openstack/heat-templates
Code Issues Proposed changes
2a2fe91602
heat-templates/cfn/F17/VPN_Service.template
Steven Hardy 8d360e00b4 Remove misleading OS choices from legacy F17 examples 
These examples all mention alternative OS versions, which is confusing
to users, especially the ubuntu one, which will definitely not work and
evidently is causing confusion for users.

So remove the references to anything other than F17 (which these did work
on at one point).  Obviously we still have to refresh these at some point
to make sure they still work on a non-EOL version of Fedora, but hopefully
this somewhat reduces confusion in the meantime.

Change-Id: I9d40f44f86e40f7d67fa4c3340b7fc6ad01bf270
2014-06-13 09:51:03 +01:00

221 lines
6.0 KiB
Plaintext
Raw Blame History

{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Creates new network, router, vpn sevrice and server. More details about VPN service you can find on wikipage: https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall",
"Parameters" : {
"ExternalNetwork" : {
"Default" : "public",
"Description" : "External network name or id",
"Type" : "String",
"ConstraintDescription" : "must be a name or id of existing external network"
},
"ExternalGateway" : {
"Default" : "172.24.4.233",
"Description" : "External Gateway IP address",
"Type" : "String",
"ConstraintDescription" : "must be an IP address of external gateway"
},
"SubnetCidr" : {
"Default" : "10.1.0.0/24",
"Description" : "Subnet cidr",
"Type" : "String",
"ConstraintDescription" : "must be a cidr"
},
"SubnetPoolStart" : {
"Default" : "10.1.0.10",
"Description" : "Start of allocation pool for subnet",
"Type" : "String",
"ConstraintDescription" : "must be a valid IP address"
},
"SubnetPoolEnd" : {
"Default" : "10.1.0.200",
"Description" : "End of allocation pool for subnet",
"Type" : "String",
"ConstraintDescription" : "must be a valid IP address"
},
"VPNPeerCidr" : {
"Default" : "10.2.0.0/24",
"Description" : "Cidr for VPN peer",
"Type" : "String",
"ConstraintDescription" : "must be a valid cidr"
},
"KeyName" : {
"Default" : "heat_key",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instances",
"Type" : "String"
},
"InstanceType" : {
"Description" : "Server EC2 instance type",
"Type" : "String",
"Default" : "m1.small",
"AllowedValues" : [ "m1.tiny", "m1.small", "m1.medium", "m1.large", "m1.xlarge" ],
"ConstraintDescription" : "must be a valid EC2 instance type."
},
"LinuxDistribution": {
"Default": "F17",
"Description" : "Distribution of choice",
"Type": "String",
"AllowedValues" : [ "F17" ]
}
},
"Mappings" : {
"AWSInstanceType2Arch" : {
"m1.tiny" : { "Arch" : "32" },
"m1.small" : { "Arch" : "64" },
"m1.medium" : { "Arch" : "64" },
"m1.large" : { "Arch" : "64" },
"m1.xlarge" : { "Arch" : "64" }
},
"DistroArch2AMI": {
"F17" : { "32" : "F17-i386-cfntools", "64" : "F17-x86_64-cfntools" }
}
},
"Resources" : {
"Network": {
"Type": "OS::Neutron::Net",
"Properties": {
"name": "My Network"
}
},
"Subnet": {
"Type": "OS::Neutron::Subnet",
"Properties": {
"name": "My Subnet",
"network_id": { "Ref" : "Network" },
"ip_version": 4,
"cidr": { "Ref" : "SubnetCidr" },
"dns_nameservers": ["8.8.8.8"],
"allocation_pools": [ {
"start": { "Ref" : "SubnetPoolStart" },
"end": { "Ref" : "SubnetPoolEnd" }
}
]
}
},
"Router": {
"Type": "OS::Neutron::Router",
"Properties": {
"name": "My Router"
}
},
"RouterInterface": {
"Type": "OS::Neutron::RouterInterface",
"Properties": {
"router_id": { "Ref" : "Router" },
"subnet_id": { "Ref" : "Subnet" }
}
},
"RouterGateway": {
"Type": "OS::Neutron::RouterGateway",
"Properties": {
"router_id": { "Ref" : "Router" },
"network_id": { "Ref" : "ExternalNetwork" }
}
},
"VPNService" : {
"Type" : "OS::Neutron::VPNService",
"Properties" : {
"name" : "VPNService",
"description" : "My new VPN service",
"admin_state_up" : true,
"router_id" : { "Ref" : "Router" },
"subnet_id" : { "Ref" : "Subnet" }
}
},
"IKEPolicy" : {
"Type" : "OS::Neutron::IKEPolicy",
"Properties" : {
"name" : "IKEPolicy",
"description" : "My new IKE policy",
"auth_algorithm" : "sha1",
"encryption_algorithm" : "3des",
"phase1_negotiation_mode" : "main",
"lifetime" : {
"units" : "seconds",
"value" : 3600
},
"pfs" : "group5",
"ike_version" : "v1"
}
},
"IPsecPolicy" : {
"Type" : "OS::Neutron::IPsecPolicy",
"Properties" : {
"name" : "IPsecPolicy",
"description" : "My new IPsec policy",
"transform_protocol": "esp",
"encapsulation_mode" : "tunnel",
"auth_algorithm" : "sha1",
"encryption_algorithm" : "3des",
"lifetime" : {
"units" : "seconds",
"value" : 3600
},
"pfs" : "group5"
}
},
"IPsecSiteConnection" : {
"Type" : "OS::Neutron::IPsecSiteConnection",
"Properties" : {
"name" : "IPsecSiteConnection",
"description" : "My new VPN connection",
"peer_address" : { "Ref" : "ExternalGateway" },
"peer_id" : { "Ref" : "ExternalGateway" },
"peer_cidrs" : [ { "Ref" : "VPNPeerCidr" } ],
"mtu" : 1500,
"dpd" : {
"actions" : "hold",
"interval" : 30,
"timeout" : 120
},
"psk" : "secret",
"initiator" : "bi-directional",
"admin_state_up" : true,
"ikepolicy_id" : { "Ref" : "IKEPolicy" },
"ipsecpolicy_id" : { "Ref" : "IPsecPolicy" },
"vpnservice_id" : { "Ref" : "VPNService" }
}
},
"Server": {
"Type": "AWS::EC2::Instance",
"Properties": {
"ImageId" : { "Fn::FindInMap" : [ "DistroArch2AMI", { "Ref" : "LinuxDistribution" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "InstanceType" }, "Arch" ] } ] },
"InstanceType" : { "Ref" : "InstanceType" },
"KeyName" : { "Ref" : "KeyName" },
"SubnetId" : { "Ref" : "Subnet" }
}
}
},
"Outputs" : {
"ServerIPAddress" : {
"Value" : { "Fn::GetAtt" : [ "Server", "PublicIp" ]},
"Description" : "IP address of created server"
}
}
}
View Git Blame Copy Permalink