Skip to content
This repository was archived by the owner on Mar 1, 2020. It is now read-only.

Commit 7deb4b9

Browse files
author
earthmant
committed
add blueprint
adding readme modifying readme further readme updating readme adding the readme underscores description more info new value update stuff next commit change update finishing touches
1 parent 5ff0312 commit 7deb4b9

File tree

3 files changed

+391
-0
lines changed

3 files changed

+391
-0
lines changed

README.md

Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
2+
# VPC-Scenario2
3+
4+
Amazon's [VPC Scenario 2](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html) is the classic network architecture. It can support public-facing and private components.
5+
6+
### Resources Created
7+
8+
* A `vpc`.
9+
* An `internet_gateway`.
10+
* A `public_subnet`.
11+
* A `private_subnet`.
12+
* A `public_subnet_routetable`.
13+
* A `private_subnet_routetable`.
14+
* A `route_public_subnet_internet_gateway`.
15+
* A `nat_gateway_ip` - created with the `update-blueprint.yaml`.
16+
* A `nat_gateway` - created with the `update-blueprint.yaml`.
17+
* A `route_private_subnet_nat_gateway` - created with the `update-blueprint.yaml`.
18+
19+
20+
## Compatibility
21+
22+
Tested with:
23+
* Cloudify 4.2
24+
25+
26+
## Pre-installation steps
27+
28+
Upload the required plugins:
29+
30+
* [AWSSDK Plugin](https://github.com/cloudify-incubator/cloudify-awssdk-plugin/releases).
31+
32+
_Check the blueprint for the exact version of the plugin._
33+
34+
35+
If you do not provide your own `deployment inputs` below, you must add these secrets to your Cloudify Manager `tenant`:
36+
37+
* aws_access_key_id
38+
* aws_secret_access_key
39+
* ec2_region_name, such as `us-east-1`.
40+
* ec2_region_endpoint, such as `ec2.us-east-1.amazonaws.com`.
41+
* availability_zone, such as `us-east-1c`.
42+
43+
44+
## Installation
45+
46+
On your Cloudify Manager, navigate to `Local Blueprints` select `Upload`.
47+
48+
[Right-click and copy URL](https://github.com/cloudify-examples/vpc-scenario2-blueprint/archive/master.zip). Paste where it says `Enter blueprint url`. Provide a blueprint name, such as `aws-vpc-scenario2` in the field labeled `blueprint name`. Select `simple-blueprint.yaml` from `Blueprint filename` menu.
49+
50+
After the new blueprint has been created, click the `Deploy` button.
51+
52+
Navigate to `Deployments`, find your new deployment, select `Install` from the `workflow`'s menu. At this stage, you may provide your own values for any of the default `deployment inputs`.
53+
54+
55+
## Update Deployment
56+
57+
In order to provide outbound internet access to the private subnet, you can update the deployment.
58+
59+
Navigate to `Deployments`, find your deployment, click on it. Once the deployment's page has loaded, click the `Update Deployment` button. [Right-click and copy URL](https://github.com/cloudify-examples/vpc-scenario2-blueprint/archive/master.zip). Paste where it says `Enter new blueprint url`. This time, select `update-blueprint.yaml` from `Blueprint filename` menu.
60+
61+
62+
## Uninstallation
63+
64+
Navigate to the deployment and select `Uninstall`. When the uninstall workflow is finished, select `Delete deployment`.

simple-blueprint.yaml

Lines changed: 145 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,145 @@
1+
tosca_definitions_version: cloudify_dsl_1_3
2+
3+
description: >
4+
Create an AWS VPC based on the Scenario 2 design.
5+
6+
imports:
7+
- http://www.getcloudify.org/spec/cloudify/4.2/types.yaml
8+
- http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml
9+
10+
inputs:
11+
12+
aws_access_key_id:
13+
description: YOUR AWS ACCESS KEY ID
14+
default: { get_secret: aws_access_key_id }
15+
16+
aws_secret_access_key:
17+
description: YOUR AWS SECRET ACCESS KEY
18+
default: { get_secret: aws_secret_access_key }
19+
20+
ec2_region_name:
21+
default: { get_secret: ec2_region_name }
22+
23+
ec2_region_endpoint:
24+
default: { get_secret: ec2_region_endpoint }
25+
26+
availability_zone:
27+
default: { get_secret: availability_zone }
28+
29+
vpc_cidr:
30+
default: 10.10.0.0/16
31+
32+
public_subnet_cidr:
33+
default: 10.10.0.0/24
34+
35+
private_subnet_cidr:
36+
default: 10.10.1.0/24
37+
38+
dsl_definitions:
39+
40+
aws_config: &client_config
41+
aws_access_key_id: { get_input: aws_access_key_id }
42+
aws_secret_access_key: { get_input: aws_secret_access_key }
43+
region_name: { get_input: ec2_region_name }
44+
45+
node_templates:
46+
47+
vpc:
48+
type: cloudify.nodes.aws.ec2.Vpc
49+
properties:
50+
resource_config:
51+
kwargs:
52+
CidrBlock: { get_input: vpc_cidr }
53+
client_config: *client_config
54+
55+
internet_gateway:
56+
type: cloudify.nodes.aws.ec2.InternetGateway
57+
properties:
58+
client_config: *client_config
59+
relationships:
60+
- type: cloudify.relationships.connected_to
61+
target: vpc
62+
63+
public_subnet:
64+
type: cloudify.nodes.aws.ec2.Subnet
65+
properties:
66+
resource_config:
67+
kwargs:
68+
CidrBlock: { get_input: public_subnet_cidr }
69+
AvailabilityZone: { get_input: availability_zone }
70+
client_config: *client_config
71+
relationships:
72+
- type: cloudify.relationships.depends_on
73+
target: vpc
74+
- type: cloudify.relationships.depends_on
75+
target: internet_gateway
76+
77+
private_subnet:
78+
type: cloudify.nodes.aws.ec2.Subnet
79+
properties:
80+
resource_config:
81+
kwargs:
82+
CidrBlock: { get_input: private_subnet_cidr }
83+
AvailabilityZone: { get_input: availability_zone }
84+
client_config: *client_config
85+
relationships:
86+
- type: cloudify.relationships.depends_on
87+
target: vpc
88+
- type: cloudify.relationships.depends_on
89+
target: internet_gateway
90+
91+
public_subnet_routetable:
92+
type: cloudify.nodes.aws.ec2.RouteTable
93+
properties:
94+
client_config: *client_config
95+
relationships:
96+
- type: cloudify.relationships.contained_in
97+
target: vpc
98+
- type: cloudify.relationships.connected_to
99+
target: public_subnet
100+
101+
private_subnet_routetable:
102+
type: cloudify.nodes.aws.ec2.RouteTable
103+
properties:
104+
client_config: *client_config
105+
relationships:
106+
- type: cloudify.relationships.contained_in
107+
target: vpc
108+
- type: cloudify.relationships.connected_to
109+
target: private_subnet
110+
111+
route_public_subnet_internet_gateway:
112+
type: cloudify.nodes.aws.ec2.Route
113+
properties:
114+
resource_config:
115+
kwargs:
116+
DestinationCidrBlock: '0.0.0.0/0'
117+
client_config: *client_config
118+
relationships:
119+
- type: cloudify.relationships.contained_in
120+
target: public_subnet_routetable
121+
- type: cloudify.relationships.connected_to
122+
target: internet_gateway
123+
interfaces:
124+
cloudify.interfaces.lifecycle:
125+
stop: {}
126+
127+
outputs:
128+
129+
vpc_id:
130+
value: { get_attribute: [ vpc, aws_resource_id ] }
131+
132+
public_subnet_id:
133+
value: { get_attribute: [ public_subnet, aws_resource_id ] }
134+
135+
private_subnet_id:
136+
value: { get_attribute: [ private_subnet, aws_resource_id ] }
137+
138+
ec2_region_name:
139+
value: { get_input: ec2_region_name }
140+
141+
ec2_region_endpoint:
142+
value: { get_input: ec2_region_endpoint }
143+
144+
availability_zone:
145+
value: { get_input: availability_zone }

update-blueprint.yaml

Lines changed: 182 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,182 @@
1+
tosca_definitions_version: cloudify_dsl_1_3
2+
3+
description: >
4+
Create an AWS VPC based on the Scenario 2 design.
5+
6+
imports:
7+
- http://www.getcloudify.org/spec/cloudify/4.2/types.yaml
8+
- http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml
9+
10+
inputs:
11+
12+
aws_access_key_id:
13+
description: YOUR AWS ACCESS KEY ID
14+
default: { get_secret: aws_access_key_id }
15+
16+
aws_secret_access_key:
17+
description: YOUR AWS SECRET ACCESS KEY
18+
default: { get_secret: aws_secret_access_key }
19+
20+
ec2_region_name:
21+
default: { get_secret: ec2_region_name }
22+
23+
ec2_region_endpoint:
24+
default: { get_secret: ec2_region_endpoint }
25+
26+
availability_zone:
27+
default: { get_secret: availability_zone }
28+
29+
vpc_cidr:
30+
default: 10.10.0.0/16
31+
32+
public_subnet_cidr:
33+
default: 10.10.0.0/24
34+
35+
private_subnet_cidr:
36+
default: 10.10.1.0/24
37+
38+
dsl_definitions:
39+
40+
aws_config: &client_config
41+
aws_access_key_id: { get_input: aws_access_key_id }
42+
aws_secret_access_key: { get_input: aws_secret_access_key }
43+
region_name: { get_input: ec2_region_name }
44+
45+
node_templates:
46+
47+
vpc:
48+
type: cloudify.nodes.aws.ec2.Vpc
49+
properties:
50+
resource_config:
51+
kwargs:
52+
CidrBlock: { get_input: vpc_cidr }
53+
client_config: *client_config
54+
55+
internet_gateway:
56+
type: cloudify.nodes.aws.ec2.InternetGateway
57+
properties:
58+
client_config: *client_config
59+
relationships:
60+
- type: cloudify.relationships.connected_to
61+
target: vpc
62+
63+
public_subnet:
64+
type: cloudify.nodes.aws.ec2.Subnet
65+
properties:
66+
resource_config:
67+
kwargs:
68+
CidrBlock: { get_input: public_subnet_cidr }
69+
AvailabilityZone: { get_input: availability_zone }
70+
client_config: *client_config
71+
relationships:
72+
- type: cloudify.relationships.depends_on
73+
target: vpc
74+
- type: cloudify.relationships.depends_on
75+
target: internet_gateway
76+
77+
private_subnet:
78+
type: cloudify.nodes.aws.ec2.Subnet
79+
properties:
80+
resource_config:
81+
kwargs:
82+
CidrBlock: { get_input: private_subnet_cidr }
83+
AvailabilityZone: { get_input: availability_zone }
84+
client_config: *client_config
85+
relationships:
86+
- type: cloudify.relationships.depends_on
87+
target: vpc
88+
- type: cloudify.relationships.depends_on
89+
target: internet_gateway
90+
91+
public_subnet_routetable:
92+
type: cloudify.nodes.aws.ec2.RouteTable
93+
properties:
94+
client_config: *client_config
95+
relationships:
96+
- type: cloudify.relationships.contained_in
97+
target: vpc
98+
- type: cloudify.relationships.connected_to
99+
target: public_subnet
100+
101+
private_subnet_routetable:
102+
type: cloudify.nodes.aws.ec2.RouteTable
103+
properties:
104+
client_config: *client_config
105+
relationships:
106+
- type: cloudify.relationships.contained_in
107+
target: vpc
108+
- type: cloudify.relationships.connected_to
109+
target: private_subnet
110+
111+
route_public_subnet_internet_gateway:
112+
type: cloudify.nodes.aws.ec2.Route
113+
properties:
114+
resource_config:
115+
kwargs:
116+
DestinationCidrBlock: '0.0.0.0/0'
117+
client_config: *client_config
118+
relationships:
119+
- type: cloudify.relationships.contained_in
120+
target: public_subnet_routetable
121+
- type: cloudify.relationships.connected_to
122+
target: internet_gateway
123+
interfaces:
124+
cloudify.interfaces.lifecycle:
125+
stop: {}
126+
127+
nat_gateway_ip:
128+
type: cloudify.nodes.aws.ec2.ElasticIP
129+
properties:
130+
resource_config:
131+
kwargs:
132+
Domain: 'vpc'
133+
client_config: *client_config
134+
interfaces:
135+
cloudify.interfaces.lifecycle:
136+
stop: {}
137+
138+
nat_gateway:
139+
type: cloudify.nodes.aws.ec2.NATGateway
140+
properties:
141+
client_config: *client_config
142+
relationships:
143+
- type: cloudify.relationships.depends_on
144+
target: public_subnet
145+
- type: cloudify.relationships.depends_on
146+
target: nat_gateway_ip
147+
148+
route_private_subnet_nat_gateway:
149+
type: cloudify.nodes.aws.ec2.Route
150+
properties:
151+
resource_config:
152+
kwargs:
153+
DestinationCidrBlock: '0.0.0.0/0'
154+
client_config: *client_config
155+
relationships:
156+
- type: cloudify.relationships.contained_in
157+
target: private_subnet_routetable
158+
- type: cloudify.relationships.connected_to
159+
target: nat_gateway
160+
interfaces:
161+
cloudify.interfaces.lifecycle:
162+
stop: {}
163+
164+
outputs:
165+
166+
vpc_id:
167+
value: { get_attribute: [ vpc, aws_resource_id ] }
168+
169+
public_subnet_id:
170+
value: { get_attribute: [ public_subnet, aws_resource_id ] }
171+
172+
private_subnet_id:
173+
value: { get_attribute: [ private_subnet, aws_resource_id ] }
174+
175+
ec2_region_name:
176+
value: { get_input: ec2_region_name }
177+
178+
ec2_region_endpoint:
179+
value: { get_input: ec2_region_endpoint }
180+
181+
availability_zone:
182+
value: { get_input: availability_zone }

0 commit comments

Comments
 (0)