Merge "[Tempest] Deploy and Validate Neutron resources using HEAT Orchestration Template"
This commit is contained in:
commit
7b64469d32
@ -0,0 +1,252 @@
|
||||
# Copyright 2017 VMware Inc
|
||||
# All Rights Reserved
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import os
|
||||
import re
|
||||
import yaml
|
||||
|
||||
from oslo_log import log as logging
|
||||
|
||||
from tempest.api.orchestration import base
|
||||
from tempest.common.utils import data_utils
|
||||
from tempest import config
|
||||
from tempest.lib import decorators
|
||||
from tempest.scenario import manager
|
||||
from tempest import test
|
||||
|
||||
from vmware_nsx_tempest.services import nsxv_client
|
||||
|
||||
|
||||
CONF = config.CONF
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
DIR_PATH = '/opt/stack/vmware-nsx/vmware_nsx_tempest/tests/'
|
||||
|
||||
|
||||
class HeatSmokeTest(base.BaseOrchestrationTest,
|
||||
manager.NetworkScenarioTest):
|
||||
|
||||
"""Deploy and Test Neutron Resources using HEAT.
|
||||
|
||||
The script load the neutron resources from template and fully
|
||||
validates successful deployment of all resources from the template.
|
||||
The template consists of two toplogies with Shared and Exclusive router.
|
||||
Tests will be common to toplogies (pls refer template for topo info)and
|
||||
will be as below :
|
||||
1. verify created resources from template
|
||||
2. verify all created resouces from template
|
||||
-->neutronDB-->NSXbackend
|
||||
3. check same network connectivity
|
||||
4. check cross network connectivity
|
||||
"""
|
||||
|
||||
def setUp(self):
|
||||
super(HeatSmokeTest, self).setUp()
|
||||
self.external_network = CONF.scenario.outside_world_servers
|
||||
|
||||
@classmethod
|
||||
def read_template(cls, name, ext='yaml'):
|
||||
loc = ["templates", "%s.%s" % (name, ext)]
|
||||
filepath = os.path.join(DIR_PATH, *loc)
|
||||
if os.path.isfile(filepath):
|
||||
with open(filepath, "r") as f:
|
||||
content = f.read()
|
||||
return content
|
||||
else:
|
||||
raise IOError("File %s not found " % filepath)
|
||||
|
||||
@classmethod
|
||||
def load_template(cls, name, ext='yaml'):
|
||||
loc = ["templates", "%s.%s" % (name, ext)]
|
||||
filepath = os.path.join(DIR_PATH, *loc)
|
||||
if os.path.isfile(filepath):
|
||||
with open(filepath, "r") as f:
|
||||
return yaml.safe_load(f)
|
||||
else:
|
||||
raise IOError("File %s not found " % filepath)
|
||||
|
||||
@classmethod
|
||||
def resource_setup(cls):
|
||||
super(HeatSmokeTest, cls).resource_setup()
|
||||
cls.stack_name = data_utils.rand_name('heat')
|
||||
try:
|
||||
cls.neutron_basic_template = cls.load_template(
|
||||
'nsxv_neutron_smoke')
|
||||
template = cls.read_template('nsxv_neutron_smoke')
|
||||
except IOError as e:
|
||||
LOG.exception(("file nsxv_neutron_smoke.yaml not found %(rsp)s") %
|
||||
{'rsp': e})
|
||||
cls.stack_identifier = cls.create_stack(cls.stack_name, template)
|
||||
cls.client.wait_for_stack_status(cls.stack_identifier,
|
||||
'CREATE_COMPLETE')
|
||||
cls.stack_id = cls.stack_identifier.split('/')[1]
|
||||
cls.resources = (cls.client.list_resources(cls.stack_identifier)
|
||||
['resources'])
|
||||
cls.test_resources = {}
|
||||
for resource in cls.resources:
|
||||
cls.test_resources[resource['logical_resource_id']] = resource
|
||||
|
||||
@classmethod
|
||||
def setup_credentials(cls):
|
||||
cls.set_network_resources()
|
||||
super(HeatSmokeTest, cls).setup_credentials()
|
||||
|
||||
@classmethod
|
||||
def setup_clients(cls):
|
||||
super(HeatSmokeTest, cls).setup_clients()
|
||||
cls.routers_client = cls.os.routers_client
|
||||
cls.subnets_client = cls.os.subnets_client
|
||||
manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
|
||||
CONF.nsxv.manager_uri).group(0)
|
||||
cls.vsm = nsxv_client.VSMClient(
|
||||
manager_ip, CONF.nsxv.user, CONF.nsxv.password)
|
||||
|
||||
def _resource_list_check(self, resource):
|
||||
# sorts out the resources and returns resource id
|
||||
if resource == 'networks':
|
||||
body = self.networks_client.list_networks()
|
||||
component = 'OS::Neutron::Net'
|
||||
elif resource == 'routers':
|
||||
body = self.routers_client.list_routers()
|
||||
component = 'OS::Neutron::Router'
|
||||
print(body)
|
||||
elif resource == 'servers':
|
||||
body = self.servers_client.list_servers()
|
||||
component = 'OS::Nova::Server'
|
||||
resource_list_id = [res_list['id'] for res_list in body[resource]]
|
||||
test_resource_list_id = []
|
||||
for _, resource in self.test_resources.items():
|
||||
if resource['resource_type'] == component:
|
||||
test_resource_list_id.append(resource['physical_resource_id'])
|
||||
for resource_id in test_resource_list_id:
|
||||
self.assertIn(resource_id, resource_list_id)
|
||||
return test_resource_list_id
|
||||
|
||||
def _check_server_connectivity(self, floating_ip, address_list,
|
||||
should_connect=True):
|
||||
# checks server connectivity
|
||||
private_key = self.get_stack_output(self.stack_identifier,
|
||||
'private_key')
|
||||
ssh_source = self.get_remote_client(floating_ip,
|
||||
private_key=private_key)
|
||||
for remote_ip in address_list:
|
||||
if should_connect:
|
||||
msg = ("Timed out waiting for %s to become "
|
||||
"reachable") % remote_ip
|
||||
else:
|
||||
msg = "ip address %s is reachable" % remote_ip
|
||||
try:
|
||||
self.assertTrue(self._check_remote_connectivity
|
||||
(ssh_source, remote_ip, should_connect),
|
||||
msg)
|
||||
except Exception:
|
||||
LOG.exception(("Unable to access %(dest)s via ssh to "
|
||||
"floating-ip %(src)s") %
|
||||
{'dest': remote_ip, 'src': floating_ip})
|
||||
raise
|
||||
|
||||
@decorators.idempotent_id('f693a425-b018-4cde-96ab-cdd5b858e15c')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_created_resources(self):
|
||||
"""Verifies created resources from template ."""
|
||||
for resource in self.resources:
|
||||
msg = 'resource %s not create successfully' \
|
||||
% resource['logical_resource_id']
|
||||
self.assertEqual('CREATE_COMPLETE', resource['resource_status'],
|
||||
msg)
|
||||
self.assertIsInstance(resource, dict)
|
||||
|
||||
@decorators.idempotent_id('3c3ccfcb-e50b-4372-82dc-d5b473acd506')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_created_network(self):
|
||||
"""Verifies created neutron networks."""
|
||||
network_id_list = self._resource_list_check(resource='networks')
|
||||
for network_id in network_id_list:
|
||||
body = self.networks_client.show_network(network_id)
|
||||
self.assertEqual('True', str(body['network']['admin_state_up']))
|
||||
msg = 'newtwork %s not found' % body['network']['name']
|
||||
self.assertIsNotNone(self.vsm.get_logical_switch(network_id), msg)
|
||||
|
||||
@decorators.idempotent_id('b3b103a7-69b2-42ea-a1b8-aa11cc551df9')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_created_router(self):
|
||||
"""Verifies created router."""
|
||||
router_id_list = self._resource_list_check(resource='routers')
|
||||
for router_id in router_id_list:
|
||||
body = self.routers_client.show_router(router_id)
|
||||
self.assertEqual('True', str(body['router']['admin_state_up']))
|
||||
if (body['router']['router_type']) != 'shared':
|
||||
router_edge_name = "%s-%s" % (
|
||||
body['router']['name'], body['router']['id'])
|
||||
exc_edge = self.vsm.get_edge(router_edge_name)
|
||||
msg = 'exc edge %s not found' % body['router']['name']
|
||||
self.assertTrue(exc_edge is not None, msg)
|
||||
|
||||
@decorators.idempotent_id('2b29dfef-6d9f-4a70-9377-af432100ef10')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_created_server(self):
|
||||
"""Verifies created sever."""
|
||||
server_id_list = self._resource_list_check(resource='servers')
|
||||
for server_id in server_id_list:
|
||||
server = self.servers_client.show_server(server_id)['server']
|
||||
msg = 'server %s not active ' % (server)
|
||||
self.assertEqual('ACTIVE', str(server['status']), msg)
|
||||
|
||||
@decorators.idempotent_id('d937a607-aa5e-4cf1-bbf9-00044cbe7190')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_topo1_same_network_connectivity_(self):
|
||||
"""Verifies same network connnectivity for Topology 1 """
|
||||
address_list = []
|
||||
topo1_server1_floatingip = self.get_stack_output(self.stack_identifier,
|
||||
'topo1_server1_floatingip')
|
||||
server4_private_ip = self.get_stack_output(self.stack_identifier,
|
||||
'topo1_server4_private_ip')
|
||||
address_list.append(server4_private_ip)
|
||||
LOG.info((" floating ip :%(rsp)s and private ip list : %(rsp1)s") %
|
||||
{"rsp": topo1_server1_floatingip, "rsp1": address_list})
|
||||
self._check_server_connectivity(topo1_server1_floatingip, address_list,
|
||||
should_connect=True)
|
||||
|
||||
@decorators.idempotent_id('fdbc8b1a-755a-4b37-93e7-0a268e422f05')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_topo1_cross_network_connectivity(self):
|
||||
"""Verifies cross network connnectivity for Topology 1 """
|
||||
address_list = []
|
||||
topo1_server1_floatingip = self.get_stack_output(
|
||||
self.stack_identifier, 'topo1_server1_floatingip')
|
||||
server2_private_ip = self.get_stack_output(self.stack_identifier,
|
||||
'topo1_server2_private_ip')
|
||||
server3_private_ip = self.get_stack_output(self.stack_identifier,
|
||||
'topo1_server3_private_ip')
|
||||
address_list.append(server2_private_ip)
|
||||
address_list.append(server3_private_ip)
|
||||
LOG.info(("floating ip :%(rsp)s and private ip list : %(rsp1)s") %
|
||||
{"rsp": topo1_server1_floatingip, "rsp1": address_list})
|
||||
self._check_server_connectivity(topo1_server1_floatingip, address_list,
|
||||
should_connect=True)
|
||||
|
||||
@decorators.idempotent_id('bcefd117-c55e-499d-a34b-653b8981f1c5')
|
||||
@test.attr(type=["smoke"])
|
||||
def test_topo1_cross_external_connectivity(self):
|
||||
"""Verifies external network connnectivity for Topology 1 """
|
||||
address_list = []
|
||||
topo1_server1_floatingip = self.get_stack_output(self.stack_identifier,
|
||||
'topo1_server1_floatingip')
|
||||
external_network = self.external_network[0]
|
||||
address_list.append(external_network)
|
||||
LOG.info(("floating ip :%(rsp)s and external ip : %(rsp1)s") %
|
||||
{"rsp": topo1_server1_floatingip, "rsp1": address_list})
|
||||
self._check_server_connectivity(topo1_server1_floatingip, address_list,
|
||||
should_connect=True)
|
453
vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml
Normal file
453
vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml
Normal file
@ -0,0 +1,453 @@
|
||||
heat_template_version: 2013-05-23
|
||||
|
||||
description: >
|
||||
Topology 1:
|
||||
- 4 servers (Cirros))
|
||||
- 2 Logical Switches
|
||||
- 1 Logical Router (Shared)
|
||||
- 2 Security Group allowing HTTP
|
||||
Topology 2:
|
||||
- 2 servers (Cirros))
|
||||
- 2 Logical Switch
|
||||
- 1 Logical Router (Exclusive)
|
||||
- 1 Security Group allowing HTTP
|
||||
|
||||
parameters:
|
||||
|
||||
public_net:
|
||||
label: Public Network ID for external connectivity
|
||||
type: string
|
||||
description: >
|
||||
ID or name of public network
|
||||
# Need to update this network UUID for each vPod.
|
||||
default: ext-net
|
||||
dmz_network:
|
||||
default: ext-net
|
||||
description: "External network"
|
||||
type: string
|
||||
ubuntu_image:
|
||||
default: cirros
|
||||
description: "Ubuntu image"
|
||||
type: string
|
||||
|
||||
|
||||
resources:
|
||||
|
||||
# Topology1
|
||||
|
||||
heat_NAT_web_net:
|
||||
type: OS::Neutron::Net
|
||||
properties:
|
||||
name: heat_NAT_web
|
||||
|
||||
heat_NAT_web_subnet:
|
||||
type: OS::Neutron::Subnet
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_web_net }
|
||||
cidr: 10.21.1.0/24
|
||||
dns_nameservers: [ "10.166.17.90" ]
|
||||
|
||||
heat_NAT_db_net:
|
||||
type: OS::Neutron::Net
|
||||
properties:
|
||||
name: heat_NAT_db
|
||||
|
||||
heat_NAT_db_subnet:
|
||||
type: OS::Neutron::Subnet
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_db_net }
|
||||
cidr: 10.21.2.0/24
|
||||
dns_nameservers: [ "10.166.17.90" ]
|
||||
|
||||
my_key:
|
||||
type: OS::Nova::KeyPair
|
||||
properties:
|
||||
save_private_key: true
|
||||
name: my_key
|
||||
|
||||
router:
|
||||
type: OS::Neutron::Router
|
||||
properties:
|
||||
admin_state_up: true
|
||||
name: heat_NAT_router
|
||||
|
||||
router_gw:
|
||||
type: OS::Neutron::RouterGateway
|
||||
properties:
|
||||
network_id: { get_param: public_net}
|
||||
router_id: { get_resource: router }
|
||||
|
||||
router_interface1:
|
||||
type: OS::Neutron::RouterInterface
|
||||
properties:
|
||||
router_id: { get_resource: router }
|
||||
subnet_id: { get_resource: heat_NAT_web_subnet }
|
||||
|
||||
router_interface2:
|
||||
type: OS::Neutron::RouterInterface
|
||||
properties:
|
||||
router_id: { get_resource: router }
|
||||
subnet_id: { get_resource: heat_NAT_db_subnet }
|
||||
|
||||
|
||||
heat_NAT_web_secgroup:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
name: heat_NAT_web_secgroup
|
||||
rules:
|
||||
- protocol: tcp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
port_range_min: 443
|
||||
port_range_max: 443
|
||||
- protocol: tcp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
port_range_min: 22
|
||||
port_range_max: 22
|
||||
- protocol: icmp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
|
||||
heat_NAT_db_secgroup:
|
||||
type: OS::Neutron::SecurityGroup
|
||||
properties:
|
||||
name: heat_NAT_db_secgroup
|
||||
rules:
|
||||
- protocol: tcp
|
||||
remote_mode: remote_group_id
|
||||
remote_group_id: { get_resource: heat_NAT_web_secgroup }
|
||||
port_range_min: 3307
|
||||
port_range_max: 3307
|
||||
- protocol: icmp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
|
||||
server1_port:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_web_net }
|
||||
security_groups:
|
||||
- { get_resource: heat_NAT_web_secgroup }
|
||||
|
||||
server1_instance:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: cirros
|
||||
flavor: m1.tiny
|
||||
key_name: { get_resource: my_key }
|
||||
networks:
|
||||
- port: { get_resource: server1_port }
|
||||
|
||||
server1_floating_ip:
|
||||
type: OS::Neutron::FloatingIP
|
||||
properties:
|
||||
floating_network_id: { get_param: public_net }
|
||||
port_id: { get_resource: server1_port }
|
||||
|
||||
|
||||
server2_port:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_db_net }
|
||||
security_groups:
|
||||
- { get_resource: heat_NAT_db_secgroup }
|
||||
|
||||
server2_instance:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: cirros
|
||||
flavor: m1.tiny
|
||||
key_name: { get_resource: my_key }
|
||||
networks:
|
||||
- port: { get_resource: server2_port }
|
||||
|
||||
server3_port:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_db_net }
|
||||
security_groups:
|
||||
- { get_resource: heat_NAT_db_secgroup }
|
||||
|
||||
|
||||
server3_instance:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: cirros
|
||||
flavor: m1.tiny
|
||||
key_name: { get_resource: my_key }
|
||||
networks:
|
||||
- port: { get_resource: server3_port }
|
||||
|
||||
server4_port:
|
||||
type: OS::Neutron::Port
|
||||
properties:
|
||||
network_id: { get_resource: heat_NAT_web_net }
|
||||
security_groups:
|
||||
- { get_resource: heat_NAT_web_secgroup }
|
||||
|
||||
server4_instance:
|
||||
type: OS::Nova::Server
|
||||
properties:
|
||||
image: cirros
|
||||
flavor: m1.tiny
|
||||
key_name: { get_resource: my_key }
|
||||
networks:
|
||||
- port: { get_resource: server4_port }
|
||||
|
||||
# Topology2
|
||||
|
||||
dmz_router:
|
||||
properties:
|
||||
admin_state_up: true
|
||||
external_gateway_info:
|
||||
network:
|
||||
get_param: dmz_network
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "DmzGateway"]
|
||||
value_specs:
|
||||
router_type: exclusive
|
||||
type: "OS::Neutron::Router"
|
||||
floatingip_jump:
|
||||
properties:
|
||||
floating_network:
|
||||
get_param: dmz_network
|
||||
type: "OS::Neutron::FloatingIP"
|
||||
floatingip_jump_association:
|
||||
depends_on:
|
||||
- floatingip_jump
|
||||
- server_jump1
|
||||
- router_interface_subnet_mgmt_dmz
|
||||
properties:
|
||||
floating_ip:
|
||||
get_resource: floatingip_jump
|
||||
server_id:
|
||||
get_resource: server_jump1
|
||||
type: "OS::Nova::FloatingIPAssociation"
|
||||
network_mgmt:
|
||||
properties:
|
||||
admin_state_up: true
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "mgmt"]
|
||||
shared: false
|
||||
type: "OS::Neutron::Net"
|
||||
network_mgmt2:
|
||||
properties:
|
||||
admin_state_up: true
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "mgmt2"]
|
||||
shared: false
|
||||
type: "OS::Neutron::Net"
|
||||
port_dmz_jump:
|
||||
depends_on:
|
||||
- security_group
|
||||
- subnet_mgmt
|
||||
properties:
|
||||
fixed_ips:
|
||||
- ip_address: "50.0.0.10"
|
||||
security_groups:
|
||||
- get_resource: security_group
|
||||
network_id:
|
||||
get_resource: network_mgmt
|
||||
type: "OS::Neutron::Port"
|
||||
port_dmz_jump2:
|
||||
depends_on:
|
||||
- security_group
|
||||
- subnet_mgmt
|
||||
properties:
|
||||
fixed_ips:
|
||||
- ip_address: "60.0.0.10"
|
||||
security_groups:
|
||||
- get_resource: security_group
|
||||
network_id:
|
||||
get_resource: network_mgmt2
|
||||
type: "OS::Neutron::Port"
|
||||
port_mgmt_dmz_router:
|
||||
depends_on:
|
||||
- security_group
|
||||
- subnet_mgmt
|
||||
properties:
|
||||
fixed_ips:
|
||||
- ip_address: "50.0.0.254"
|
||||
network_id:
|
||||
get_resource: network_mgmt
|
||||
security_groups:
|
||||
- get_resource: security_group
|
||||
type: "OS::Neutron::Port"
|
||||
router_interface_subnet_mgmt_dmz:
|
||||
depends_on:
|
||||
- dmz_router
|
||||
- port_mgmt_dmz_router
|
||||
properties:
|
||||
port_id:
|
||||
get_resource: port_mgmt_dmz_router
|
||||
router_id:
|
||||
get_resource: dmz_router
|
||||
type: "OS::Neutron::RouterInterface"
|
||||
port_mgmt_dmz_router2:
|
||||
depends_on:
|
||||
- security_group
|
||||
- subnet_mgmt2
|
||||
properties:
|
||||
fixed_ips:
|
||||
- ip_address: "60.0.0.254"
|
||||
network_id:
|
||||
get_resource: network_mgmt2
|
||||
security_groups:
|
||||
- get_resource: security_group
|
||||
type: "OS::Neutron::Port"
|
||||
router_interface_subnet_mgmt_dmz2:
|
||||
depends_on:
|
||||
- dmz_router
|
||||
- port_mgmt_dmz_router2
|
||||
properties:
|
||||
port_id:
|
||||
get_resource: port_mgmt_dmz_router2
|
||||
router_id:
|
||||
get_resource: dmz_router
|
||||
type: "OS::Neutron::RouterInterface"
|
||||
security_group:
|
||||
properties:
|
||||
description: "Allows all"
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "Permissive"]
|
||||
rules:
|
||||
-
|
||||
direction: ingress
|
||||
ethertype: IPv4
|
||||
port_range_max: 65535
|
||||
port_range_min: 1
|
||||
protocol: tcp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
-
|
||||
direction: ingress
|
||||
ethertype: IPv4
|
||||
port_range_max: 65535
|
||||
port_range_min: 1
|
||||
protocol: udp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
-
|
||||
direction: ingress
|
||||
ethertype: IPv4
|
||||
protocol: icmp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
-
|
||||
direction: egress
|
||||
ethertype: IPv4
|
||||
port_range_max: 65535
|
||||
port_range_min: 1
|
||||
protocol: tcp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
-
|
||||
direction: egress
|
||||
ethertype: IPv4
|
||||
port_range_max: 65535
|
||||
port_range_min: 1
|
||||
protocol: udp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
-
|
||||
direction: egress
|
||||
ethertype: IPv4
|
||||
protocol: icmp
|
||||
remote_ip_prefix: 0.0.0.0/0
|
||||
type: "OS::Neutron::SecurityGroup"
|
||||
server_jump1:
|
||||
depends_on:
|
||||
- port_dmz_jump
|
||||
properties:
|
||||
diskConfig: MANUAL
|
||||
flavor: m1.tiny
|
||||
image:
|
||||
get_param: ubuntu_image
|
||||
key_name: { get_resource: my_key }
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "JumpServer1"]
|
||||
networks:
|
||||
- port:
|
||||
get_resource: port_dmz_jump
|
||||
networks:
|
||||
- port:
|
||||
get_resource: port_dmz_jump
|
||||
type: "OS::Nova::Server"
|
||||
subnet_mgmt:
|
||||
depends_on:
|
||||
- network_mgmt
|
||||
properties:
|
||||
allocation_pools:
|
||||
-
|
||||
end: "50.0.0.250"
|
||||
start: "50.0.0.2"
|
||||
cidr: 50.0.0.0/24
|
||||
dns_nameservers:
|
||||
- "172.17.100.11"
|
||||
enable_dhcp: true
|
||||
ip_version: 4
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "DMZSubnet"]
|
||||
network_id:
|
||||
get_resource: network_mgmt
|
||||
type: "OS::Neutron::Subnet"
|
||||
subnet_mgmt2:
|
||||
depends_on:
|
||||
- network_mgmt2
|
||||
properties:
|
||||
allocation_pools:
|
||||
-
|
||||
end: "60.0.0.250"
|
||||
start: "60.0.0.2"
|
||||
cidr: 60.0.0.0/24
|
||||
dns_nameservers:
|
||||
- "172.17.100.11"
|
||||
enable_dhcp: true
|
||||
ip_version: 4
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "DMZSubnet2"]
|
||||
network_id:
|
||||
get_resource: network_mgmt2
|
||||
type: "OS::Neutron::Subnet"
|
||||
server_jump2:
|
||||
properties:
|
||||
diskConfig: MANUAL
|
||||
flavor: m1.tiny
|
||||
image:
|
||||
get_param: ubuntu_image
|
||||
key_name: { get_resource: my_key }
|
||||
name:
|
||||
Fn::Join:
|
||||
- '_'
|
||||
- [get_param: "OS::stack_name", "JumpServer2"]
|
||||
networks:
|
||||
- port:
|
||||
get_resource: port_dmz_jump2
|
||||
depends_on: [ port_dmz_jump2 ]
|
||||
type: OS::Nova::Server
|
||||
|
||||
outputs:
|
||||
topo1_server1_floatingip:
|
||||
description: Floating IP address of Topology1_Server1_floatingip
|
||||
value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
|
||||
topo1_server1_private_ip:
|
||||
description: Private IP address of the deployed compute instance
|
||||
value: { get_attr: [server1_instance, networks, heat_NAT_web, 0] }
|
||||
topo1_server2_private_ip:
|
||||
description: Private IP address of the deployed compute instance
|
||||
value: { get_attr: [server2_instance, networks, heat_NAT_db, 0] }
|
||||
topo1_server3_private_ip:
|
||||
description: Private IP address of the deployed compute instance
|
||||
value: { get_attr: [server3_instance, networks, heat_NAT_db, 0] }
|
||||
topo1_server4_private_ip:
|
||||
description: Private IP address of the deployed compute instance
|
||||
value: { get_attr: [server4_instance, networks, heat_NAT_web, 0] }
|
||||
private_key:
|
||||
description: Private key
|
||||
value: { get_attr: [ my_key, private_key ] }
|
Loading…
Reference in New Issue
Block a user