From b1c4667139db9a7ca671dd3516562627ef0bd428 Mon Sep 17 00:00:00 2001 From: earthmant Date: Tue, 16 Jan 2018 21:45:15 +0200 Subject: [PATCH 1/2] e2e --- aws-blueprint.yaml | 32 ++++++++++---------------------- azure-blueprint.yaml | 4 ---- openstack-blueprint.yaml | 4 ---- 3 files changed, 10 insertions(+), 30 deletions(-) diff --git a/aws-blueprint.yaml b/aws-blueprint.yaml index 0b864b1..514c18e 100644 --- a/aws-blueprint.yaml +++ b/aws-blueprint.yaml @@ -32,9 +32,9 @@ inputs: description: The ID of the AWS VPC that will contain the NIC and Subnet. default: { get_secret: vpc_id } - public_subnet_id: + private_subnet_id: description: The ID of the AWS Subnet that will contain the master_nic. - default: { get_secret: public_subnet_id } + default: { get_secret: private_subnet_id } availability_zone: description: The availability zone where the VM should be deployed. This is the same as that of the Public Subnet. @@ -137,17 +137,6 @@ node_templates: placement: { get_input: availability_zone } user_data: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } - ip: - type: cloudify.nodes.aws.ec2.ElasticIP - properties: - resource_config: - kwargs: - Domain: 'vpc' - client_config: *client_config - relationships: - - type: cloudify.relationships.depends_on - target: nic - nic: type: cloudify.nodes.aws.ec2.Interface properties: @@ -155,10 +144,10 @@ node_templates: resource_config: kwargs: Description: Created by mariadb-blueprint aws-blueprint.yaml. - SubnetId: { get_input: public_subnet_id } + SubnetId: { get_input: private_subnet_id } relationships: - type: cloudify.relationships.depends_on - target: public_subnet + target: private_subnet - type: cloudify.relationships.depends_on target: security_group interfaces: @@ -167,7 +156,7 @@ node_templates: inputs: resource_config: Description: Created by mariadb-blueprint aws-blueprint.yaml. - SubnetId: { get_input: public_subnet_id } + SubnetId: { get_input: private_subnet_id } Groups: - { get_attribute: [ security_group, aws_resource_id ] } @@ -215,12 +204,12 @@ node_templates: - type: cloudify.relationships.depends_on target: vpc - public_subnet: + private_subnet: type: cloudify.nodes.aws.ec2.Subnet properties: client_config: *client_config use_external_resource: true - resource_id: { get_input: public_subnet_id } + resource_id: { get_input: private_subnet_id } resource_config: kwargs: CidrBlock: 'N/A' @@ -241,9 +230,9 @@ node_templates: outputs: - ip: - description: Public IP Address - value: { get_attribute: [ ip, aws_resource_id ] } + cluster_addresses: + description: Cluster Addresses + value: { get_attribute: [ cluster, cluster_addresses ] } groups: @@ -252,7 +241,6 @@ groups: - mysql - host - nic - - ip policies: diff --git a/azure-blueprint.yaml b/azure-blueprint.yaml index 83c97f7..5c222de 100644 --- a/azure-blueprint.yaml +++ b/azure-blueprint.yaml @@ -345,10 +345,6 @@ outputs: description: Cluster Addresses value: { get_attribute: [ cluster, cluster_addresses ] } - master: - description: master node ip - value: { get_attribute: [ cluster, master ] } - groups: app_group: diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml index cd275f0..f565668 100644 --- a/openstack-blueprint.yaml +++ b/openstack-blueprint.yaml @@ -217,10 +217,6 @@ outputs: description: Cluster Addresses value: { get_attribute: [ cluster, cluster_addresses ] } - master: - description: master node ip - value: { get_attribute: [ cluster, master ] } - groups: app_group: From 7ad0ac406d0b3173c9cfc41ac21de6c83c6bc9c8 Mon Sep 17 00:00:00 2001 From: earthmant Date: Wed, 17 Jan 2018 10:32:05 +0200 Subject: [PATCH 2/2] Solutions Package Changes --- README.md | 138 ++++------------- aws-blueprint.yaml => aws.yaml | 235 ++++++++++++++-------------- azure-blueprint.yaml => azure.yaml | 215 +++++++++++--------------- circle.yml | 8 +- gcp-blueprint.yaml | 236 ----------------------------- gcp.yaml | 188 +++++++++++++++++++++++ imports/database.yaml | 61 ++++++++ openstack-blueprint.yaml | 235 ---------------------------- openstack.yaml | 189 +++++++++++++++++++++++ scripts/configure.py | 52 ++++--- scripts/gcp/instance_ssh_key.py | 1 - 11 files changed, 716 insertions(+), 842 deletions(-) rename aws-blueprint.yaml => aws.yaml (50%) rename azure-blueprint.yaml => azure.yaml (73%) delete mode 100644 gcp-blueprint.yaml create mode 100644 gcp.yaml create mode 100644 imports/database.yaml delete mode 100644 openstack-blueprint.yaml create mode 100644 openstack.yaml diff --git a/README.md b/README.md index 460df5d..17155f8 100644 --- a/README.md +++ b/README.md @@ -1,134 +1,56 @@ -[![CircleCI](https://circleci.com/gh/cloudify-examples/mariadb-blueprint.svg?style=svg)](https://circleci.com/gh/cloudify-examples/mariadb) +[![CircleCI](https://circleci.com/gh/cloudify-examples/mariadb-blueprint.svg?style=svg)](https://circleci.com/gh/cloudify-examples/mariadb-blueprint) # MariaDB Blueprint -This blueprint deploys a [MariaDB database cluster with Galera](https://mariadb.com/kb/en/library/what-is-mariadb-galera-cluster/) using Cloudify. +This blueprint deploys a MariaDB/Galera Cluster. This blueprint is part of the *End-to-end Solutions Package*, which demonstrates functionality in Cloudify using a Database, Load Balancer, and several front-end applications. After completing this deployment, continue with the solution package by installing the [HAProxy Blueprint](https://github.com/cloudify-examples/haproxy-blueprint). -## prerequisites +## Compatibility -You will need a *Cloudify Manager* running in either AWS, Azure, Openstack, or GCP. +Tested with: + * Cloudify 4.2 -If you have not already, set up the [example Cloudify environment](https://github.com/cloudify-examples/cloudify-environment-setup). Installing that blueprint and following all of the configuration instructions will ensure you have all of the prerequisites, including keys, plugins, and secrets. +## Pre-installation steps -### Step 1: Install the MariaDB database cluster with Galera +Upload the required plugins: -In this step, you will run a *Cloudify CLI* command, which uploads the mariadb blueprint to the manager, creates a deployment, and starts an install workflow. + * [Openstack Plugin](https://github.com/cloudify-cosmo/cloudify-openstack-plugin/releases). + * [AWSSDK Plugin](https://github.com/cloudify-incubator/cloudify-awssdk-plugin/releases). + * [AWS Plugin](https://github.com/cloudify-cosmo/cloudify-aws-plugin/releases). + * [GCP Plugin](https://github.com/cloudify-incubator/cloudify-gcp-plugin/releases). + * [Azure Plugin](https://github.com/cloudify-incubator/cloudify-azure-plugin/releases). + * [Utilities Plugin](https://github.com/cloudify-incubator/cloudify-utilities-plugin/releases). -When it is finished, you will be able to play with the wine store application. +_Check the relevant blueprint for the latest version of the plugin._ +**Install the relevant example network blueprint for the IaaS that you wish to deploy on:** -#### For AWS run: + * [Openstack Example Network](https://github.com/cloudify-examples/openstack-example-network) + * [AWS Example Network](https://github.com/cloudify-examples/aws-example-network) + * [GCP Example Network](https://github.com/cloudify-examples/gcp-example-network) + * [Azure Example Network](https://github.com/cloudify-examples/azure-example-network) -```shell -$ cfy install \ - https://github.com/cloudify-examples/mariadb-blueprint/archive/master.zip \ - -b mariadb \ - -n aws-blueprint.yaml -``` +In addition to the pre-requisites for your example network blueprint, you will need the following secrets: + * `agent_key_private` and `agent_key_public`. If you do not already have these secrets, can generate them with the `keys.yaml` blueprint in the [helpful blueprint](https://github.com/cloudify-examples/helpful-blueprint) repo. -#### For Azure run: -```shell -$ cfy install \ - https://github.com/cloudify-examples/mariadb-blueprint/archive/master.zip \ - -b mariadb \ - -n azure-blueprint.yaml -``` +## Installation +On your Cloudify Manager, navigate to _Local Blueprints_ select _Upload_. -#### For Openstack run: +[Right-click and copy URL](https://github.com/cloudify-examples/mariadb-blueprint/archive/master.zip). Paste the URL where it says _Enter blueprint url_. Provide a blueprint name, such as _db_ in the field labeled _blueprint name_. -```shell -$ cfy install \ - https://github.com/cloudify-examples/mariadb-blueprint/archive/master.zip \ - -b mariadb \ - -n openstack-blueprint.yaml -``` +Select the blueprint for the relevant IaaS you wish to deploy on, for example _aws.yaml_ from _Blueprint filename_ menu. Click **Upload**. -#### For GCP run: +After the new blueprint has been created, click the **Deploy** button. -```shell -$ cfy install \ - https://github.com/cloudify-examples/mariadb-blueprint/archive/master.zip \ - -b mariadb \ - -n gcp-blueprint.yaml -``` +Navigate to _Deployments_, find your new deployment, select _Install_ from the _workflow_s menu. At this stage, you may provide your own values for any of the default _deployment inputs_. +For example, the _openstack.yaml_ blueprint requires that you provide a value for `image`. This is the ID of a _Centos 7_ image. You may also need to override the default `flavor` as the default value `2` may not be available in your account or appropriate. -You should see something like this when you execute the command: +## Uninstallation -```shell - :: cfy install mariadb-blueprint/openstack-blueprint.yaml -b mariadb -Uploading blueprint mariadb-blueprint/openstack-blueprint.yaml... - openstack-bluepri... |################################################| 100.0% -Blueprint uploaded. The blueprint's id is mariadb -Creating new deployment from blueprint mariadb... -Deployment created. The deployment's id is mariadb -Executing workflow install on deployment mariadb [timeout=900 seconds] -``` - - -### Step 2: Verify the demo installed and started. - -Once the workflow execution is complete, we can view the application endpoint by running:
- -```shell -cfy deployments outputs mariadb -Retrieving outputs for deployment mariadb... - - "cluster_addresses": - Description: Cluster Addresses - Value: [u'192.168.121.11'] - - "master": - Description: master node ip - Value: 192.168.121.11 -``` - - -### Step 3: Verify the cluster has started: - -SSH into the VM and execute `mysql -u root -p -e "SHOW STATUS LIKE 'wsrep_cluster_size'"`: - -``` -[centos@cloudify ~]$ ssh -i ~/.ssh/agent.key centos@192.168.121.11 -The authenticity of host '192.168.121.11 (192.168.121.11)' can't be established. -ECDSA key fingerprint is f1:35:95:b9:57:51:5a:b8:ac:13:79:6e:1a:80:c2:ed. -Are you sure you want to continue connecting (yes/no)? yes -Warning: Permanently added '192.168.121.11' (ECDSA) to the list of known hosts. -Last login: Tue Sep 26 10:14:39 2017 -[centos@server-galera-host-7ituuu ~]$ mysql -u root -p -e "SHOW STATUS LIKE 'wsrep_cluster_size'" -Enter password: -+--------------------+-------+ -| Variable_name | Value | -+--------------------+-------+ -| wsrep_cluster_size | 1 | -+--------------------+-------+ -``` - -__The default password is `new_password`.__ - -__Hint: Modify the MySQL command to see more info about the cluster, example: `SHOW STATUS LIKE 'wsrep%'`.__ - - -### Step 4: Scale the cluster: - -``` -cfy executions start scale -d mariadb -p scalable_entity_name=app_group -``` - -When the scale workflow has succeeded, you can follow Step 3 again to see the cluster size has increased. - -``` -[centos@cloudify ~]$ ssh -i ~/.ssh/agent.key centos@192.168.121.11 -Last login: Tue Sep 26 10:24:02 2017 from 192.168.120.5 -[centos@server-galera-host-7ituuu ~]$ mysql -u root -p -e "SHOW STATUS LIKE 'wsrep_cluster_size'" -Enter password: -+--------------------+-------+ -| Variable_name | Value | -+--------------------+-------+ -| wsrep_cluster_size | 2 | -+--------------------+-------+ -``` +Navigate to the deployment and select `Uninstall`. When the uninstall workflow is finished, select `Delete deployment`. diff --git a/aws-blueprint.yaml b/aws.yaml similarity index 50% rename from aws-blueprint.yaml rename to aws.yaml index 514c18e..e1fdbb1 100644 --- a/aws-blueprint.yaml +++ b/aws.yaml @@ -1,122 +1,73 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - This blueprint creates a Kubernetes Cluster. + This blueprint creates a MariaDB Cluster. imports: - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.5/plugin.yaml + - http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.3/plugin.yaml - https://github.com/cloudify-cosmo/cloudify-aws-plugin/releases/download/1.5.1.2/plugin.yaml - imports/cloud-config.yaml + - imports/database.yaml inputs: ami: description: > An AWS AMI. Tested with a Centos 7.0 image. - default: { get_secret: centos_core_image } + default: { get_attribute: [ centos_core_ami, aws_resource_id ] } instance_type: description: > The AWS instance_type. Tested with m3.medium, although that is unnecessarily large. - default: t2.medium + default: t2.micro agent_user: description: > The username of the agent running on the instance created from the image. - default: ec2-user - - vpc_id: - description: The ID of the AWS VPC that will contain the NIC and Subnet. - default: { get_secret: vpc_id } - - private_subnet_id: - description: The ID of the AWS Subnet that will contain the master_nic. - default: { get_secret: private_subnet_id } - - availability_zone: - description: The availability zone where the VM should be deployed. This is the same as that of the Public Subnet. - default: { get_secret: availability_zone } + default: centos agent_key_private: - description: The material of the private key. + description: > + The content of the agent's private key. default: { get_secret: agent_key_private } agent_key_public: - description: The material of a public SSH key. + description: > + The content of the agent's public key. default: { get_secret: agent_key_public } - new_password: - default: new_password + manager_network: + default: external - users: - default: - demo: - privileges: [ALL PRIVILEGES] + network_deployment_name: + default: aws-example-network dsl_definitions: - aws_config: &aws_config - aws_access_key_id: { get_secret: aws_access_key_id } - aws_secret_access_key: { get_secret: aws_secret_access_key } - ec2_region_name: { get_secret: ec2_region_name } - ec2_region_endpoint: { get_secret: ec2_region_endpoint } + aws_config: &aws_config + aws_access_key_id: { get_secret: aws_access_key_id } + aws_secret_access_key: { get_secret: aws_secret_access_key } + ec2_region_name: { get_attribute: [ aws, deployment, outputs, ec2_region_name ] } + ec2_region_endpoint: { get_attribute: [ aws, deployment, outputs, ec2_region_endpoint ] } - client_config: &client_config - aws_access_key_id: { get_secret: aws_access_key_id } - aws_secret_access_key: { get_secret: aws_secret_access_key } - region_name: { get_secret: ec2_region_name } + client_config: &client_config + aws_access_key_id: { get_secret: aws_access_key_id } + aws_secret_access_key: { get_secret: aws_secret_access_key } + region_name: { get_attribute: [ aws, deployment, outputs, ec2_region_name ] } node_templates: - mysql: - type: cloudify.nodes.DBMS - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/create.py - configure: - implementation: scripts/configure.py - inputs: - new_password: { get_input: new_password } - users: { get_input: users } - start: - implementation: scripts/start.py - inputs: - cluster_addresses: { get_attribute: [ cluster, cluster_addresses ] } - master: { get_attribute: [ cluster, master ] } - relationships: - - type: cloudify.relationships.contained_in - target: host - - type: cloudify.relationships.depends_on - target: cluster - source_interfaces: - cloudify.interfaces.relationship_lifecycle: - postconfigure: - implementation: scripts/cluster.py - properties: - connection_type: all_to_one - - cluster: + mysql_requirements: type: cloudify.nodes.Root - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/cluster.py - executor: central_deployment_agent - relationships: - - type: cloudify.relationships.depends_on - target: host - properties: - connection_type: all_to_all host: type: cloudify.aws.nodes.Instance properties: agent_config: - install_method: remote + network: { get_input: manager_network } + install_method: init_script user: { get_input: agent_user } port: 22 key: { get_input: agent_key_private } @@ -128,38 +79,18 @@ node_templates: target: nic - type: cloudify.relationships.depends_on target: cloudify_host_cloud_config + - type: cloudify.relationships.depends_on + target: centos_core_ami interfaces: cloudify.interfaces.lifecycle: create: implementation: aws.cloudify_aws.ec2.instance.create inputs: args: - placement: { get_input: availability_zone } + image_id: { get_input: ami } + placement: { get_attribute: [ aws, deployment, outputs, availability_zone ] } user_data: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } - nic: - type: cloudify.nodes.aws.ec2.Interface - properties: - client_config: *client_config - resource_config: - kwargs: - Description: Created by mariadb-blueprint aws-blueprint.yaml. - SubnetId: { get_input: private_subnet_id } - relationships: - - type: cloudify.relationships.depends_on - target: private_subnet - - type: cloudify.relationships.depends_on - target: security_group - interfaces: - cloudify.interfaces.lifecycle: - configure: - inputs: - resource_config: - Description: Created by mariadb-blueprint aws-blueprint.yaml. - SubnetId: { get_input: private_subnet_id } - Groups: - - { get_attribute: [ security_group, aws_resource_id ] } - security_group_rules: type: cloudify.nodes.aws.ec2.SecurityGroupRuleIngress properties: @@ -167,11 +98,6 @@ node_templates: resource_config: kwargs: IpPermissions: - - IpProtocol: tcp - FromPort: 22 - ToPort: 22 - IpRanges: - - CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: 3306 ToPort: 3306 @@ -191,6 +117,46 @@ node_templates: - type: cloudify.relationships.contained_in target: security_group + centos_core_ami: + type: cloudify.nodes.aws.ec2.Image + properties: + resource_config: + kwargs: + Filters: + - Name: name + Values: + - 'CentOS 7.3.1611 x86_64 with cloud-init (HVM)' + - Name: owner-id + Values: + - '057448758665' + client_config: *client_config + relationships: + - type: cloudify.relationships.contained_in + target: aws + + nic: + type: cloudify.nodes.aws.ec2.Interface + properties: + client_config: *client_config + resource_config: + kwargs: + Description: Created by mariadb-blueprint aws.yaml. + SubnetId: { get_attribute: [ private_subnet, aws_resource_id] } + Groups: + - { get_attribute: [ security_group, aws_resource_id ] } + relationships: + - type: cloudify.relationships.depends_on + target: private_subnet + - type: cloudify.relationships.depends_on + target: security_group + - type: cloudify.relationships.contained_in + target: aws + interfaces: + cloudify.interfaces.lifecycle: + configure: + inputs: + resource_config: { get_property: [ SELF, resource_config, kwargs] } + security_group: type: cloudify.nodes.aws.ec2.SecurityGroup properties: @@ -198,35 +164,83 @@ node_templates: kwargs: GroupName: MariaDBExampleSecurityGroup Description: Created by mariadb-blueprint aws-blueprint.yaml. - VpcId: { get_input: vpc_id } + VpcId: { get_attribute: [ vpc, aws_resource_id] } client_config: *client_config relationships: - type: cloudify.relationships.depends_on target: vpc + - type: cloudify.relationships.contained_in + target: aws + interfaces: + cloudify.interfaces.lifecycle: + configure: + inputs: + resource_config: { get_property: [ SELF, resource_config, kwargs] } private_subnet: type: cloudify.nodes.aws.ec2.Subnet properties: client_config: *client_config use_external_resource: true - resource_id: { get_input: private_subnet_id } + # resource_id: { get_attribute: [ aws, deployment, outputs, private_subnet_id ] } resource_config: kwargs: CidrBlock: 'N/A' AvailabilityZone: 'N/A' + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + aws_resource_id: { get_attribute: [ aws, deployment, outputs, private_subnet_id ] } relationships: - - type: cloudify.relationships.depends_on - target: vpc + - type: cloudify.relationships.depends_on + target: vpc + - type: cloudify.relationships.contained_in + target: aws vpc: type: cloudify.nodes.aws.ec2.Vpc properties: client_config: *client_config use_external_resource: true - resource_id: { get_input: vpc_id } + # resource_id: { get_attribute: [ aws, deployment, outputs, vpc_id ] } resource_config: kwargs: CidrBlock: 'N/A' + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + aws_resource_id: { get_attribute: [ aws, deployment, outputs, vpc_id ] } + relationships: + - type: cloudify.relationships.contained_in + target: aws + + aws: + type: cloudify.nodes.DeploymentProxy + properties: + resource_config: + blueprint: + id: { get_input: network_deployment_name } + blueprint_archive: https://github.com/cloudify-examples/aws-example-network/archive/master.zip + main_file_name: simple-blueprint.yaml + external_resource: external + deployment: + id: { get_input: network_deployment_name } + outputs: + vpc_id: vpc_id + private_subnet_id: private_subnet_id + ec2_region_name: ec2_region_name + ec2_region_endpoint: ec2_region_endpoint + availability_zone: availability_zone + external_resource: external + reexecute: false + relationships: + - type: cloudify.relationships.contained_in + target: scale_tier + + scale_tier: + type: cloudify.nodes.Tier outputs: @@ -241,6 +255,7 @@ groups: - mysql - host - nic + - scale_tier policies: diff --git a/azure-blueprint.yaml b/azure.yaml similarity index 73% rename from azure-blueprint.yaml rename to azure.yaml index 5c222de..af3f9c2 100644 --- a/azure-blueprint.yaml +++ b/azure.yaml @@ -2,44 +2,34 @@ tosca_definitions_version: cloudify_dsl_1_3 imports: - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - - http://www.getcloudify.org/spec/fabric-plugin/1.5/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - http://www.getcloudify.org/spec/azure-plugin/1.4.3/plugin.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.5/plugin.yaml + - http://www.getcloudify.org/spec/azure-plugin/1.5.1/plugin.yaml + - imports/database.yaml inputs: + image: + default: + publisher: OpenLogic + offer: CentOS + sku: '7-CI' + version: latest + + size: + default: Standard_A1 + resource_prefix: default: mariadb resource_suffix: - default: '0' + default: '1' retry_after: type: integer default: 60 - size: - default: Standard_A2 - - image: - default: - publisher: OpenLogic - offer: CentOS - sku: '7.3' - version: latest - location: - default: { get_secret: location } - - mgr_resource_group_name: - default: { get_secret: mgr_resource_group_name } - - mgr_virtual_network_name: - default: { get_secret: mgr_virtual_network_name } - - mgr_subnet_name: - default: { get_secret: mgr_subnet_name } + default: { get_secret: azure_location } agent_user: description: The user name of the agent on the instance created from the image. @@ -57,70 +47,22 @@ inputs: - path: {concat:[ '/home/', { get_input: agent_user }, '/.ssh/authorized_keys' ]} keyData: { get_input: agent_key_public } - new_password: - default: new_password + manager_network: + default: external - users: - default: - demo: - privileges: [ALL PRIVILEGES] - demo: - host: localhost - privileges: [ALL PRIVILEGES] + network_deployment_name: + default: azure-example-network dsl_definitions: azure_config: &azure_config - subscription_id: { get_secret: subscription_id } - tenant_id: { get_secret: tenant_id } - client_id: { get_secret: client_id } - client_secret: { get_secret: client_secret } + subscription_id: { get_secret: azure_subscription_id } + tenant_id: { get_secret: azure_tenant_id } + client_id: { get_secret: azure_client_id } + client_secret: { get_secret: azure_client_secret } node_templates: - mysql: - type: cloudify.nodes.DBMS - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/create.py - configure: - implementation: scripts/configure.py - inputs: - new_password: { get_input: new_password } - new_users: { get_input: users } - start: - implementation: scripts/start.py - inputs: - cluster_addresses: { get_attribute: [ cluster, cluster_addresses ] } - master: { get_attribute: [ cluster, master ] } - relationships: - - type: cloudify.relationships.contained_in - target: host - - type: cloudify.relationships.depends_on - target: cluster - source_interfaces: - cloudify.interfaces.relationship_lifecycle: - postconfigure: - implementation: scripts/cluster.py - properties: - connection_type: all_to_one - - cluster: - type: cloudify.nodes.Root - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/cluster.py - executor: central_deployment_agent - relationships: - - type: cloudify.relationships.depends_on - target: mysql_requirements - - type: cloudify.relationships.depends_on - target: host - properties: - connection_type: all_to_all - mysql_requirements: type: cloudify.azure.nodes.compute.VirtualMachineExtension properties: @@ -167,10 +109,11 @@ node_templates: storageProfile: {} osProfile: {} agent_config: + network: { get_input: manager_network } user: { get_input: agent_user } - install_method: remote + install_method: init_script port: 22 - key: { get_input: agent_key_private } + key: { get_secret: agent_key_private } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group @@ -198,12 +141,39 @@ node_templates: publicKeys: { get_input: ssh_public_keys } disablePasswordAuthentication: true + host_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard + properties: + location: { get_secret: azure_location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: host_nic_ip_cfg + + host_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration + properties: + location: { get_secret: azure_location } + azure_config: *azure_config + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + relationships: + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: subnet + - type: cloudify.relationships.contained_in + target: azure network_security_group: type: cloudify.azure.nodes.network.NetworkSecurityGroup properties: name: {concat:[{get_input: resource_prefix},nsg,{get_input: resource_suffix}]} - location: { get_input: location } + location: { get_secret: azure_location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: @@ -260,50 +230,33 @@ node_templates: type: cloudify.azure.nodes.compute.AvailabilitySet properties: name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - - host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard - properties: - location: { get_input: location } + location: { get_secret: azure_location } azure_config: *azure_config retry_after: { get_input: retry_after } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - - type: cloudify.azure.relationships.nic_connected_to_ip_configuration - target: host_nic_ip_cfg - - host_nic_ip_cfg: - type: cloudify.azure.nodes.network.IPConfiguration + storage_account: + type: cloudify.azure.nodes.storage.StorageAccount properties: - location: { get_input: location } + location: { get_secret: azure_location } azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: - privateIPAllocationMethod: Dynamic + accountType: Standard_LRS relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet subnet: type: cloudify.azure.nodes.network.Subnet properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_subnet_name } + resource_group_name: { get_attribute: [ azure, deployment, outputs, resource_group ] } + name: { get_attribute: [ azure, deployment, outputs, public_subnet ] } azure_config: *azure_config use_external_resource: true - location: { get_input: location } + location: { get_attribute: [ azure, deployment, outputs, location ] } relationships: - type: cloudify.azure.relationships.contained_in_virtual_network target: virtual_network @@ -311,33 +264,44 @@ node_templates: virtual_network: type: cloudify.azure.nodes.network.VirtualNetwork properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_virtual_network_name } + resource_group_name: { get_attribute: [ azure, deployment, outputs, resource_group ] } + name: { get_attribute: [ azure, deployment, outputs, virtual_network ] } azure_config: *azure_config use_external_resource: true - location: { get_input: location } + location: { get_attribute: [ azure, deployment, outputs, location ] } relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - storage_account: - type: cloudify.azure.nodes.storage.StorageAccount + resource_group: + type: cloudify.azure.nodes.ResourceGroup properties: - location: { get_input: location } + name: { get_attribute: [ azure, deployment, outputs, resource_group ] } + use_external_resource: true + location: { get_attribute: [ azure, deployment, outputs, location ] } azure_config: *azure_config - retry_after: { get_input: retry_after } - resource_config: - accountType: Standard_LRS relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group + - type: cloudify.relationships.contained_in + target: azure - resource_group: - type: cloudify.azure.nodes.ResourceGroup + azure: + type: cloudify.nodes.DeploymentProxy properties: - name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config + resource_config: + blueprint: + id: { get_input: network_deployment_name } + blueprint_archive: https://github.com/cloudify-examples/azure-example-network/archive/master.zip + main_file_name: simple-blueprint.yaml + external_resource: external + deployment: + id: { get_input: network_deployment_name } + outputs: + resource_group: resource_group + virtual_network: virtual_network + public_subnet: public_subnet + location: location + external_resource: external + reexecute: false outputs: @@ -354,6 +318,7 @@ groups: - host - host_nic - host_nic_ip_cfg + - resource_group policies: diff --git a/circle.yml b/circle.yml index 816e784..ce8e003 100644 --- a/circle.yml +++ b/circle.yml @@ -18,10 +18,10 @@ dependencies: test: override: - cfy init - - cfy blueprints validate azure-blueprint.yaml - - cfy blueprints validate aws-blueprint.yaml - - cfy blueprints validate openstack-blueprint.yaml - - cfy blueprints validate gcp-blueprint.yaml + - cfy blueprints validate azure.yaml + - cfy blueprints validate aws.yaml + - cfy blueprints validate openstack.yaml + - cfy blueprints validate gcp.yaml deployment: release: diff --git a/gcp-blueprint.yaml b/gcp-blueprint.yaml deleted file mode 100644 index 3d94ca2..0000000 --- a/gcp-blueprint.yaml +++ /dev/null @@ -1,236 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -imports: - - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - - http://www.getcloudify.org/spec/fabric-plugin/1.5/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - http://www.getcloudify.org/spec/gcp-plugin/1.3.0.1/plugin.yaml - -inputs: - - client_x509_cert_url: - type: string - default: { get_secret: client_x509_cert_url } - - client_email: - type: string - default: { get_secret: client_email } - - client_id: - type: string - default: { get_secret: client_id } - - project_id: - type: string - default: { get_secret: project_id } - - private_key_id: - type: string - default: { get_secret: private_key_id } - - private_key: - type: string - default: { get_secret: private_key } - - zone: - type: string - default: { get_secret: zone } - - region: - type: string - default: { get_secret: region } - - image: - description: > - A GCE Image ID. Tested with a Ubuntu 14.04 image. - default: { get_secret: centos_core_image } - - instance_type: - description: > - A GCE instance sytpe. - default: { get_secret: small_instance_type } - - agent_user: - description: The user name of the agent on the instance created from the image. - default: centos - - resource_prefix: - default: cfymaria - - new_password: - default: new_password - - users: - default: - demo: - privileges: [ALL PRIVILEGES] - demo: - host: localhost - privileges: [ALL PRIVILEGES] - -dsl_definitions: - - client_config: &gcp_config - auth: - type: service_account - auth_uri: https://accounts.google.com/o/oauth2/auth - token_uri: https://accounts.google.com/o/oauth2/token - auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs - client_x509_cert_url: { get_input: client_x509_cert_url } - client_email: { get_input: client_email } - client_id: { get_input: client_id } - project_id: { get_input: project_id } - private_key_id: { get_input: private_key_id } - private_key: { get_input: private_key } - project: { get_input: project_id } - zone: { get_input: zone } - -node_templates: - - mysql: - type: cloudify.nodes.DBMS - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/create.py - configure: - implementation: scripts/configure.py - inputs: - new_password: { get_input: new_password } - new_users: { get_input: users } - start: - implementation: scripts/start.py - inputs: - cluster_addresses: { get_attribute: [ cluster, cluster_addresses ] } - master: { get_attribute: [ cluster, master ] } - relationships: - - type: cloudify.relationships.contained_in - target: host - - type: cloudify.relationships.depends_on - target: cluster - source_interfaces: - cloudify.interfaces.relationship_lifecycle: - postconfigure: - implementation: scripts/cluster.py - properties: - connection_type: all_to_one - - cluster: - type: cloudify.nodes.Root - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/cluster.py - executor: central_deployment_agent - relationships: - - type: cloudify.relationships.depends_on - target: host - properties: - connection_type: all_to_all - - host: - type: cloudify.gcp.nodes.Instance - properties: - gcp_config: *gcp_config - agent_config: - install_method: remote - user: { get_input: agent_user } - port: 22 - key: { get_secret: agent_key_private } - image_id: { get_input: image } - instance_type: { get_input: instance_type } - zone: { get_input: zone } - external_ip: true - block_project_ssh_keys: true - startup_script: - type: string - script: - concat: - - | - cat <> /etc/yum.repos.d/mariadb.repo - [mariadb] - name = MariaDB - baseurl = http://yum.mariadb.org/10.1/centos7-amd64 - gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB - gpgcheck=1 - EOT - - | - chown root:root /etc/yum.repos.d/mariadb.repo - chmod 0444 /etc/yum.repos.d/mariadb.repo - yum -t -y install MariaDB-server MariaDB-client MariaDB-compat galera socat jemalloc python-pip python-wheel python-setuptools python-devel mysql-devel MySQL-python firewalld xinetd - setenforce 0 - systemctl enable mariadb - systemctl start mariadb - relationships: - - type: cloudify.relationships.depends_on - target: subnetwork - interfaces: - cloudify.interfaces.lifecycle: - create: &instance_ssh_key_prep - implementation: scripts/gcp/instance_ssh_key.py - executor: central_deployment_agent - inputs: - user: { get_input: agent_user } - ssh_keys: - - { get_secret: agent_key_public } - - mariadb_fw: - type: cloudify.gcp.nodes.FirewallRule - properties: - gcp_config: *gcp_config - allowed: - tcp: - - 22 - - 3306 - - 4444 - - 4567 - - 4568 - sources: - - 0.0.0.0/0 - relationships: - - type: cloudify.relationships.connected_to - target: network - - subnetwork: - type: cloudify.gcp.nodes.SubNetwork - properties: - use_external_resource: true - name: { get_secret: management_subnetwork_name } - region: { get_secret: region } - gcp_config: *gcp_config - relationships: - - type: cloudify.gcp.relationships.contained_in_network - target: network - - network: - type: cloudify.gcp.nodes.Network - properties: - use_external_resource: true - name: { get_secret: management_network_name } - gcp_config: *gcp_config - -outputs: - - cluster_addresses: - description: Cluster Addresses - value: { get_attribute: [ cluster, cluster_addresses ] } - - master: - description: master node ip - value: { get_attribute: [ cluster, master ] } - -groups: - - app_group: - members: - - mysql - - host - -policies: - - app_group_policy: - type: cloudify.policies.scaling - properties: - default_instances: 1 - targets: [app_group] diff --git a/gcp.yaml b/gcp.yaml new file mode 100644 index 0000000..ad65c1d --- /dev/null +++ b/gcp.yaml @@ -0,0 +1,188 @@ +tosca_definitions_version: cloudify_dsl_1_3 + +imports: + - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.5/plugin.yaml + - http://www.getcloudify.org/spec/gcp-plugin/1.4.0/plugin.yaml + - imports/database.yaml + +inputs: + + image: + description: > + A GCE Image ID. Tested with a Centos 7 image. + default: https://www.googleapis.com/compute/v1/projects/centos-cloud/global/images/centos-7-v20170523 + + instance_type: + description: > + A GCE instance sytpe. + default: n1-standard-2 + + agent_user: + description: The user name of the agent on the instance created from the image. + default: centos + + agent_key_public: + default: { get_secret: agent_key_public } + + agent_key_private: + default: { get_secret: agent_key_private } + + resource_prefix: + default: cfy-hw + + manager_network: + default: external + + network_deployment_name: + default: gcp-example-network + + resource_prefix: + default: mdb + +dsl_definitions: + + client_config: &gcp_config + auth: + type: service_account + auth_uri: https://accounts.google.com/o/oauth2/auth + token_uri: https://accounts.google.com/o/oauth2/token + auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs + client_x509_cert_url: { get_secret: gcp_client_x509_cert_url } + client_email: { get_secret: gcp_client_email } + client_id: { get_secret: gcp_client_id } + project_id: { get_secret: gcp_project_id } + private_key_id: { get_secret: gcp_private_key_id } + private_key: { get_secret: gcp_private_key } + project: { get_secret: gcp_project_id } + zone: { get_secret: gcp_zone } + +node_templates: + + mysql_requirements: + type: cloudify.nodes.Root + + host: + type: cloudify.gcp.nodes.Instance + properties: + gcp_config: *gcp_config + agent_config: + network: { get_input: manager_network } + install_method: init_script + user: { get_input: agent_user } + port: 22 + key: { get_input: agent_key_private } + image_id: { get_input: image } + instance_type: { get_input: instance_type } + zone: { get_secret: gcp_zone } + external_ip: true + block_project_ssh_keys: true + startup_script: + type: string + script: + concat: + - | + cat <> /etc/yum.repos.d/mariadb.repo + [mariadb] + name = MariaDB + baseurl = http://yum.mariadb.org/10.1/centos7-amd64 + gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB + gpgcheck=1 + EOT + - | + chown root:root /etc/yum.repos.d/mariadb.repo + chmod 0444 /etc/yum.repos.d/mariadb.repo + yum -t -y install MariaDB-server MariaDB-client MariaDB-compat galera socat jemalloc python-pip python-wheel python-setuptools python-devel mysql-devel MySQL-python firewalld xinetd + setenforce 0 + systemctl enable mariadb + systemctl start mariadb + relationships: + - type: cloudify.gcp.relationships.contained_in_network + target: private_subnet + interfaces: + cloudify.interfaces.lifecycle: + create: &instance_ssh_key_prep + implementation: scripts/gcp/instance_ssh_key.py + executor: central_deployment_agent + inputs: + user: { get_input: agent_user } + ssh_keys: + - { get_secret: agent_key_public } + + mariadb_firewall: + type: cloudify.gcp.nodes.FirewallRule + properties: + gcp_config: *gcp_config + allowed: + tcp: + - 22 + - 3306 + - 4444 + - 4567 + - 4568 + sources: + - 0.0.0.0/0 + relationships: + - type: cloudify.relationships.connected_to + target: network + + private_subnet: + type: cloudify.gcp.nodes.SubNetwork + properties: + use_external_resource: true + name: { get_attribute: [ gcp, deployment, outputs, private_subnet ] } + region: { get_attribute: [ gcp, deployment, outputs, region ] } + gcp_config: *gcp_config + relationships: + - type: cloudify.gcp.relationships.contained_in_network + target: network + + network: + type: cloudify.gcp.nodes.Network + properties: + use_external_resource: true + name: { get_attribute: [ gcp, deployment, outputs, network ] } + gcp_config: *gcp_config + relationships: + - type: cloudify.relationships.contained_in + target: gcp + + gcp: + type: cloudify.nodes.DeploymentProxy + properties: + resource_config: + blueprint: + id: { get_input: network_deployment_name } + blueprint_archive: https://github.com/cloudify-examples/gcp-example-network/archive/master.zip + main_file_name: simple-blueprint.yaml + external_resource: external + deployment: + id: { get_input: network_deployment_name } + outputs: + network: network + private_subnet: private_subnet + region: region + zone: zone + external_resource: external + reexecute: false + +outputs: + + cluster_addresses: + description: Cluster Addresses + value: { get_attribute: [ cluster, cluster_addresses ] } + +groups: + + app_group: + members: + - mysql + - host + +policies: + + app_group_policy: + type: cloudify.policies.scaling + properties: + default_instances: 1 + targets: [app_group] diff --git a/imports/database.yaml b/imports/database.yaml new file mode 100644 index 0000000..e4186c8 --- /dev/null +++ b/imports/database.yaml @@ -0,0 +1,61 @@ +inputs: + + new_database_password: + default: new_password + + new_database_user: + default: demo + + mysql_commands: + default: + - { concat: [ "UPDATE mysql.user SET Password = PASSWORD('", { get_input: new_database_password }, "') WHERE User = 'root'" ] } + - "DROP USER ''@'localhost'" + # # - { concat: [ "DROP USER ''@''" ] } + - "DROP DATABASE test" + - { concat: [ "CREATE USER '", { get_input: new_database_user }, "'@'%' IDENTIFIED BY '", { get_input: new_database_password }, "'" ] } + - { concat: [ "GRANT ALL PRIVILEGES ON *.* TO '", { get_input: new_database_user }, "'@'%' WITH GRANT OPTION" ] } + - "FLUSH PRIVILEGES" + +node_templates: + + mysql: + type: cloudify.nodes.DBMS + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: scripts/create.py + configure: + implementation: scripts/configure.py + inputs: + mysql_commands: { get_input: mysql_commands } + start: + implementation: scripts/start.py + inputs: + cluster_addresses: { get_attribute: [ cluster, cluster_addresses ] } + master: { get_attribute: [ cluster, master ] } + relationships: + - type: cloudify.relationships.contained_in + target: host + - type: cloudify.relationships.depends_on + target: cluster + source_interfaces: + cloudify.interfaces.relationship_lifecycle: + postconfigure: + implementation: scripts/cluster.py + properties: + connection_type: all_to_one + + cluster: + type: cloudify.nodes.Root + interfaces: + cloudify.interfaces.lifecycle: + create: + implementation: scripts/cluster.py + executor: central_deployment_agent + relationships: + - type: cloudify.relationships.depends_on + target: host + properties: + connection_type: all_to_all + - type: cloudify.relationships.depends_on + target: mysql_requirements diff --git a/openstack-blueprint.yaml b/openstack-blueprint.yaml deleted file mode 100644 index f565668..0000000 --- a/openstack-blueprint.yaml +++ /dev/null @@ -1,235 +0,0 @@ -tosca_definitions_version: cloudify_dsl_1_3 - -imports: - - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml - - http://www.getcloudify.org/spec/utilities-plugin/1.4.2.1/plugin.yaml - - http://www.getcloudify.org/spec/diamond-plugin/1.3.5/plugin.yaml - - http://www.getcloudify.org/spec/openstack-plugin/2.5.0/plugin.yaml - - imports/cloud-config.yaml - -inputs: - - keystone_username: - default: { get_secret: keystone_username } - - keystone_password: - default: { get_secret: keystone_password } - - keystone_tenant_name: - default: { get_secret: keystone_tenant_name } - - keystone_url: - default: { get_secret: keystone_url } - - region: - default: { get_secret: region } - - external_network_name: - default: { get_secret: external_network_name } - - router_name: - default: { get_secret: router_name } - - public_network_name: - default: { get_secret: public_network_name } - - private_network_name: - default: { get_secret: public_network_name } - - public_subnet_name: - default: { get_secret: public_subnet_name } - - private_subnet_name: - default: { get_secret: public_subnet_name } - - agent_key_private: - description: > - The content of the agent's private key. - default: { get_secret: agent_key_private } - - agent_key_public: - description: > - The content of the agent's public key. - default: { get_secret: agent_key_public } - - image: - description: > - Image to be used when launching agent VM's - type: string - default: { get_secret: centos_core_image } - - flavor: - description: > - Flavor of the agent VM's - type: string - default: { get_secret: small_image_flavor } - - agent_user: - description: > - User for connecting to agent VM's - type: string - default: centos - - new_password: - default: new_password - - users: - default: - demo: - privileges: [ALL PRIVILEGES] - -dsl_definitions: - - openstack_config: &openstack_config - username: { get_input: keystone_username } - password: { get_input: keystone_password } - tenant_name: { get_input: keystone_tenant_name } - auth_url: { get_input: keystone_url } - region: { get_input: region } - -node_templates: - - mysql: - type: cloudify.nodes.DBMS - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/create.py - configure: - implementation: scripts/configure.py - inputs: - new_password: { get_input: new_password } - new_users: { get_input: users } - start: - implementation: scripts/start.py - inputs: - cluster_addresses: { get_attribute: [ cluster, cluster_addresses ] } - master: { get_attribute: [ cluster, master ] } - relationships: - - type: cloudify.relationships.contained_in - target: host - - type: cloudify.relationships.depends_on - target: cluster - source_interfaces: - cloudify.interfaces.relationship_lifecycle: - postconfigure: - implementation: scripts/cluster.py - properties: - connection_type: all_to_one - - cluster: - type: cloudify.nodes.Root - interfaces: - cloudify.interfaces.lifecycle: - create: - implementation: scripts/cluster.py - executor: central_deployment_agent - relationships: - - type: cloudify.relationships.depends_on - target: host - properties: - connection_type: all_to_all - - host: - type: cloudify.openstack.nodes.Server - properties: - openstack_config: *openstack_config - agent_config: - user: { get_input: agent_user } - install_method: remote - port: 22 - key: { get_input: agent_key_private } - server: - key_name: '' - image: '' - flavor: '' - management_network_name: { get_property: [ network1, resource_id ] } - interfaces: - cloudify.interfaces.lifecycle: - create: - inputs: - args: - image: { get_input: image } - flavor: { get_input: flavor } - userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } - relationships: - - type: cloudify.relationships.contained_in - target: mysql_scale_group - - type: cloudify.openstack.server_connected_to_port - target: port - - type: cloudify.relationships.depends_on - target: cloudify_host_cloud_config - - port: - type: cloudify.openstack.nodes.Port - properties: - openstack_config: *openstack_config - relationships: - - type: cloudify.relationships.contained_in - target: network1 - - type: cloudify.relationships.depends_on - target: subnet1 - - type: cloudify.openstack.port_connected_to_security_group - target: security_group - - security_group: - type: cloudify.openstack.nodes.SecurityGroup - properties: - openstack_config: *openstack_config - rules: - - remote_ip_prefix: 0.0.0.0/0 - port: 22 - - remote_ip_prefix: 0.0.0.0/0 - port: 3306 - - remote_ip_prefix: 0.0.0.0/0 - port: 4444 - - remote_ip_prefix: 0.0.0.0/0 - port: 4567 - - remote_ip_prefix: 0.0.0.0/0 - port: 4568 - - subnet1: - type: cloudify.openstack.nodes.Subnet - properties: - openstack_config: *openstack_config - use_external_resource: true - resource_id: { get_input: private_subnet_name } - relationships: - - target: network1 - type: cloudify.relationships.contained_in - - network1: - type: cloudify.openstack.nodes.Network - properties: - openstack_config: *openstack_config - use_external_resource: true - resource_id: { get_input: private_network_name } - relationships: - - type: cloudify.relationships.contained_in - target: mysql_scale_group - - mysql_scale_group: - type: cloudify.nodes.Tier - -outputs: - - cluster_addresses: - description: Cluster Addresses - value: { get_attribute: [ cluster, cluster_addresses ] } - -groups: - - app_group: - members: - - mysql - - host - - port - - mysql_scale_group - -policies: - - app_group_policy: - type: cloudify.policies.scaling - properties: - default_instances: 1 - targets: [app_group] diff --git a/openstack.yaml b/openstack.yaml new file mode 100644 index 0000000..b7f09d9 --- /dev/null +++ b/openstack.yaml @@ -0,0 +1,189 @@ +tosca_definitions_version: cloudify_dsl_1_3 + +imports: + - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml + - http://www.getcloudify.org/spec/utilities-plugin/1.4.5/plugin.yaml + - http://www.getcloudify.org/spec/openstack-plugin/2.6.0/plugin.yaml + - imports/cloud-config.yaml + - imports/database.yaml + +inputs: + + agent_key_private: + description: > + The content of the agent's private key. + default: { get_secret: agent_key_private } + + agent_key_public: + description: > + The content of the agent's public key. + default: { get_secret: agent_key_public } + + agent_user: + description: > + The username of the agent running on the instance created from the image. + default: centos + + image: + description: > + An Openstack Image ID. Tested with a Ubuntu 14.04 image. + type: string + + flavor: + description: > + An Openstack Flavor ID. + default: '2' + + manager_network: + default: external + + network_deployment_name: + default: openstack-example-network + +dsl_definitions: + + openstack_config: &openstack_config + username: { get_secret: keystone_username } + password: { get_secret: keystone_password } + tenant_name: { get_secret: keystone_tenant_name } + auth_url: { get_secret: keystone_url } + region: { get_secret: keystone_region } + +node_templates: + + mysql_requirements: + type: cloudify.nodes.Root + + host: + type: cloudify.openstack.nodes.Server + properties: + openstack_config: *openstack_config + agent_config: + network: { get_input: manager_network } + install_method: init_script + user: { get_input: agent_user } + port: 22 + key: { get_input: agent_key_private } + server: + key_name: '' + image: '' + flavor: '' + # management_network_name: { get_property: [ public_network, resource_id ] } + interfaces: + cloudify.interfaces.lifecycle: + create: + inputs: + args: + image: { get_input: image } + flavor: { get_input: flavor } + userdata: { get_attribute: [ cloudify_host_cloud_config, cloud_config ] } + relationships: + - type: cloudify.relationships.contained_in + target: mysql_scale_group + - type: cloudify.openstack.server_connected_to_port + target: port + - type: cloudify.relationships.depends_on + target: cloudify_host_cloud_config + + port: + type: cloudify.openstack.nodes.Port + properties: + openstack_config: *openstack_config + relationships: + - type: cloudify.relationships.contained_in + target: public_network + - type: cloudify.relationships.depends_on + target: public_subnet + - type: cloudify.openstack.port_connected_to_security_group + target: security_group + + public_subnet: + type: cloudify.openstack.nodes.Subnet + properties: + openstack_config: *openstack_config + use_external_resource: true + resource_id: { get_attribute: [ openstack, deployment, outputs, private_subnet ] } + relationships: + - type: cloudify.relationships.contained_in + target: public_network + + public_network: + type: cloudify.openstack.nodes.Network + properties: + openstack_config: *openstack_config + use_external_resource: true + resource_id: { get_attribute: [ openstack, deployment, outputs, private_network ] } + relationships: + - type: cloudify.relationships.contained_in + target: mysql_scale_group + + mysql_scale_group: + type: cloudify.nodes.Root + relationships: + - type: cloudify.relationships.depends_on + target: openstack + + security_group: + type: cloudify.openstack.nodes.SecurityGroup + properties: + openstack_config: *openstack_config + security_group: + description: generic security group + rules: + - remote_ip_prefix: 0.0.0.0/0 + port: 22 + - remote_ip_prefix: 0.0.0.0/0 + port: 3306 + - remote_ip_prefix: 0.0.0.0/0 + port: 4444 + - remote_ip_prefix: 0.0.0.0/0 + port: 4567 + - remote_ip_prefix: 0.0.0.0/0 + port: 4568 + relationships: + - type: cloudify.relationships.contained_in + target: openstack + + openstack: + type: cloudify.nodes.DeploymentProxy + properties: + resource_config: + blueprint: + id: { get_input: network_deployment_name } + blueprint_archive: https://github.com/cloudify-examples/openstack-example-network/archive/master.zip + main_file_name: simple-blueprint.yaml + external_resource: external + deployment: + id: { get_input: network_deployment_name } + outputs: + external_network: external_network + public_network_router: public_network_router + public_network: public_network + private_network: private_network + public_subnet: public_subnet + private_subnet: private_subnet + external_resource: external + reexecute: false + +outputs: + + cluster_addresses: + description: Cluster Addresses + value: { get_attribute: [ cluster, cluster_addresses ] } + +groups: + + app_group: + members: + - mysql + - host + - port + - mysql_scale_group + +policies: + + app_group_policy: + type: cloudify.policies.scaling + properties: + default_instances: 1 + targets: [app_group] diff --git a/scripts/configure.py b/scripts/configure.py index 02dd1c8..6e4f15a 100644 --- a/scripts/configure.py +++ b/scripts/configure.py @@ -14,36 +14,42 @@ if __name__ == '__main__': - old_password = inputs.get('old_password', str()) - new_password = inputs.get('new_password', old_password) - users = inputs.get('new_users', {}) + db_password = inputs.get('db_password', str()) + mysql_commands = inputs.get('mysql_commands', []) + # new_password = inputs.get('new_password', old_password) + # users = inputs.get('new_users', {}) - db = mariadb.connect(user='root', passwd=old_password, db='mysql') + db = mariadb.connect(user='root', passwd=db_password, db='mysql') cur = db.cursor() - cur.execute("UPDATE mysql.user SET Password = PASSWORD('{0}') WHERE User = 'root'".format(new_password)) - cur.execute("DROP USER ''@'localhost'") - cur.execute("DROP USER ''@'{0}'".format(os.uname()[1])) - cur.execute("DROP DATABASE test") + # if new_password != old_password: + # cur.execute("UPDATE mysql.user SET Password = PASSWORD('{0}') WHERE User = 'root'".format(new_password)) + # cur.execute("DROP USER ''@'localhost'") + # cur.execute("DROP USER ''@'{0}'".format(os.uname()[1])) + # cur.execute("DROP DATABASE test") - for username, userdescription in users.items(): + for mysql_command in mysql_commands: + ctx.logger.debug('COMMAND: {0}'.format(mysql_command)) + cur.execute(mysql_command) - create_user = "CREATE USER '{0}'@'{1}' IDENTIFIED BY '{2}';".format( - username, - userdescription.get('host', '%'), - userdescription.get('password', new_password)) + # for username, userdescription in users.items(): - create_user_grant = "GRANT {0} ON {1} TO '{2}'@'{3}' WITH GRANT OPTION;".format( - 'ALL PRIVILEGES' if userdescription.get('privileges')[0] == 'ALL PRIVILEGES' else ', '.join(userdescription.get('privileges')), - userdescription.get('database', '*.*'), - username, - userdescription.get('host', '%')) + # create_user = "CREATE USER '{0}'@'{1}' IDENTIFIED BY '{2}';".format( + # username, + # userdescription.get('host', '%'), + # userdescription.get('password', new_password)) - ctx.logger.debug(create_user) - ctx.logger.debug(create_user_grant) + # create_user_grant = "GRANT {0} ON {1} TO '{2}'@'{3}' WITH GRANT OPTION;".format( + # 'ALL PRIVILEGES' if userdescription.get('privileges')[0] == 'ALL PRIVILEGES' else ', '.join(userdescription.get('privileges')), + # userdescription.get('database', '*.*'), + # username, + # userdescription.get('host', '%')) - cur.execute(create_user) - cur.execute(create_user_grant) + # ctx.logger.debug(create_user) + # ctx.logger.debug(create_user_grant) - cur.execute("FLUSH PRIVILEGES") + # cur.execute(create_user) + # cur.execute(create_user_grant) + + # cur.execute("FLUSH PRIVILEGES") db.close() diff --git a/scripts/gcp/instance_ssh_key.py b/scripts/gcp/instance_ssh_key.py index 23074c4..e1f203a 100644 --- a/scripts/gcp/instance_ssh_key.py +++ b/scripts/gcp/instance_ssh_key.py @@ -1,4 +1,3 @@ - import re from cloudify import ctx, manager from cloudify.state import ctx_parameters as inputs