Openstack Plugin v3

__Note: This documentation refers to Cloudify Openstack Plugin v3.X, the new version of the Openstack Plugin. For documentation on the old version, see Openstack Plugin. Openstack Plugin v3 is not backward compatible with v2. See Note on Openstack Plugin v2.X Compatibility.

Note on Openstack Plugin v2.X Compatibility

The Openstack Plugin v3.1.0 and above supports a compatibility mode for v2.X node types and relationships. This requires importing a special compat.yaml in addition to the plugin yaml. Here are some examples:

Plugin Import Notation with Compat YAML

tosca_definitions_version: cloudify_dsl_1_3
imports:
  - http://www.getcloudify.org/spec/cloudify/4.4/types.yaml
  - plugin:cloudify-openstack-plugin?version=3.1.0
  - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-openstack-plugin/3.1.0/compat.yaml

URL Import Notation with Compat YAML

  - http://www.getcloudify.org/spec/cloudify/4.4/types.yaml
  - http://www.getcloudify.org/spec/openstack-plugin/3.1.0/plugin.yaml
  - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-openstack-plugin/3.1.0/compat.yaml

_Note that you must import the compat.yaml file in order for the compatibility to take effect.

Note: Node Templates that include a mapping to an Openstack v2 Operation are not supported.

Introduction

The Openstack plugin enables you to manage Openstack resources with Cloudify.

Authentication with Openstack

Each node template, has a client_config property which stores your account credentials. Use an intrinsic function to assign these to the values of secrets](/working_with/manager/using-secrets/) in your manager.

  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: example-network

Note: If auth_url version is v3 then one of the following combinations must be provided under client_config:

Common Properties

Openstack Plugin node types have these common properties, except where noted:

Properties

Common Runtime Properties

Node instances of any of the types defined in this plugin are set with the following runtime properties during the cloudify.interfaces.lifecycle.create operation:

Common Interface Operations

Most of the node types provide the same base functionalities:

Logging for OpenStack Libraries

The OpenStack library openstacksdk used by the OpenStack plugin perform its own logging using the standard Python logging library.

It is possible to control the visibility of OpenStack API’s logging on Cloudify’s logger by using the logging configuration directive.

The structure of the logging directive is as follows:

logging:
  use_cfy_logger: <boolean> (defaults to true)
  groups:
    openstack: <level>
  loggers:
    <logger-name>: <level>
    <logger-name>: <level>
    <logger-name>: <level>
    ...

The default logging directive’s value is:

logging:
  use_cfy_logger: true
  groups:
    openstack: debug
  loggers: {}

If you specify a logging directive, its contents will be merged with the default.

If use_cfy_logger is true, then a logging handler is added to all applicable OpenStack API loggers (described below) so log records are emitted to the Cloudify logger in addition to any other handlers that may be configured.

The groups section is used to easily set the logging level for groups of loggers service. right now we support one group openstack

For example, setting openstack to info will result in the following loggers being set to info level:

In addition, you can set the logging level of individual loggers under the loggers section.

Node Types

Each node type refers to a resource in Openstack.

cloudify.nodes.openstack.Flavor

This node type refers to an flavor.

Resource Config

For more information, and possible keyword arguments, see: create_flavor.

Operations

Flavor Examples

  example-flavor:
    type: cloudify.nodes.openstack.Flavor
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: example-flavor
        ram: 4024
        disk: 8
        vcpus: 2

cloudify.nodes.openstack.HostAggregate

This node type refers to a host aggregate.

Resource Config

For more information, and possible keyword arguments, see: create_aggregate.

Properties

Operations

Host Aggregate Examples

  example-host-aggregate:
    type: cloudify.nodes.openstack.HostAggregate
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      metadata:
        ssd: 'True'
      resource_config: { get_input: host_aggregate_config }

cloudify.nodes.openstack.Image

This node type refers to an image.

Resource Config

For more information, and possible keyword arguments, see: create_image.

Operations

Image Examples

  example-image:
    type: cloudify.nodes.openstack.Image
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: 'openstack-image-custom'
        container_format: "bare"
        disk_format: "qcow2"

cloudify.nodes.openstack.KeyPair

This node type refers to a Key pair.

Resource Config

For more information, and possible keyword arguments, see: create_keypair.

Operations

Key Pair Examples

  example-keypair:
    type: cloudify.nodes.openstack.KeyPair
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: id-rsa
        public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4FFmiO6pg+7jqAHAO2vCZMc5ish511RO5jJymla61+qE+hZx8ArCANRL8+xpNnrYrDnVjkWrcLkQiBNOqB3OcQKaIxNdE7g51zjPnNOpU17Y7KjNlMysn80ISFvcVhGWkyIElX6LksuU6AI4Bay0EnRto75oj69dCrCRM6H2PMns+xa/4eVFCUh+KZySBVPFPNfrQ+27nrvHWHFBMGlT9I5AqiiJrvCRbzG5u+FfOWFyKmLd3X1Aksv4lRapkfWSr/BYK32LKmIFcXMwaGgXtYmGZqqjQB6uHKksA+pqjmWUZYe8/N9F1uRvb/pD1IXeJ33o9pLKG5JhC/S2qmboR iloveu@barney

cloudify.nodes.openstack.Server

This node type refers to an Openstack Server.

Resource Config

For more information, and possible keyword arguments, see: create_server

Properties

Operations

Relationships

Server Examples

Create a Server connected to a certain port and to a certain keypair

  example-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: example-server
        image_id: { get_input: image_id }
        flavor_id: { get_input: flavor_id }
        key_name: { get_input: keypair_name }
    relationships:
      - type: cloudify.relationships.openstack.server_connected_to_port
        target: example-server-port
      - type: cloudify.relationships.openstack.server_connected_to_keypair
        target: example-keypair

Create a Server connected to a certain port, keypair and to certain security group

  example-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server' ] }
        image_id: { get_input: image }
        flavor_id: { get_input: flavor }
    relationships:
      - type: cloudify.relationships.openstack.server_connected_to_security_group
        target: example-security-group
      - type: cloudify.relationships.openstack.server_connected_to_port
        target: example-port
      - type: cloudify.relationships.connected_to
        target: example-network-2
      - type: cloudify.relationships.openstack.server_connected_to_keypair
        target: example-keypair

Create a Server connected to a certain port, keypair and to certain floating ip

  example-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server' ] }
        image_id: { get_input: image }
        flavor_id: { get_input: flavor }
    relationships:
      - type: cloudify.relationships.openstack.server_connected_to_floating_ip
        target: example-ip
      - type: cloudify.relationships.openstack.server_connected_to_port
        target: example-port
      - type: cloudify.relationships.openstack.server_connected_to_keypair
        target: example-keypair

cloudify.nodes.openstack.WindowsServer

This node type refers to an Openstack Windows Server. It is identical to cloudify.nodes.openstack.Server, except the following values have been overridden:

Properties

Windows Server Examples

Create a Server connected to a certain port and to a certain keypair

  example-server-node:
    type: cloudify.nodes.openstack.WindowsServer
    properties:
      use_password: true
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: init_script
        user: Admin
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server' ] }
        image_id: { get_input: image }
        flavor_id: { get_input: flavor }
    relationships:
     - type: cloudify.relationships.openstack.server_connected_to_port
       target: example-port
     - type: cloudify.relationships.openstack.server_connected_to_keypair
       target: example-keypair

cloudify.nodes.openstack.ServerGroup

This node type refers to an Openstack Server Group.

Resource Config

For more information, and possible keyword arguments, see: create_server_group.

Operations

Server Group Examples

  example-server-group:
    type: cloudify.nodes.openstack.ServerGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: 'example-server-group'
        policies:
          - affinity

cloudify.nodes.openstack.Project

This node type refers to an project.

Resource Config

For more information, and possible keyword arguments, see: create_project.

Properties

Operations

Project Examples

  example-project:
    type: cloudify.nodes.openstack.Project
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: 'test_project'
        description: 'Testing Project'
        is_domain': True
      users:
        - name: test_user
          roles:
            - test_role_1
            - test_role_2
            - test_role_3

cloudify.nodes.openstack.User

This node type refers to an user.

Resource Config

For more information, and possible keyword arguments, see: create_user.

Operations

User Examples

  example-user:
    type: cloudify.nodes.openstack.User
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: 'test-user'
        default_project_id: { get_input: project_name }
        enabled: True
        password: 'test1234567890'
        email: 'test@test.com'

cloudify.nodes.openstack.FloatingIP

This node type refers to an Openstack Floating IP.

Resource Config

For more information, and possible keyword arguments, see: create_floating_ip.

Properties

Operations

Relationships

Floating IP Examples

  example-ip:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network
      - type: cloudify.relationships.connected_to
        target: example-server-port
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }
        kwargs:
          routing:
            external: true

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network' ] }

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security_group' ] }
        description: 'A security group created by Cloudify OpenStack SDK plugin.'

  example-security-group-rule:
    type: cloudify.nodes.openstack.SecurityGroupRule
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        direction: ingress
        protocol: tcp
        port_range_max: 22
        port_range_min: 22
        security_group_id: { get_attribute: [ example-security-group, id ] }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-security-group
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-server-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server-port' ] }
        network_id: { get_attribute: [ example-network, id ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet, id ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-subnet
      - type: cloudify.relationships.connected_to
        target: example-security-group
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }
  example-ip:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        floating_network_name: { get_input: external_network_name }
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }
  example-ip:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        floating_network_id: { get_input: external_network_id }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-server-port
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }
        kwargs:
          routing:
            external: true

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network' ] }

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security_group' ] }
        description: 'A security group created by Cloudify OpenStack SDK plugin.'

  example-security-group-rule:
    type: cloudify.nodes.openstack.SecurityGroupRule
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        direction: ingress
        protocol: tcp
        port_range_max: 22
        port_range_min: 22
        security_group_id: { get_attribute: [ example-security-group, id ] }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-security-group
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-server-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server-port' ] }
        network_id: { get_attribute: [ example-network, id ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet, id ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-subnet
      - type: cloudify.relationships.connected_to
        target: example-security-group

cloudify.nodes.openstack.Network

This node type refers to an Openstack Network.

Resource Config

For more information, and possible keyword arguments, see: create_network

Operations

Network Examples

  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: example-network

cloudify.nodes.openstack.Port

This node type refers to an Openstack Port.

Resource Config

Properties

For more information, and possible keyword arguments, see: create_port

Operations

Relationships

Port Examples

Create simple port node

  example-server-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server-port' ] }
        network_id: { get_attribute: [ example-network, id ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet, id ] }
        security_groups:
          - { get_attribute: [ example-security-group, id ] }

Create a port connected to certain network, subnet and to security group

  example-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        fixed_ips:
          - ip_address: { get_input: fixed_ip }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-private-network
      - type: cloudify.relationships.openstack.port_connected_to_subnet
        target: example-private-subnet
      - type: cloudify.relationships.openstack.port_connected_to_security_group
        target: example-security-group

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security-group' ] }
        description: My Test Security Group

  example-private-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: subnet_id }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-private-network

  example-private-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: network_id }

Create a port connected to certain network, subnet, security group and to certain floating ip


  example-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'port' ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet-1, id ] }
    relationships:
       - type: cloudify.relationships.connected_to
         target: example-security-group
       - type: cloudify.relationships.connected_to
         target: example-network
       - type: cloudify.relationships.connected_to
         target: example-subnet
       - type: cloudify.relationships.openstack.port_connected_to_floating_ip
         target: example-ip

 example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      security_group_rules:
        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 80
          port_range_min: 80
          direction: ingress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 80
          port_range_min: 80
          direction: egress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 53333
          port_range_max: 53333
          protocol: tcp
          direction: ingress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 53333
          port_range_max: 53333
          protocol: tcp
          direction: egress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 22
          port_range_min: 22
          direction: ingress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 22
          port_range_min: 22
          direction: egress
          protocol: tcp
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security-group' ] }
        description: 'A security group created by Cloudify OpenStack SDK plugin.'


  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network' ] }

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-ip:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

Create a port connected to external server


  example-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'port' ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet-1, id ] }
    relationships:
       - type: cloudify.relationships.connected_to
         target: example-security-group
       - type: cloudify.relationships.connected_to
         target: example-network
       - type: cloudify.relationships.connected_to
         target: example-subnet
       - type: cloudify.relationships.openstack.port_connected_to_floating_ip
         target: example-ip

 example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      security_group_rules:
        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 80
          port_range_min: 80
          direction: ingress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 80
          port_range_min: 80
          direction: egress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 53333
          port_range_max: 53333
          protocol: tcp
          direction: ingress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 53333
          port_range_max: 53333
          protocol: tcp
          direction: egress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 22
          port_range_min: 22
          direction: ingress
          protocol: tcp

        - remote_ip_prefix: 0.0.0.0/0
          port_range_max: 22
          port_range_min: 22
          direction: egress
          protocol: tcp
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security-group' ] }
        description: 'A security group created by Cloudify OpenStack SDK plugin.'


  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network' ] }

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-ip:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      use_external_resource: true
      resource_config:
       id: { get_input: server_id}

Create dual ports (ipv4 & ipv6) connected to server

node_templates:

  router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: router_name }

  network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { get_input: dual_network_name }

  ipv4_subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        ip_version: 4
        cidr: { get_input: ipv4_subnet_cidr }
        dns_nameservers: { get_input: ipv4_nameservers }
        allocation_pools: { get_input: ipv4_allocation_pools }
    relationships:
    - type: cloudify.relationships.contained_in
      target: network
    - type: cloudify.relationships.openstack.subnet_connected_to_router
      target: router

  ipv6_subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        ip_version: 6
        cidr: { get_input: ipv6_subnet_cidr }
        dns_nameservers: { get_input: ipv6_nameservers }
        allocation_pools: { get_input: ipv6_allocation_pools }
        ipv6_address_mode: { get_input: ipv6_address_mode }
        ipv6_ra_mode: { get_input: ipv6_ra_mode }
    relationships:
    - type: cloudify.relationships.openstack.subnet_connected_to_router
      target: router
    - type: cloudify.relationships.contained_in
      target: network

  cloudify_security_group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      security_group_rules:
        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: null
          port_range_max: null
          protocol: icmp
          direction: ingress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: null
          port_range_max: null
          protocol: icmp
          direction: egress

        - remote_ip_prefix: ::/0
          port_range_min: null
          port_range_max: null
          ethertype: IPv6
          protocol: icmp
          direction: ingress

        - remote_ip_prefix: ::/0
          port_range_min: null
          port_range_max: null
          ethertype: IPv6
          protocol: icmp
          direction: egress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 22
          port_range_max: 22
          protocol: tcp
          direction: ingress

        - remote_ip_prefix: 0.0.0.0/0
          port_range_min: 22
          port_range_max: 22
          protocol: tcp
          direction: egress

        - remote_ip_prefix: ::/0
          port_range_min: 22
          port_range_max: 22
          ethertype: IPv6
          protocol: tcp
          direction: ingress

        - remote_ip_prefix: ::/0
          port_range_min: 22
          port_range_max: 22
          ethertype: IPv6
          protocol: tcp
          direction: egress

  dual_port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
    - type: cloudify.relationships.contained_in
      target: network
    - type: cloudify.relationships.depends_on
      target: ipv4_subnet
    - type: cloudify.relationships.depends_on
      target: ipv6_subnet
    - type: cloudify.relationships.openstack.port_connected_to_security_group
      target: cloudify_security_group

  dual_port2:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
    - type: cloudify.relationships.contained_in
      target: network
    - type: cloudify.relationships.depends_on
      target: ipv4_subnet
    - type: cloudify.relationships.depends_on
      target: ipv6_subnet
    - type: cloudify.relationships.openstack.port_connected_to_security_group
      target: cloudify_security_group

  host:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: host_1
        key_name: { get_input: key_name }
        image_id: { get_input: centos_image }
        flavor_id: { get_input: flavor }
    relationships:
    - type: cloudify.relationships.openstack.server_connected_to_port
      target: dual_port

  host_2:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: host_2
        key_name: { get_input: key_name }
        image_id: { get_input: centos_image }
        flavor_id: { get_input: flavor }
    relationships:
    - type: cloudify.relationships.openstack.server_connected_to_port
      target: dual_port2


outputs:
  # Ipv4 & ipv6 also available from server instance
  ipv4-from-server-1:
    value: { get_attribute: [ host, ipv4_address ] }
  ipv6-from-server-1:
    value: { get_attribute: [ host, ipv6_address ] }
  ipv4-from-server-2:
    value: { get_attribute: [ host_2, ipv4_address ] }
  ipv6-from-server-2:
    value: { get_attribute: [ host_2, ipv6_address ] }

  # Ipv4 & ipv6 also available from port instance
  ipv4-from-dual-port:
    value: { get_attribute: [ dual_port, ipv4_address ] }
  ipv6-from-dual-port:
    value: { get_attribute: [ dual_port, ipv6_address ] }
  ipv4-from-dual-port-2:
    value: { get_attribute: [ dual_port2, ipv4_address ] }
  ipv6-from-dual-port-2:
    value: { get_attribute: [ dual_port2, ipv6_address ] }

cloudify.nodes.openstack.RBACPolicy

This node type refers to an Openstack RBAC Policy.

Resource Config

For more information, and possible keyword arguments, see: create_rbac_policy

Operations

Relationships

RBAC Policy Example

Create RBAC policy and apply it to certain network

Note: If there are some subnets connected to network with enabled DHCP, then disable_dhcp must be provided in order to disable it before delete RBAC policy

  example-rbac-policy:
    type: cloudify.nodes.openstack.RBACPolicy
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        target_tenant: { get_input: project_id }
        action: access_as_shared
    relationships:
      - type: cloudify.relationships.openstack.rbac_policy_applied_to
        target_interfaces:
          cloudify.interfaces.relationship_lifecycle:
            unlink:
              inputs:
                disable_dhcp:
                  default: true
        target: example-network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network' ] }

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security_group' ] }
        description: 'A security group created by Cloudify OpenStack SDK plugin.'

  example-security-group-rule:
    type: cloudify.nodes.openstack.SecurityGroupRule
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        direction: ingress
        protocol: tcp
        port_range_max: 22
        port_range_min: 22
        security_group_id: { get_attribute: [ example-security-group, id ] }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-security-group
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

  example-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'port' ] }
        network_id: { get_attribute: [ example-network, id ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-subnet, id ] }
            ip_address: { get_input: example_fixed_ip }
        device_id: { get_attribute: [ example-router, id ] }
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-subnet
      - type: cloudify.relationships.connected_to
        target: example-router
      - type: cloudify.relationships.connected_to
        target: example-security-group
    # This is only run on local mode. For use with a manager, it can be commented out.
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          inputs:
            resource_config: { get_property: [ SELF, resource_config ] }

Delete RBACPolicy object which is automatically created during network creation by Openstack


  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        id: { get_input: external_network_id }
        kwargs:
          "router:external": true

  example-rbac-policy-removal:
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        target_tenant: '*'
        action: access_as_external
    interfaces:
      cloudify.interfaces.lifecycle:
        create:
          implementation: openstack.openstack_plugin.resources.network.rbac_policy.find_and_delete
          inputs:
            args: {}
        delete:
          implementation: ~
    relationships:
      - type: cloudify.relationships.openstack.rbac_policy_applied_to
        target: example-external-network

  example-rbac-policy:
    type: cloudify.nodes.openstack.RBACPolicy
    properties:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        target_tenant: { get_input: project_id }
        action: access_as_shared
    relationships:
      - type: cloudify.relationships.openstack.rbac_policy_applied_to
        target_interfaces:
          cloudify.interfaces.relationship_lifecycle:
            unlink:
              inputs:
                disable_dhcp:
                  default: true
        target: example-external-network

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet' ] }
        cidr: { get_input: example_subnet_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-external-network

cloudify.nodes.openstack.Router

This node type refers to an Openstack Router.

Resource Config

Properties

Operations

Relationships

Router Examples

Create a Router connected to a certain external network

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

Add static routes to the Router connected to a certain external network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-routes:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_attribute: [ example-router, id ] }
    relationships:
      - type: cloudify.relationships.depends_on
        target: example-subnet-1
      - type: cloudify.relationships.depends_on
        target: example-subnet-2
    interfaces:
      cloudify.interfaces.lifecycle:
        start:
          inputs:
            routes:
              - destination: 10.10.4.0/24
                nexthop: 192.168.123.123

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-network-1:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network_1' ] }

  example-network-2:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'network_2' ] }

  example-subnet-1:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet_1' ] }
        cidr: { get_input: example_subnet_1_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network-1
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

  example-subnet-2:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'subnet_2' ] }
        cidr: { get_input: example_subnet_2_cidr }
        enable_dhcp: true
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network-2
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

cloudify.nodes.openstack.SecurityGroup

This node type refers to an Openstack security group.

Resource Config

For more information, and possible keyword arguments, see: create_security_group.

Properties

Operations

Security Group Examples

Create a Security Group with rules

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: example-security-group
        description: 'A security group created by Cloudify OpenStack SDK plugin.'
      security_group_rules:
      - remote_ip_prefix: 0.0.0.0/0
        port_range_max: 22
        port_range_min: 22
        direction: ingress
        protocol: tcp

Create a Security Group with rules and clean default created rules

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      disable_default_egress_rules: true
      resource_config:
        name: example-security-group
        description: 'A security group created by Cloudify OpenStack SDK plugin.'
      security_group_rules:
       - remote_ip_prefix: 0.0.0.0/0
         port_range_max: 22
         port_range_min: 22
         direction: ingress
         protocol: tcp

cloudify.nodes.openstack.SecurityGroupRule

This node type refers to an Openstack Security Group Rule.

Resource Config

For more information, and possible keyword arguments, see: create_security_group_rule.

Operations

Security Group Rule Examples

  example-security-group-rule:
    type: cloudify.nodes.openstack.SecurityGroupRule
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        direction: ingress
        protocol: tcp
        port_range_max: 22
        port_range_min: 22
        security_group_id: { get_input: security_group_id }

cloudify.nodes.openstack.Subnet

This node type refers to an Openstack Subnet.

Resource Config

For more information, and possible keyword arguments, see: create_subnet

Operations

Relationships

Subnet Examples

  example-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: example-subnet
        cidr: 10.10.10.0/24
        enable_dhcp: true
        ip_version: 4
        dns_nameservers:
          - 8.8.8.8
          - 8.8.4.4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

cloudify.nodes.openstack.Volume

This node type refers to an Openstack Volume.

Resource Config

For more information, and possible keyword arguments, see: create_volume

Properties

Operations

Relationships

Volume Examples

Attach volumes to certain server

  example-volume-1:
    type: cloudify.nodes.openstack.Volume
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'volume_1' ] }
        description: 'Example Volume Size 1'
        project_id: { get_input: project_id }
        size: { get_input: volume1_size }
    relationships:
      - type: cloudify.relationships.openstack.volume_attached_to_server
        target: example-server

  example-volume-2:
    type: cloudify.nodes.openstack.Volume
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'volume_2' ] }
        description: 'Example Volume Size 2'
        project_id: { get_input: project_id }
        size: { get_input: volume2_size }
    relationships:
      - type: cloudify.relationships.openstack.volume_attached_to_server
        target: example-server

  example-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server' ] }
        image_id: { get_input: image }
        flavor_id: { get_input: flavor }
        availability_zone: nova
    relationships:
      - type: cloudify.relationships.openstack.server_connected_to_keypair
        target:  example-keypair
      - type: cloudify.relationships.openstack.server_connected_to_port
        target: example-public-port

  example-keypair:
    type: cloudify.nodes.openstack.KeyPair
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'keypair' ] }

  example-public-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_port' ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-public-subnet, id ] }
    relationships:
       - type: cloudify.relationships.contained_in
         target: example-public-network
       - type: cloudify.relationships.depends_on
         target: example-public-subnet
       - type: cloudify.relationships.connected_to
         target: example-security-group
       - type: cloudify.relationships.openstack.port_connected_to_floating_ip
         target: example-floating-ip-address

  example-public-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_subnet' ] }
        cidr: { get_input: example_public_subnet_cidr }
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-public-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

  example-public-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_network' ] }

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      security_group_rules: { get_input: security_group_rules }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security_group' ] }
        description: 'A security group for openstack boot volume'

  example-floating-ip-address:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

Boot Server from Volume

  example-volume-booted-server:
    type: cloudify.nodes.openstack.Server
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      agent_config:
        install_method: none
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'server' ] }
        flavor_id: { get_input: flavor }
        availability_zone: nova
    relationships:
      - type: cloudify.relationships.openstack.server_connected_to_keypair
        target:  example-keypair
      - type: cloudify.relationships.openstack.server_connected_to_port
        target: example-public-port
      - type: cloudify.relationships.depends_on
        target: example-volume

   example-keypair:
    type: cloudify.nodes.openstack.KeyPair
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'keypair' ] }

   example-public-port:
    type: cloudify.nodes.openstack.Port
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_port' ] }
        fixed_ips:
          - subnet_id: { get_attribute: [ example-public-subnet, id ] }
    relationships:
       - type: cloudify.relationships.contained_in
         target: example-public-network
       - type: cloudify.relationships.depends_on
         target: example-public-subnet
       - type: cloudify.relationships.connected_to
         target: example-security-group
       - type: cloudify.relationships.openstack.port_connected_to_floating_ip
         target: example-floating-ip-address

  example-volume:
    type: cloudify.nodes.openstack.Volume
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      device_name: 'vda'
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'volume_1' ] }
        availability_zone: 'nova'
        description: 'Example Volume Size 1'
        project_id: { get_input: project_id }
        size: { get_input: volume1_size }
        imageRef: { get_input: image }

  example-public-subnet:
    type: cloudify.nodes.openstack.Subnet
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_subnet' ] }
        cidr: { get_input: example_public_subnet_cidr }
        ip_version: 4
    relationships:
      - type: cloudify.relationships.contained_in
        target: example-public-network
      - type: cloudify.relationships.openstack.subnet_connected_to_router
        target: example-router

  example-public-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'public_network' ] }

  example-router:
    type: cloudify.nodes.openstack.Router
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'router' ] }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

  example-external-network:
    type: cloudify.nodes.openstack.Network
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      use_external_resource: true
      resource_config:
        id: { get_input: external_network_id }

  example-security-group:
    type: cloudify.nodes.openstack.SecurityGroup
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
      security_group_rules: { get_input: security_group_rules }
      resource_config:
        name: { concat: [ { get_input: name_prefix }, 'security_group' ] }
        description: 'A security group for openstack boot volume'

  example-floating-ip-address:
    type: cloudify.nodes.openstack.FloatingIP
    properties:
      client_config:
        auth_url: { get_secret: auth_url }
        username: { get_secret: username }
        password: { get_secret: password }
        project_name: { get_secret: project_name }
        region_name: { get_input:  region_name }
    relationships:
      - type: cloudify.relationships.connected_to
        target: example-external-network

cloudify.nodes.openstack.VolumeType

This node type refers to a volume type.

Resource Config

For more information, and possible keyword arguments, see: create_volume_type.

Operations

Volume Type Examples

  example-volume-type:
    type: cloudify.nodes.openstack.VolumeType
    properties:
      client_config:
        auth_url: { get_input: auth_url }
        username: { get_input: username }
        password: { get_input: password }
        region_name: { get_input: region_name }
        project_name: { get_input: project_name }
      resource_config:
        name: 'example-volume-type'
        extra_specs:
          capabilities: 'gpu'

cloudify.nodes.openstack.Zone

This node type refers to Designate Zone.

Resource Config

For more information, and possible keyword arguments, see: create_zone.

Operations

Zone Examples

  example-zone:
    type: cloudify.nodes.openstack.Zone
    properties:
      client_config: *openstack_config
      resource_config:
        name: "my_zone.com."
        description: "Testing Designate Zone"
        ttl: 7200
        email: test@my_zone.com
        type: PRIMARY

cloudify.nodes.openstack.RecordSet

This node type refers to Designate Zone RecordSet.

Resource Config

For more information, and possible keyword arguments, see: create_recordset.

Operations

RecordSet Examples

  example-recordset:
    type: cloudify.nodes.openstack.RecordSet
    properties:
      client_config: *openstack_config
      resource_config:
        name: "www.my_zone.com."
        description: "Testing Designate Zone ReordSet"
        ttl: 3200
        zone_id: { get_input: example-zone-id}
        type: A
        records:
          - 192.168.1.1
          - 192.168.2.1