Last active
April 18, 2016 22:06
-
-
Save nathwill/76dfedd597c5ad4ee639763fa4029854 to your computer and use it in GitHub Desktop.
heat template for an HA redis cluster
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| heat_template_version: 2015-04-30 | |
| description: set up the redis cluster | |
| parameters: | |
| default_image: | |
| type: string | |
| label: default base image | |
| description: glance image id of the base image | |
| default: centos-7.2 | |
| constraints: | |
| - description: is a valid image id | |
| custom_constraint: glance.image | |
| default_key: | |
| type: string | |
| label: default key | |
| description: default nova keypair | |
| default: ops | |
| flavor: | |
| type: string | |
| label: redis flavor | |
| description: flavor id of the redis flavor | |
| default: m1.tiny | |
| constraints: | |
| - description: is a valid flavor | |
| custom_constraint: nova.flavor | |
| private_network: | |
| type: string | |
| label: private network | |
| description: neutron network id of private network | |
| default: private | |
| constraints: | |
| - description: is a valid network | |
| custom_constraint: neutron.network | |
| public_network: | |
| type: string | |
| label: public network | |
| description: neutron network id of public network | |
| default: public | |
| constraints: | |
| - description: is a valid network | |
| custom_constraint: neutron.network | |
| clients: | |
| type: comma_delimited_list | |
| label: client security groups | |
| description: comma separated list of client security groups | |
| resources: | |
| # Set up the redis security groups | |
| inbound_security_group: | |
| type: OS::Neutron::SecurityGroup | |
| properties: | |
| name: redis-inbound | |
| rules: | |
| repeat: | |
| for_each: | |
| <%client%>: { get_param: clients } | |
| template: | |
| direction: ingress | |
| protocol: tcp | |
| port_range_min: 6379 | |
| port_range_max: 6379 | |
| remote_group_id: <%client%> | |
| remote_mode: remote_group_id | |
| default_security_group: | |
| type: OS::Neutron::SecurityGroup | |
| properties: | |
| name: redis-default | |
| rules: | |
| - direction: egress | |
| remote_ip_prefix: 0.0.0.0/0 | |
| - direction: ingress | |
| remote_ip_prefix: 0.0.0.0/0 | |
| port_range_min: 22 | |
| port_range_max: 22 | |
| protocol: tcp | |
| # Set up the internal VIP (managed by keepalived) | |
| vip: | |
| type: OS::Neutron::Port | |
| properties: | |
| name: redis-vip | |
| network: { get_param: private_network } | |
| security_groups: | |
| - { get_resource: inbound_security_group } | |
| # associate the nova servers in a server group. this sets a default | |
| # anti-affinity policy to prevent colocation on the same hypervisor. | |
| server_group: | |
| type: OS::Nova::ServerGroup | |
| properties: | |
| name: redis | |
| # create the redis1 port, with the vip as an allowed-address-pair | |
| redis_1_port: | |
| type: OS::Neutron::Port | |
| properties: | |
| network: { get_param: private_network } | |
| security_groups: | |
| - { get_resource: default_security_group } | |
| - { get_resource: inbound_security_group } | |
| allowed_address_pairs: | |
| - ip_address: { get_attr: [vip, fixed_ips, 0, ip_address] } | |
| # create the first redis server, assign the redis1 port, | |
| # and assign the server to the server-group from above. | |
| redis_1: | |
| type: OS::Nova::Server | |
| properties: | |
| name: redis01 | |
| flavor: { get_param: flavor } | |
| image: { get_param: default_image } | |
| key_name: { get_param: default_key } | |
| networks: | |
| - port: { get_resource: redis_1_port } | |
| scheduler_hints: | |
| group: { get_resource: server_group } | |
| # repeat for the redis2 port | |
| redis_2_port: | |
| type: OS::Neutron::Port | |
| properties: | |
| network: { get_param: private_network } | |
| security_groups: | |
| - { get_resource: default_security_group } | |
| - { get_resource: inbound_security_group } | |
| allowed_address_pairs: | |
| - ip_address: { get_attr: [vip, fixed_ips, 0, ip_address] } | |
| # repeat for the redis 2 server | |
| redis_2: | |
| type: OS::Nova::Server | |
| properties: | |
| name: redis02 | |
| flavor: { get_param: flavor } | |
| image: { get_param: default_image } | |
| key_name: { get_param: default_key } | |
| networks: | |
| - port: { get_resource: redis_2_port } | |
| scheduler_hints: | |
| group: { get_resource: server_group } | |
| outputs: | |
| inbound_security_group: | |
| description: redis service security group | |
| value: { get_resource: inbound_security_group } | |
| default_security_group: | |
| description: redis server security group | |
| value: { get_resource: default_security_group } | |
| vip: | |
| description: redis vip | |
| value: { get_resource: vip } | |
| redis_1: | |
| description: redis01 server | |
| value: { get_resource: redis_1 } | |
| redis_2: | |
| description: redis02 server | |
| value: { get_resource: redis_2 } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment