summaryrefslogtreecommitdiffstats
path: root/ci/pingtests/scenario002-multinode.yaml
blob: d7a30fd9f33e453cb72c333833a00cdfceeb90aa (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
heat_template_version: 2013-05-23

description: >
  HOT template to created resources deployed by scenario002.
parameters:
  key_name:
    type: string
    description: Name of keypair to assign to servers
    default: 'pingtest_key'
  image:
    type: string
    description: Name of image to use for servers
    default: 'pingtest_image'
  public_net_name:
    type: string
    default: 'nova'
    description: >
      ID or name of public network for which floating IP addresses will be allocated
  private_net_name:
    type: string
    description: Name of private network to be created
    default: 'default-net'
  private_net_cidr:
    type: string
    description: Private network address (CIDR notation)
    default: '192.168.2.0/24'
  private_net_gateway:
    type: string
    description: Private network gateway address
    default: '192.168.2.1'
  private_net_pool_start:
    type: string
    description: Start of private network IP address allocation pool
    default: '192.168.2.100'
  private_net_pool_end:
    type: string
    default: '192.168.2.200'
    description: End of private network IP address allocation pool

resources:

  key_pair:
    type: OS::Nova::KeyPair
    properties:
      save_private_key: true
      name: {get_param: key_name }

  private_net:
    type: OS::Neutron::Net
    properties:
      name: { get_param: private_net_name }

  private_subnet:
    type: OS::Neutron::Subnet
    properties:
      network_id: { get_resource: private_net }
      cidr: { get_param: private_net_cidr }
      gateway_ip: { get_param: private_net_gateway }
      allocation_pools:
        - start: { get_param: private_net_pool_start }
          end: { get_param: private_net_pool_end }

  router:
    type: OS::Neutron::Router
    properties:
      external_gateway_info:
        network: { get_param: public_net_name }

  router_interface:
    type: OS::Neutron::RouterInterface
    properties:
      router_id: { get_resource: router }
      subnet_id: { get_resource: private_subnet }

  luks_volume_type:
    type: OS::Cinder::VolumeType
    properties:
      name: LUKS

  encrypted_volume_type:
    type: OS::Cinder::EncryptedVolumeType
    properties:
      volume_type: {get_resource: luks_volume_type}
      provider: nova.volume.encryptors.luks.LuksEncryptor
      cipher: aes-xts-plain64
      control_location: front-end
      key_size: 256

  volume1:
    type: OS::Cinder::Volume
    depends_on: encrypted_volume_type
    properties:
      name: Volume1
      image: { get_param: image }
      size: 1
      volume_type: {get_resource: luks_volume_type}

  server1:
    type: OS::Nova::Server
    depends_on: volume1
    properties:
      name: Server1
      block_device_mapping:
        - device_name: vda
          volume_id: { get_resource: volume1 }
      flavor: { get_resource: test_flavor }
      key_name: { get_resource: key_pair }
      networks:
        - port: { get_resource: server1_port }

  server1_port:
    type: OS::Neutron::Port
    properties:
      network_id: { get_resource: private_net }
      fixed_ips:
        - subnet_id: { get_resource: private_subnet }
      security_groups: [{ get_resource: server_security_group }]

  server1_floating_ip:
    type: OS::Neutron::FloatingIP
    # TODO: investigate why we need this depends_on and if we could
    # replace it by router_id with get_resource: router_interface
    depends_on: router_interface
    properties:
      floating_network: { get_param: public_net_name }
      port_id: { get_resource: server1_port }

  server_security_group:
    type: OS::Neutron::SecurityGroup
    properties:
      description: Add security group rules for server
      name: pingtest-security-group
      rules:
        - remote_ip_prefix: 0.0.0.0/0
          protocol: tcp
          port_range_min: 22
          port_range_max: 22
        - remote_ip_prefix: 0.0.0.0/0
          protocol: icmp

  test_flavor:
    type: OS::Nova::Flavor
    properties:
      ram: 512
      vcpus: 1

outputs:
  server1_private_ip:
    description: IP address of server1 in private network
    value: { get_attr: [ server1, first_address ] }
  server1_public_ip:
    description: Floating IP address of server1 in public network
    value: { get_attr: [ server1_floating_ip, floating_ip_address ] }