cloudqubes/repo_server.yml

## repo_server.yml
heat_template_version: 2014-10-16

description: HOT file for app server

parameters:
#Image
  app_server_image_name:
    type: string
    default: "app_server_image"
#VM name
  app_server_name:
    type: string
    default: "app_server"
#network names
  oam_net:
    type: string
    default: "app_server_oam"
  service_net:
    type: string
    default: "app_server_service"
resources:
  #flavor
  app_server_flavor:
    type: OS::Nova::Flavor
    properties:
      name: "app_server"
      vcpus: 2
      ram: 4096
      disk: 100
      extra_specs: { "hw:cpu_policy" : "dedicated", "hw:mem_page_size": "1048576" }
  #security groups
  oam_security_group:
    type: OS::Neutron::SecurityGroup
    properties:
      name: "app_server_oam"
      rules:
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "tcp"
          port_range_min: 22
          port_range_max: 22
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "tcp"
          direction: "egress"
          port_range_min: 22
          port_range_max: 22
  service_security_group:
    type: OS::Neutron::SecurityGroup
    properties:
      name: "app_server_service"
      rules:
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "tcp"
          port_range_min: 1
          port_range_max: 65534
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "tcp"
          direction: "egress"
          port_range_min: 1
          port_range_max: 65534
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "icmp"
        - remote_ip_prefix: "0.0.0.0/0"
          protocol: "icmp"
          direction: "egress"
  #ports
  oam_port:
    type: OS::Neutron::Port
    properties:
      name: "app_server_oam"
      network: { get_param: oam_net }
      fixed_ips:
        - ip_address: "10.10.10.5"
      security_groups:
        - { get_resource: oam_security_group}
  service_port:
    type: OS::Neutron::Port
    properties:
      name: "app_server_service"
      network: { get_param: service_net }
      fixed_ips:
        - ip_address: "10.10.20.5"
      security_groups:
        - { get_resource: service_security_group}
  #virtual machine
  app_server:
    type: OS::Nova::Server
    properties:
      config_drive: "true"
      name: { get_param: app_server_name }
      flavor: { get_resource: app_server_flavor }
      image: { get_param: app_server_image_name }
      availability_zone: "zone-a"
      networks:
      - port: { get_resource: oam_port }
      - port: { get_resource: service_port }
      user_data_format: RAW
      user_data: |
        #cloud-config
        password: app_server_password
        chpasswd: { expire: False }
        ssh_pwauth: True
	heat_template_version: 2014-10-16

	description: HOT file for app server

	parameters:
	#Image
	app_server_image_name:
	type: string
	default: "app_server_image"
	#VM name
	app_server_name:
	type: string
	default: "app_server"
	#network names
	oam_net:
	type: string
	default: "app_server_oam"
	service_net:
	type: string
	default: "app_server_service"
	resources:
	#flavor
	app_server_flavor:
	type: OS::Nova::Flavor
	properties:
	name: "app_server"
	vcpus: 2
	ram: 4096
	disk: 100
	extra_specs: { "hw:cpu_policy" : "dedicated", "hw:mem_page_size": "1048576" }
	#security groups
	oam_security_group:
	type: OS::Neutron::SecurityGroup
	properties:
	name: "app_server_oam"
	rules:
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "tcp"
	port_range_min: 22
	port_range_max: 22
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "tcp"
	direction: "egress"
	port_range_min: 22
	port_range_max: 22
	service_security_group:
	type: OS::Neutron::SecurityGroup
	properties:
	name: "app_server_service"
	rules:
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "tcp"
	port_range_min: 1
	port_range_max: 65534
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "tcp"
	direction: "egress"
	port_range_min: 1
	port_range_max: 65534
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "icmp"
	- remote_ip_prefix: "0.0.0.0/0"
	protocol: "icmp"
	direction: "egress"
	#ports
	oam_port:
	type: OS::Neutron::Port
	properties:
	name: "app_server_oam"
	network: { get_param: oam_net }
	fixed_ips:
	- ip_address: "10.10.10.5"
	security_groups:
	- { get_resource: oam_security_group}
	service_port:
	type: OS::Neutron::Port
	properties:
	name: "app_server_service"
	network: { get_param: service_net }
	fixed_ips:
	- ip_address: "10.10.20.5"
	security_groups:
	- { get_resource: service_security_group}
	#virtual machine
	app_server:
	type: OS::Nova::Server
	properties:
	config_drive: "true"
	name: { get_param: app_server_name }
	flavor: { get_resource: app_server_flavor }
	image: { get_param: app_server_image_name }
	availability_zone: "zone-a"
	networks:
	- port: { get_resource: oam_port }
	- port: { get_resource: service_port }
	user_data_format: RAW
	user_data: \|
	#cloud-config
	password: app_server_password
	chpasswd: { expire: False }
	ssh_pwauth: True