openstack/heat-templates
Code Issues Proposed changes

New heat templates for Openshift-Origin deployment using scalability functionality

Browse Source 
New heat templates for Openshift-Origin deployment using scalability functionality.
    Templates are based on the Openshift-Origin template
    (https://github.com/openstack/heat-templates/tree/master/openshift-origin/F19).
    The aim is to add scalability functionality to this template. Metric use
    for the scalability are cpu_util and nbgears. This second metric is
    a custom metric implemented by a bash script calling by cron to get
    from the broker node the number of gears used and the number of node
    connected, to determine when a new node is needed. The data is send to
    the Ceilometer V2 API and used in the heat template.
    To avoid compatibility issues due to changes in this project or
    in Puppet modules it depends, versions parameters are provided in hot templates.

    I implemented 5 templates :
    aws format :
      - openshift (1 node and 1 broker)
    hot format :
      - openshift (1 node and 1 broker)
      - openshift-scalable-cpu (scalable openshift environment using cpu_util metric)
      - openshift-scalable-nbgears (scalable openshift environment using nbgears custom metric)
      - openshift-scalable-cpu-nbgears (scalable openshift environment using cpu_util metric and nbgears custom metric)

Change-Id: Idfdf158ff6176c5ef6902e27a6e764e23171cf4c
Implements: blueprint heat-openshift-templates
This commit is contained in:
Antoine Abélard 2014-08-04 11:24:48 +02:00
parent f5e0cd3071
commit dd8cb1c9ad
11 changed files with 3016 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openshift-origin/F19/README.rst
View File

@ -3,11 +3,13 @@ OpenShift Origin Templates
==========================
This directory contains files for deploying OpenShift Origin to an OpenStack environment via Heat.
The template has been tested with the OpenStack Icehouse-2 release.
It includes the following files:
The templates has been tested with the OpenStack Icehouse 2014.1 release.
* `OpenShift.template` - heat template for launching OpenShift Origin with a single broker instance and a single node instance
It includes the following folders:
* `hot-template` - heat templates in HOT format for launching OpenShift Origin
* `aws-template` - heat templates in AWS format for launching OpenShift Origin
* `elements` - diskimage-builder elements to build images
To build with diskimage-builder, do the following in the parent directory of heat-templates::

10
openshift-origin/F19/aws-template/README.rst Normal file
View File

@ -0,0 +1,10 @@
=============================
OpenShift Origin AWS Template
=============================
This directory contains template for deploying OpenShift Origin to an OpenStack environment via Heat.
It includes the following file:
* `openshift.template` - heat templates in AWS format for launching OpenShift Origin with a single broker instance and a single node instance

200
openshift-origin/F19/OpenShift.template → openshift-origin/F19/aws-template/openshift.template
View File

@ -7,9 +7,7 @@
"KeyName": {
"Description": "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern": "[-_ a-zA-Z0-9]*"
"Default": "SSHKey"
},
"Prefix": {
"Description": "Your DNS Prefix",
@ -41,13 +39,13 @@
"BrokerHostname": {
"Description": "Hostname of Broker instance",
"Type": "String",
"Default": "openshift.brokerinstance.novalocal",
"Default": "brokerinstance",
"MinLength": "1"
},
"NodeHostname": {
"Description": "Hostname of Node instance",
"Type": "String",
"Default": "openshift.nodeinstance.novalocal",
"Default": "nodeinstance",
"MinLength": "1"
},
"Username": {
@ -60,13 +58,39 @@
"Type": "String",
"Default": "password"
},
"NetID": {
"Description": "ID of Neutron network into which servers get deployed",
"PublicNetID": {
"Description": "External network ID",
"Type": "String"
},
"SubnetID": {
"Description": "ID of Neutron subnet into which servers get deployed",
"Type": "String"
"PrivateNetworkName": {
"Description": "Name of the private network wich will be created",
"Type": "String",
"Default": "OpenShift-Network"
},
"PrivateNetworkCidr": {
"Description": "Private network address (CIDR format)",
"Type": "String",
"Default": "10.0.0.0/8"
},
"PrivateNetworkGateway": {
"Description": "Private network gateway",
"Type": "String",
"Default": "10.0.0.1"
},
"PrivateNetworkDNS": {
"Description": "Private network DNS",
"Type": "String",
"Default": "8.8.8.8"
},
"PrivateNetworkPoolStart": {
"Description": "Private network pool start",
"Type": "String",
"Default": "10.0.0.2"
},
"PrivateNetworkPoolEnd": {
"Description": "Private network pool end",
"Type": "String",
"Default": "10.255.255.254"
},
"DevMode": {
"Description": "Sets development mode and extra logging.",
@ -148,17 +172,66 @@
}
},
"PrivateNetwork":{
"Type": "OS::Neutron::Net",
"Properties": {
"name": { "Ref": "PrivateNetworkName" }
}
},
"PrivateSubNetwork":{
"Type": "OS::Neutron::Subnet",
"Properties": {
"network_id": { "Ref": "PrivateNetwork" },
"cidr": { "Ref": "PrivateNetworkCidr" },
"gateway_ip": { "Ref": "PrivateNetworkGateway" },
"dns_nameservers": [{ "Ref": "PrivateNetworkDNS" }],
"allocation_pools": [{
"start": {"Ref": "PrivateNetworkPoolStart"},
"end": {"Ref": "PrivateNetworkPoolEnd"}
}]
}
},
"Router":{
"Type": "OS::Neutron::Router"
},
"RouterGateway":{
"Type": "OS::Neutron::RouterGateway",
"Properties": {
"router_id": { "Ref": "Router" },
"network_id": { "Ref": "PublicNetID" }
}
},
"RouterInterface":{
"Type": "OS::Neutron::RouterInterface",
"Properties": {
"router_id": { "Ref": "Router" },
"subnet_id": { "Ref": "PrivateSubNetwork" }
}
},
"BrokerPort": {
"Type": "OS::Neutron::Port",
"Properties": {
"network_id": { "Ref": "NetID" },
"network_id": { "Ref": "PrivateNetwork" },
"fixed_ips": [{
"subnet_id": { "Ref": "SubnetID" }
"subnet_id": { "Ref": "PrivateSubNetwork" }
}],
"security_groups": [{ "Ref": "OpenShiftOriginSecurityGroup" }]
}
},
"BrokerFloatingIP": {
"Type": "OS::Neutron::FloatingIP",
"Properties": {
"floating_network_id": { "Ref": "PublicNetID" },
"port_id": { "Ref": "BrokerPort" }
}
},
"BrokerWaitHandle": {
"Type": "AWS::CloudFormation::WaitConditionHandle"
},
@ -205,31 +278,37 @@
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
"}\n",
"class { 'openshift_origin' :\n",
" roles => ['broker','nameserver','msgserver','datastore'],\n",
" bind_key => '${DNS_SEC_KEY}',\n",
" domain => '${PREFIX}',\n",
" roles => ['broker','nameserver','msgserver','datastore'],\n",
" bind_key => '${DNS_SEC_KEY}',\n",
" domain => '${PREFIX}',\n",
" register_host_with_nameserver => true,\n",
" conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],\n",
" ntp_servers => ['${UPSTREAM_NTP}'],\n",
" broker_hostname => \\$my_hostname,\n",
" nameserver_hostname => \\$my_hostname,\n",
" datastore_hostname => \\$my_hostname,\n",
" msgserver_hostname => \\$my_hostname,\n",
" broker_auth_plugin => 'htpasswd',\n",
" openshift_user1 => '${USERNAME}',\n",
" openshift_password1 => '${PASSWORD}',\n",
" development_mode => ${DEV_MODE},\n",
" ntp_servers => ['${UPSTREAM_NTP}'],\n",
" broker_hostname => \\$my_hostname,\n",
" nameserver_hostname => \\$my_hostname,\n",
" datastore_hostname => \\$my_hostname,\n",
" msgserver_hostname => \\$my_hostname,\n",
" broker_auth_plugin => 'htpasswd',\n",
" openshift_user1 => '${USERNAME}',\n",
" openshift_password1 => '${PASSWORD}',\n",
" development_mode => ${DEV_MODE},\n",
"}\n",
"EOF\n",
"mkdir -p /etc/puppet/modules\n",
"git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin", "\n",
"puppet module install rharrison/lokkit", "\n",
"puppet module install puppetlabs/ntp", "\n",
"puppet module install puppetlabs/stdlib", "\n",
"puppet module install blentz/selinux_types", "\n",
"puppet module install duritong/sysctl", "\n",
"puppet apply -v -d /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
"/opt/aws/bin/cfn-signal -e 0 --data \"${DNS_SEC_KEY}\" -r \"Broker setup complete\" \"${BROKER_WAIT_HANDLE}\"\n"
"puppet module install puppetlabs/ntp", "\n",
"puppet module install puppetlabs-concat", "\n",
"puppet module install rharrison-lokkit", "\n",
"puppet module install blentz-selinux_types", "\n",
"puppet module install puppetlabs/haproxy", "\n",
"puppet module install arioch/keepalived", "\n",
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
"setenforce 0", "\n",
"/opt/aws/bin/cfn-signal -e 0 --data \"${DNS_SEC_KEY}\" -r \"Broker setup complete\" \"${BROKER_WAIT_HANDLE}\"\n",
"chkconfig activemq on", "\n",
"service activemq start", "\n",
"setenforce 1", "\n"
]
]
}
@ -240,14 +319,22 @@
"NodePort": {
"Type": "OS::Neutron::Port",
"Properties": {
"network_id": { "Ref": "NetID" },
"network_id": { "Ref": "PrivateNetwork" },
"fixed_ips": [{
"subnet_id": { "Ref": "SubnetID" }
"subnet_id": { "Ref": "PrivateSubNetwork" }
}],
"security_groups": [{ "Ref": "OpenShiftOriginSecurityGroup" }]
}
},
"NodeFloatingIP": {
"Type": "OS::Neutron::FloatingIP",
"Properties": {
"floating_network_id": { "Ref": "PublicNetID" },
"port_id": { "Ref": "NodePort" }
}
},
"NodeWaitHandle": {
"Type": "AWS::CloudFormation::WaitConditionHandle"
},
@ -279,6 +366,7 @@
"#!/bin/bash -x\n",
"export DNS_SEC_KEY=\"`python -c 'print ",{ "Fn::GetAtt": [ "BrokerWaitCondition", "Data" ] },"[\"00000\"]'`\"\n",
"export BROKER_IP=", { "Fn::GetAtt": [ "BrokerInstance", "first_address" ] }, "\n",
"export NODE_FLOATING_IP=", { "Fn::GetAtt": [ "NodeFloatingIP", "floating_ip_address" ] }, "\n",
"export PREFIX=", { "Ref": "Prefix" }, "\n",
"export UPSTREAM_DNS=", { "Ref": "UpstreamDNS" }, "\n",
"export UPSTREAM_NTP=", { "Ref": "UpstreamNTP" }, "\n",
@ -293,30 +381,33 @@
" command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n",
"}\n",
"class { 'openshift_origin' :\n",
" roles => ['node'],\n",
" bind_key => '${DNS_SEC_KEY}',\n",
" nameserver_ip_addr => '${BROKER_IP}',\n",
" domain => '${PREFIX}',\n",
" roles => ['node'],\n",
" bind_key => '${DNS_SEC_KEY}',\n",
" nameserver_ip_addr => '${BROKER_IP}',\n",
" domain => '${PREFIX}',\n",
" register_host_with_nameserver => true,\n",
" broker_hostname => '${BROKER_IP}',\n",
" msgserver_hostname => '${BROKER_IP}',\n",
" ntp_servers => ['${UPSTREAM_NTP}'],\n",
" node_hostname => \\$my_hostname,\n",
" install_method => 'yum',\n",
" jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',\n",
" install_cartridges => ['php', 'mysql'],\n",
" development_mode => ${DEV_MODE},\n",
" broker_hostname => '${BROKER_IP}',\n",
" msgserver_hostname => '${BROKER_IP}',\n",
" ntp_servers => ['${UPSTREAM_NTP}'],\n",
" node_hostname => \\$my_hostname,\n",
" install_method => 'yum',\n",
" jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',\n",
" development_mode => ${DEV_MODE},\n",
" node_ip_addr => '${NODE_FLOATING_IP}',\n",
"}\n",
"EOF\n",
"mkdir -p /etc/puppet/modules\n",
"git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin", "\n",
"puppet module install rharrison/lokkit", "\n",
"puppet module install puppetlabs/ntp", "\n",
"puppet module install puppetlabs/stdlib", "\n",
"puppet module install blentz/selinux_types", "\n",
"puppet module install duritong/sysctl", "\n",
"puppet apply -v -d /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
"/opt/aws/bin/cfn-signal -e 0 -r \"Node setup complete\" \"${NODE_WAIT_HANDLE}\"\n"
"puppet module install puppetlabs/ntp", "\n",
"puppet module install duritong-sysctl", "\n",
"puppet module install rharrison-lokkit", "\n",
"puppet module install puppetlabs/haproxy", "\n",
"puppet module install arioch/keepalived", "\n",
"puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n",
"setenforce 0", "\n",
"/opt/aws/bin/cfn-signal -e 0 -r \"Node setup complete\" \"${NODE_WAIT_HANDLE}\"\n",
"setenforce 1", "\n"
]
]
}
@ -327,12 +418,9 @@
"Outputs" : {
"OpenShiftConsole" : {
"Value" : { "Fn::Join" : ["", ["https://", { "Fn::GetAtt" : [ "BrokerInstance", "first_address" ]}, "/console"]] },
"Description" : "URL for OpenShift Origin cConsole"
},
"NameServerEntry" : {
"Value" : { "Fn::Join" : ["", ["nameserver ", { "Fn::GetAtt" : [ "BrokerInstance", "first_address" ]}]] },
"Description" : "Entry to insert into /etc/resolv.conf for application host names to resolve"
"Value" : { "Fn::Join" : ["", ["https://", { "Fn::GetAtt" : [ "BrokerFloatingIP", "floating_ip_address" ]}, "/console"]] },
"Description" : "URL for OpenShift Origin Console"
}
}
}

18
openshift-origin/F19/hot-template/README.rst Normal file
View File

@ -0,0 +1,18 @@
==============================
OpenShift Origin HOT Templates
==============================
This directory contains templates for deploying OpenShift Origin to an OpenStack environment via Heat.
To install OpenShift Origin, this Puppet module is used : https://github.com/openshift/puppet-openshift_origin.
To avoid compatibility issues due to changes in this project or in Puppet modules it depends, versions parameters are provided.
So, if you leave the default _version parameters, the commands executed on the instances install a specific version of puppet modules needed. The version installed is a production version which as been verified as working.
If you want to use the latest versions, you have to select the other value. The commands executed on the instances don't install a specific version of puppet modules needed. So the lastest version will be installed.
It includes the following folders:
* `openshift` - heat templates in HOT format for launching OpenShift Origin with a single broker instance and a single node instance
* `openshift-scalable-cpu` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on cpu_util Ceilometer metric
* `openshift-scalable-nbgears` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on number of deployed gears on OpenShift node instances (using a custom metric based on bash script that send the data periodically to the Ceilometer API using cron)
* `openshift-scalable-cpu-nbgears` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on cpu_util Ceilometer metric and on number of deploy gears on OpenShift node instances (using a custom metric based on bash script that send the data periodically to the Ceilometer API using cron)

295
openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/nodeinstance.yaml Normal file
View File

@ -0,0 +1,295 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
private_network:
description: private network.
type: string
private_sub_network:
description: private sub network.
type: string
security_group:
description: security group.
type: string
broker_ip:
description: broker ip.
type: string
broker_wait_condition_data:
description: broker wait condition data.
type: string
metadata:
type: json
ssh_key:
description: SSHKey created in principal template file
type: string
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
node_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
node_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: node_instance
properties:
Handle: {get_resource: node_wait_handle}
Timeout: 1800
node_port:
type: OS::Neutron::Port
properties:
network_id: {get_param: private_network}
fixed_ips: [
subnet_id: {get_param: private_sub_network}
]
security_groups: [{get_param: security_group}]
node_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: node_port}
node_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'`
export BROKER_IP=$BrokerIP
export NODE_FLOATING_IP=$NodeFloatingIP
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export NODE_WAIT_HANDLE="$NodeWaitHandle"
export HOSTNAME=$NodeHostname
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['node'],
bind_key => '${DNS_SEC_KEY}',
nameserver_ip_addr => '${BROKER_IP}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
broker_hostname => '${BROKER_IP}',
msgserver_hostname => '${BROKER_IP}',
ntp_servers => ['${UPSTREAM_NTP} iburst'],
node_hostname => \$my_hostname,
install_method => 'yum',
jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',
development_mode => ${DEV_MODE},
node_ip_addr => '${NODE_FLOATING_IP}',
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $SysctlVersion
puppet module install $LokkitVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE}
setenforce 1
params:
$BrokerWaitConditionData: {get_param: broker_wait_condition_data}
$BrokerIP: {get_param: broker_ip}
$NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]}
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$NodeWaitHandle: {get_resource: node_wait_handle}
$NodeHostname: {get_param: node_hostname}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$SysctlVersion: {get_param: sysctl_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
node_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_node_name}
flavor: {get_param: node_flavor}
key_name: {get_param: ssh_key}
networks: [
port: {get_resource: node_port}
]
user_data: {get_resource: node_user_data}
user_data_format: RAW
metadata: {get_param: metadata}

513
openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/openshift.yaml Normal file
View File

@ -0,0 +1,513 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
controller_ip:
description: The IP address of the OpenStack Controller
type: string
default: 192.168.202.101
tenant_name:
description: The tenant name
type: string
default: admin
openstack_username:
description: Username of your Openstack account
type: string
default: admin
openstack_password:
description: Password of your Openstack account
type: string
default: network
node_instance_group_template_repo_address:
description: Repository address of the NodeInstanceGroup Template
type: string
public_ssh_key:
description: Public key that will be used for SSH connection to instances
type: string
ssh_key_name:
description: SSHKey name
type: string
default: OpenshiftSSHKey
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
openshift_origin_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: OpenShift Origin Firewall Rules
rules: [
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": icmp
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 22,
"port_range_max": 22
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": udp,
"port_range_min": 53,
"port_range_max": 53
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 80,
"port_range_max": 80
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 443,
"port_range_max": 443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8443,
"port_range_max": 8443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8000,
"port_range_max": 8000
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8080,
"port_range_max": 8080
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 61613,
"port_range_max": 61613
}
]
ssh_key:
type: OS::Nova::KeyPair
properties:
name: {get_param: ssh_key_name}
public_key: {get_param: public_ssh_key}
private_network:
type: OS::Neutron::Net
properties:
name: {get_param: private_network_name}
private_sub_network:
type: OS::Neutron::Subnet
properties:
network_id: {get_resource: private_network}
cidr: {get_param: private_network_cidr}
gateway_ip: {get_param: private_network_gateway}
dns_nameservers: [ {get_param: private_network_dns} ]
allocation_pools: [{
"start": {get_param: private_network_pool_start},
"end": {get_param: private_network_pool_end}
}]
router:
type: OS::Neutron::Router
router_gateway:
type: OS::Neutron::RouterGateway
properties:
router_id: {get_resource: router}
network_id: {get_param: public_net_id}
router_interface:
type: OS::Neutron::RouterInterface
properties:
router_id: {get_resource: router}
subnet_id: {get_resource: private_sub_network}
broker_port:
type: OS::Neutron::Port
properties:
network_id: {get_resource: private_network}
fixed_ips: [
subnet_id: {get_resource: private_sub_network}
]
security_groups: [{get_resource: openshift_origin_security_group}]
broker_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: broker_port}
broker_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
broker_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: broker_instance
properties:
Handle: {get_resource: broker_wait_handle}
Timeout: 1800
broker_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix
export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'`
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export BROKER_WAIT_HANDLE="$BrokerWaitHandle"
export HOSTNAME=$BrokerHostname
export USERNAME=$Username
export PASSWORD=$Password
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['broker','nameserver','msgserver','datastore'],
bind_key => '${DNS_SEC_KEY}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],
ntp_servers => ['${UPSTREAM_NTP} iburst'],
broker_hostname => \$my_hostname,
nameserver_hostname => \$my_hostname,
datastore_hostname => \$my_hostname,
msgserver_hostname => \$my_hostname,
broker_auth_plugin => 'htpasswd',
openshift_user1 => '${USERNAME}',
openshift_password1 => '${PASSWORD}',
development_mode => ${DEV_MODE},
}
EOF
cat << EOF > ~/nbGears.sh
#!/bin/bash -x
MEMORY=\$(cat /proc/meminfo | grep "MemTotal:" | cut -d : -f 2 | tr -d ' ' | tr -d 'kB')
GEARS=\$(/usr/sbin/oo-stats | grep "Gears active count" | cut -d : -f 2 | cut -d " " -f 2)
NODES=\$(/usr/sbin/oo-stats | grep "Nodes count" | cut -d : -f 2 | cut -d " " -f 2)
let "GEARSPERNODE=\$MEMORY/512000"
let "RESULT=\$GEARS*100/\$NODES/\$GEARSPERNODE"
curl http://$ControllerIP:35357/v2.0/tokens -X POST -H "Content-Type: application/json" -d '{"auth": {"tenantName": "$TenantName", "passwordCredentials": {"username": "$UserName", "password": "$OpenStackPassword"}}}' > auth_token.dat
TOKEN=\$(awk -F"[,:]" '{for(i=1;i<=NF;i++)
{if(\$i~/id\042/)
{print \$(i+1)}
}
}' auth_token.dat | awk -F'"' '{print \$2; exit}')
curl -X POST -H "X-Auth-Token: \$TOKEN" -H 'Content-Type: application/json' -d '[{"counter_name": "gear", "user_id": "1", "resource_id": "1","counter_unit": "%", "counter_volume":'"\$RESULT"', "project_id": "1", "counter_type": "gauge"}]' http://$ControllerIP:8777/v2/meters/gear
EOF
chmod 744 ~/nbGears.sh
cat << EOF > /etc/cron.d/cronNbGears
* * * * * root ~/nbGears.sh
EOF
/sbin/service crond restart
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $ConcatVersion
puppet module install $LokkitVersion
puppet module install $SelinuxVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE}
chkconfig activemq on
service activemq start
setenforce 1
params:
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$BrokerWaitHandle: {get_resource: broker_wait_handle}
$BrokerHostname: {get_param: broker_hostname}
$Username: {get_param: username}
$Password: {get_param: password}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$ConcatVersion: {get_param: concat_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
$ControllerIP: {get_param: controller_ip}
$TenantName: {get_param: tenant_name}
$UserName: {get_param: openstack_username}
$OpenStackPassword: {get_param: openstack_password}
broker_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_broker_name}
flavor: {get_param: broker_flavor}
key_name: {get_resource: ssh_key}
networks: [
port: {get_resource: broker_port}
]
user_data: {get_resource: broker_user_data}
user_data_format: RAW
node_instance_group:
type: OS::Heat::AutoScalingGroup
depends_on:
- router_gateway
- broker_wait_condition
properties:
min_size: 1
max_size: 4
resource:
type: {get_param: node_instance_group_template_repo_address}
properties:
metadata: {"metering.group": "node_instance_group"}
private_network: {get_resource: private_network}
private_sub_network: {get_resource: private_sub_network}
ssh_key: {get_resource: ssh_key}
security_group: {get_resource: openshift_origin_security_group}
broker_ip: {get_attr: [broker_instance, first_address]}
broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]}
scale_up_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: 1
scale_down_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: -1
cpu_alarm_high:
type: OS::Ceilometer::Alarm
properties:
description: Scale-up if the average CPU > 80% for 1 minute
meter_name: cpu_util
statistic: avg
period: 60
evaluation_periods: 1
threshold: 80
alarm_actions:
- {get_attr: [scale_up_policy, alarm_url]}
comparison_operator: gt
matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'}
cpu_alarm_low:
type: OS::Ceilometer::Alarm
properties:
description: Scale-down if the average CPU < 20% for 10 minutes
meter_name: cpu_util
statistic: avg
period: 600
evaluation_periods: 1
threshold: 20
alarm_actions:
- {get_attr: [scale_down_policy, alarm_url]}
comparison_operator: lt
matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'}
gears_alarm_high:
type: OS::Ceilometer::Alarm
properties:
description: Scale-up if the average number of Gears is > 4 / node for 2 minutes
meter_name: gear
statistic: avg
period: 120
evaluation_periods: 1
threshold: 80
alarm_actions:
- {get_attr: [scale_up_policy, alarm_url]}
comparison_operator: gt
gears_alarm_low:
type: OS::Ceilometer::Alarm
properties:
description: Scale-down if the average number of Gears is < 1 / node for 10 minutes
meter_name: gear
statistic: avg
period: 600
evaluation_periods: 1
threshold: 20
alarm_actions:
- {get_attr: [scale_down_policy, alarm_url]}
comparison_operator: lt

295
openshift-origin/F19/hot-template/openshift-scalable-cpu/nodeinstance.yaml Normal file
View File

@ -0,0 +1,295 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
private_network:
description: private network.
type: string
private_sub_network:
description: private sub network.
type: string
security_group:
description: security group.
type: string
broker_ip:
description: broker ip.
type: string
broker_wait_condition_data:
description: broker wait condition data.
type: string
metadata:
type: json
ssh_key:
description: SSHKey created in principal template file
type: string
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
node_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
node_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: node_instance
properties:
Handle: {get_resource: node_wait_handle}
Timeout: 1800
node_port:
type: OS::Neutron::Port
properties:
network_id: {get_param: private_network}
fixed_ips: [
subnet_id: {get_param: private_sub_network}
]
security_groups: [{get_param: security_group}]
node_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: node_port}
node_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'`
export BROKER_IP=$BrokerIP
export NODE_FLOATING_IP=$NodeFloatingIP
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export NODE_WAIT_HANDLE="$NodeWaitHandle"
export HOSTNAME=$NodeHostname
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['node'],
bind_key => '${DNS_SEC_KEY}',
nameserver_ip_addr => '${BROKER_IP}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
broker_hostname => '${BROKER_IP}',
msgserver_hostname => '${BROKER_IP}',
ntp_servers => ['${UPSTREAM_NTP} iburst'],
node_hostname => \$my_hostname,
install_method => 'yum',
jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',
development_mode => ${DEV_MODE},
node_ip_addr => '${NODE_FLOATING_IP}',
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $SysctlVersion
puppet module install $LokkitVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE}
setenforce 1
params:
$BrokerWaitConditionData: {get_param: broker_wait_condition_data}
$BrokerIP: {get_param: broker_ip}
$NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]}
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$NodeWaitHandle: {get_resource: node_wait_handle}
$NodeHostname: {get_param: node_hostname}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$SysctlVersion: {get_param: sysctl_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
node_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_node_name}
flavor: {get_param: node_flavor}
key_name: {get_param: ssh_key}
networks: [
port: {get_resource: node_port}
]
user_data: {get_resource: node_user_data}
user_data_format: RAW
metadata: {get_param: metadata}

467
openshift-origin/F19/hot-template/openshift-scalable-cpu/openshift.yaml Normal file
View File

@ -0,0 +1,467 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
controller_ip:
description: The IP address of the OpenStack Controller
type: string
default: 192.168.202.101
tenant_name:
description: The tenant name
type: string
default: admin
openstack_username:
description: Username of your Openstack account
type: string
default: admin
openstack_password:
description: Password of your Openstack account
type: string
default: network
node_instance_group_template_repo_address:
description: Repository address of the NodeInstanceGroup Template
type: string
public_ssh_key:
description: Public key that will be used for SSH connection to instances
type: string
ssh_key_name:
description: SSHKey name
type: string
default: OpenshiftSSHKey
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
openshift_origin_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: OpenShift Origin Firewall Rules
rules: [
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": icmp
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 22,
"port_range_max": 22
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": udp,
"port_range_min": 53,
"port_range_max": 53
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 80,
"port_range_max": 80
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 443,
"port_range_max": 443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8443,
"port_range_max": 8443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8000,
"port_range_max": 8000
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8080,
"port_range_max": 8080
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 61613,
"port_range_max": 61613
}
]
ssh_key:
type: OS::Nova::KeyPair
properties:
name: {get_param: ssh_key_name}
public_key: {get_param: public_ssh_key}
private_network:
type: OS::Neutron::Net
properties:
name: {get_param: private_network_name}
private_sub_network:
type: OS::Neutron::Subnet
properties:
network_id: {get_resource: private_network}
cidr: {get_param: private_network_cidr}
gateway_ip: {get_param: private_network_gateway}
dns_nameservers: [ {get_param: private_network_dns} ]
allocation_pools: [{
"start": {get_param: private_network_pool_start},
"end": {get_param: private_network_pool_end}
}]
router:
type: OS::Neutron::Router
router_gateway:
type: OS::Neutron::RouterGateway
properties:
router_id: {get_resource: router}
network_id: {get_param: public_net_id}
router_interface:
type: OS::Neutron::RouterInterface
properties:
router_id: {get_resource: router}
subnet_id: {get_resource: private_sub_network}
broker_port:
type: OS::Neutron::Port
properties:
network_id: {get_resource: private_network}
fixed_ips: [
subnet_id: {get_resource: private_sub_network}
]
security_groups: [{get_resource: openshift_origin_security_group}]
broker_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: broker_port}
broker_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
broker_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: broker_instance
properties:
Handle: {get_resource: broker_wait_handle}
Timeout: 1800
broker_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix
export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'`
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export BROKER_WAIT_HANDLE="$BrokerWaitHandle"
export HOSTNAME=$BrokerHostname
export USERNAME=$Username
export PASSWORD=$Password
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['broker','nameserver','msgserver','datastore'],
bind_key => '${DNS_SEC_KEY}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],
ntp_servers => ['${UPSTREAM_NTP} iburst'],
broker_hostname => \$my_hostname,
nameserver_hostname => \$my_hostname,
datastore_hostname => \$my_hostname,
msgserver_hostname => \$my_hostname,
broker_auth_plugin => 'htpasswd',
openshift_user1 => '${USERNAME}',
openshift_password1 => '${PASSWORD}',
development_mode => ${DEV_MODE},
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $ConcatVersion
puppet module install $LokkitVersion
puppet module install $SelinuxVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE}
chkconfig activemq on
service activemq start
setenforce 1
params:
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$BrokerWaitHandle: {get_resource: broker_wait_handle}
$BrokerHostname: {get_param: broker_hostname}
$Username: {get_param: username}
$Password: {get_param: password}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$ConcatVersion: {get_param: concat_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
$ControllerIP: {get_param: controller_ip}
$TenantName: {get_param: tenant_name}
$UserName: {get_param: openstack_username}
$OpenStackPassword: {get_param: openstack_password}
broker_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_broker_name}
flavor: {get_param: broker_flavor}
key_name: {get_resource: ssh_key}
networks: [
port: {get_resource: broker_port}
]
user_data: {get_resource: broker_user_data}
user_data_format: RAW
node_instance_group:
type: OS::Heat::AutoScalingGroup
depends_on:
- router_gateway
- broker_wait_condition
properties:
min_size: 1
max_size: 4
resource:
type: {get_param: node_instance_group_template_repo_address}
properties:
metadata: {"metering.group": "node_instance_group"}
private_network: {get_resource: private_network}
private_sub_network: {get_resource: private_sub_network}
ssh_key: {get_resource: ssh_key}
security_group: {get_resource: openshift_origin_security_group}
broker_ip: {get_attr: [broker_instance, first_address]}
broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]}
scale_up_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: 1
scale_down_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: -1
cpu_alarm_high:
type: OS::Ceilometer::Alarm
properties:
description: Scale-up if the average CPU > 80% for 1 minute
meter_name: cpu_util
statistic: avg
period: 60
evaluation_periods: 1
threshold: 80
alarm_actions:
- {get_attr: [scale_up_policy, alarm_url]}
comparison_operator: gt
matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'}
cpu_alarm_low:
type: OS::Ceilometer::Alarm
properties:
description: Scale-down if the average CPU < 20% for 10 minutes
meter_name: cpu_util
statistic: avg
period: 600
evaluation_periods: 1
threshold: 20
alarm_actions:
- {get_attr: [scale_down_policy, alarm_url]}
comparison_operator: lt
matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'}

292
openshift-origin/F19/hot-template/openshift-scalable-nbgears/nodeinstance.yaml Normal file
View File

@ -0,0 +1,292 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
private_network:
description: private network.
type: string
private_sub_network:
description: private sub network.
type: string
security_group:
description: security group.
type: string
broker_ip:
description: broker ip.
type: string
broker_wait_condition_data:
description: broker wait condition data.
type: string
ssh_key:
description: SSHKey created in principal template file
type: string
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
node_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
node_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: node_instance
properties:
Handle: {get_resource: node_wait_handle}
Timeout: 1800
node_port:
type: OS::Neutron::Port
properties:
network_id: {get_param: private_network}
fixed_ips: [
subnet_id: {get_param: private_sub_network}
]
security_groups: [{get_param: security_group}]
node_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: node_port}
node_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'`
export BROKER_IP=$BrokerIP
export NODE_FLOATING_IP=$NodeFloatingIP
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export NODE_WAIT_HANDLE="$NodeWaitHandle"
export HOSTNAME=$NodeHostname
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['node'],
bind_key => '${DNS_SEC_KEY}',
nameserver_ip_addr => '${BROKER_IP}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
broker_hostname => '${BROKER_IP}',
msgserver_hostname => '${BROKER_IP}',
ntp_servers => ['${UPSTREAM_NTP} iburst'],
node_hostname => \$my_hostname,
install_method => 'yum',
jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',
development_mode => ${DEV_MODE},
node_ip_addr => '${NODE_FLOATING_IP}',
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $SysctlVersion
puppet module install $LokkitVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE}
setenforce 1
params:
$BrokerWaitConditionData: {get_param: broker_wait_condition_data}
$BrokerIP: {get_param: broker_ip}
$NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]}
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$NodeWaitHandle: {get_resource: node_wait_handle}
$NodeHostname: {get_param: node_hostname}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$SysctlVersion: {get_param: sysctl_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
node_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_node_name}
flavor: {get_param: node_flavor}
key_name: {get_param: ssh_key}
networks: [
port: {get_resource: node_port}
]
user_data: {get_resource: node_user_data}
user_data_format: RAW

484
openshift-origin/F19/hot-template/openshift-scalable-nbgears/openshift.yaml Normal file
View File

@ -0,0 +1,484 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
controller_ip:
description: The IP address of the OpenStack Controller
type: string
default: 192.168.202.101
tenant_name:
description: The tenant name
type: string
default: admin
openstack_username:
description: Username of your Openstack account
type: string
default: admin
openstack_password:
description: Password of your Openstack account
type: string
default: network
node_instance_group_template_repo_address:
description: Repository address of the NodeInstanceGroup Template
type: string
public_ssh_key:
description: Public key that will be used for SSH connection to instances
type: string
ssh_key_name:
description: SSHKey name
type: string
default: OpenshiftSSHKey
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
openshift_origin_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: OpenShift Origin Firewall Rules
rules: [
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": icmp
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 22,
"port_range_max": 22
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": udp,
"port_range_min": 53,
"port_range_max": 53
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 80,
"port_range_max": 80
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 443,
"port_range_max": 443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8443,
"port_range_max": 8443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8000,
"port_range_max": 8000
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8080,
"port_range_max": 8080
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 61613,
"port_range_max": 61613
}
]
ssh_key:
type: OS::Nova::KeyPair
properties:
name: {get_param: ssh_key_name}
public_key: {get_param: public_ssh_key}
private_network:
type: OS::Neutron::Net
properties:
name: {get_param: private_network_name}
private_sub_network:
type: OS::Neutron::Subnet
properties:
network_id: {get_resource: private_network}
cidr: {get_param: private_network_cidr}
gateway_ip: {get_param: private_network_gateway}
dns_nameservers: [ {get_param: private_network_dns} ]
allocation_pools: [{
"start": {get_param: private_network_pool_start},
"end": {get_param: private_network_pool_end}
}]
router:
type: OS::Neutron::Router
router_gateway:
type: OS::Neutron::RouterGateway
properties:
router_id: {get_resource: router}
network_id: {get_param: public_net_id}
router_interface:
type: OS::Neutron::RouterInterface
properties:
router_id: {get_resource: router}
subnet_id: {get_resource: private_sub_network}
broker_port:
type: OS::Neutron::Port
properties:
network_id: {get_resource: private_network}
fixed_ips: [
subnet_id: {get_resource: private_sub_network}
]
security_groups: [{get_resource: openshift_origin_security_group}]
broker_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: broker_port}
broker_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
broker_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: broker_instance
properties:
Handle: {get_resource: broker_wait_handle}
Timeout: 1800
broker_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix
export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'`
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export BROKER_WAIT_HANDLE="$BrokerWaitHandle"
export HOSTNAME=$BrokerHostname
export USERNAME=$Username
export PASSWORD=$Password
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['broker','nameserver','msgserver','datastore'],
bind_key => '${DNS_SEC_KEY}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],
ntp_servers => ['${UPSTREAM_NTP} iburst'],
broker_hostname => \$my_hostname,
nameserver_hostname => \$my_hostname,
datastore_hostname => \$my_hostname,
msgserver_hostname => \$my_hostname,
broker_auth_plugin => 'htpasswd',
openshift_user1 => '${USERNAME}',
openshift_password1 => '${PASSWORD}',
development_mode => ${DEV_MODE},
}
EOF
cat << EOF > ~/nbGears.sh
#!/bin/bash -x
MEMORY=\$(cat /proc/meminfo | grep "MemTotal:" | cut -d : -f 2 | tr -d ' ' | tr -d 'kB')
GEARS=\$(/usr/sbin/oo-stats | grep "Gears active count" | cut -d : -f 2 | cut -d " " -f 2)
NODES=\$(/usr/sbin/oo-stats | grep "Nodes count" | cut -d : -f 2 | cut -d " " -f 2)
let "GEARSPERNODE=\$MEMORY/512000"
let "RESULT=\$GEARS*100/\$NODES/\$GEARSPERNODE"
curl http://$ControllerIP:35357/v2.0/tokens -X POST -H "Content-Type: application/json" -d '{"auth": {"tenantName": "$TenantName", "passwordCredentials": {"username": "$UserName", "password": "$OpenStackPassword"}}}' > auth_token.dat
TOKEN=\$(awk -F"[,:]" '{for(i=1;i<=NF;i++)
{if(\$i~/id\042/)
{print \$(i+1)}
}
}' auth_token.dat | awk -F'"' '{print \$2; exit}')
curl -X POST -H "X-Auth-Token: \$TOKEN" -H 'Content-Type: application/json' -d '[{"counter_name": "gear", "user_id": "1", "resource_id": "1","counter_unit": "%", "counter_volume":'"\$RESULT"', "project_id": "1", "counter_type": "gauge"}]' http://$ControllerIP:8777/v2/meters/gear
EOF
chmod 744 ~/nbGears.sh
cat << EOF > /etc/cron.d/cronNbGears
* * * * * root ~/nbGears.sh
EOF
/sbin/service crond restart
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $ConcatVersion
puppet module install $LokkitVersion
puppet module install $SelinuxVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE}
chkconfig activemq on
service activemq start
setenforce 1
params:
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$BrokerWaitHandle: {get_resource: broker_wait_handle}
$BrokerHostname: {get_param: broker_hostname}
$Username: {get_param: username}
$Password: {get_param: password}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$ConcatVersion: {get_param: concat_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
$ControllerIP: {get_param: controller_ip}
$TenantName: {get_param: tenant_name}
$UserName: {get_param: openstack_username}
$OpenStackPassword: {get_param: openstack_password}
broker_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_broker_name}
flavor: {get_param: broker_flavor}
key_name: {get_resource: ssh_key}
networks: [
port: {get_resource: broker_port}
]
user_data: {get_resource: broker_user_data}
user_data_format: RAW
node_instance_group:
type: OS::Heat::AutoScalingGroup
depends_on:
- router_gateway
- broker_wait_condition
properties:
min_size: 1
max_size: 4
resource:
type: {get_param: node_instance_group_template_repo_address}
properties:
private_network: {get_resource: private_network}
private_sub_network: {get_resource: private_sub_network}
ssh_key: {get_resource: ssh_key}
security_group: {get_resource: openshift_origin_security_group}
broker_ip: {get_attr: [broker_instance, first_address]}
broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]}
scale_up_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: 1
scale_down_policy:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: change_in_capacity
auto_scaling_group_id: {get_resource: node_instance_group}
cooldown: 60
scaling_adjustment: -1
gears_alarm_high:
type: OS::Ceilometer::Alarm
properties:
description: Scale-up if the average number of Gears is > 4 / node for 2 minutes
meter_name: gear
statistic: avg
period: 120
evaluation_periods: 1
threshold: 80
alarm_actions:
- {get_attr: [scale_up_policy, alarm_url]}
comparison_operator: gt
gears_alarm_low:
type: OS::Ceilometer::Alarm
properties:
description: Scale-down if the average number of Gears is < 1 / node for 10 minutes
meter_name: gear
statistic: avg
period: 600
evaluation_periods: 1
threshold: 20
alarm_actions:
- {get_attr: [scale_down_policy, alarm_url]}
comparison_operator: lt

493
openshift-origin/F19/hot-template/openshift/openshift.yaml Normal file
View File

@ -0,0 +1,493 @@
heat_template_version: 2013-05-23
description: Template for setting up an OpenShift Origin environment
parameters:
prefix:
description: Your DNS Prefix
type: string
default: example.com
upstream_dns:
description: Upstream DNS server
type: string
default: 8.8.8.8
upstream_ntp:
description: Upstream NTP server
type: string
default: clock.redhat.com
broker_flavor:
description: Flavor of Broker instance
type: string
default: m1.medium
node_flavor:
description: Flavor of Node instance
type: string
default: m1.medium
broker_hostname:
description: Hostname of Broker instance
type: string
default: brokerinstance
node_hostname:
description: Hostname of Node instance
type: string
default: nodeinstance
username:
description: Username for accessing OpenShift Origin
type: string
default: openshift
password:
description: Password for accessing OpenShift Origin
type: string
default: password
public_net_id:
description: External network ID
type: string
private_network_name:
description: Name of the private network wich will be created
type: string
default: OpenShift-Network
private_network_cidr:
description: Private network address (CIDR format)
type: string
default: 10.0.0.0/8
private_network_gateway:
description: Private network gateway
type: string
default: 10.0.0.1
private_network_dns:
description: Private network DNS
type: string
default: 8.8.8.8
private_network_pool_start:
description: Private network pool start
type: string
default: 10.0.0.2
private_network_pool_end:
description: Private network pool end
type: string
default: 10.255.255.254
dev_mode:
description: Sets development mode and extra logging.
type: string
default: false
puppet_module_url:
description: Sets the URL to pull the OpenShift Origin Puppet module from.
type: string
default: https://github.com/openshift/puppet-openshift_origin.git
puppet_module_branch:
description: Sets the repo branch to pull the OpenShift Origin Puppet module from.
type: string
default: master
public_ssh_key:
description: Public key that will be used for SSH connection to instances
type: string
ssh_key_name:
description: SSHKey name
type: string
default: OpenshiftSSHKey
image_broker_name:
description: Name of the image you have created for the broker with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-broker
image_node_name:
description: Name of the image you have created for the node with diskimage-builder
type: string
default: F19-x86_64-openshift-origin-node
openshift_version:
description: Version of openshift puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- git checkout 722687c
- git checkout master
default: git checkout 722687c
stdlib_version:
description: Version of stdlib puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/stdlib --version 4.3.2
- puppetlabs/stdlib
default: puppetlabs/stdlib --version 4.3.2
ntp_version:
description: Version of ntp puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/ntp --version 3.1.2
- puppetlabs/ntp
default: puppetlabs/ntp --version 3.1.2
concat_version:
description: Version of concat puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs-concat --version 1.0.4
- puppetlabs-concat
default: puppetlabs-concat --version 1.0.4
lokkit_version:
description: Version of lokkit puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- rharrison-lokkit --version 0.5.0
- rharrison-lokkit
default: rharrison-lokkit --version 0.5.0
selinux_types_version:
description: Version of selinux_types puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- blentz-selinux_types --version 0.1.0
- blentz-selinux_types
default: blentz-selinux_types --version 0.1.0
haproxy_version:
description: Version of haproxy puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- puppetlabs/haproxy --version 1.0.0
- puppetlabs/haproxy
default: puppetlabs/haproxy --version 1.0.0
keepalived_version:
description: Version of keepalived puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- arioch/keepalived --version 0.1.0
- arioch/keepalived
default: arioch/keepalived --version 0.1.0
sysctl_version:
description: Version of sysctl puppet module, leave the default value if you want to use a production version
type: string
constraints:
- allowed_values:
- duritong-sysctl --version 0.0.4
- duritong-sysctl
default: duritong-sysctl --version 0.0.4
resources:
openshift_origin_security_group:
type: OS::Neutron::SecurityGroup
properties:
description: OpenShift Origin Firewall Rules
rules: [
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": icmp
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 22,
"port_range_max": 22
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": udp,
"port_range_min": 53,
"port_range_max": 53
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 80,
"port_range_max": 80
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 443,
"port_range_max": 443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8443,
"port_range_max": 8443
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8000,
"port_range_max": 8000
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 8080,
"port_range_max": 8080
},
{
"remote_ip_prefix": 0.0.0.0/0,
"protocol": tcp,
"port_range_min": 61613,
"port_range_max": 61613
}
]
ssh_key:
type: OS::Nova::KeyPair
properties:
name: {get_param: ssh_key_name}
public_key: {get_param: public_ssh_key}
private_network:
type: OS::Neutron::Net
properties:
name: {get_param: private_network_name}
private_sub_network:
type: OS::Neutron::Subnet
properties:
network_id: {get_resource: private_network}
cidr: {get_param: private_network_cidr}
gateway_ip: {get_param: private_network_gateway}
dns_nameservers: [ {get_param: private_network_dns} ]
allocation_pools: [{
"start": {get_param: private_network_pool_start},
"end": {get_param: private_network_pool_end}
}]
router:
type: OS::Neutron::Router
router_gateway:
type: OS::Neutron::RouterGateway
properties:
router_id: {get_resource: router}
network_id: {get_param: public_net_id}
router_interface:
type: OS::Neutron::RouterInterface
properties:
router_id: {get_resource: router}
subnet_id: {get_resource: private_sub_network}
broker_port:
type: OS::Neutron::Port
properties:
network_id: {get_resource: private_network}
fixed_ips: [
subnet_id: {get_resource: private_sub_network}
]
security_groups: [{get_resource: openshift_origin_security_group}]
broker_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: broker_port}
broker_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
broker_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: broker_instance
properties:
Handle: {get_resource: broker_wait_handle}
Timeout: 1800
broker_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix
export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'`
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export BROKER_WAIT_HANDLE="$BrokerWaitHandle"
export HOSTNAME=$BrokerHostname
export USERNAME=$Username
export PASSWORD=$Password
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['broker','nameserver','msgserver','datastore'],
bind_key => '${DNS_SEC_KEY}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],
ntp_servers => ['${UPSTREAM_NTP} iburst'],
broker_hostname => \$my_hostname,
nameserver_hostname => \$my_hostname,
datastore_hostname => \$my_hostname,
msgserver_hostname => \$my_hostname,
broker_auth_plugin => 'htpasswd',
openshift_user1 => '${USERNAME}',
openshift_password1 => '${PASSWORD}',
development_mode => ${DEV_MODE},
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $ConcatVersion
puppet module install $LokkitVersion
puppet module install $SelinuxVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE}
chkconfig activemq on
service activemq start
setenforce 1
params:
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$BrokerWaitHandle: {get_resource: broker_wait_handle}
$BrokerHostname: {get_param: broker_hostname}
$Username: {get_param: username}
$Password: {get_param: password}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$ConcatVersion: {get_param: concat_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
broker_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_broker_name}
flavor: {get_param: broker_flavor}
key_name: {get_resource: ssh_key}
networks: [
port: {get_resource: broker_port}
]
user_data: {get_resource: broker_user_data}
user_data_format: RAW
node_port:
type: OS::Neutron::Port
properties:
network_id: {get_resource: private_network}
fixed_ips: [
subnet_id: {get_resource: private_sub_network}
]
security_groups: [{get_resource: openshift_origin_security_group}]
node_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: {get_param: public_net_id}
port_id: {get_resource: node_port}
node_wait_handle:
type: AWS::CloudFormation::WaitConditionHandle
node_wait_condition:
type: AWS::CloudFormation::WaitCondition
depends_on: node_instance
properties:
Handle: {get_resource: node_wait_handle}
Timeout: 1800
node_user_data:
type: OS::Heat::SoftwareConfig
properties:
group: ungrouped
config:
str_replace:
template: |
#!/bin/bash -x
export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'`
export BROKER_IP=$BrokerIP
export NODE_FLOATING_IP=$NodeFloatingIP
export PREFIX=$Prefix
export UPSTREAM_DNS=$UpstreamDNS
export UPSTREAM_NTP=$UpstreamNTP
export NODE_WAIT_HANDLE="$NodeWaitHandle"
export HOSTNAME=$NodeHostname
export DEV_MODE=$DevMode
export PUPPET_MODULE_URL=$PuppetURL
export PUPPET_MODULE_BRANCH=$PuppetBranch
cat << EOF > /root/configure.pp
\$my_hostname="${HOSTNAME}.${PREFIX}"
exec { "set hostname":
command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname"
}
class { 'openshift_origin' :
roles => ['node'],
bind_key => '${DNS_SEC_KEY}',
nameserver_ip_addr => '${BROKER_IP}',
domain => '${PREFIX}',
register_host_with_nameserver => true,
broker_hostname => '${BROKER_IP}',
msgserver_hostname => '${BROKER_IP}',
ntp_servers => ['${UPSTREAM_NTP} iburst'],
node_hostname => \$my_hostname,
install_method => 'yum',
jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',
development_mode => ${DEV_MODE},
node_ip_addr => '${NODE_FLOATING_IP}',
}
EOF
mkdir -p /etc/puppet/modules
git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin
cd /etc/puppet/modules/openshift_origin
$OpenShiftVersion
puppet module install $StdlibVersion
puppet module install $NtpVersion
puppet module install $SysctlVersion
puppet module install $LokkitVersion
puppet module install $HaproxyVersion
puppet module install $KeepalivedVersion
puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log
setenforce 0
/opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE}
setenforce 1
params:
$BrokerWaitConditionData: {get_attr: [broker_wait_condition, Data]}
$BrokerIP: {get_attr: [broker_instance, first_address]}
$NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]}
$Prefix: {get_param: prefix}
$UpstreamDNS: {get_param: upstream_dns}
$UpstreamNTP: {get_param: upstream_ntp}
$NodeWaitHandle: {get_resource: node_wait_handle}
$NodeHostname: {get_param: node_hostname}
$DevMode: {get_param: dev_mode}
$PuppetURL: {get_param: puppet_module_url}
$PuppetBranch: {get_param: puppet_module_branch}
$OpenShiftVersion: {get_param: openshift_version}
$StdlibVersion: {get_param: stdlib_version}
$NtpVersion: {get_param: ntp_version}
$SysctlVersion: {get_param: sysctl_version}
$LokkitVersion: {get_param: lokkit_version}
$SelinuxVersion: {get_param: selinux_types_version}
$HaproxyVersion: {get_param: haproxy_version}
$KeepalivedVersion: {get_param: keepalived_version}
node_instance:
type: OS::Nova::Server
properties:
image: {get_param: image_node_name}
flavor: {get_param: node_flavor}
key_name: {get_resource: ssh_key}
networks: [
port: {get_resource: node_port}
]
user_data: {get_resource: node_user_data}
user_data_format: RAW