image } + flavor: { get_input: flavor } + management_network_name: { get_property: [ public_network, resource_id ] } interfaces: cloudify.interfaces.lifecycle: create: + implementation: openstack.nova_plugin.server.create inputs: args: - # Needed until JIRA issue OPENSTACK-38 is resolved. - security_groups: - - { get_attribute: [ agents_security_group, external_name ]} - - { get_attribute: [ app_security_group, external_name ]} - cloudify.interfaces.monitoring_agent: - install: - implementation: diamond.diamond_agent.tasks.install - inputs: - diamond_config: - interval: 1 - start: diamond.diamond_agent.tasks.start - stop: diamond.diamond_agent.tasks.stop - uninstall: diamond.diamond_agent.tasks.uninstall - cloudify.interfaces.monitoring: - start: - implementation: diamond.diamond_agent.tasks.add_collectors - inputs: - collectors_config: - CPUCollector: {} - MemoryCollector: {} - LoadAverageCollector: {} - DiskUsageCollector: - config: - devices: x?vd[a-z]+[0-9]*$ - NetworkCollector: {} - - http_web_server: - type: cloudify.nodes.WebServer + image: { get_input: image } + flavor: { get_input: flavor } + userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } + relationships: + - type: cloudify.openstack.server_connected_to_port + target: port + - type: cloudify.relationships.depends_on + target: cloudify_host_cloud_config + + port: + type: cloudify.openstack.nodes.Port properties: - port: { get_input: webserver_port } + openstack_config: *openstack_config relationships: - - type: cloudify.relationships.contained_in - target: vm + - type: cloudify.relationships.contained_in + target: public_network + - type: cloudify.relationships.depends_on + target: public_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: security_group + - type: cloudify.openstack.port_connected_to_floating_ip + target: ip + + public_subnet: + type: cloudify.openstack.nodes.Subnet + properties: + openstack_config: *openstack_config + use_external_resource: true + resource_id: { get_secret: public_subnet_name } + relationships: + - target: public_network + type: cloudify.relationships.contained_in + + public_network: + type: cloudify.openstack.nodes.Network + properties: + openstack_config: *openstack_config + use_external_resource: true + resource_id: { get_secret: public_network_name } + + security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + openstack_config: *openstack_config + security_group: + name: security_group + description: generic security group + rules: + - remote_ip_prefix: 0.0.0.0/0 + port: 22 + - remote_ip_prefix: 0.0.0.0/0 + port: { get_input: webserver_port } + + ip: + type: cloudify.openstack.nodes.FloatingIP + properties: + openstack_config: *openstack_config + floatingip: + floating_network_name: { get_secret: external_network_name } + + cloudify_host_cloud_config: + type: cloudify.nodes.CloudConfig interfaces: cloudify.interfaces.lifecycle: - configure: scripts/configure.sh - start: scripts/start.sh - stop: scripts/stop.sh + create: + inputs: + cloud_config: + users: + - name: { get_input: agent_user } + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } outputs: - http_endpoint: - description: Web server external endpoint - value: { concat: ['http://', { get_attribute: [public_ip, floating_ip_address] }, - ':', { get_property: [http_web_server, port] }] } + + endpoint: + description: Web application endpoint + value: + concat: + - 'http://' + - { get_attribute: [ip, floating_ip_address] } + - ':' + - { get_input: webserver_port } + - '/' From 2d7d18f6a6f7c10bf130aa41be2451e2afa3a0b2 Mon Sep 17 00:00:00 2001 From: earthmant Date: Thu, 7 Dec 2017 15:40:41 +0200 Subject: [PATCH 5/8] updating openstack for 2.4.1.1 --- openstack-blueprint.yaml | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index c61a88c8..572e01fb 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -1,10 +1,11 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.0.1/plugin.yaml + - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.2/resources/rest-service/cloudify/types/types.yaml + - http://www.getcloudify.org/spec/openstack-plugin/2.4.1.1/plugin.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.1/plugin.yaml + - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.4.1/cloudify_cloudinit/types.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - types/cloud_config/cloud-config.yaml inputs: @@ -132,18 +133,16 @@ node_templates: floating_network_name: { get_secret: external_network_name } cloudify_host_cloud_config: - type: cloudify.nodes.CloudConfig - interfaces: - cloudify.interfaces.lifecycle: - create: - inputs: - cloud_config: - users: - - name: { get_input: agent_user } - shell: /bin/bash - sudo: ['ALL=(ALL) NOPASSWD:ALL'] - ssh-authorized-keys: - - { get_secret: agent_key_public } + type: cloudify.nodes.CloudInit.CloudConfig + properties: + resource_config: + manage_etc_hosts: True + users: + - name: { get_input: agent_user } + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } outputs: From 058d2ac347bf82daa1441bd2c068cddcf77e2051 Mon Sep 17 00:00:00 2001 From: earthmant Date: Thu, 7 Dec 2017 21:25:25 +0200 Subject: [PATCH 6/8] udpdate 1.5.1.2 --- aws-blueprint.yaml | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml index 41ef86b1..00f99397 100644 --- a/aws-blueprint.yaml +++ b/aws-blueprint.yaml @@ -1,8 +1,10 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - http://www.getcloudify.org/spec/cloudify/4.0.1/types.yaml - - http://www.getcloudify.org/spec/aws-plugin/1.4.9/plugin.yaml + - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.2/resources/rest-service/cloudify/types/types.yaml + - https://github.com/cloudify-cosmo/cloudify-aws-plugin/releases/download/1.5.1.2/plugin.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.1/plugin.yaml + - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.4.1/cloudify_cloudinit/types.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - types/cloud_config/cloud-config.yaml @@ -143,19 +145,15 @@ node_templates: target: cloudify_host_cloud_config cloudify_host_cloud_config: - type: cloudify.nodes.CloudConfig - interfaces: - cloudify.interfaces.lifecycle: - create: - inputs: - cloud_config: - users: - - name: { get_input: agent_user } - groups: sudo - shell: /bin/bash - sudo: ['ALL=(ALL) NOPASSWD:ALL'] - ssh-authorized-keys: - - { get_secret: agent_key_public } + type: cloudify.nodes.CloudInit.CloudConfig + properties: + resource_config: + users: + - name: { get_input: agent_user } + shell: /bin/bash + sudo: ['ALL=(ALL) NOPASSWD:ALL'] + ssh-authorized-keys: + - { get_secret: agent_key_public } elastic_ip: type: cloudify.aws.nodes.ElasticIP From 5952ebd29dd60607821528ce657e83a5feb3d2d4 Mon Sep 17 00:00:00 2001 From: earthmant Date: Wed, 27 Dec 2017 15:46:45 +0200 Subject: [PATCH 7/8] update version --- aws-blueprint.yaml | 51 ++++++++++++++++++++++++++++------- azure-blueprint.yaml | 58 +++++++++++++++++++++++++++------------- openstack-blueprint.yaml | 7 +++-- 3 files changed, 84 insertions(+), 32 deletions(-) diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml index 00f99397..69e7e219 100644 --- a/aws-blueprint.yaml +++ b/aws-blueprint.yaml @@ -1,11 +1,11 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.2/resources/rest-service/cloudify/types/types.yaml - - https://github.com/cloudify-cosmo/cloudify-aws-plugin/releases/download/1.5.1.2/plugin.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.1/plugin.yaml - - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.4.1/cloudify_cloudinit/types.yaml + - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml + - https://github.com/cloudify-cosmo/cloudify-aws-plugin/releases/download/1.5.1.2/plugin.yaml - types/cloud_config/cloud-config.yaml inputs: @@ -29,6 +29,39 @@ inputs: The AWS instance_type. Tested with m3.medium, although that is unnecessarily large. default: t2.micro + + vpc_id: + description: > + The ID of the VPC that the VM should be connected to. + default: { get_secret: vpc_id } + + public_subnet_id: + description: > + The ID of the public subnet in vpc_id. + This subnet should allow elastic IPs and it should also have either a NAT gateway or NAT instance. + default: { get_secret: public_subnet_id } + + private_subnet_id: + description: > + The ID of the private subnet in vpc_id. + This subnet should have internet routing to a NAT on another subnet. + default: { get_secret: private_subnet_id } + + availability_zone: + description: > + The availability zone where to create the VM, should be in the same availability zone as public_subnet_id. + default: { get_secret: availability_zone } + + agent_key_private: + description: > + The content of the agent's private key. + default: { get_secret: agent_key_private } + + agent_key_public: + description: > + The content of the agent's public key. + default: { get_secret: agent_key_public } + dsl_definitions: aws_config: &aws_config @@ -62,7 +95,7 @@ node_templates: install_method: remote user: { get_input: agent_user } port: 22 - key: { get_secret: agent_key_private } + key: { get_input: agent_key_private } relationships: - type: cloudify.aws.relationships.instance_connected_to_elastic_ip target: elastic_ip @@ -79,7 +112,7 @@ node_templates: block_device_map: '/dev/sda1': delete_on_termination: true - placement: { get_secret: availability_zone } + placement: { get_input: availability_zone } user_data: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } cloudify.interfaces.monitoring_agent: install: @@ -108,7 +141,7 @@ node_templates: properties: aws_config: *aws_config use_external_resource: true - resource_id: { get_secret: public_subnet_id } + resource_id: { get_input: public_subnet_id } cidr_block: N/A availability_zone: N/A relationships: @@ -138,7 +171,7 @@ node_templates: properties: aws_config: *aws_config use_external_resource: true - resource_id: { get_secret: vpc_id } + resource_id: { get_input: vpc_id } cidr_block: N/A relationships: - type: cloudify.relationships.depends_on @@ -153,7 +186,7 @@ node_templates: shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] ssh-authorized-keys: - - { get_secret: agent_key_public } + - { get_input: agent_key_public } elastic_ip: type: cloudify.aws.nodes.ElasticIP diff --git a/azure-blueprint.yaml b/azure-blueprint.yaml index 72697801..950e3b76 100644 --- a/azure-blueprint.yaml +++ b/azure-blueprint.yaml @@ -1,9 +1,11 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - http://www.getcloudify.org/spec/cloudify/4.0/types.yaml - - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/1.4.3/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.3/plugin.yaml + - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml + - http://www.getcloudify.org/spec/fabric-plugin/1.5/plugin.yaml + - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - http://www.getcloudify.org/spec/azure-plugin/1.4.3/plugin.yaml inputs: @@ -27,15 +29,33 @@ inputs: sku: { get_secret: ubuntu_trusty_image_sku } version: { get_secret: ubuntu_trusty_image_version } + location: + default: { get_secret: location } + + mgr_resource_group_name: + default: { get_secret: mgr_resource_group_name } + + mgr_virtual_network_name: + default: { get_secret: mgr_virtual_network_name } + + mgr_subnet_name: + default: { get_secret: mgr_subnet_name } + agent_user: description: The user name of the agent on the instance created from the image. default: ubuntu + agent_key_public: + default: { get_secret: agent_key_public } + + agent_key_private: + default: { get_secret: agent_key_private } + ssh_public_keys: description: the public key default: - path: {concat:[ '/home/', { get_input: agent_user }, '/.ssh/authorized_keys' ]} - keyData: { get_secret: agent_key_public } + keyData: { get_input: agent_key_public } webserver_port: description: The external web server port @@ -66,7 +86,7 @@ node_templates: host: type: cloudify.azure.nodes.compute.VirtualMachine properties: - location: { get_secret: location } + location: { get_input: location } retry_after: { get_input: retry_after } os_family: linux azure_config: *azure_config @@ -78,7 +98,7 @@ node_templates: user: { get_input: agent_user } install_method: remote port: 22 - key: { get_secret: agent_key_private } + key: { get_input: agent_key_private } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group @@ -110,7 +130,7 @@ node_templates: type: cloudify.azure.nodes.compute.AvailabilitySet properties: name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -120,7 +140,7 @@ node_templates: host_nic: type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: @@ -135,7 +155,7 @@ node_templates: type: cloudify.azure.nodes.network.NetworkSecurityGroup properties: name: {concat:[{get_input: resource_prefix},nsg,{get_input: resource_suffix}]} - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -169,7 +189,7 @@ node_templates: host_nic_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -183,11 +203,11 @@ node_templates: subnet: type: cloudify.azure.nodes.network.Subnet properties: - resource_group_name: { get_secret: mgr_resource_group_name } - name: { get_secret: mgr_subnet_name } + resource_group_name: { get_input: mgr_resource_group_name } + name: { get_input: mgr_subnet_name } azure_config: *azure_config use_external_resource: true - location: { get_secret: location } + location: { get_input: location } relationships: - type: cloudify.azure.relationships.contained_in_virtual_network target: virtual_network @@ -195,11 +215,11 @@ node_templates: virtual_network: type: cloudify.azure.nodes.network.VirtualNetwork properties: - resource_group_name: { get_secret: mgr_resource_group_name } - name: { get_secret: mgr_virtual_network_name } + resource_group_name: { get_input: mgr_resource_group_name } + name: { get_input: mgr_virtual_network_name } azure_config: *azure_config use_external_resource: true - location: { get_secret: location } + location: { get_input: location } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group @@ -207,7 +227,7 @@ node_templates: storage_account: type: cloudify.azure.nodes.storage.StorageAccount properties: - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -219,7 +239,7 @@ node_templates: ip: type: cloudify.azure.nodes.network.PublicIPAddress properties: - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -232,7 +252,7 @@ node_templates: type: cloudify.azure.nodes.ResourceGroup properties: name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} - location: { get_secret: location } + location: { get_input: location } azure_config: *azure_config outputs: diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index 572e01fb..eb39ccd6 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -1,11 +1,10 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.2/resources/rest-service/cloudify/types/types.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.4.1.1/plugin.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.1/plugin.yaml - - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.4.1/cloudify_cloudinit/types.yaml + - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml + - http://www.getcloudify.org/spec/openstack-plugin/2.5.0/plugin.yaml inputs: From 266922e339d497703cc0a815ff35c4403f8b30e4 Mon Sep 17 00:00:00 2001 From: earthmant Date: Thu, 28 Dec 2017 11:38:10 +0200 Subject: [PATCH 8/8] update version os --- openstack-blueprint.yaml | 63 +++++++++++++++++++++++++++++++++------- 1 file changed, 53 insertions(+), 10 deletions(-) diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index eb39ccd6..ceb8011e 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -8,6 +8,49 @@ imports: inputs: + keystone_username: + default: { get_secret: keystone_username } + + keystone_password: + default: { get_secret: keystone_password } + + keystone_tenant_name: + default: { get_secret: keystone_tenant_name } + + keystone_url: + default: { get_secret: keystone_url } + + region: + default: { get_secret: region } + + external_network_name: + default: { get_secret: external_network_name } + + router_name: + default: { get_secret: router_name } + + public_network_name: + default: { get_secret: public_network_name } + + private_network_name: + default: { get_secret: public_network_name } + + public_subnet_name: + default: { get_secret: public_subnet_name } + + private_subnet_name: + default: { get_secret: public_subnet_name } + + agent_key_private: + description: > + The content of the agent's private key. + default: { get_secret: agent_key_private } + + agent_key_public: + description: > + The content of the agent's public key. + default: { get_secret: agent_key_public } + webserver_port: description: The HTTP web server port default: 8080 @@ -30,11 +73,11 @@ inputs: dsl_definitions: openstack_config: &openstack_config - username: { get_secret: keystone_username } - password: { get_secret: keystone_password } - tenant_name: { get_secret: keystone_tenant_name } - auth_url: { get_secret: keystone_url } - region: { get_secret: region } + username: { get_input: keystone_username } + password: { get_input: keystone_password } + tenant_name: { get_input: keystone_tenant_name } + auth_url: { get_input: keystone_url } + region: { get_input: region } node_templates: @@ -59,7 +102,7 @@ node_templates: user: { get_input: agent_user } install_method: remote port: 22 - key: { get_secret: agent_key_private } + key: { get_input: agent_key_private } server: key_name: '' image: { get_input: image } @@ -99,7 +142,7 @@ node_templates: properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_secret: public_subnet_name } + resource_id: { get_input: public_subnet_name } relationships: - target: public_network type: cloudify.relationships.contained_in @@ -109,7 +152,7 @@ node_templates: properties: openstack_config: *openstack_config use_external_resource: true - resource_id: { get_secret: public_network_name } + resource_id: { get_input: public_network_name } security_group: type: cloudify.openstack.nodes.SecurityGroup @@ -129,7 +172,7 @@ node_templates: properties: openstack_config: *openstack_config floatingip: - floating_network_name: { get_secret: external_network_name } + floating_network_name: { get_input: external_network_name } cloudify_host_cloud_config: type: cloudify.nodes.CloudInit.CloudConfig @@ -141,7 +184,7 @@ node_templates: shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] ssh-authorized-keys: - - { get_secret: agent_key_public } + - { get_input: agent_key_public } outputs: