From 9fe47056971ff8b2a921b7ec2941f48d29276be8 Mon Sep 17 00:00:00 2001 From: Joshua Cornutt Date: Sat, 30 Jul 2016 21:45:45 -0400 Subject: [PATCH] Updated Azure version --- azure-blueprint.yaml | 458 ++++++++++++++++++++++++------------- inputs/azure.yaml.template | 47 ++++ 2 files changed, 340 insertions(+), 165 deletions(-) create mode 100644 inputs/azure.yaml.template diff --git a/azure-blueprint.yaml b/azure-blueprint.yaml index 1899f7f..8bc606c 100644 --- a/azure-blueprint.yaml +++ b/azure-blueprint.yaml @@ -1,12 +1,14 @@ tosca_definitions_version: cloudify_dsl_1_3 description: > - This Blueprint installs the nodecellar application - on an existing host. + This Blueprint installs the nodecellar application on a + new, scalable Azure instance. There is a load-balancer + that connects to all of the instances to display the + webpage. imports: - - http://www.getcloudify.org/spec/cloudify/3.5m1/types.yaml - - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-azure-plugin/master/plugin.yaml + - http://www.getcloudify.org/spec/cloudify/3.4/types.yaml + - https://raw.githubusercontent.com/01000101/cloudify-azure-plugin/scaling/plugin.yaml - http://www.getcloudify.org/spec/diamond-plugin/1.3.4/plugin.yaml - types/nodecellar.yaml @@ -19,118 +21,103 @@ imports: ##################################################################################### inputs: - resource_prefix: - default: cfy - + default: nc resource_suffix: - default: 10 + default: 11 # Azure account information - subscription_id: type: string - required: false - + required: true tenant_id: type: string - required: false - + required: true client_id: type: string - required: false - + required: true client_secret: type: string - required: false - + required: true location: type: string required: true default: eastus - retry_after: type: integer default: 60 # Existing manager resources + # This is necessary to use Cloudify agents mgr_resource_group_name: type: string required: true - + mgr_storage_account_name: + type: string + required: true mgr_virtual_network_name: type: string required: true - mgr_subnet_name: type: string required: true # Virtual Machine information - vm_size: type: string required: true default: Standard_A2 - vm_os_family: type: string required: true default: linux - vm_image_publisher: type: string required: true default: Canonical - vm_image_offer: type: string required: true default: UbuntuServer - vm_image_sku: type: string required: true default: 14.04.4-LTS - vm_image_version: type: string required: true default: 14.04.201604060 + # Access information vm_os_username: description: > Username to create as the VM's administrator user type: string required: true default: cloudify - vm_os_password: description: > Password to use for the VM's administrator user type: string required: true default: Cl0ud1fy! - vm_os_pubkeys: description: the public key - default: - - path: {concat:[ '/home/', { get_input: vm_os_username }, '/.ssh/authorized_keys' ]} - keyData: - "ssh-rsa AAAAA3----your-key-here----aabbzz" - + required: true vm_os_pubkey_auth_only: default: true # Application information - webserver_port: - description: The external web server port + description: The internal Microsoft IIS web server port default: 8080 + loadbalancer_port: + description: The external Azure Load Balancer port + default: 80 dsl_definitions: - azure_config: &azure_config + azure_configuration: &azure_configuration subscription_id: { get_input: subscription_id } tenant_id: { get_input: tenant_id } client_id: { get_input: client_id } @@ -150,8 +137,6 @@ node_types: nodecellar.nodes.MonitoredServer: derived_from: cloudify.azure.nodes.compute.VirtualMachine properties: - name: - default: {concat:[{get_input: resource_prefix},vm,{get_input: resource_suffix}]} location: default: { get_input: location } retry_after: @@ -159,7 +144,7 @@ node_types: os_family: default: { get_input: vm_os_family } azure_config: - default: *azure_config + default: *azure_configuration resource_config: default: hardwareProfile: @@ -171,7 +156,6 @@ node_types: sku: { get_input: vm_image_sku } version: { get_input: vm_image_version } osProfile: - computerName: { get_property: [SELF, name] } adminUsername: { get_input: vm_os_username } adminPassword: { get_input: vm_os_password } linuxConfiguration: @@ -231,121 +215,178 @@ node_types: ########################################################### node_templates: - + ########################## + # Nodecellar application # + ########################## nodecellar: type: nodecellar.nodes.NodecellarApplicationModule properties: port: { get_input: webserver_port } relationships: - - ################################ - # Setting the mongo connection - ################################ - - type: node_connected_to_mongo - target: mongod - - ################################ - # Setting the nodejs connection - ################################ - + target: vm_be_app_mongodb - type: node_contained_in_nodejs - target: nodejs + target: vm_fe_app_nodejs + - mongod: + ###################### + # Front-end software # + ###################### + vm_fe_app_nodejs: + type: nodecellar.nodes.NodeJSServer + relationships: + - type: cloudify.relationships.contained_in + target: vm_fe + + + ##################### + # Back-end software # + ##################### + vm_be_app_mongodb: type: nodecellar.nodes.MonitoredMongoDatabase relationships: - type: cloudify.relationships.contained_in - target: mongo_host + target: vm_be - nodejs: - type: nodecellar.nodes.NodeJSServer + + ################## + # Resource group # + ################## + resource_group: + type: cloudify.azure.nodes.ResourceGroup + properties: + name: {concat:[{get_input: resource_prefix},rg,{get_input: resource_suffix}]} + location: { get_input: location } + azure_config: *azure_configuration + + + ############################## + # Existing manager resources # + ############################## + manager_storage_account: + type: cloudify.azure.nodes.storage.StorageAccount + properties: + resource_group_name: { get_input: mgr_resource_group_name } + name: { get_input: mgr_storage_account_name } + use_external_resource: true + location: { get_input: location } + + manager_virtual_network: + type: cloudify.azure.nodes.network.VirtualNetwork + properties: + resource_group_name: { get_input: mgr_resource_group_name } + name: { get_input: mgr_virtual_network_name } + use_external_resource: true + location: { get_input: location } + + manager_subnet: + type: cloudify.azure.nodes.network.Subnet + properties: + resource_group_name: { get_input: mgr_resource_group_name } + name: { get_input: mgr_subnet_name } + use_external_resource: true + location: { get_input: location } relationships: - - type: cloudify.relationships.contained_in - target: nodejs_host + - type: cloudify.azure.relationships.contained_in_virtual_network + target: manager_virtual_network - mongo_host: + + ######################## + # Front-end VM compute # + ######################## + vm_fe: type: nodecellar.nodes.MonitoredServer - properties: - name: {concat:[{get_input: resource_prefix},mongohost,{get_input: resource_suffix}]} relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - type: cloudify.azure.relationships.connected_to_storage_account - target: storage_account + target: manager_storage_account - type: cloudify.azure.relationships.connected_to_availability_set - target: availability_set + target: vm_fe_availability_set - type: cloudify.azure.relationships.connected_to_nic - target: mongo_host_nic - - nodejs_host: - type: nodecellar.nodes.MonitoredServer + target: vm_fe_nic + + vm_fe_availability_set: + type: cloudify.azure.nodes.compute.AvailabilitySet properties: - name: {concat:[{get_input: resource_prefix},nodejshost,{get_input: resource_suffix}]} + location: { get_input: location } + azure_config: *azure_configuration + retry_after: { get_input: retry_after } + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + + ####################### + # Back-end VM compute # + ####################### + vm_be: + type: nodecellar.nodes.MonitoredServer relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - type: cloudify.azure.relationships.connected_to_storage_account - target: storage_account - - type: cloudify.azure.relationships.connected_to_availability_set - target: availability_set + target: manager_storage_account - type: cloudify.azure.relationships.connected_to_nic - target: nodejs_host_nic - - resource_group: - type: cloudify.azure.nodes.ResourceGroup - properties: - name: {concat:[{get_input: resource_prefix},arg,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config + target: vm_be_nic + - storage_account: - type: cloudify.azure.nodes.storage.StorageAccount + ########################### + # Front-end VM networking # + ########################### + vm_fe_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard properties: - name: {concat:[{get_input: resource_prefix},asa,{get_input: resource_suffix}]} location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } - resource_config: - accountType: Standard_LRS + azure_config: *azure_configuration relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - virtual_network: - type: cloudify.azure.nodes.network.VirtualNetwork + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: vm_fe_network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: vm_fe_nic_ip_cfg + - type: cloudify.azure.relationships.nic_connected_to_lb_be_pool + target: load_balancer_backend_pool + + vm_fe_public_ip: + type: cloudify.azure.nodes.network.PublicIPAddress properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_virtual_network_name } - azure_config: *azure_config - use_external_resource: true location: { get_input: location } + retry_after: { get_input: retry_after } + resource_config: + publicIPAllocationMethod: Static + azure_config: *azure_configuration relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - subnet: - type: cloudify.azure.nodes.network.Subnet + + vm_fe_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration properties: - resource_group_name: { get_input: mgr_resource_group_name } - name: { get_input: mgr_subnet_name } - azure_config: *azure_config - use_external_resource: true location: { get_input: location } + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + azure_config: *azure_configuration relationships: - - type: cloudify.azure.relationships.contained_in_virtual_network - target: virtual_network - - network_security_group: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: manager_subnet + - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip + target: vm_fe_public_ip + + vm_fe_network_security_group: type: cloudify.azure.nodes.network.NetworkSecurityGroup properties: - name: {concat:[{get_input: resource_prefix},nsg,{get_input: resource_suffix}]} location: { get_input: location } - azure_config: *azure_config + azure_config: *azure_configuration retry_after: { get_input: retry_after } resource_config: securityRules: - - name: njssg_ssh + - name: AllowSSH properties: description: SSH access protocol: Tcp @@ -356,7 +397,7 @@ node_templates: priority: 102 access: Allow direction: Inbound - - name: njssg_http + - name: AllowHTTP properties: description: HTTP access protocol: Tcp @@ -367,18 +408,73 @@ node_templates: priority: 103 access: Allow direction: Inbound - - name: njssg_mongoa + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + + + ########################## + # Back-end VM networking # + ########################## + vm_be_nic: + type: cloudify.azure.nodes.network.NetworkInterfaceCard + properties: + location: { get_input: location } + retry_after: { get_input: retry_after } + azure_config: *azure_configuration + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.nic_connected_to_network_security_group + target: vm_be_network_security_group + - type: cloudify.azure.relationships.nic_connected_to_ip_configuration + target: vm_be_nic_ip_cfg + + vm_be_nic_ip_cfg: + type: cloudify.azure.nodes.network.IPConfiguration + properties: + location: { get_input: location } + retry_after: { get_input: retry_after } + resource_config: + privateIPAllocationMethod: Dynamic + azure_config: *azure_configuration + relationships: + - type: cloudify.azure.relationships.contained_in_resource_group + target: resource_group + - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet + target: manager_subnet + + vm_be_network_security_group: + type: cloudify.azure.nodes.network.NetworkSecurityGroup + properties: + location: { get_input: location } + azure_config: *azure_configuration + retry_after: { get_input: retry_after } + resource_config: + securityRules: + - name: AllowSSH + properties: + description: SSH access + protocol: Tcp + sourcePortRange: '*' + destinationPortRange: 22 + sourceAddressPrefix: '*' + destinationAddressPrefix: '*' + priority: 102 + access: Allow + direction: Inbound + - name: AllowMongo properties: description: Mongo access protocol: Tcp sourcePortRange: '*' - destinationPortRange: { get_property: [ mongod, port ] } + destinationPortRange: { get_property: [ vm_be_app_mongodb, port ] } sourceAddressPrefix: '*' destinationAddressPrefix: '*' priority: 104 access: Allow direction: Inbound - - name: njssg_mongob + - name: AllowMongoAPI properties: description: Mongo API access protocol: Tcp @@ -393,87 +489,116 @@ node_templates: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - availability_set: - type: cloudify.azure.nodes.compute.AvailabilitySet - properties: - name: {concat:[{get_input: resource_prefix},availset,{get_input: resource_suffix}]} - location: { get_input: location } - azure_config: *azure_config - retry_after: { get_input: retry_after } - relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group - mongo_host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard + ####################### + # Load Balancer nodes # + ####################### + lb_public_ip: + type: cloudify.azure.nodes.network.PublicIPAddress properties: - name: {concat:[{get_input: resource_prefix},mongohostnic,{get_input: resource_suffix}]} location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } + resource_config: + publicIPAllocationMethod: Static + azure_config: *azure_configuration relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - - type: cloudify.azure.relationships.connected_to_ip_configuration - target: mongo_host_nic_ip_cfg - - nodejs_host_nic: - type: cloudify.azure.nodes.network.NetworkInterfaceCard + + load_balancer: + type: cloudify.azure.nodes.network.LoadBalancer properties: - name: {concat:[{get_input: resource_prefix},nodejs_host_nic,{get_input: resource_suffix}]} location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } + azure_config: *azure_configuration relationships: - type: cloudify.azure.relationships.contained_in_resource_group target: resource_group - - type: cloudify.azure.relationships.nic_connected_to_network_security_group - target: network_security_group - type: cloudify.azure.relationships.connected_to_ip_configuration - target: nodejs_host_nic_ip_cfg - - mongo_host_nic_ip_cfg: + target: lb_ip_cfg + + lb_ip_cfg: type: cloudify.azure.nodes.network.IPConfiguration properties: - name: {concat:[{get_input: resource_prefix},mongo_host_ip_cfg,{get_input: resource_suffix}]} + name: lbfeip location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: privateIPAllocationMethod: Dynamic + azure_config: *azure_configuration relationships: - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet - - nodejs_host_nic_ip_cfg: - type: cloudify.azure.nodes.network.IPConfiguration + target: manager_subnet + - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip + target: lb_public_ip + + load_balancer_backend_pool: + type: cloudify.azure.nodes.network.LoadBalancer.BackendAddressPool + properties: + name: lbbepool + location: { get_input: location } + retry_after: { get_input: retry_after } + azure_config: *azure_configuration + relationships: + - type: cloudify.azure.relationships.contained_in_load_balancer + target: load_balancer + + load_balancer_probe: + type: cloudify.azure.nodes.network.LoadBalancer.Probe properties: - name: {concat:[{get_input: resource_prefix},nodejs_host_ip_cfg,{get_input: resource_suffix}]} + name: lbprobe location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: - privateIPAllocationMethod: Dynamic + protocol: Http + port: { get_input: webserver_port } + requestPath: index.html + azure_config: *azure_configuration relationships: - - type: cloudify.azure.relationships.ip_configuration_connected_to_subnet - target: subnet - - type: cloudify.azure.relationships.ip_configuration_connected_to_public_ip - target: nodecellar_ip - - nodecellar_ip: - type: cloudify.azure.nodes.network.PublicIPAddress + - type: cloudify.azure.relationships.contained_in_load_balancer + target: load_balancer + # Ensure serial operations + - type: cloudify.relationships.depends_on + target: load_balancer_backend_pool + + load_balancer_rule: + type: cloudify.azure.nodes.network.LoadBalancer.Rule properties: - name: {concat:[{get_input: resource_prefix},nodejs_host_pip,{get_input: resource_suffix}]} + name: lbrule location: { get_input: location } - azure_config: *azure_config retry_after: { get_input: retry_after } resource_config: - publicIPAllocationMethod: Static + protocol: Tcp + backendPort: { get_input: webserver_port } + frontendPort: { get_input: loadbalancer_port } + azure_config: *azure_configuration relationships: - - type: cloudify.azure.relationships.contained_in_resource_group - target: resource_group + - type: cloudify.azure.relationships.contained_in_load_balancer + target: load_balancer + - type: cloudify.azure.relationships.connected_to_ip_configuration + target: lb_ip_cfg + - type: cloudify.azure.relationships.connected_to_lb_be_pool + target: load_balancer_backend_pool + - type: cloudify.azure.relationships.connected_to_lb_probe + target: load_balancer_probe + + + + + +########################## +# Front-end scale policy # +########################## +groups: + fe_scale_group: + members: [vm_fe, vm_fe_nic, vm_fe_public_ip, vm_fe_nic_ip_cfg, vm_fe_app_nodejs, nodecellar] + +policies: + fe_scale_policy: + type: cloudify.policies.scaling + properties: + default_instances: 1 + targets: [fe_scale_group] ########################################################### # This outputs section exposes the application endpoint. @@ -482,8 +607,11 @@ node_templates: ########################################################### outputs: - endpoint: - description: Web application endpoint - value: - ip_address: { get_attribute: [ nodejs_host, public_ip ] } - port: { get_property: [ nodecellar, port ] } + nodecellar_ip: + value: { get_attribute: [ load_balancer, public_ip ] } + nodecellar_port: + value: { get_input: loadbalancer_port } + nodecellar_endpoint: + value: { concat: [ 'http://', { get_attribute: [ load_balancer, public_ip ] }, ':', { get_input: loadbalancer_port } ] } + mongodb_private_ip: + value: { get_attribute: [ vm_be, ip ] } diff --git a/inputs/azure.yaml.template b/inputs/azure.yaml.template new file mode 100644 index 0000000..b2de962 --- /dev/null +++ b/inputs/azure.yaml.template @@ -0,0 +1,47 @@ +## Account info +#subscription_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX +#tenant_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX +#client_id: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX +#client_secret: XXXXYYYYZZZZ0000 +#location: eastus + +## General +#retry_after: 30 + +## Deployment info +#resource_prefix: ncdemo +#resource_suffix: 10 + +## Manager info +#mgr_resource_group_name: mgrrg +#mgr_virtual_network_name: mgrvnet +#mgr_subnet_name: mgrsubnet +#mgr_storage_account_name: mgrsa + +## VM info +#vm_size: Standard_A2 +#vm_os_family: linux + +## VM image +#vm_image_publisher: OpenLogic +#vm_image_offer: CentOS +#vm_image_sku: '7.0' +#vm_image_version: latest + +## Application info +#webserver_port: 8080 +#loadbalancer_port: 80 + +## Instance account info +#vm_os_username: cloudify +#vm_os_password: Cl0ud1fy! +#vm_os_pubkeys: +# - path: { concat: ["/home/", { get_input: vm_os_username }, "/.ssh/authorized_keys"] } +# keyData: +# "ssh-rsa 000000000/REPLACE/0000000000000UJy5McWvvqoKMkwPn+Evnvb67\ +# 9BGySsd0SMYYYYYYYYYG7Tke60psxWkO/DAOXnrAlm/UkoY9wqGSCJRCEvTOJvSP\ +# vHNo2nTdibzNFl8NnJsHWJAbeuu5XXXXXXXXX0GUKCSAtSl/5+aFbKO0QEA74kVN\ +# 48PB3gXNxzL5/wkv/SZEa65lhbJHo0y/Swsa5ssrQ3i9p/dlwg6tZZtEFJDK9a7r\ +# MYa3Xq5lbBtYeUU9MTAsX+u5HnEPFLYkzCsKC9pfv7kAXzXZZZZZZZZZZAG3AaGp\ +# U9yT/O22222222222222asi6NM3JIzJlwymk4Kf0F4D+A5hbpAdy9zW1YXovQppb" +#vm_os_pubkey_auth_only: true