1 tosca_definitions_version: tosca_simple_yaml_1_0_0
5 - openecomp_heat_index:
6 file: openecomp-heat/_index.yml
8 org.openecomp.resource.vfc.nodes.heat.vipr_atm:
9 derived_from: org.openecomp.resource.vfc.nodes.heat.nova.Server
16 description: Unique ID for the VF Module instance
25 description: Neutron UUID of the second high availability network for the vIPR-ATM firewal
26 default: b75e27cf-452f-48ef-b107-8777e645c22d
29 vipr_atm_oam_net_security_groups:
33 description: List of the security group to apply to the vIPR-ATM firewall management port
35 - c2369210-d154-4e4a-984d-047674beb5da
42 description: The Valet 1.0 Exclusivity Group for the vIPR-ATM firewall virtual machine
43 default: CORE_INFRASTRUCTURE_VNFs
51 description: Name of the vIPR-ATM firewall virtual machine
52 default: zrcs1cctvpr001
60 description: Image name of the vIPR-ATM firewall virtual machine
61 default: vipr-atm-pan7.1
68 description: Unique Name for this VF instance
73 vipr_atm_service_left_fqdn:
77 description: FQDN of the Left service network for the vIPR-ATM firewall
78 default: default-domain:vIPR-ATM:vIPR-ATM-service-left
80 - pattern: ^(?:[^:]{1,64}:){2}(?:[^:]{1,255})$
85 description: Fixed IP to apply to the vIPR-ATM firewall ha0 port
88 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
93 description: Neutron UUID of the first high availability network for the vIPR-ATM firewall
94 default: 4abaafc8-b8af-40b9-b0d0-32bd91f958ee
101 description: Unique ID for this VF instance
106 vipr_atm_flavor_name:
110 description: Flavor for the vIPR-ATM firewall virtual machine
111 default: m1.vipr-atm-pan
118 description: Availability Zone for the vIPR-ATM firewall virtual machine
123 vipr_atm_server_group:
127 description: Server Group with anti-affinity policy for the vIPR-ATM firewall virtual machine
128 default: 885dbf7f-fcb2-42d2-a694-a5930ce35b71
132 vipr_atm_service_left_ip_prefix:
136 description: Left vIPR-ATM service network IP address prefix
139 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
140 vipr_atm_ha_one_cidr:
144 description: vIPR-ATM private High Availability Network One IP address CIDR
145 default: 192.168.35.0/29
147 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/(?:3[0-2]|[12]?[0-9])$
148 vipr_atm_service_right_fqdn:
152 description: FQDN of the Right service network for the vIPR-ATM firewall
153 default: default-domain:vIPR-ATM:vIPR-ATM-service-right
155 - pattern: ^(?:[^:]{1,64}:){2}(?:[^:]{1,255})$
156 vipr_atm_service_right_ip_prefix_len:
160 description: Right vIPR-ATM service network IP address prefix length
166 vipr_atm_ha_two_ip_0:
170 description: Fixed IP to apply to the vIPR-ATM firewall ha1 port
171 default: 192.168.35.9
173 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
174 vipr_atm_ha_two_cidr:
178 description: vIPR-ATM private High Availability Network Two IP address CIDR
179 default: 192.168.35.8/29
181 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/(?:3[0-2]|[12]?[0-9])$
186 description: Neutron UUID for the managemnet network name of the vIPR-ATM firewall
187 default: 1ac9d738-f545-413a-a9a2-b44309edc511
190 vipr_atm_service_right_ip_prefix:
194 description: Right vIPR-ATM service network IP address prefix
197 - pattern: ^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
198 vipr_atm_service_left_ip_prefix_len:
202 description: Left vIPR-ATM service network IP address prefix length
208 vipr_atm_contrail_service_instance_fqdn:
212 description: FQDN of the vIPR-ATM firewall Contrail service instance for the port tuple
213 default: default-domain:vIPR-ATM:vIPR-ATM-service-instance
215 - pattern: ^(?:[^:]{1,64}:){2}(?:[^:]{1,255})$
216 vipr_atm_ha_two_security_groups:
220 description: List of the security group to apply to the vIPR-ATM firewall ha1 port
222 - 29e29a4a-b45d-42c2-ac14-b12a70036ae6
225 vipr_atm_ha_one_security_groups:
229 description: List of the security group to apply to the vIPR-ATM firewall ha0 port
231 - cbf8049e-69e8-48c3-a06f-255634391403
236 type: org.openecomp.resource.vfc.rules.nodes.heat.network.neutron.SecurityRules
240 template: VNF_NAME_VIPR_ATM_OAM_SG
246 remote_ip_prefix: 0.0.0.0/0
250 remote_ip_prefix: 0.0.0.0/0
254 remote_ip_prefix: 0.0.0.0/0
258 remote_ip_prefix: 0.0.0.0/0
260 type: org.openecomp.resource.cp.nodes.heat.contrailV2.VirtualMachineInterface
264 template: VM_NAME_PORT_3
267 get_input: vipr_atm_name_0
268 virtual_network_refs:
269 - get_input: vipr_atm_service_left_fqdn
270 virtual_machine_interface_properties:
271 service_interface_type: left
273 - UNSUPPORTED_RESOURCE_vIPR_ATM_RPT
276 capability: tosca.capabilities.network.Linkable
277 node: vIPR_ATM_Service_Left
278 relationship: tosca.relationships.network.LinksTo
280 capability: tosca.capabilities.network.Bindable
281 node: vIPR_ATM_Firewall
282 relationship: tosca.relationships.network.BindsTo
283 vIPR_ATM_Service_Right:
284 type: org.openecomp.resource.vl.nodes.heat.network.contrailV2.VirtualNetwork
286 network_ipam_refs_data:
287 - network_ipam_refs_data_ipam_subnets:
288 - network_ipam_refs_data_ipam_subnets_subnet:
289 network_ipam_refs_data_ipam_subnets_subnet_ip_prefix_len:
290 get_input: vipr_atm_service_right_ip_prefix_len
291 network_ipam_refs_data_ipam_subnets_subnet_ip_prefix:
292 get_input: vipr_atm_service_right_ip_prefix
295 template: VNF_NAME_VIPR_ATM_SERVICE_RIGHT_NETWORK
300 - default-domain:default-project:default-network-ipam
302 type: org.openecomp.resource.vl.nodes.heat.network.neutron.Net
307 template: VNF_NAME_VIPR_ATM_HA_TWO_NETWORK
312 vIPR_ATM_Ha_Two_Subnet:
316 template: NET_NAME_SUBNET
323 get_input: vipr_atm_ha_two_cidr
326 capability: tosca.capabilities.Node
327 node: vIPR_ATM_Ha_Two
328 relationship: tosca.relationships.DependsOn
330 type: org.openecomp.resource.vfc.rules.nodes.heat.network.neutron.SecurityRules
334 template: VNF_NAME_VIPR_ATM_HA_TWO_SG
339 - remote_mode: remote_group_id
341 type: org.openecomp.resource.vfc.rules.nodes.heat.network.neutron.SecurityRules
345 template: VNF_NAME_VIPR_ATM_HA_ONE_SG
350 - remote_mode: remote_group_id
352 type: org.openecomp.resource.vl.nodes.heat.network.neutron.Net
357 template: VNF_NAME_VIPR_ATM_HA_ONE_NETWORK
362 vIPR_ATM_Ha_One_Subnet:
366 template: NET_NAME_SUBNET
373 get_input: vipr_atm_ha_one_cidr
376 capability: tosca.capabilities.Node
377 node: vIPR_ATM_Ha_One
378 relationship: tosca.relationships.DependsOn
380 type: org.openecomp.resource.cp.nodes.heat.network.neutron.Port
386 floating_ip_count_required:
389 get_input: vipr_atm_oam_net_security_groups
395 template: VM_NAME_PORT_0
398 get_input: vipr_atm_name_0
399 network_role_tag: oam
401 get_input: oam_net_id
404 capability: tosca.capabilities.network.Bindable
405 node: vIPR_ATM_Firewall
406 relationship: tosca.relationships.network.BindsTo
407 vIPR_ATM_Service_Left:
408 type: org.openecomp.resource.vl.nodes.heat.network.contrailV2.VirtualNetwork
410 network_ipam_refs_data:
411 - network_ipam_refs_data_ipam_subnets:
412 - network_ipam_refs_data_ipam_subnets_subnet:
413 network_ipam_refs_data_ipam_subnets_subnet_ip_prefix_len:
414 get_input: vipr_atm_service_left_ip_prefix_len
415 network_ipam_refs_data_ipam_subnets_subnet_ip_prefix:
416 get_input: vipr_atm_service_left_ip_prefix
419 template: VNF_NAME_VIPR_ATM_SERVICE_LEFT_NETWORK
424 - default-domain:default-project:default-network-ipam
426 type: org.openecomp.resource.cp.nodes.heat.contrailV2.VirtualMachineInterface
430 template: VM_NAME_PORT_4
433 get_input: vipr_atm_name_0
434 virtual_network_refs:
435 - get_input: vipr_atm_service_right_fqdn
436 virtual_machine_interface_properties:
437 service_interface_type: right
439 - UNSUPPORTED_RESOURCE_vIPR_ATM_RPT
442 capability: tosca.capabilities.network.Linkable
443 node: vIPR_ATM_Service_Right
444 relationship: tosca.relationships.network.LinksTo
446 capability: tosca.capabilities.network.Bindable
447 node: vIPR_ATM_Firewall
448 relationship: tosca.relationships.network.BindsTo
449 vIPR_ATM_Ha_Two_0_Port:
450 type: org.openecomp.resource.cp.nodes.heat.network.neutron.Port
456 floating_ip_count_required:
459 get_input: vipr_atm_ha_two_security_groups
462 get_input: vipr_atm_ha_two_ip_0
468 template: VM_NAME_PORT_2
471 get_input: vipr_atm_name_0
473 get_input: vipr_atm_ha_two_id
476 capability: tosca.capabilities.network.Linkable
477 node: vIPR_ATM_Ha_Two
478 relationship: tosca.relationships.network.LinksTo
480 capability: tosca.capabilities.network.Bindable
481 node: vIPR_ATM_Firewall
482 relationship: tosca.relationships.network.BindsTo
484 type: org.openecomp.resource.vfc.nodes.heat.vipr_atm
487 get_input: vipr_atm_flavor_name
489 get_input: availability_zone_0
491 get_input: vipr_atm_image_name
494 get_input: vf_module_id
499 contrail_service_instance_ind: true
501 get_input: vipr_atm_name_0
504 get_input: vipr_atm_server_group
505 vIPR_ATM_Ha_One_0_Port:
506 type: org.openecomp.resource.cp.nodes.heat.network.neutron.Port
512 floating_ip_count_required:
515 get_input: vipr_atm_ha_one_security_groups
518 get_input: vipr_atm_ha_one_ip_0
524 template: VM_NAME_PORT_1
527 get_input: vipr_atm_name_0
529 get_input: vipr_atm_ha_one_id
532 capability: tosca.capabilities.network.Linkable
533 node: vIPR_ATM_Ha_One
534 relationship: tosca.relationships.network.LinksTo
536 capability: tosca.capabilities.network.Bindable
537 node: vIPR_ATM_Firewall
538 relationship: tosca.relationships.network.BindsTo
540 vIPR_ATM_Server_Group_group:
541 type: tosca.groups.Root
545 type: org.openecomp.groups.heat.HeatStack
547 heat_file: ../Artifacts/vIPR-ATM-Base.yaml
548 description: "HOT template to create the vIPR-ATM firwall service template\
549 \ and instance. This template creates the following - Two service virtual\
550 \ networks for each side (left and right) of the vIPR-ATM firewalls - Two\
551 \ virtual networks for high availability between the vIPR-ATM firewalls\
552 \ - A Contrail Service Template for the vIPR-ATM service - A Contrail Service\
553 \ Instance for the vIPR-ATM service\nThe firewall virtual machines connected\
554 \ to these created networks and managed by the vIPR-ATM service instance\
555 \ will be created by the vIPR-ATM-Instance.yaml HOT template.\nNetwork Policy\
556 \ that includes the vIPR-ATM service instance will be created by client\
557 \ specific HOT templates or Contrail APIs. \n"
561 - vIPR_ATM_Service_Left
562 - vIPR_ATM_Service_Right
566 vIPR_ATM_Valet_EG_0_group:
567 type: tosca.groups.Root
570 vIPR-ATM-Instance_group:
571 type: org.openecomp.groups.heat.HeatStack
573 heat_file: ../Artifacts/vIPR-ATM-Instance.yaml
575 HOT template to create a vIPR-ATM firwall service instance. This template creates the following - Contrail Port Tuple for this firwall service instance - Virtual machine interfaces and IP addresses attached to the two service virtual networks. These virtual machine interfaces will be used by the vIPR firewall service instance - Neutron ports for OAM, HA0, and HA1 networks - OS::Nova::Server with the created virtual machine interface and ports. This is the firewall service instance virtual machine.
578 - vIPR_ATM_OAM_0_Port
579 - vIPR_ATM_Right_RVMI
580 - vIPR_ATM_Ha_Two_0_Port
582 - vIPR_ATM_Ha_One_0_Port
584 vipr_atm_contrail_service_instance_fqdn:
585 description: The FQDN for the Contrail Service Instance that is needed to create tenant OAM network policy to service change through the vIPR-ATM firewall.
590 - vIPR_ATM_Service_Instance
593 vIPR_ATM_Valet_EG_0_policy:
594 type: org.openecomp.policies.placement.valet.Exclusivity
598 - vIPR_ATM_Valet_EG_0_group
599 vIPR_ATM_Server_Group_policy:
600 type: org.openecomp.policies.placement.Antilocate
604 template: VNF_NAME_VIPR_ATM_SERVER_GROUP
610 - vIPR_ATM_Server_Group_group
Code Review / sdc.git / blob