heat_template_version: 2013-05-23 description: > This is a nested stack that defines a single Kolla node, based on a Fedora 21 cloud image. This stack is included by a ResourceGroup resource in the parent template (kollacluster.yaml). parameters: server_image: type: string default: fedora-21-x86_64 description: glance image used to boot the server server_flavor: type: string default: m1.small description: flavor to use when booting the server ssh_key_name: type: string description: name of ssh key to be provisioned on our server external_network_id: type: string description: uuid of a network to use for kolla host floating ip addresses container_external_network_id: type: string description: uuid of a network to use for container floating ip addresses container_external_subnet_id: type: string description: uuid of a subnet to use for container floating ip addresses # The following are all generated in the parent template. fixed_network_id: type: string description: Network from which to allocate fixed addresses. fixed_subnet_id: type: string description: Subnet from which to allocate fixed addresses. resources: node_wait_handle: type: "AWS::CloudFormation::WaitConditionHandle" node_wait_condition: type: "AWS::CloudFormation::WaitCondition" depends_on: - kolla_node properties: Handle: get_resource: node_wait_handle Timeout: "6000" ###################################################################### # # security groups. we need to permit network traffic of various # sorts. # secgroup_base: type: "OS::Neutron::SecurityGroup" properties: rules: - protocol: icmp - protocol: tcp port_range_min: 22 port_range_max: 22 # Use by eth1 to permit all traffic to instances. # Let the Neutron container apply security to this traffic. secgroup_all_open: type: "OS::Neutron::SecurityGroup" properties: rules: - protocol: icmp - protocol: tcp - protocol: udp secgroup_kolla: type: "OS::Neutron::SecurityGroup" properties: rules: - protocol: tcp port_range_min: 5672 port_range_max: 5672 - protocol: tcp port_range_min: 3306 port_range_max: 3306 - protocol: tcp port_range_min: 8773 port_range_max: 8776 - protocol: tcp port_range_min: 6080 port_range_max: 6080 - protocol: tcp port_range_min: 6081 port_range_max: 6081 - protocol: tcp port_range_min: 35357 port_range_max: 35357 - protocol: tcp port_range_min: 5000 port_range_max: 5000 - protocol: tcp port_range_min: 9191 port_range_max: 9191 - protocol: tcp port_range_min: 9292 port_range_max: 9292 - protocol: tcp port_range_min: 9696 port_range_max: 9696 - protocol: tcp port_range_min: 80 port_range_max: 80 - protocol: tcp port_range_min: 443 port_range_max: 443 - protocol: tcp port_range_min: 8000 port_range_max: 8000 - protocol: tcp port_range_min: 8004 port_range_max: 8004 - protocol: tcp port_range_min: 8003 port_range_max: 8003 - protocol: tcp port_range_min: 8080 port_range_max: 8080 - protocol: tcp port_range_min: 8777 port_range_max: 8777 kolla_node: type: "OS::Nova::Server" properties: image: get_param: server_image flavor: get_param: server_flavor key_name: get_param: ssh_key_name user_data_format: RAW user_data: str_replace: template: | #!/bin/bash # Latest packages yum clean all yum -y update # Remove network manager yum -y remove NetworkManager chkconfig network on # Install base packages yum -y install wget ntp git tcpdump python-pip # Install Docker from binaries due to: # https://github.com/docker/docker/issues/11760#issuecomment-88288278 curl https://fedorapeople.org/groups/heat/docker-1.6.0-rc5 -o /usr/local/sbin/docker chmod +x /usr/local/sbin/docker && cd /usr/local/sbin/ ./docker -d & # Install Compose with pid=host support cd /root git clone http://github.com/docker/compose.git cd compose pip install -e . # Pull the Kolla repo cd /root git clone https://github.com/stackforge/kolla.git # Add vxlan kernel module for Neutron modprobe vxlan # Start NTP systemctl enable ntpd systemctl start ntpd # Install mariadb-client yum install -y mariadb # Install OpenStack Clients yum install -y python-keystoneclient python-glanceclient \ python-novaclient python-cinderclient \ python-neutronclient python-heatclient # Disable firewalld per OpenStack documentation service firewalld stop chkconfig firewalld off # Send the CFN signal cfn-signal -e0 --data 'OK' -r 'Setup complete' '$WAIT_HANDLE' params: "$WAIT_HANDLE": get_resource: node_wait_handle networks: - port: get_resource: kolla_node_eth0 - port: get_resource: kolla_node_eth1 kolla_node_eth0: type: "OS::Neutron::Port" properties: network_id: get_param: fixed_network_id security_groups: - get_resource: secgroup_base - get_resource: secgroup_kolla fixed_ips: - subnet_id: get_param: fixed_subnet_id kolla_node_eth1: type: "OS::Neutron::Port" properties: network_id: get_param: container_external_network_id security_groups: - get_resource: secgroup_all_open fixed_ips: - subnet_id: get_param: container_external_subnet_id kolla_node_floating: type: "OS::Neutron::FloatingIP" properties: floating_network_id: get_param: external_network_id port_id: get_resource: kolla_node_eth0 outputs: kolla_node_ip_eth0: value: {get_attr: [kolla_node_eth0, fixed_ips, 0, ip_address]} kolla_node_external_ip: value: {get_attr: [kolla_node_floating, floating_ip_address]}