openecomp-be/lib/openecomp-sdc-translator-lib/openecomp-sdc-translator-core/src/test/resources/mock/services/heattotosca/contrail2serviceinstance/sharedNetworkNested/inputfiles/OCS-fw.yml

   1 heat_template_version: 2013-05-23
   2
   3 description: >
   4   Based on the following reference for the HOT-DMZ-FW template:
   5   Version 3.5 8-10-2015 (Authors: Art Mishurov,am254u & Johhny Chen, jc3066) - HOT-DMZ-FW template that creates two DMZ networks (direct and protected) with a scaled out firewall service between the two.
   6
   7 parameters:
   8   hsl_direct_net1:
   9     type: string
  10   hsl_direct_net2:
  11     type: string
  12   hsl_direct_net3:
  13     type: string
  14   hsl_direct_net4:
  15     type: string
  16   HSL_direct_net_id:
  17     type: string
  18     description: Name of HSL (Logging) network
  19   HSL_direct_net_cidr:
  20     type: string
  21     description: HSL (Logging) network address (CIDR notation)
  22   HSL_direct_net_gateway:
  23     type: string
  24     description: HSL (Logging) network gateway address
  25   oam_mgmt_net_0_id:
  26     type: string
  27     description: Name of OAM network
  28   Cricket_OCS_direct_net_id:
  29     type: string
  30     description: Name of Cricket OCS network
  31   Cricket_OCS_protected_net_id:
  32     type: string
  33     description: Name of Cricket OCS network
  34   service_instance_name:
  35     type: string
  36     description: Service instance name
  37   service_policy_name:
  38     type: string
  39     description: Policy Name
  40   service_policy_direction:
  41     type: string
  42     description: Direction of Policy
  43   start_src_ports:
  44     type: number
  45     description: Start of src port
  46   end_src_ports:
  47     type: number
  48     description: End of src port
  49   start_dst_ports:
  50     type: number
  51     description: Start of dst port
  52   end_dst_ports:
  53     type: number
  54     description: End of dst port
  55   st_name:
  56     type: string
  57     description: Name of service template
  58   st_mode:
  59     type: string
  60     description: service mode
  61   st_type:
  62     type: string
  63     description: service type
  64   st_image:
  65     type: string
  66     description: Name of the image
  67   st_flavor:
  68     type: string
  69     description: Flavor
  70   st_service_interface_type_list:
  71     type: string
  72     description: List of interface types
  73   st_shared_ip_list:
  74     type: string
  75     description: List of shared ip enabled-disabled
  76   st_static_routes_list:
  77     type: string
  78     description: List of static routes enabled-disabled
  79   st_scaling:
  80     type: string
  81     description: Indicates whether service scaling is enabled
  82   max_num_fw_instances:
  83     type: number
  84     description: maximum number of firewall instances for scaling
  85   availability_zone_1:
  86     type: string
  87     description: availability zone
  88   network_param:
  89     type: string
  90
  91 resources:
  92
  93   hsl_direct_net:
  94     type: OS::Contrail::VirtualNetwork
  95     properties:
  96       name: { get_param: HSL_direct_net_id }
  97
  98   hsl_ip_subnet:
  99     type: OS::Neutron::Subnet
 100     properties:
 101       network_id: { get_resource: hsl_direct_net }
 102       cidr: { get_param: HSL_direct_net_cidr }
 103       gateway_ip: { get_param: HSL_direct_net_gateway }
 104
 105   service_template:
 106     type: OS::Contrail::ServiceTemplate
 107     properties:
 108       name: { get_param: st_name }
 109       service_mode: { get_param: st_mode }
 110       service_type: { get_param: st_type }
 111       image_name: { get_param: st_image }
 112       flavor: { get_param: st_flavor }
 113       service_interface_type_list: { "Fn::Split" : [ ",", Ref: st_service_interface_type_list ] }
 114       shared_ip_list: { "Fn::Split" : [ ",", Ref: st_shared_ip_list ] }
 115       static_routes_list: { "Fn::Split" : [ ",", Ref: st_static_routes_list ] }
 116       service_scaling: { get_param: st_scaling }
 117
 118   service_instance:
 119     type: OS::Contrail::ServiceInstance
 120     depends_on: [ hsl_ip_subnet]
 121     properties:
 122       name: { get_param: service_instance_name }
 123       availability_zone: { get_param: availability_zone_1 }
 124       service_template: { get_resource: service_template }
 125       scale_out:
 126         max_instances: {get_param: max_num_fw_instances}
 127       interface_list: [
 128           {
 129               virtual_network: { get_param: network_param }
 130           }
 131           ]
 132
 133   service_policy:
 134     type: OS::Contrail::NetworkPolicy
 135     depends_on: [ service_instance ]
 136     properties:
 137       name: { get_param: service_policy_name }
 138       entries:
 139         policy_rule: [
 140           {
 141             "direction": { get_param: service_policy_direction },
 142             "protocol": "any",
 143             "src_ports": [{"start_port": {get_param: start_src_ports}, "end_port": {get_param: end_src_ports}}],
 144             "dst_ports": [{"start_port": {get_param: start_dst_ports}, "end_port": {get_param: end_dst_ports}}],
 145             "dst_addresses": [{ "virtual_network": { get_param: Cricket_OCS_direct_net_id }}],
 146             "action_list": { "apply_service": [{ get_resource: service_instance }]},
 147             "src_addresses": [{ "virtual_network": { get_param: Cricket_OCS_protected_net_id }}],
 148           },
 149           ]
 150
 151   service_policy_attach_direct_net:
 152     type: OS::Contrail::AttachPolicy
 153     depends_on: [ service_policy ]
 154     properties:
 155       network: { get_param: Cricket_OCS_direct_net_id }
 156       policy: { get_attr: [service_policy, fq_name] }
 157
 158   service_policy_attach_protected_net:
 159     type: OS::Contrail::AttachPolicy
 160     depends_on: [ service_policy ]
 161     properties:
 162       network: { get_param: Cricket_OCS_protected_net_id }
 163       policy: { get_attr: [service_policy, fq_name] }