heat_template_version: 2014-10-16 description: > This is a nested stack that defines a single Mesos slave, This stack is included by an ResourceGroup resource in the parent template (mesoscluster.yaml). parameters: server_image: type: string description: glance image used to boot the server slave_flavor: type: string description: flavor to use when booting the server ssh_key_name: type: string description: name of ssh key to be provisioned on our server external_network: type: string description: uuid/name of a network to use for floating ip addresses wait_condition_timeout: type: number description : > timeout for the Wait Conditions executor_registration_timeout: type: string description: > Amount of time to wait for an executor to register with the slave before considering it hung and shutting it down http_proxy: type: string description: http proxy address for docker https_proxy: type: string description: https proxy address for docker no_proxy: type: string description: no proxies for docker auth_url: type: string description: > url for mesos to authenticate before sending request username: type: string description: user name password: type: string description: > user password, not set in current implementation, only used to fill in for Kubernetes config file hidden: true tenant_name: type: string description: > tenant_name is used to isolate access to Compute resources volume_driver: type: string description: volume driver to use for container storage region_name: type: string description: A logically separate section of the cluster domain_name: type: string description: > domain is to define the administrative boundaries for management of Keystone entities rexray_preempt: type: string description: > enables any host to take control of a volume irrespective of whether other hosts are using the volume mesos_slave_isolation: type: string description: > Isolation mechanisms to use, e.g., `posix/cpu,posix/mem`, or `cgroups/cpu,cgroups/mem`, or network/port_mapping (configure with flag: `--with-network-isolator` to enable), or `cgroups/devices/gpus/nvidia` for nvidia specific gpu isolation (configure with flag: `--enable-nvidia -gpu-support` to enable), or `external`, or load an alternate isolator module using the `--modules` flag. Note that this flag is only relevant for the Mesos Containerizer. mesos_slave_work_dir: type: string description: directory path to place framework work directories mesos_slave_image_providers: type: string description: > Comma separated list of supported image providers e.g., APPC,DOCKER mesos_slave_executor_environment_variables: type: string description: > JSON object representing the environment variables that should be passed to the executor, and thus subsequently task(s). By default the executor, executor will inherit the agent's environment variables. mesos_masters_ips: type: string description: IP addresses of the Mesos master servers. fixed_network: type: string description: Network from which to allocate fixed addresses. fixed_subnet: type: string description: Subnet from which to allocate fixed addresses. secgroup_base_id: type: string description: ID of the security group for base. resources: slave_wait_handle: type: OS::Heat::WaitConditionHandle slave_wait_condition: type: OS::Heat::WaitCondition depends_on: mesos_slave properties: handle: {get_resource: slave_wait_handle} timeout: {get_param: wait_condition_timeout} secgroup_all_open: type: OS::Neutron::SecurityGroup properties: rules: - protocol: icmp - protocol: tcp - protocol: udp ###################################################################### # # software configs. these are components that are combined into # a multipart MIME user-data archive. # write_heat_params: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: str_replace: template: {get_file: fragments/write-heat-params.yaml} params: "$MESOS_MASTERS_IPS": {get_param: mesos_masters_ips} "$EXECUTOR_REGISTRATION_TIMEOUT": {get_param: executor_registration_timeout} "$HTTP_PROXY": {get_param: http_proxy} "$HTTPS_PROXY": {get_param: https_proxy} "$NO_PROXY": {get_param: no_proxy} "$AUTH_URL": {get_param: auth_url} "$USERNAME": {get_param: username} "$PASSWORD": {get_param: password} "$TENANT_NAME": {get_param: tenant_name} "$VOLUME_DRIVER": {get_param: volume_driver} "$REGION_NAME": {get_param: region_name} "$DOMAIN_NAME": {get_param: domain_name} "$REXRAY_PREEMPT": {get_param: rexray_preempt} "$ISOLATION": {get_param: mesos_slave_isolation} "$WORK_DIR": {get_param: mesos_slave_work_dir} "$IMAGE_PROVIDERS": {get_param: mesos_slave_image_providers} "$EXECUTOR_ENVIRONMENT_VARIABLES": {get_param: mesos_slave_executor_environment_variables} configure_mesos_slave: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/configure-mesos-slave.sh} start_services: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/start-services-slave.sh} slave_wc_notify: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: str_replace: template: | #!/bin/bash -v wc_notify --data-binary '{"status": "SUCCESS"}' params: wc_notify: {get_attr: [slave_wait_handle, curl_cli]} add_proxy: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/add-proxy.sh} volume_service: type: OS::Heat::SoftwareConfig properties: group: ungrouped config: {get_file: fragments/volume-service.sh} mesos_slave_init: type: OS::Heat::MultipartMime properties: parts: - config: {get_resource: write_heat_params} - config: {get_resource: configure_mesos_slave} - config: {get_resource: add_proxy} - config: {get_resource: volume_service} - config: {get_resource: start_services} - config: {get_resource: slave_wc_notify} ###################################################################### # # a single mesos slave. # mesos_slave: type: OS::Nova::Server properties: image: {get_param: server_image} flavor: {get_param: slave_flavor} key_name: {get_param: ssh_key_name} user_data_format: RAW user_data: {get_resource: mesos_slave_init} networks: - port: {get_resource: mesos_slave_eth0} mesos_slave_eth0: type: OS::Neutron::Port properties: network: {get_param: fixed_network} security_groups: - get_resource: secgroup_all_open - get_param: secgroup_base_id fixed_ips: - subnet: {get_param: fixed_subnet} replacement_policy: AUTO mesos_slave_floating: type: OS::Neutron::FloatingIP properties: floating_network: {get_param: external_network} port_id: {get_resource: mesos_slave_eth0} outputs: mesos_slave_ip: value: {get_attr: [mesos_slave_eth0, fixed_ips, 0, ip_address]} description: > This is the "private" address of the Mesos agent node. mesos_slave_external_ip: value: {get_attr: [mesos_slave_floating, floating_ip_address]} description: > This is the "public" address of the Mesos agent node.