This submission address the "fusion" between DNS service zones
between DCAE and rest of ONAP R1. In ONAP R1 each ONAP deployment
runs its own private DNS server; DCAE use Designate DNS as a Service.
The VMs on both sides need to be able to communicate with each other
by hostnames. This submission modifies the ONAP private DNS server
so it uses the DNS server behind the Designate as the forwarder. For
ONAP->DCAE communication, host names will be resolved by Designate DNS
server; for DCAE->ONAP communication, since DCAE VMs also use the ONAP
private DNS server as first name server, it is not a problem.
Issue-Id: DCAEGEN2-187
Change-Id: Ia54cd41f33b446d406a69868598ae1a8c0cdea8d
Signed-off-by: Lusheng Ji <lji@research.att.com>
local DNSAAS_SERVICE_URL
local DNSAAS_USERNAME='demo'
local DNSAAS_PASSWORD='onapdemo'
local DNSAAS_SERVICE_URL
local DNSAAS_USERNAME='demo'
local DNSAAS_PASSWORD='onapdemo'
CLOUD_REGION="$(cat /opt/config/dnsaas_region.txt)"
CLOUD_ENV="$(cat /opt/config/cloud_env.txt)"
CLOUD_REGION="$(cat /opt/config/dnsaas_region.txt)"
CLOUD_ENV="$(cat /opt/config/cloud_env.txt)"
CLOUD_IDENTITY_URL="http://${MCIP}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}/identity/v2.0"
KEYSTONE_URL="$(cat /opt/config/openstack_keystone_url.txt)"
if [[ "$KEYSTONE_URL" == */v3 ]]; then
CLOUD_IDENTITY_URL="http://${MCIP}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}/identity/v2.0"
KEYSTONE_URL="$(cat /opt/config/openstack_keystone_url.txt)"
if [[ "$KEYSTONE_URL" == */v3 ]]; then
elif [[ "$KEYSTONE_URL" == */v2.0 ]]; then
elif [[ "$KEYSTONE_URL" == */v2.0 ]]; then
else
KEYSTONE_URL="${KEYSTONE_URL}/v3"
else
KEYSTONE_URL="${KEYSTONE_URL}/v3"
fi
USERNAME="$(cat /opt/config/openstack_user.txt)"
PASSWORD="$(cat /opt/config/openstack_password.txt)"
fi
USERNAME="$(cat /opt/config/openstack_user.txt)"
PASSWORD="$(cat /opt/config/openstack_password.txt)"
local CLOUD_REGION
local CLOUD_VERSION='titanium_cloud'
local CLOUD_ENV
local CLOUD_REGION
local CLOUD_VERSION='titanium_cloud'
local CLOUD_ENV
local DNSAAS_TENANT_NAME
local MCHOST
local MCURL
local DNSAAS_TENANT_NAME
local MCHOST
local MCURL
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
- MCDATA='-d "{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}"'
+ MCDATA='-d "{\"auth\":{\"tenantName\": \"'${DNSAAS_TENANT_NAME}'\"}}"'
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### zone operations
# because all VM's use 10.0.100.1 as their first DNS server, the designate DNS server as seocnd, we need to use a
# domain outside of the first DNS server's domain
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### zone operations
# because all VM's use 10.0.100.1 as their first DNS server, the designate DNS server as seocnd, we need to use a
# domain outside of the first DNS server's domain
- ZONENAME="${DCAE_ZONE}.dcaeg2.simpledemo.onap.org."
+ DCAE_DOMAIN="$(cat /opt/config/dcae_domain.txt)"
+ ZONENAME="${DCAE_ZONE}.${DCAE_DOMAIN}."
echo "===> Register DNS zone $ZONENAME under $DNSAAS_TENANT_NAME"
echo "===> Register DNS zone $ZONENAME under $DNSAAS_TENANT_NAME"
- ### list zones
- echo "=====> Get current zone listing"
- curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones"
+ local PROJECTID
+ PROJECTID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"project_id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
+ if [ ! -z "$PROJECTID" ]; then
+ ### query the zone with zone id
+ echo "!!!!!!> zone $ZONENAME already registered by project $PROJECTID"
+ else
+ ### create a zone
+ echo "=====> No zone of same name $ZONENAME found, creating new zone "
+ curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X POST -d "{ \"name\": \"$ZONENAME\", \"email\": \"lji@research.att.com\"}" "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones"
+ fi
- ### create a zone
- echo "=====> Creating zone $ZONENAME"
- curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X POST -d "{ \"name\": \"$ZONENAME\", \"email\": \"lji@research.att.com\"}" "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones"
+ ### list zones
+ echo "=====> Zone listing"
+ curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones" | python -m json.tool
### query the zone with zone name
### query the zone with zone name
- echo "=====> Querying zone $ZONENAME"
- curl -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}"
+ #echo "=====> Querying zone $ZONENAME"
+ #curl -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}"
- local ZONEID
- ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
+ #local ZONEID
+ #ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
echo "=====> After creation, zone $ZONENAME ID is $ZONEID"
### query the zone with zone id
echo "=====> After creation, zone $ZONENAME ID is $ZONEID"
### query the zone with zone id
- echo "=====> Querying zone $ZONENAME by ID $ZONEID"
- curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones/${ZONEID}"
+ #echo "=====> Querying zone $ZONENAME by ID $ZONEID"
+ #curl -sv -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones/${ZONEID}"
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
- MCDATA='"{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}"'
+ local DCAE_DOMAIN
+ local ZONENAME
+ DCAE_DOMAIN="$(cat /opt/config/dcae_domain.txt)"
+ ZONENAME="${DCAE_ZONE}.${DCAE_DOMAIN}."
+
+ MCDATA='"{\"auth\":{\"tenantName\": \"'${DNSAAS_TENANT_NAME}'\"}}"'
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### Get Token
local TOKEN
TOKEN=$(curl -v -s -H "Content-Type: application/json" -X POST -d "{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}" "${MULTICLOUD_PLUGIN_ENDPOINT}/identity/v3/auth/tokens" 2>&1 | grep X-Subject-Token | sed "s/^.*: //")
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### Get Token
local TOKEN
TOKEN=$(curl -v -s -H "Content-Type: application/json" -X POST -d "{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}" "${MULTICLOUD_PLUGIN_ENDPOINT}/identity/v3/auth/tokens" 2>&1 | grep X-Subject-Token | sed "s/^.*: //")
- local ZONENAME
- ZONENAME="$1.dcaeg2.simpledemo.onap.org."
local ZONEID
ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
local ZONEID
ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
MCHOST=$(cat /opt/config/openo_ip_addr.txt)
MCURL="http://$MCHOST:9005/api/multicloud-titanium_cloud/v0/swagger.json"
- MCDATA='"{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}"'
+ MCDATA='"{\"auth\":{\"tenantName\": \"'${DNSAAS_TENANT_NAME}'\"}}"'
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### Get Token
local TOKEN
TOKEN=$(curl -v -s -H "Content-Type: application/json" -X POST -d "{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}" "${MULTICLOUD_PLUGIN_ENDPOINT}/identity/v3/auth/tokens" 2>&1 | grep X-Subject-Token | sed "s/^.*: //")
MULTICLOUD_PLUGIN_ENDPOINT=http://${MCHOST}/api/multicloud-titanium_cloud/v0/${CLOUD_OWNER}_${CLOUD_REGION}
### Get Token
local TOKEN
TOKEN=$(curl -v -s -H "Content-Type: application/json" -X POST -d "{\"auth\":{\"tenantName\": \"${DNSAAS_TENANT_NAME}\"}}" "${MULTICLOUD_PLUGIN_ENDPOINT}/identity/v3/auth/tokens" 2>&1 | grep X-Subject-Token | sed "s/^.*: //")
- ZONENAME="$1.dcaeg2.simpledemo.onap.org."
+ DCAE_DOMAIN="$(cat /opt/config/dcae_domain.txt)"
+ ZONENAME="${DCAE_ZONE}.${DCAE_DOMAIN}."
local ZONEID
ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
local ZONEID
ZONEID=$(curl -v -s -H "Content-Type: application/json" -H "X-Auth-Token: $TOKEN" -X GET "${MULTICLOUD_PLUGIN_ENDPOINT}/dns-delegate/v2/zones?name=${ZONENAME}" |sed 's/^.*"id":"\([a-zA-Z0-9-]*\)",.*$/\1/')
MYFLOATIP=$(cat /opt/config/dcae_float_ip.txt)
MYLOCALIP=$(cat /opt/config/dcae_ip_addr.txt)
MYFLOATIP=$(cat /opt/config/dcae_float_ip.txt)
MYLOCALIP=$(cat /opt/config/dcae_ip_addr.txt)
+# start docker image pulling while we are waiting for A&AI to come online
docker login -u "$NEXUS_USER" -p "$NEXUS_PASSWORD" "$NEXUS_DOCKER_REPO"
docker pull "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION" && docker pull nginx &
docker login -u "$NEXUS_USER" -p "$NEXUS_PASSWORD" "$NEXUS_DOCKER_REPO"
docker pull "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION" && docker pull nginx &
rm -f /opt/config/runtime.ip.cm
rm -f /opt/config/runtime.ip.cm
-docker login -u "$NEXUS_USER" -p "$NEXUS_PASSWORD" "$NEXUS_DOCKER_REPO"
-docker pull "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION"
-docker run -d --name boot -v /opt/app/config:/opt/app/installer/config -e "LOCATION=$ZONE" "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION"
+#docker login -u "$NEXUS_USER" -p "$NEXUS_PASSWORD" "$NEXUS_DOCKER_REPO"
+#docker pull "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION"
+#docker run -d --name boot -v /opt/app/config:/opt/app/installer/config -e "LOCATION=$ZONE" "$NEXUS_DOCKER_REPO/onap/org.onap.dcaegen2.deployments.bootstrap:$DOCKER_VERSION"
# waiting for bootstrap to complete then starting nginx for proxying healthcheck calls
# waiting for bootstrap to complete then starting nginx for proxying healthcheck calls
ARTIFACTS_VERSION=$(cat /opt/config/artifacts_version.txt)
CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
ARTIFACTS_VERSION=$(cat /opt/config/artifacts_version.txt)
CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
if [[ $CLOUD_ENV != "rackspace" ]]
then
# Add host name to /etc/host to avoid warnings in openstack images
if [[ $CLOUD_ENV != "rackspace" ]]
then
# Add host name to /etc/host to avoid warnings in openstack images
curl -k $NEXUS_REPO/org.onap.demo/boot/$ARTIFACTS_VERSION/$OPTIONS_FILE -o /etc/bind/named.conf.options
curl -k $NEXUS_REPO/org.onap.demo/boot/$ARTIFACTS_VERSION/named.conf.local -o /etc/bind/named.conf.local
curl -k $NEXUS_REPO/org.onap.demo/boot/$ARTIFACTS_VERSION/$OPTIONS_FILE -o /etc/bind/named.conf.options
curl -k $NEXUS_REPO/org.onap.demo/boot/$ARTIFACTS_VERSION/named.conf.local -o /etc/bind/named.conf.local
# Set the private IP address of each ONAP VM in the Bind configuration in OpenStack deployments
if [[ $CLOUD_ENV != "rackspace" ]]
then
# Set the private IP address of each ONAP VM in the Bind configuration in OpenStack deployments
if [[ $CLOUD_ENV != "rackspace" ]]
then
+ sed -i "s/dns_forwarder/"$(cat /opt/config/dns_forwarder.txt)"/g" /etc/bind/named.conf.options
sed -i "s/dns_ip_addr/"$(cat /opt/config/dns_ip_addr.txt)"/g" /etc/bind/named.conf.options
sed -i "s/external_dns/"$(cat /opt/config/external_dns.txt)"/g" /etc/bind/named.conf.options
sed -i "s/aai1_ip_addr/"$(cat /opt/config/aai1_ip_addr.txt)"/g" /etc/bind/zones/db.simpledemo.openecomp.org
sed -i "s/dns_ip_addr/"$(cat /opt/config/dns_ip_addr.txt)"/g" /etc/bind/named.conf.options
sed -i "s/external_dns/"$(cat /opt/config/external_dns.txt)"/g" /etc/bind/named.conf.options
sed -i "s/aai1_ip_addr/"$(cat /opt/config/aai1_ip_addr.txt)"/g" /etc/bind/zones/db.simpledemo.openecomp.org
# Configure Bind
modprobe ip_gre
sed -i "s/OPTIONS=.*/OPTIONS=\"-4 -u bind\"/g" /etc/default/bind9
# Configure Bind
modprobe ip_gre
sed -i "s/OPTIONS=.*/OPTIONS=\"-4 -u bind\"/g" /etc/default/bind9
-service bind9 restart
\ No newline at end of file
allow-transfer { none; }; # disable zone transfers by default
forwarders {
allow-transfer { none; }; # disable zone transfers by default
forwarders {
};
// If there is a firewall between you and nameservers you want
};
// If there is a firewall between you and nameservers you want
dns_list: PUT THE ADDRESS OF THE EXTERNAL DNS HERE (e.g. a comma-separated list of IP addresses in your /etc/resolv.conf in UNIX-based Operating Systems)
external_dns: PUT THE FIRST ADDRESS OF THE EXTERNAL DNS LIST HERE
dns_list: PUT THE ADDRESS OF THE EXTERNAL DNS HERE (e.g. a comma-separated list of IP addresses in your /etc/resolv.conf in UNIX-based Operating Systems)
external_dns: PUT THE FIRST ADDRESS OF THE EXTERNAL DNS LIST HERE
+ dns_forwarder: PUT THE IP OF DNS FORWARDER FOR ONAP DEPLOYMENT'S OWN DNS SERVER
oam_network_cidr: 10.0.0.0/16
### Private IP addresses ###
oam_network_cidr: 10.0.0.0/16
### Private IP addresses ###
dnsaas_config_enabled: PUT WHETHER TO USE PROXYED DESIGNATE
dnsaas_region: PUT THE DESIGNATE PROVIDING OPENSTACK'S REGION HERE
dnsaas_keystone_url: PUT THE DESIGNATE PROVIDING OPENSTACK'S KEYSTONE URL HERE
dnsaas_config_enabled: PUT WHETHER TO USE PROXYED DESIGNATE
dnsaas_region: PUT THE DESIGNATE PROVIDING OPENSTACK'S REGION HERE
dnsaas_keystone_url: PUT THE DESIGNATE PROVIDING OPENSTACK'S KEYSTONE URL HERE
- dnsaas_tenant_name: PUT THE TENANT NAME IN THE DESIGNATE PROVIDING OPENSTACK HERE
+ dnsaas_tenant_name: PUT THE TENANT NAME IN THE DESIGNATE PROVIDING OPENSTACK HERE (FOR R1 USE THE SAME AS openstack_tenant_name)
dnsaas_username: PUT THE DESIGNATE PROVIDING OPENSTACK'S USERNAME HERE
dnsaas_password: PUT THE DESIGNATE PROVIDING OPENSTACK'S PASSWORD HERE
dcae_keystone_url: PUT THE MULTIVIM PROVIDED KEYSTONE API URL HERE
dcae_centos_7_image: PUT THE CENTOS7 VM IMAGE NAME HERE FOR DCAE LAUNCHED CENTOS7 VM
dnsaas_username: PUT THE DESIGNATE PROVIDING OPENSTACK'S USERNAME HERE
dnsaas_password: PUT THE DESIGNATE PROVIDING OPENSTACK'S PASSWORD HERE
dcae_keystone_url: PUT THE MULTIVIM PROVIDED KEYSTONE API URL HERE
dcae_centos_7_image: PUT THE CENTOS7 VM IMAGE NAME HERE FOR DCAE LAUNCHED CENTOS7 VM
- dcae_security_group: PUT THE SECURITY GROUP NAME HERE FOR DCAE LAUNCHED VMS
- dcae_key_name: PUT THE ON BOARDED KEY-PAIR NAME HERE FOR DCAE LAUNCHED VMS
+ dcae_domain: PUT THE NAME OF DOMAIN THAT DCAE VMS REGISTER UNDER
dcae_public_key: PUT THE PUBLIC KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS
dcae_private_key: PUT THE SECRET KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS
dcae_public_key: PUT THE PUBLIC KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS
dcae_private_key: PUT THE SECRET KEY OF A KEYPAIR HERE TO BE USED BETWEEN DCAE LAUNCHED VMS
type: string
description: First element of the dns_list for ONAP network
type: string
description: First element of the dns_list for ONAP network
+ dns_forwarder:
+ type: string
+ description: the forwarder address for setting up ONAP's private DNS server
+
oam_network_cidr:
type: string
description: CIDR of the OAM ONAP network
oam_network_cidr:
type: string
description: CIDR of the OAM ONAP network
type: string
description: the keystone URL for DCAE to use (via MultiCloud)
type: string
description: the keystone URL for DCAE to use (via MultiCloud)
- dcae_key_name:
- type: string
- description: the name of the keypair on-boarded with Cloud
-
dcae_private_key:
type: string
description: the private key of the key-apir used between the DCAE bootstrap container and DCAE VMs
dcae_private_key:
type: string
description: the private key of the key-apir used between the DCAE bootstrap container and DCAE VMs
type: string
description: the id/name of the CentOS 7 VM imange
type: string
description: the id/name of the CentOS 7 VM imange
- description: the security group to be used by DCAE VMs
-
+ description: the top level domain to register DCAE VMs (the zone will be random-str.dcae_domain)
# dcae_base_environment:
# type: string
# dcae_base_environment:
# type: string
# Public key used to access ONAP components
vm_key:
type: OS::Nova::KeyPair
# Public key used to access ONAP components
vm_key:
type: OS::Nova::KeyPair
public_key: { get_param: pub_key }
save_private_key: false
public_key: { get_param: pub_key }
save_private_key: false
+
+ # ONAP security group
+ onap_sg:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ name:
+ str_replace:
+ template: base_rand
+ params:
+ base: onap_sg
+ rand: { get_resource: random-str }
+ description: security group used by ONAP
+ rules:
+ # All egress traffic
+ - direction: egress
+ ethertype: IPv4
+ - direction: egress
+ ethertype: IPv6
+ # ingress traffic
+ # ICMP
+ - protocol: icmp
+ - protocol: udp
+ port_range_min: 1
+ port_range_max: 65535
+ - protocol: tcp
+ port_range_min: 1
+ port_range_max: 65535
+
+
+
# ONAP management private network
oam_onap:
type: OS::Neutron::Net
# ONAP management private network
oam_onap:
type: OS::Neutron::Net
__openo_ip_addr__: { get_param: openo_ip_addr }
__cloud_env__: { get_param: cloud_env }
__external_dns__: { get_param: external_dns }
__openo_ip_addr__: { get_param: openo_ip_addr }
__cloud_env__: { get_param: cloud_env }
__external_dns__: { get_param: external_dns }
+ __dns_forwarder__: { get_param: dns_forwarder }
echo "__clamp_ip_addr__" > /opt/config/clamp_ip_addr.txt
echo "__openo_ip_addr__" > /opt/config/openo_ip_addr.txt
echo "__external_dns__" > /opt/config/external_dns.txt
echo "__clamp_ip_addr__" > /opt/config/clamp_ip_addr.txt
echo "__openo_ip_addr__" > /opt/config/openo_ip_addr.txt
echo "__external_dns__" > /opt/config/external_dns.txt
+ echo "__dns_forwarder__" > /opt/config/dns_forwarder.txt
# Download and run install script
curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/dns_install.sh -o /opt/dns_install.sh
# Download and run install script
curl -k __nexus_repo__/org.onap.demo/boot/__artifacts_version__/dns_install.sh -o /opt/dns_install.sh
key_name: { get_resource: vm_key }
networks:
- port: { get_resource: dcae_c_private_port }
key_name: { get_resource: vm_key }
networks:
- port: { get_resource: dcae_c_private_port }
+ #security_groups:
+ # - { get_resource: onap_sg }
user_data_format: RAW
user_data:
str_replace:
user_data_format: RAW
user_data:
str_replace:
__dcae_float_ip__: { get_attr: [dcae_c_floating_ip, floating_ip_address] }
__dns_ip_addr__: { get_param: dns_ip_addr }
__external_dns__: { get_param: external_dns }
__dcae_float_ip__: { get_attr: [dcae_c_floating_ip, floating_ip_address] }
__dns_ip_addr__: { get_param: dns_ip_addr }
__external_dns__: { get_param: external_dns }
+ __dns_forwarder__: { get_param: dns_forwarder }
+ __dcae_domain__: { get_param: dcae_domain }
# conf for VMs DCAE is to bringup
__openstack_keystone_url__: { get_param: keystone_url }
__dcae_keystone_url__: { get_param: dcae_keystone_url }
# conf for VMs DCAE is to bringup
__openstack_keystone_url__: { get_param: keystone_url }
__dcae_keystone_url__: { get_param: dcae_keystone_url }
__dcaeos_region__: { get_param: openstack_region }
__dcaeos_tenant_id__: { get_param: openstack_tenant_id }
__dcaeos_tenant_name__: { get_param: openstack_tenant_name }
__dcaeos_region__: { get_param: openstack_region }
__dcaeos_tenant_id__: { get_param: openstack_tenant_id }
__dcaeos_tenant_name__: { get_param: openstack_tenant_name }
+ __dcaeos_security_group__:
+ str_replace:
+ template: 'onap_sg_rand'
+ params:
+ rand: { get_resource: random-str }
+ #__dcaeos_security_group__: { get_attr: [onap_sg, name] }
__dcaeos_username__: { get_param: openstack_username }
__dcaeos_password__: { get_param: openstack_api_key }
__dcaeos_username__: { get_param: openstack_username }
__dcaeos_password__: { get_param: openstack_api_key }
- __dcaeos_key_name__: { get_attr: [vm_key, name] }
- __dcaeos_key_name__: { get_param: dcae_key_name }
+ __dcaeos_key_name__: { get_resource: vm_key }
__dcaeos_public_key__: { get_param: dcae_public_key }
__dcaeos_private_key__: { get_param: dcae_private_key }
__dcaeos_private_network_name__: { get_attr: [oam_onap, name] }
__dcaeos_public_network_name__: { get_param: public_net_name }
__dcaeos_ubuntu_1604_image__: { get_param: ubuntu_1604_image }
__dcaeos_centos_7_image__: { get_param: dcae_centos_7_image }
__dcaeos_public_key__: { get_param: dcae_public_key }
__dcaeos_private_key__: { get_param: dcae_private_key }
__dcaeos_private_network_name__: { get_attr: [oam_onap, name] }
__dcaeos_public_network_name__: { get_param: public_net_name }
__dcaeos_ubuntu_1604_image__: { get_param: ubuntu_1604_image }
__dcaeos_centos_7_image__: { get_param: dcae_centos_7_image }
- __dcaeos_security_group__ : { get_param: dcae_security_group }
__dcaeos_flavor_id__: { get_param: flavor_medium }
__dcaeos_flavor_id__: { get_param: flavor_medium }
+ __dcaeos_flavor_id_cdap__: { get_param: flavor_xlarge }
__dcaeos_dnsaas_config_enabled__: { get_param: dnsaas_config_enabled }
__dcaeos_dnsaas_region__: { get_param: dnsaas_region }
__dcaeos_dnsaas_keystone_url__: { get_param: dnsaas_keystone_url }
__dcaeos_dnsaas_config_enabled__: { get_param: dnsaas_config_enabled }
__dcaeos_dnsaas_region__: { get_param: dnsaas_region }
__dcaeos_dnsaas_keystone_url__: { get_param: dnsaas_keystone_url }
echo "__dcae_float_ip__" > /opt/config/dcae_float_ip.txt
echo "__dns_ip_addr__" > /opt/config/dns_ip_addr.txt
echo "__external_dns__" > /opt/config/external_dns.txt
echo "__dcae_float_ip__" > /opt/config/dcae_float_ip.txt
echo "__dns_ip_addr__" > /opt/config/dns_ip_addr.txt
echo "__external_dns__" > /opt/config/external_dns.txt
+ echo "__dns_forwarder__" > /opt/config/dns_forwarder.txt
+ echo "__dcae_domain__" > /opt/config/dcae_domain.txt
# conf for the OpenStack env where DCAE is deployed
echo "__openstack_keystone_url__" > /opt/config/openstack_keystone_url.txt
echo "__dcaeos_cloud_env__" > /opt/config/cloud_env.txt
# conf for the OpenStack env where DCAE is deployed
echo "__openstack_keystone_url__" > /opt/config/openstack_keystone_url.txt
echo "__dcaeos_cloud_env__" > /opt/config/cloud_env.txt
echo "__dcaeos_centos_7_image__" > /opt/config/centos_7_image.txt
echo "__dcaeos_security_group__" > /opt/config/security_group.txt
echo "__dcaeos_flavor_id__" > /opt/config/flavor_id.txt
echo "__dcaeos_centos_7_image__" > /opt/config/centos_7_image.txt
echo "__dcaeos_security_group__" > /opt/config/security_group.txt
echo "__dcaeos_flavor_id__" > /opt/config/flavor_id.txt
+ echo "__dcaeos_flavor_id_cdap__" > /opt/config/flavor_id_cdap.txt
echo "__dcaeos_dnsaas_config_enabled__" > /opt/config/dnsaas_config_enabled.txt
echo "__dcaeos_dnsaas_region__" > /opt/config/dnsaas_region.txt
echo "__dcaeos_dnsaas_keystone_url__" > /opt/config/dnsaas_keystone_url.txt
echo "__dcaeos_dnsaas_config_enabled__" > /opt/config/dnsaas_config_enabled.txt
echo "__dcaeos_dnsaas_region__" > /opt/config/dnsaas_region.txt
echo "__dcaeos_dnsaas_keystone_url__" > /opt/config/dnsaas_keystone_url.txt