kolla-ansible/devenv/kollanode.yaml
Sam Yaple 1dcd904d27 Loads ebtables from inside the containers
We have to overlay the /lib/modules folder from the host to properly
`modprobe` from within a container. We don't have to give it write
permissions however, so the docker-compose volume is mounted in as 'ro'

Change-Id: I95101136dad56e9331d8b92cd394495f7bd0576a
2015-03-28 15:54:43 -05:00

238 lines
6.3 KiB
YAML

heat_template_version: 2013-05-23
description: >
This is a nested stack that defines a single Kolla node,
based on a Fedora 21 cloud image. This stack is included by
a ResourceGroup resource in the parent template (kollacluster.yaml).
parameters:
server_image:
type: string
default: fedora-21-x86_64
description: glance image used to boot the server
server_flavor:
type: string
default: m1.small
description: flavor to use when booting the server
ssh_key_name:
type: string
description: name of ssh key to be provisioned on our server
external_network_id:
type: string
description: uuid of a network to use for kolla host floating ip addresses
container_external_network_id:
type: string
description: uuid of a network to use for container floating ip addresses
container_external_subnet_id:
type: string
description: uuid of a subnet to use for container floating ip addresses
# The following are all generated in the parent template.
fixed_network_id:
type: string
description: Network from which to allocate fixed addresses.
fixed_subnet_id:
type: string
description: Subnet from which to allocate fixed addresses.
resources:
node_wait_handle:
type: "AWS::CloudFormation::WaitConditionHandle"
node_wait_condition:
type: "AWS::CloudFormation::WaitCondition"
depends_on:
- kolla_node
properties:
Handle:
get_resource: node_wait_handle
Timeout: "6000"
######################################################################
#
# security groups. we need to permit network traffic of various
# sorts.
#
secgroup_base:
type: "OS::Neutron::SecurityGroup"
properties:
rules:
- protocol: icmp
- protocol: tcp
port_range_min: 22
port_range_max: 22
# Use by eth1 to permit all traffic to instances.
# Let the Neutron container apply security to this traffic.
secgroup_all_open:
type: "OS::Neutron::SecurityGroup"
properties:
rules:
- protocol: icmp
- protocol: tcp
- protocol: udp
secgroup_kolla:
type: "OS::Neutron::SecurityGroup"
properties:
rules:
- protocol: tcp
port_range_min: 5672
port_range_max: 5672
- protocol: tcp
port_range_min: 3306
port_range_max: 3306
- protocol: tcp
port_range_min: 8773
port_range_max: 8776
- protocol: tcp
port_range_min: 6080
port_range_max: 6080
- protocol: tcp
port_range_min: 6081
port_range_max: 6081
- protocol: tcp
port_range_min: 35357
port_range_max: 35357
- protocol: tcp
port_range_min: 5000
port_range_max: 5000
- protocol: tcp
port_range_min: 9191
port_range_max: 9191
- protocol: tcp
port_range_min: 9292
port_range_max: 9292
- protocol: tcp
port_range_min: 9696
port_range_max: 9696
- protocol: tcp
port_range_min: 80
port_range_max: 80
- protocol: tcp
port_range_min: 443
port_range_max: 443
- protocol: tcp
port_range_min: 8000
port_range_max: 8000
- protocol: tcp
port_range_min: 8004
port_range_max: 8004
- protocol: tcp
port_range_min: 8003
port_range_max: 8003
- protocol: tcp
port_range_min: 8080
port_range_max: 8080
- protocol: tcp
port_range_min: 8777
port_range_max: 8777
kolla_node:
type: "OS::Nova::Server"
properties:
image:
get_param: server_image
flavor:
get_param: server_flavor
key_name:
get_param: ssh_key_name
user_data_format: RAW
user_data:
str_replace:
template: |
#!/bin/sh
# Latest packages
yum clean all
yum -y update
# Remove network manager
yum -y remove NetworkManager
chkconfig network on
# Install base packages
yum -y install wget ntp git tcpdump python-pip
# Install Docker binaries
# TODO Use pkg when API 1.18 is available
wget https://master.dockerproject.com/linux/amd64/docker-1.5.0-dev -O docker
chmod +x docker
./docker -d &
# Install Compose with pid=host support
# TODO: Use pkg when github.com/docker/compose/pull/1011 is merged
git clone http://github.com/sdake/fig
cd fig
pip install -e .
pip install -U docker-py
pip install -e .
pip install six==1.7.3
# Pull the Kolla repo
cd /root
curl -L -O https://github.com/stackforge/kolla/archive/version-m3.tar.gz
tar -xvf version-m3.tar.gz
mv kolla-version-m3 kolla
# Start NTP
systemctl enable ntpd
systemctl start ntpd
# Send the CFN signal
cfn-signal -e0 --data 'OK' -r 'Setup complete' '$WAIT_HANDLE'
params:
"$WAIT_HANDLE":
get_resource: node_wait_handle
networks:
- port:
get_resource: kolla_node_eth0
- port:
get_resource: kolla_node_eth1
kolla_node_eth0:
type: "OS::Neutron::Port"
properties:
network_id:
get_param: fixed_network_id
security_groups:
- get_resource: secgroup_base
- get_resource: secgroup_kolla
fixed_ips:
- subnet_id:
get_param: fixed_subnet_id
kolla_node_eth1:
type: "OS::Neutron::Port"
properties:
network_id:
get_param: container_external_network_id
security_groups:
- get_resource: secgroup_all_open
fixed_ips:
- subnet_id:
get_param: container_external_subnet_id
kolla_node_floating:
type: "OS::Neutron::FloatingIP"
properties:
floating_network_id:
get_param: external_network_id
port_id:
get_resource: kolla_node_eth0
outputs:
kolla_node_ip_eth0:
value: {get_attr: [kolla_node_eth0, fixed_ips, 0, ip_address]}
kolla_node_external_ip:
value: {get_attr: [kolla_node_floating, floating_ip_address]}