diff --git a/openshift-origin/F19/README.rst b/openshift-origin/F19/README.rst index 29c8ab41..03d736c9 100644 --- a/openshift-origin/F19/README.rst +++ b/openshift-origin/F19/README.rst @@ -3,11 +3,13 @@ OpenShift Origin Templates ========================== This directory contains files for deploying OpenShift Origin to an OpenStack environment via Heat. -The template has been tested with the OpenStack Icehouse-2 release. -It includes the following files: +The templates has been tested with the OpenStack Icehouse 2014.1 release. -* `OpenShift.template` - heat template for launching OpenShift Origin with a single broker instance and a single node instance +It includes the following folders: + +* `hot-template` - heat templates in HOT format for launching OpenShift Origin +* `aws-template` - heat templates in AWS format for launching OpenShift Origin * `elements` - diskimage-builder elements to build images To build with diskimage-builder, do the following in the parent directory of heat-templates:: diff --git a/openshift-origin/F19/aws-template/README.rst b/openshift-origin/F19/aws-template/README.rst new file mode 100644 index 00000000..bd20429b --- /dev/null +++ b/openshift-origin/F19/aws-template/README.rst @@ -0,0 +1,10 @@ +============================= +OpenShift Origin AWS Template +============================= + +This directory contains template for deploying OpenShift Origin to an OpenStack environment via Heat. + +It includes the following file: + +* `openshift.template` - heat templates in AWS format for launching OpenShift Origin with a single broker instance and a single node instance + diff --git a/openshift-origin/F19/OpenShift.template b/openshift-origin/F19/aws-template/openshift.template similarity index 63% rename from openshift-origin/F19/OpenShift.template rename to openshift-origin/F19/aws-template/openshift.template index a0c9964b..b253e831 100644 --- a/openshift-origin/F19/OpenShift.template +++ b/openshift-origin/F19/aws-template/openshift.template @@ -7,9 +7,7 @@ "KeyName": { "Description": "Name of an existing EC2 KeyPair to enable SSH access to the instances", "Type": "String", - "MinLength": "1", - "MaxLength": "64", - "AllowedPattern": "[-_ a-zA-Z0-9]*" + "Default": "SSHKey" }, "Prefix": { "Description": "Your DNS Prefix", @@ -41,13 +39,13 @@ "BrokerHostname": { "Description": "Hostname of Broker instance", "Type": "String", - "Default": "openshift.brokerinstance.novalocal", + "Default": "brokerinstance", "MinLength": "1" }, "NodeHostname": { "Description": "Hostname of Node instance", "Type": "String", - "Default": "openshift.nodeinstance.novalocal", + "Default": "nodeinstance", "MinLength": "1" }, "Username": { @@ -60,13 +58,39 @@ "Type": "String", "Default": "password" }, - "NetID": { - "Description": "ID of Neutron network into which servers get deployed", + "PublicNetID": { + "Description": "External network ID", "Type": "String" }, - "SubnetID": { - "Description": "ID of Neutron subnet into which servers get deployed", - "Type": "String" + "PrivateNetworkName": { + "Description": "Name of the private network wich will be created", + "Type": "String", + "Default": "OpenShift-Network" + }, + "PrivateNetworkCidr": { + "Description": "Private network address (CIDR format)", + "Type": "String", + "Default": "10.0.0.0/8" + }, + "PrivateNetworkGateway": { + "Description": "Private network gateway", + "Type": "String", + "Default": "10.0.0.1" + }, + "PrivateNetworkDNS": { + "Description": "Private network DNS", + "Type": "String", + "Default": "8.8.8.8" + }, + "PrivateNetworkPoolStart": { + "Description": "Private network pool start", + "Type": "String", + "Default": "10.0.0.2" + }, + "PrivateNetworkPoolEnd": { + "Description": "Private network pool end", + "Type": "String", + "Default": "10.255.255.254" }, "DevMode": { "Description": "Sets development mode and extra logging.", @@ -148,17 +172,66 @@ } }, + "PrivateNetwork":{ + "Type": "OS::Neutron::Net", + "Properties": { + "name": { "Ref": "PrivateNetworkName" } + } + }, + + "PrivateSubNetwork":{ + "Type": "OS::Neutron::Subnet", + "Properties": { + "network_id": { "Ref": "PrivateNetwork" }, + "cidr": { "Ref": "PrivateNetworkCidr" }, + "gateway_ip": { "Ref": "PrivateNetworkGateway" }, + "dns_nameservers": [{ "Ref": "PrivateNetworkDNS" }], + "allocation_pools": [{ + "start": {"Ref": "PrivateNetworkPoolStart"}, + "end": {"Ref": "PrivateNetworkPoolEnd"} + }] + } + }, + + "Router":{ + "Type": "OS::Neutron::Router" + }, + + "RouterGateway":{ + "Type": "OS::Neutron::RouterGateway", + "Properties": { + "router_id": { "Ref": "Router" }, + "network_id": { "Ref": "PublicNetID" } + } + }, + + "RouterInterface":{ + "Type": "OS::Neutron::RouterInterface", + "Properties": { + "router_id": { "Ref": "Router" }, + "subnet_id": { "Ref": "PrivateSubNetwork" } + } + }, + "BrokerPort": { "Type": "OS::Neutron::Port", "Properties": { - "network_id": { "Ref": "NetID" }, + "network_id": { "Ref": "PrivateNetwork" }, "fixed_ips": [{ - "subnet_id": { "Ref": "SubnetID" } + "subnet_id": { "Ref": "PrivateSubNetwork" } }], "security_groups": [{ "Ref": "OpenShiftOriginSecurityGroup" }] } }, + "BrokerFloatingIP": { + "Type": "OS::Neutron::FloatingIP", + "Properties": { + "floating_network_id": { "Ref": "PublicNetID" }, + "port_id": { "Ref": "BrokerPort" } + } + }, + "BrokerWaitHandle": { "Type": "AWS::CloudFormation::WaitConditionHandle" }, @@ -205,31 +278,37 @@ " command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n", "}\n", "class { 'openshift_origin' :\n", - " roles => ['broker','nameserver','msgserver','datastore'],\n", - " bind_key => '${DNS_SEC_KEY}',\n", - " domain => '${PREFIX}',\n", + " roles => ['broker','nameserver','msgserver','datastore'],\n", + " bind_key => '${DNS_SEC_KEY}',\n", + " domain => '${PREFIX}',\n", " register_host_with_nameserver => true,\n", " conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'],\n", - " ntp_servers => ['${UPSTREAM_NTP}'],\n", - " broker_hostname => \\$my_hostname,\n", - " nameserver_hostname => \\$my_hostname,\n", - " datastore_hostname => \\$my_hostname,\n", - " msgserver_hostname => \\$my_hostname,\n", - " broker_auth_plugin => 'htpasswd',\n", - " openshift_user1 => '${USERNAME}',\n", - " openshift_password1 => '${PASSWORD}',\n", - " development_mode => ${DEV_MODE},\n", + " ntp_servers => ['${UPSTREAM_NTP}'],\n", + " broker_hostname => \\$my_hostname,\n", + " nameserver_hostname => \\$my_hostname,\n", + " datastore_hostname => \\$my_hostname,\n", + " msgserver_hostname => \\$my_hostname,\n", + " broker_auth_plugin => 'htpasswd',\n", + " openshift_user1 => '${USERNAME}',\n", + " openshift_password1 => '${PASSWORD}',\n", + " development_mode => ${DEV_MODE},\n", "}\n", "EOF\n", "mkdir -p /etc/puppet/modules\n", "git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin", "\n", - "puppet module install rharrison/lokkit", "\n", - "puppet module install puppetlabs/ntp", "\n", "puppet module install puppetlabs/stdlib", "\n", - "puppet module install blentz/selinux_types", "\n", - "puppet module install duritong/sysctl", "\n", - "puppet apply -v -d /root/configure.pp | tee /var/log/configure_openshift.log", "\n", - "/opt/aws/bin/cfn-signal -e 0 --data \"${DNS_SEC_KEY}\" -r \"Broker setup complete\" \"${BROKER_WAIT_HANDLE}\"\n" + "puppet module install puppetlabs/ntp", "\n", + "puppet module install puppetlabs-concat", "\n", + "puppet module install rharrison-lokkit", "\n", + "puppet module install blentz-selinux_types", "\n", + "puppet module install puppetlabs/haproxy", "\n", + "puppet module install arioch/keepalived", "\n", + "puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n", + "setenforce 0", "\n", + "/opt/aws/bin/cfn-signal -e 0 --data \"${DNS_SEC_KEY}\" -r \"Broker setup complete\" \"${BROKER_WAIT_HANDLE}\"\n", + "chkconfig activemq on", "\n", + "service activemq start", "\n", + "setenforce 1", "\n" ] ] } @@ -240,14 +319,22 @@ "NodePort": { "Type": "OS::Neutron::Port", "Properties": { - "network_id": { "Ref": "NetID" }, + "network_id": { "Ref": "PrivateNetwork" }, "fixed_ips": [{ - "subnet_id": { "Ref": "SubnetID" } + "subnet_id": { "Ref": "PrivateSubNetwork" } }], "security_groups": [{ "Ref": "OpenShiftOriginSecurityGroup" }] } }, + "NodeFloatingIP": { + "Type": "OS::Neutron::FloatingIP", + "Properties": { + "floating_network_id": { "Ref": "PublicNetID" }, + "port_id": { "Ref": "NodePort" } + } + }, + "NodeWaitHandle": { "Type": "AWS::CloudFormation::WaitConditionHandle" }, @@ -279,6 +366,7 @@ "#!/bin/bash -x\n", "export DNS_SEC_KEY=\"`python -c 'print ",{ "Fn::GetAtt": [ "BrokerWaitCondition", "Data" ] },"[\"00000\"]'`\"\n", "export BROKER_IP=", { "Fn::GetAtt": [ "BrokerInstance", "first_address" ] }, "\n", + "export NODE_FLOATING_IP=", { "Fn::GetAtt": [ "NodeFloatingIP", "floating_ip_address" ] }, "\n", "export PREFIX=", { "Ref": "Prefix" }, "\n", "export UPSTREAM_DNS=", { "Ref": "UpstreamDNS" }, "\n", "export UPSTREAM_NTP=", { "Ref": "UpstreamNTP" }, "\n", @@ -293,30 +381,33 @@ " command => \"/bin/hostname \\${my_hostname} ; echo \\${my_hostname} > /etc/hostname\"\n", "}\n", "class { 'openshift_origin' :\n", - " roles => ['node'],\n", - " bind_key => '${DNS_SEC_KEY}',\n", - " nameserver_ip_addr => '${BROKER_IP}',\n", - " domain => '${PREFIX}',\n", + " roles => ['node'],\n", + " bind_key => '${DNS_SEC_KEY}',\n", + " nameserver_ip_addr => '${BROKER_IP}',\n", + " domain => '${PREFIX}',\n", " register_host_with_nameserver => true,\n", - " broker_hostname => '${BROKER_IP}',\n", - " msgserver_hostname => '${BROKER_IP}',\n", - " ntp_servers => ['${UPSTREAM_NTP}'],\n", - " node_hostname => \\$my_hostname,\n", - " install_method => 'yum',\n", - " jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',\n", - " install_cartridges => ['php', 'mysql'],\n", - " development_mode => ${DEV_MODE},\n", + " broker_hostname => '${BROKER_IP}',\n", + " msgserver_hostname => '${BROKER_IP}',\n", + " ntp_servers => ['${UPSTREAM_NTP}'],\n", + " node_hostname => \\$my_hostname,\n", + " install_method => 'yum',\n", + " jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat',\n", + " development_mode => ${DEV_MODE},\n", + " node_ip_addr => '${NODE_FLOATING_IP}',\n", "}\n", "EOF\n", "mkdir -p /etc/puppet/modules\n", "git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin", "\n", - "puppet module install rharrison/lokkit", "\n", - "puppet module install puppetlabs/ntp", "\n", "puppet module install puppetlabs/stdlib", "\n", - "puppet module install blentz/selinux_types", "\n", - "puppet module install duritong/sysctl", "\n", - "puppet apply -v -d /root/configure.pp | tee /var/log/configure_openshift.log", "\n", - "/opt/aws/bin/cfn-signal -e 0 -r \"Node setup complete\" \"${NODE_WAIT_HANDLE}\"\n" + "puppet module install puppetlabs/ntp", "\n", + "puppet module install duritong-sysctl", "\n", + "puppet module install rharrison-lokkit", "\n", + "puppet module install puppetlabs/haproxy", "\n", + "puppet module install arioch/keepalived", "\n", + "puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log", "\n", + "setenforce 0", "\n", + "/opt/aws/bin/cfn-signal -e 0 -r \"Node setup complete\" \"${NODE_WAIT_HANDLE}\"\n", + "setenforce 1", "\n" ] ] } @@ -327,12 +418,9 @@ "Outputs" : { "OpenShiftConsole" : { - "Value" : { "Fn::Join" : ["", ["https://", { "Fn::GetAtt" : [ "BrokerInstance", "first_address" ]}, "/console"]] }, - "Description" : "URL for OpenShift Origin cConsole" - }, - "NameServerEntry" : { - "Value" : { "Fn::Join" : ["", ["nameserver ", { "Fn::GetAtt" : [ "BrokerInstance", "first_address" ]}]] }, - "Description" : "Entry to insert into /etc/resolv.conf for application host names to resolve" + "Value" : { "Fn::Join" : ["", ["https://", { "Fn::GetAtt" : [ "BrokerFloatingIP", "floating_ip_address" ]}, "/console"]] }, + "Description" : "URL for OpenShift Origin Console" } } } + diff --git a/openshift-origin/F19/hot-template/README.rst b/openshift-origin/F19/hot-template/README.rst new file mode 100644 index 00000000..8b89b1d8 --- /dev/null +++ b/openshift-origin/F19/hot-template/README.rst @@ -0,0 +1,18 @@ +============================== +OpenShift Origin HOT Templates +============================== + +This directory contains templates for deploying OpenShift Origin to an OpenStack environment via Heat. + +To install OpenShift Origin, this Puppet module is used : https://github.com/openshift/puppet-openshift_origin. + +To avoid compatibility issues due to changes in this project or in Puppet modules it depends, versions parameters are provided. +So, if you leave the default _version parameters, the commands executed on the instances install a specific version of puppet modules needed. The version installed is a production version which as been verified as working. +If you want to use the latest versions, you have to select the other value. The commands executed on the instances don't install a specific version of puppet modules needed. So the lastest version will be installed. + +It includes the following folders: + +* `openshift` - heat templates in HOT format for launching OpenShift Origin with a single broker instance and a single node instance +* `openshift-scalable-cpu` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on cpu_util Ceilometer metric +* `openshift-scalable-nbgears` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on number of deployed gears on OpenShift node instances (using a custom metric based on bash script that send the data periodically to the Ceilometer API using cron) +* `openshift-scalable-cpu-nbgears` - heat templates in HOT format for launching OpenShift Origin with implementation of scalability based on cpu_util Ceilometer metric and on number of deploy gears on OpenShift node instances (using a custom metric based on bash script that send the data periodically to the Ceilometer API using cron) diff --git a/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/nodeinstance.yaml b/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/nodeinstance.yaml new file mode 100644 index 00000000..b885292c --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/nodeinstance.yaml @@ -0,0 +1,295 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + private_network: + description: private network. + type: string + private_sub_network: + description: private sub network. + type: string + security_group: + description: security group. + type: string + broker_ip: + description: broker ip. + type: string + broker_wait_condition_data: + description: broker wait condition data. + type: string + metadata: + type: json + ssh_key: + description: SSHKey created in principal template file + type: string + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + + node_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + node_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: node_instance + properties: + Handle: {get_resource: node_wait_handle} + Timeout: 1800 + + node_port: + type: OS::Neutron::Port + properties: + network_id: {get_param: private_network} + fixed_ips: [ + subnet_id: {get_param: private_sub_network} + ] + security_groups: [{get_param: security_group}] + + node_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: node_port} + + node_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'` + export BROKER_IP=$BrokerIP + export NODE_FLOATING_IP=$NodeFloatingIP + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export NODE_WAIT_HANDLE="$NodeWaitHandle" + export HOSTNAME=$NodeHostname + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['node'], + bind_key => '${DNS_SEC_KEY}', + nameserver_ip_addr => '${BROKER_IP}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + broker_hostname => '${BROKER_IP}', + msgserver_hostname => '${BROKER_IP}', + ntp_servers => ['${UPSTREAM_NTP} iburst'], + node_hostname => \$my_hostname, + install_method => 'yum', + jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat', + development_mode => ${DEV_MODE}, + node_ip_addr => '${NODE_FLOATING_IP}', + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $SysctlVersion + puppet module install $LokkitVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE} + setenforce 1 + params: + $BrokerWaitConditionData: {get_param: broker_wait_condition_data} + $BrokerIP: {get_param: broker_ip} + $NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]} + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $NodeWaitHandle: {get_resource: node_wait_handle} + $NodeHostname: {get_param: node_hostname} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $SysctlVersion: {get_param: sysctl_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + + node_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_node_name} + flavor: {get_param: node_flavor} + key_name: {get_param: ssh_key} + networks: [ + port: {get_resource: node_port} + ] + user_data: {get_resource: node_user_data} + user_data_format: RAW + metadata: {get_param: metadata} diff --git a/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/openshift.yaml b/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/openshift.yaml new file mode 100644 index 00000000..05394d0e --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-cpu-nbgears/openshift.yaml @@ -0,0 +1,513 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + controller_ip: + description: The IP address of the OpenStack Controller + type: string + default: 192.168.202.101 + tenant_name: + description: The tenant name + type: string + default: admin + openstack_username: + description: Username of your Openstack account + type: string + default: admin + openstack_password: + description: Password of your Openstack account + type: string + default: network + node_instance_group_template_repo_address: + description: Repository address of the NodeInstanceGroup Template + type: string + public_ssh_key: + description: Public key that will be used for SSH connection to instances + type: string + ssh_key_name: + description: SSHKey name + type: string + default: OpenshiftSSHKey + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + openshift_origin_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: OpenShift Origin Firewall Rules + rules: [ + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": icmp + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 22, + "port_range_max": 22 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": udp, + "port_range_min": 53, + "port_range_max": 53 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 80, + "port_range_max": 80 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 443, + "port_range_max": 443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8443, + "port_range_max": 8443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8000, + "port_range_max": 8000 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8080, + "port_range_max": 8080 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 61613, + "port_range_max": 61613 + } + ] + + ssh_key: + type: OS::Nova::KeyPair + properties: + name: {get_param: ssh_key_name} + public_key: {get_param: public_ssh_key} + + private_network: + type: OS::Neutron::Net + properties: + name: {get_param: private_network_name} + + private_sub_network: + type: OS::Neutron::Subnet + properties: + network_id: {get_resource: private_network} + cidr: {get_param: private_network_cidr} + gateway_ip: {get_param: private_network_gateway} + dns_nameservers: [ {get_param: private_network_dns} ] + allocation_pools: [{ + "start": {get_param: private_network_pool_start}, + "end": {get_param: private_network_pool_end} + }] + + router: + type: OS::Neutron::Router + + router_gateway: + type: OS::Neutron::RouterGateway + properties: + router_id: {get_resource: router} + network_id: {get_param: public_net_id} + + router_interface: + type: OS::Neutron::RouterInterface + properties: + router_id: {get_resource: router} + subnet_id: {get_resource: private_sub_network} + + broker_port: + type: OS::Neutron::Port + properties: + network_id: {get_resource: private_network} + fixed_ips: [ + subnet_id: {get_resource: private_sub_network} + ] + security_groups: [{get_resource: openshift_origin_security_group}] + + broker_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: broker_port} + + broker_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + broker_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: broker_instance + properties: + Handle: {get_resource: broker_wait_handle} + Timeout: 1800 + + broker_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + /usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix + export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'` + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export BROKER_WAIT_HANDLE="$BrokerWaitHandle" + export HOSTNAME=$BrokerHostname + export USERNAME=$Username + export PASSWORD=$Password + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['broker','nameserver','msgserver','datastore'], + bind_key => '${DNS_SEC_KEY}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'], + ntp_servers => ['${UPSTREAM_NTP} iburst'], + broker_hostname => \$my_hostname, + nameserver_hostname => \$my_hostname, + datastore_hostname => \$my_hostname, + msgserver_hostname => \$my_hostname, + broker_auth_plugin => 'htpasswd', + openshift_user1 => '${USERNAME}', + openshift_password1 => '${PASSWORD}', + development_mode => ${DEV_MODE}, + } + EOF + cat << EOF > ~/nbGears.sh + #!/bin/bash -x + MEMORY=\$(cat /proc/meminfo | grep "MemTotal:" | cut -d : -f 2 | tr -d ' ' | tr -d 'kB') + GEARS=\$(/usr/sbin/oo-stats | grep "Gears active count" | cut -d : -f 2 | cut -d " " -f 2) + NODES=\$(/usr/sbin/oo-stats | grep "Nodes count" | cut -d : -f 2 | cut -d " " -f 2) + let "GEARSPERNODE=\$MEMORY/512000" + let "RESULT=\$GEARS*100/\$NODES/\$GEARSPERNODE" + curl http://$ControllerIP:35357/v2.0/tokens -X POST -H "Content-Type: application/json" -d '{"auth": {"tenantName": "$TenantName", "passwordCredentials": {"username": "$UserName", "password": "$OpenStackPassword"}}}' > auth_token.dat + TOKEN=\$(awk -F"[,:]" '{for(i=1;i<=NF;i++) + {if(\$i~/id\042/) + {print \$(i+1)} + } + }' auth_token.dat | awk -F'"' '{print \$2; exit}') + curl -X POST -H "X-Auth-Token: \$TOKEN" -H 'Content-Type: application/json' -d '[{"counter_name": "gear", "user_id": "1", "resource_id": "1","counter_unit": "%", "counter_volume":'"\$RESULT"', "project_id": "1", "counter_type": "gauge"}]' http://$ControllerIP:8777/v2/meters/gear + EOF + chmod 744 ~/nbGears.sh + cat << EOF > /etc/cron.d/cronNbGears + * * * * * root ~/nbGears.sh + EOF + /sbin/service crond restart + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $ConcatVersion + puppet module install $LokkitVersion + puppet module install $SelinuxVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE} + chkconfig activemq on + service activemq start + setenforce 1 + params: + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $BrokerWaitHandle: {get_resource: broker_wait_handle} + $BrokerHostname: {get_param: broker_hostname} + $Username: {get_param: username} + $Password: {get_param: password} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $ConcatVersion: {get_param: concat_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + $ControllerIP: {get_param: controller_ip} + $TenantName: {get_param: tenant_name} + $UserName: {get_param: openstack_username} + $OpenStackPassword: {get_param: openstack_password} + + broker_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_broker_name} + flavor: {get_param: broker_flavor} + key_name: {get_resource: ssh_key} + networks: [ + port: {get_resource: broker_port} + ] + user_data: {get_resource: broker_user_data} + user_data_format: RAW + + node_instance_group: + type: OS::Heat::AutoScalingGroup + depends_on: + - router_gateway + - broker_wait_condition + properties: + min_size: 1 + max_size: 4 + resource: + type: {get_param: node_instance_group_template_repo_address} + properties: + metadata: {"metering.group": "node_instance_group"} + private_network: {get_resource: private_network} + private_sub_network: {get_resource: private_sub_network} + ssh_key: {get_resource: ssh_key} + security_group: {get_resource: openshift_origin_security_group} + broker_ip: {get_attr: [broker_instance, first_address]} + broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]} + + scale_up_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: 1 + + scale_down_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: -1 + + cpu_alarm_high: + type: OS::Ceilometer::Alarm + properties: + description: Scale-up if the average CPU > 80% for 1 minute + meter_name: cpu_util + statistic: avg + period: 60 + evaluation_periods: 1 + threshold: 80 + alarm_actions: + - {get_attr: [scale_up_policy, alarm_url]} + comparison_operator: gt + matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'} + + cpu_alarm_low: + type: OS::Ceilometer::Alarm + properties: + description: Scale-down if the average CPU < 20% for 10 minutes + meter_name: cpu_util + statistic: avg + period: 600 + evaluation_periods: 1 + threshold: 20 + alarm_actions: + - {get_attr: [scale_down_policy, alarm_url]} + comparison_operator: lt + matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'} + + gears_alarm_high: + type: OS::Ceilometer::Alarm + properties: + description: Scale-up if the average number of Gears is > 4 / node for 2 minutes + meter_name: gear + statistic: avg + period: 120 + evaluation_periods: 1 + threshold: 80 + alarm_actions: + - {get_attr: [scale_up_policy, alarm_url]} + comparison_operator: gt + + gears_alarm_low: + type: OS::Ceilometer::Alarm + properties: + description: Scale-down if the average number of Gears is < 1 / node for 10 minutes + meter_name: gear + statistic: avg + period: 600 + evaluation_periods: 1 + threshold: 20 + alarm_actions: + - {get_attr: [scale_down_policy, alarm_url]} + comparison_operator: lt diff --git a/openshift-origin/F19/hot-template/openshift-scalable-cpu/nodeinstance.yaml b/openshift-origin/F19/hot-template/openshift-scalable-cpu/nodeinstance.yaml new file mode 100644 index 00000000..b885292c --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-cpu/nodeinstance.yaml @@ -0,0 +1,295 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + private_network: + description: private network. + type: string + private_sub_network: + description: private sub network. + type: string + security_group: + description: security group. + type: string + broker_ip: + description: broker ip. + type: string + broker_wait_condition_data: + description: broker wait condition data. + type: string + metadata: + type: json + ssh_key: + description: SSHKey created in principal template file + type: string + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + + node_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + node_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: node_instance + properties: + Handle: {get_resource: node_wait_handle} + Timeout: 1800 + + node_port: + type: OS::Neutron::Port + properties: + network_id: {get_param: private_network} + fixed_ips: [ + subnet_id: {get_param: private_sub_network} + ] + security_groups: [{get_param: security_group}] + + node_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: node_port} + + node_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'` + export BROKER_IP=$BrokerIP + export NODE_FLOATING_IP=$NodeFloatingIP + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export NODE_WAIT_HANDLE="$NodeWaitHandle" + export HOSTNAME=$NodeHostname + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['node'], + bind_key => '${DNS_SEC_KEY}', + nameserver_ip_addr => '${BROKER_IP}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + broker_hostname => '${BROKER_IP}', + msgserver_hostname => '${BROKER_IP}', + ntp_servers => ['${UPSTREAM_NTP} iburst'], + node_hostname => \$my_hostname, + install_method => 'yum', + jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat', + development_mode => ${DEV_MODE}, + node_ip_addr => '${NODE_FLOATING_IP}', + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $SysctlVersion + puppet module install $LokkitVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE} + setenforce 1 + params: + $BrokerWaitConditionData: {get_param: broker_wait_condition_data} + $BrokerIP: {get_param: broker_ip} + $NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]} + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $NodeWaitHandle: {get_resource: node_wait_handle} + $NodeHostname: {get_param: node_hostname} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $SysctlVersion: {get_param: sysctl_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + + node_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_node_name} + flavor: {get_param: node_flavor} + key_name: {get_param: ssh_key} + networks: [ + port: {get_resource: node_port} + ] + user_data: {get_resource: node_user_data} + user_data_format: RAW + metadata: {get_param: metadata} diff --git a/openshift-origin/F19/hot-template/openshift-scalable-cpu/openshift.yaml b/openshift-origin/F19/hot-template/openshift-scalable-cpu/openshift.yaml new file mode 100644 index 00000000..a360a0b6 --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-cpu/openshift.yaml @@ -0,0 +1,467 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + controller_ip: + description: The IP address of the OpenStack Controller + type: string + default: 192.168.202.101 + tenant_name: + description: The tenant name + type: string + default: admin + openstack_username: + description: Username of your Openstack account + type: string + default: admin + openstack_password: + description: Password of your Openstack account + type: string + default: network + node_instance_group_template_repo_address: + description: Repository address of the NodeInstanceGroup Template + type: string + public_ssh_key: + description: Public key that will be used for SSH connection to instances + type: string + ssh_key_name: + description: SSHKey name + type: string + default: OpenshiftSSHKey + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + openshift_origin_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: OpenShift Origin Firewall Rules + rules: [ + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": icmp + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 22, + "port_range_max": 22 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": udp, + "port_range_min": 53, + "port_range_max": 53 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 80, + "port_range_max": 80 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 443, + "port_range_max": 443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8443, + "port_range_max": 8443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8000, + "port_range_max": 8000 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8080, + "port_range_max": 8080 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 61613, + "port_range_max": 61613 + } + ] + + ssh_key: + type: OS::Nova::KeyPair + properties: + name: {get_param: ssh_key_name} + public_key: {get_param: public_ssh_key} + + private_network: + type: OS::Neutron::Net + properties: + name: {get_param: private_network_name} + + private_sub_network: + type: OS::Neutron::Subnet + properties: + network_id: {get_resource: private_network} + cidr: {get_param: private_network_cidr} + gateway_ip: {get_param: private_network_gateway} + dns_nameservers: [ {get_param: private_network_dns} ] + allocation_pools: [{ + "start": {get_param: private_network_pool_start}, + "end": {get_param: private_network_pool_end} + }] + + router: + type: OS::Neutron::Router + + router_gateway: + type: OS::Neutron::RouterGateway + properties: + router_id: {get_resource: router} + network_id: {get_param: public_net_id} + + router_interface: + type: OS::Neutron::RouterInterface + properties: + router_id: {get_resource: router} + subnet_id: {get_resource: private_sub_network} + + broker_port: + type: OS::Neutron::Port + properties: + network_id: {get_resource: private_network} + fixed_ips: [ + subnet_id: {get_resource: private_sub_network} + ] + security_groups: [{get_resource: openshift_origin_security_group}] + + broker_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: broker_port} + + broker_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + broker_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: broker_instance + properties: + Handle: {get_resource: broker_wait_handle} + Timeout: 1800 + + broker_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + /usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix + export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'` + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export BROKER_WAIT_HANDLE="$BrokerWaitHandle" + export HOSTNAME=$BrokerHostname + export USERNAME=$Username + export PASSWORD=$Password + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['broker','nameserver','msgserver','datastore'], + bind_key => '${DNS_SEC_KEY}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'], + ntp_servers => ['${UPSTREAM_NTP} iburst'], + broker_hostname => \$my_hostname, + nameserver_hostname => \$my_hostname, + datastore_hostname => \$my_hostname, + msgserver_hostname => \$my_hostname, + broker_auth_plugin => 'htpasswd', + openshift_user1 => '${USERNAME}', + openshift_password1 => '${PASSWORD}', + development_mode => ${DEV_MODE}, + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $ConcatVersion + puppet module install $LokkitVersion + puppet module install $SelinuxVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE} + chkconfig activemq on + service activemq start + setenforce 1 + params: + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $BrokerWaitHandle: {get_resource: broker_wait_handle} + $BrokerHostname: {get_param: broker_hostname} + $Username: {get_param: username} + $Password: {get_param: password} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $ConcatVersion: {get_param: concat_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + $ControllerIP: {get_param: controller_ip} + $TenantName: {get_param: tenant_name} + $UserName: {get_param: openstack_username} + $OpenStackPassword: {get_param: openstack_password} + + broker_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_broker_name} + flavor: {get_param: broker_flavor} + key_name: {get_resource: ssh_key} + networks: [ + port: {get_resource: broker_port} + ] + user_data: {get_resource: broker_user_data} + user_data_format: RAW + + node_instance_group: + type: OS::Heat::AutoScalingGroup + depends_on: + - router_gateway + - broker_wait_condition + properties: + min_size: 1 + max_size: 4 + resource: + type: {get_param: node_instance_group_template_repo_address} + properties: + metadata: {"metering.group": "node_instance_group"} + private_network: {get_resource: private_network} + private_sub_network: {get_resource: private_sub_network} + ssh_key: {get_resource: ssh_key} + security_group: {get_resource: openshift_origin_security_group} + broker_ip: {get_attr: [broker_instance, first_address]} + broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]} + + scale_up_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: 1 + + scale_down_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: -1 + + cpu_alarm_high: + type: OS::Ceilometer::Alarm + properties: + description: Scale-up if the average CPU > 80% for 1 minute + meter_name: cpu_util + statistic: avg + period: 60 + evaluation_periods: 1 + threshold: 80 + alarm_actions: + - {get_attr: [scale_up_policy, alarm_url]} + comparison_operator: gt + matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'} + + cpu_alarm_low: + type: OS::Ceilometer::Alarm + properties: + description: Scale-down if the average CPU < 20% for 10 minutes + meter_name: cpu_util + statistic: avg + period: 600 + evaluation_periods: 1 + threshold: 20 + alarm_actions: + - {get_attr: [scale_down_policy, alarm_url]} + comparison_operator: lt + matching_metadata: {'metadata.user_metadata.group': 'node_instance_group'} diff --git a/openshift-origin/F19/hot-template/openshift-scalable-nbgears/nodeinstance.yaml b/openshift-origin/F19/hot-template/openshift-scalable-nbgears/nodeinstance.yaml new file mode 100644 index 00000000..f6423c79 --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-nbgears/nodeinstance.yaml @@ -0,0 +1,292 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + private_network: + description: private network. + type: string + private_sub_network: + description: private sub network. + type: string + security_group: + description: security group. + type: string + broker_ip: + description: broker ip. + type: string + broker_wait_condition_data: + description: broker wait condition data. + type: string + ssh_key: + description: SSHKey created in principal template file + type: string + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + + node_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + node_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: node_instance + properties: + Handle: {get_resource: node_wait_handle} + Timeout: 1800 + + node_port: + type: OS::Neutron::Port + properties: + network_id: {get_param: private_network} + fixed_ips: [ + subnet_id: {get_param: private_sub_network} + ] + security_groups: [{get_param: security_group}] + + node_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: node_port} + + node_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'` + export BROKER_IP=$BrokerIP + export NODE_FLOATING_IP=$NodeFloatingIP + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export NODE_WAIT_HANDLE="$NodeWaitHandle" + export HOSTNAME=$NodeHostname + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['node'], + bind_key => '${DNS_SEC_KEY}', + nameserver_ip_addr => '${BROKER_IP}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + broker_hostname => '${BROKER_IP}', + msgserver_hostname => '${BROKER_IP}', + ntp_servers => ['${UPSTREAM_NTP} iburst'], + node_hostname => \$my_hostname, + install_method => 'yum', + jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat', + development_mode => ${DEV_MODE}, + node_ip_addr => '${NODE_FLOATING_IP}', + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $SysctlVersion + puppet module install $LokkitVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE} + setenforce 1 + params: + $BrokerWaitConditionData: {get_param: broker_wait_condition_data} + $BrokerIP: {get_param: broker_ip} + $NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]} + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $NodeWaitHandle: {get_resource: node_wait_handle} + $NodeHostname: {get_param: node_hostname} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $SysctlVersion: {get_param: sysctl_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + + node_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_node_name} + flavor: {get_param: node_flavor} + key_name: {get_param: ssh_key} + networks: [ + port: {get_resource: node_port} + ] + user_data: {get_resource: node_user_data} + user_data_format: RAW diff --git a/openshift-origin/F19/hot-template/openshift-scalable-nbgears/openshift.yaml b/openshift-origin/F19/hot-template/openshift-scalable-nbgears/openshift.yaml new file mode 100644 index 00000000..7182e3d0 --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift-scalable-nbgears/openshift.yaml @@ -0,0 +1,484 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + controller_ip: + description: The IP address of the OpenStack Controller + type: string + default: 192.168.202.101 + tenant_name: + description: The tenant name + type: string + default: admin + openstack_username: + description: Username of your Openstack account + type: string + default: admin + openstack_password: + description: Password of your Openstack account + type: string + default: network + node_instance_group_template_repo_address: + description: Repository address of the NodeInstanceGroup Template + type: string + public_ssh_key: + description: Public key that will be used for SSH connection to instances + type: string + ssh_key_name: + description: SSHKey name + type: string + default: OpenshiftSSHKey + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + openshift_origin_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: OpenShift Origin Firewall Rules + rules: [ + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": icmp + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 22, + "port_range_max": 22 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": udp, + "port_range_min": 53, + "port_range_max": 53 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 80, + "port_range_max": 80 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 443, + "port_range_max": 443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8443, + "port_range_max": 8443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8000, + "port_range_max": 8000 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8080, + "port_range_max": 8080 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 61613, + "port_range_max": 61613 + } + ] + + ssh_key: + type: OS::Nova::KeyPair + properties: + name: {get_param: ssh_key_name} + public_key: {get_param: public_ssh_key} + + private_network: + type: OS::Neutron::Net + properties: + name: {get_param: private_network_name} + + private_sub_network: + type: OS::Neutron::Subnet + properties: + network_id: {get_resource: private_network} + cidr: {get_param: private_network_cidr} + gateway_ip: {get_param: private_network_gateway} + dns_nameservers: [ {get_param: private_network_dns} ] + allocation_pools: [{ + "start": {get_param: private_network_pool_start}, + "end": {get_param: private_network_pool_end} + }] + + router: + type: OS::Neutron::Router + + router_gateway: + type: OS::Neutron::RouterGateway + properties: + router_id: {get_resource: router} + network_id: {get_param: public_net_id} + + router_interface: + type: OS::Neutron::RouterInterface + properties: + router_id: {get_resource: router} + subnet_id: {get_resource: private_sub_network} + + broker_port: + type: OS::Neutron::Port + properties: + network_id: {get_resource: private_network} + fixed_ips: [ + subnet_id: {get_resource: private_sub_network} + ] + security_groups: [{get_resource: openshift_origin_security_group}] + + broker_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: broker_port} + + broker_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + broker_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: broker_instance + properties: + Handle: {get_resource: broker_wait_handle} + Timeout: 1800 + + broker_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + /usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix + export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'` + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export BROKER_WAIT_HANDLE="$BrokerWaitHandle" + export HOSTNAME=$BrokerHostname + export USERNAME=$Username + export PASSWORD=$Password + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['broker','nameserver','msgserver','datastore'], + bind_key => '${DNS_SEC_KEY}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'], + ntp_servers => ['${UPSTREAM_NTP} iburst'], + broker_hostname => \$my_hostname, + nameserver_hostname => \$my_hostname, + datastore_hostname => \$my_hostname, + msgserver_hostname => \$my_hostname, + broker_auth_plugin => 'htpasswd', + openshift_user1 => '${USERNAME}', + openshift_password1 => '${PASSWORD}', + development_mode => ${DEV_MODE}, + } + EOF + cat << EOF > ~/nbGears.sh + #!/bin/bash -x + MEMORY=\$(cat /proc/meminfo | grep "MemTotal:" | cut -d : -f 2 | tr -d ' ' | tr -d 'kB') + GEARS=\$(/usr/sbin/oo-stats | grep "Gears active count" | cut -d : -f 2 | cut -d " " -f 2) + NODES=\$(/usr/sbin/oo-stats | grep "Nodes count" | cut -d : -f 2 | cut -d " " -f 2) + let "GEARSPERNODE=\$MEMORY/512000" + let "RESULT=\$GEARS*100/\$NODES/\$GEARSPERNODE" + curl http://$ControllerIP:35357/v2.0/tokens -X POST -H "Content-Type: application/json" -d '{"auth": {"tenantName": "$TenantName", "passwordCredentials": {"username": "$UserName", "password": "$OpenStackPassword"}}}' > auth_token.dat + TOKEN=\$(awk -F"[,:]" '{for(i=1;i<=NF;i++) + {if(\$i~/id\042/) + {print \$(i+1)} + } + }' auth_token.dat | awk -F'"' '{print \$2; exit}') + curl -X POST -H "X-Auth-Token: \$TOKEN" -H 'Content-Type: application/json' -d '[{"counter_name": "gear", "user_id": "1", "resource_id": "1","counter_unit": "%", "counter_volume":'"\$RESULT"', "project_id": "1", "counter_type": "gauge"}]' http://$ControllerIP:8777/v2/meters/gear + EOF + chmod 744 ~/nbGears.sh + cat << EOF > /etc/cron.d/cronNbGears + * * * * * root ~/nbGears.sh + EOF + /sbin/service crond restart + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $ConcatVersion + puppet module install $LokkitVersion + puppet module install $SelinuxVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE} + chkconfig activemq on + service activemq start + setenforce 1 + params: + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $BrokerWaitHandle: {get_resource: broker_wait_handle} + $BrokerHostname: {get_param: broker_hostname} + $Username: {get_param: username} + $Password: {get_param: password} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $ConcatVersion: {get_param: concat_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + $ControllerIP: {get_param: controller_ip} + $TenantName: {get_param: tenant_name} + $UserName: {get_param: openstack_username} + $OpenStackPassword: {get_param: openstack_password} + + broker_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_broker_name} + flavor: {get_param: broker_flavor} + key_name: {get_resource: ssh_key} + networks: [ + port: {get_resource: broker_port} + ] + user_data: {get_resource: broker_user_data} + user_data_format: RAW + + node_instance_group: + type: OS::Heat::AutoScalingGroup + depends_on: + - router_gateway + - broker_wait_condition + properties: + min_size: 1 + max_size: 4 + resource: + type: {get_param: node_instance_group_template_repo_address} + properties: + private_network: {get_resource: private_network} + private_sub_network: {get_resource: private_sub_network} + ssh_key: {get_resource: ssh_key} + security_group: {get_resource: openshift_origin_security_group} + broker_ip: {get_attr: [broker_instance, first_address]} + broker_wait_condition_data: {get_attr: [broker_wait_condition, Data]} + + scale_up_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: 1 + + scale_down_policy: + type: OS::Heat::ScalingPolicy + properties: + adjustment_type: change_in_capacity + auto_scaling_group_id: {get_resource: node_instance_group} + cooldown: 60 + scaling_adjustment: -1 + + gears_alarm_high: + type: OS::Ceilometer::Alarm + properties: + description: Scale-up if the average number of Gears is > 4 / node for 2 minutes + meter_name: gear + statistic: avg + period: 120 + evaluation_periods: 1 + threshold: 80 + alarm_actions: + - {get_attr: [scale_up_policy, alarm_url]} + comparison_operator: gt + + gears_alarm_low: + type: OS::Ceilometer::Alarm + properties: + description: Scale-down if the average number of Gears is < 1 / node for 10 minutes + meter_name: gear + statistic: avg + period: 600 + evaluation_periods: 1 + threshold: 20 + alarm_actions: + - {get_attr: [scale_down_policy, alarm_url]} + comparison_operator: lt diff --git a/openshift-origin/F19/hot-template/openshift/openshift.yaml b/openshift-origin/F19/hot-template/openshift/openshift.yaml new file mode 100644 index 00000000..fccb70c2 --- /dev/null +++ b/openshift-origin/F19/hot-template/openshift/openshift.yaml @@ -0,0 +1,493 @@ +heat_template_version: 2013-05-23 + +description: Template for setting up an OpenShift Origin environment + +parameters: + prefix: + description: Your DNS Prefix + type: string + default: example.com + upstream_dns: + description: Upstream DNS server + type: string + default: 8.8.8.8 + upstream_ntp: + description: Upstream NTP server + type: string + default: clock.redhat.com + broker_flavor: + description: Flavor of Broker instance + type: string + default: m1.medium + node_flavor: + description: Flavor of Node instance + type: string + default: m1.medium + broker_hostname: + description: Hostname of Broker instance + type: string + default: brokerinstance + node_hostname: + description: Hostname of Node instance + type: string + default: nodeinstance + username: + description: Username for accessing OpenShift Origin + type: string + default: openshift + password: + description: Password for accessing OpenShift Origin + type: string + default: password + public_net_id: + description: External network ID + type: string + private_network_name: + description: Name of the private network wich will be created + type: string + default: OpenShift-Network + private_network_cidr: + description: Private network address (CIDR format) + type: string + default: 10.0.0.0/8 + private_network_gateway: + description: Private network gateway + type: string + default: 10.0.0.1 + private_network_dns: + description: Private network DNS + type: string + default: 8.8.8.8 + private_network_pool_start: + description: Private network pool start + type: string + default: 10.0.0.2 + private_network_pool_end: + description: Private network pool end + type: string + default: 10.255.255.254 + dev_mode: + description: Sets development mode and extra logging. + type: string + default: false + puppet_module_url: + description: Sets the URL to pull the OpenShift Origin Puppet module from. + type: string + default: https://github.com/openshift/puppet-openshift_origin.git + puppet_module_branch: + description: Sets the repo branch to pull the OpenShift Origin Puppet module from. + type: string + default: master + public_ssh_key: + description: Public key that will be used for SSH connection to instances + type: string + ssh_key_name: + description: SSHKey name + type: string + default: OpenshiftSSHKey + image_broker_name: + description: Name of the image you have created for the broker with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-broker + image_node_name: + description: Name of the image you have created for the node with diskimage-builder + type: string + default: F19-x86_64-openshift-origin-node + openshift_version: + description: Version of openshift puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - git checkout 722687c + - git checkout master + default: git checkout 722687c + stdlib_version: + description: Version of stdlib puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/stdlib --version 4.3.2 + - puppetlabs/stdlib + default: puppetlabs/stdlib --version 4.3.2 + ntp_version: + description: Version of ntp puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/ntp --version 3.1.2 + - puppetlabs/ntp + default: puppetlabs/ntp --version 3.1.2 + concat_version: + description: Version of concat puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs-concat --version 1.0.4 + - puppetlabs-concat + default: puppetlabs-concat --version 1.0.4 + lokkit_version: + description: Version of lokkit puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - rharrison-lokkit --version 0.5.0 + - rharrison-lokkit + default: rharrison-lokkit --version 0.5.0 + selinux_types_version: + description: Version of selinux_types puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - blentz-selinux_types --version 0.1.0 + - blentz-selinux_types + default: blentz-selinux_types --version 0.1.0 + haproxy_version: + description: Version of haproxy puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - puppetlabs/haproxy --version 1.0.0 + - puppetlabs/haproxy + default: puppetlabs/haproxy --version 1.0.0 + keepalived_version: + description: Version of keepalived puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - arioch/keepalived --version 0.1.0 + - arioch/keepalived + default: arioch/keepalived --version 0.1.0 + sysctl_version: + description: Version of sysctl puppet module, leave the default value if you want to use a production version + type: string + constraints: + - allowed_values: + - duritong-sysctl --version 0.0.4 + - duritong-sysctl + default: duritong-sysctl --version 0.0.4 + +resources: + openshift_origin_security_group: + type: OS::Neutron::SecurityGroup + properties: + description: OpenShift Origin Firewall Rules + rules: [ + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": icmp + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 22, + "port_range_max": 22 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": udp, + "port_range_min": 53, + "port_range_max": 53 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 80, + "port_range_max": 80 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 443, + "port_range_max": 443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8443, + "port_range_max": 8443 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8000, + "port_range_max": 8000 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 8080, + "port_range_max": 8080 + }, + { + "remote_ip_prefix": 0.0.0.0/0, + "protocol": tcp, + "port_range_min": 61613, + "port_range_max": 61613 + } + ] + + ssh_key: + type: OS::Nova::KeyPair + properties: + name: {get_param: ssh_key_name} + public_key: {get_param: public_ssh_key} + + private_network: + type: OS::Neutron::Net + properties: + name: {get_param: private_network_name} + + private_sub_network: + type: OS::Neutron::Subnet + properties: + network_id: {get_resource: private_network} + cidr: {get_param: private_network_cidr} + gateway_ip: {get_param: private_network_gateway} + dns_nameservers: [ {get_param: private_network_dns} ] + allocation_pools: [{ + "start": {get_param: private_network_pool_start}, + "end": {get_param: private_network_pool_end} + }] + + router: + type: OS::Neutron::Router + + router_gateway: + type: OS::Neutron::RouterGateway + properties: + router_id: {get_resource: router} + network_id: {get_param: public_net_id} + + router_interface: + type: OS::Neutron::RouterInterface + properties: + router_id: {get_resource: router} + subnet_id: {get_resource: private_sub_network} + + broker_port: + type: OS::Neutron::Port + properties: + network_id: {get_resource: private_network} + fixed_ips: [ + subnet_id: {get_resource: private_sub_network} + ] + security_groups: [{get_resource: openshift_origin_security_group}] + + broker_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: broker_port} + + broker_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + broker_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: broker_instance + properties: + Handle: {get_resource: broker_wait_handle} + Timeout: 1800 + + broker_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + /usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named $Prefix + export DNS_SEC_KEY=`cat /var/named/K$Prefix.*.key | awk '{print $8}'` + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export BROKER_WAIT_HANDLE="$BrokerWaitHandle" + export HOSTNAME=$BrokerHostname + export USERNAME=$Username + export PASSWORD=$Password + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['broker','nameserver','msgserver','datastore'], + bind_key => '${DNS_SEC_KEY}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + conf_nameserver_upstream_dns => ['${UPSTREAM_DNS}'], + ntp_servers => ['${UPSTREAM_NTP} iburst'], + broker_hostname => \$my_hostname, + nameserver_hostname => \$my_hostname, + datastore_hostname => \$my_hostname, + msgserver_hostname => \$my_hostname, + broker_auth_plugin => 'htpasswd', + openshift_user1 => '${USERNAME}', + openshift_password1 => '${PASSWORD}', + development_mode => ${DEV_MODE}, + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $ConcatVersion + puppet module install $LokkitVersion + puppet module install $SelinuxVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 --data "${DNS_SEC_KEY}" -r 'Broker setup complete' ${BROKER_WAIT_HANDLE} + chkconfig activemq on + service activemq start + setenforce 1 + params: + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $BrokerWaitHandle: {get_resource: broker_wait_handle} + $BrokerHostname: {get_param: broker_hostname} + $Username: {get_param: username} + $Password: {get_param: password} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $ConcatVersion: {get_param: concat_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + + broker_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_broker_name} + flavor: {get_param: broker_flavor} + key_name: {get_resource: ssh_key} + networks: [ + port: {get_resource: broker_port} + ] + user_data: {get_resource: broker_user_data} + user_data_format: RAW + + node_port: + type: OS::Neutron::Port + properties: + network_id: {get_resource: private_network} + fixed_ips: [ + subnet_id: {get_resource: private_sub_network} + ] + security_groups: [{get_resource: openshift_origin_security_group}] + + node_floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network_id: {get_param: public_net_id} + port_id: {get_resource: node_port} + + node_wait_handle: + type: AWS::CloudFormation::WaitConditionHandle + + node_wait_condition: + type: AWS::CloudFormation::WaitCondition + depends_on: node_instance + properties: + Handle: {get_resource: node_wait_handle} + Timeout: 1800 + + node_user_data: + type: OS::Heat::SoftwareConfig + properties: + group: ungrouped + config: + str_replace: + template: | + #!/bin/bash -x + export DNS_SEC_KEY=`python -c 'print $BrokerWaitConditionData["00000"]'` + export BROKER_IP=$BrokerIP + export NODE_FLOATING_IP=$NodeFloatingIP + export PREFIX=$Prefix + export UPSTREAM_DNS=$UpstreamDNS + export UPSTREAM_NTP=$UpstreamNTP + export NODE_WAIT_HANDLE="$NodeWaitHandle" + export HOSTNAME=$NodeHostname + export DEV_MODE=$DevMode + export PUPPET_MODULE_URL=$PuppetURL + export PUPPET_MODULE_BRANCH=$PuppetBranch + cat << EOF > /root/configure.pp + \$my_hostname="${HOSTNAME}.${PREFIX}" + exec { "set hostname": + command => "/bin/hostname \${my_hostname} ; echo \${my_hostname} > /etc/hostname" + } + class { 'openshift_origin' : + roles => ['node'], + bind_key => '${DNS_SEC_KEY}', + nameserver_ip_addr => '${BROKER_IP}', + domain => '${PREFIX}', + register_host_with_nameserver => true, + broker_hostname => '${BROKER_IP}', + msgserver_hostname => '${BROKER_IP}', + ntp_servers => ['${UPSTREAM_NTP} iburst'], + node_hostname => \$my_hostname, + install_method => 'yum', + jenkins_repo_base => 'http://pkg.jenkins-ci.org/redhat', + development_mode => ${DEV_MODE}, + node_ip_addr => '${NODE_FLOATING_IP}', + } + EOF + mkdir -p /etc/puppet/modules + git clone -b ${PUPPET_MODULE_BRANCH} ${PUPPET_MODULE_URL} /etc/puppet/modules/openshift_origin + cd /etc/puppet/modules/openshift_origin + $OpenShiftVersion + puppet module install $StdlibVersion + puppet module install $NtpVersion + puppet module install $SysctlVersion + puppet module install $LokkitVersion + puppet module install $HaproxyVersion + puppet module install $KeepalivedVersion + puppet apply --verbose /root/configure.pp | tee /var/log/configure_openshift.log + setenforce 0 + /opt/aws/bin/cfn-signal -e 0 -r 'Node setup complete' ${NODE_WAIT_HANDLE} + setenforce 1 + params: + $BrokerWaitConditionData: {get_attr: [broker_wait_condition, Data]} + $BrokerIP: {get_attr: [broker_instance, first_address]} + $NodeFloatingIP: {get_attr: [node_floating_ip, floating_ip_address]} + $Prefix: {get_param: prefix} + $UpstreamDNS: {get_param: upstream_dns} + $UpstreamNTP: {get_param: upstream_ntp} + $NodeWaitHandle: {get_resource: node_wait_handle} + $NodeHostname: {get_param: node_hostname} + $DevMode: {get_param: dev_mode} + $PuppetURL: {get_param: puppet_module_url} + $PuppetBranch: {get_param: puppet_module_branch} + $OpenShiftVersion: {get_param: openshift_version} + $StdlibVersion: {get_param: stdlib_version} + $NtpVersion: {get_param: ntp_version} + $SysctlVersion: {get_param: sysctl_version} + $LokkitVersion: {get_param: lokkit_version} + $SelinuxVersion: {get_param: selinux_types_version} + $HaproxyVersion: {get_param: haproxy_version} + $KeepalivedVersion: {get_param: keepalived_version} + + node_instance: + type: OS::Nova::Server + properties: + image: {get_param: image_node_name} + flavor: {get_param: node_flavor} + key_name: {get_resource: ssh_key} + networks: [ + port: {get_resource: node_port} + ] + user_data: {get_resource: node_user_data} + user_data_format: RAW