Created
June 16, 2017 14:02
-
-
Save allthingsclowd/dfff8f5480b4e7dd328adc07a5b840ad to your computer and use it in GitHub Desktop.
Simple OpenStack heat template that deploys Mongodb 3.4 to Fujitsu K5 IaaS Ubuntu 14.04 image
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| heat_template_version: 2013-05-23 | |
| # Author: Graham Land | |
| # Date: 16/06/2017 | |
| # Purpose: Deploy MongoDB on Ubuntu 14.04 on Fujitsu's Cloud Service K5 IaaS Platform | |
| # NOTE: Includes hardcoded user accounts and passwords - please change these | |
| # and add TLS if considering use cases other than test/dev. | |
| # | |
| # Twitter: @allthingsclowd | |
| # Blog: https://allthingscloud.eu | |
| # | |
| # | |
| description: Deploy MongoDB 3.4 on Ubuntu | |
| # Input parameters | |
| parameters: | |
| k5_ubuntu_image: | |
| type: string | |
| label: Image name or ID | |
| description: Image to be used for compute instance | |
| default: "Ubuntu Server 14.04 LTS (English) 02" | |
| flavor: | |
| type: string | |
| label: Flavor | |
| description: Type of instance (flavor) to be used | |
| default: "S-1" | |
| key_pair: | |
| type: string | |
| label: Key name | |
| description: Name of key-pair to be used for compute instance | |
| default: "Mongo-KP" | |
| private_net: | |
| type: string | |
| label: private network id | |
| description: tenant network used to host instance | |
| default: "1d8c6fc5-54fa-4b4f-8f94-ddb95b1e0e7e" | |
| public_net: | |
| type: string | |
| label: public network id | |
| description: id of public network to supply floating ips | |
| default: "0a23d6f7-2f94-4cf3-aebb-587b29ac9538" | |
| az: | |
| type: string | |
| label: Availability Zone | |
| description: Region AZ to use | |
| default: "uk-1a" | |
| my_ip: | |
| type: string | |
| label: External management IP | |
| description: IP address allowed for access to mongodb server on SSH | |
| default: "XX.XX.35.206/32" | |
| # K5 Infrastructure resources to be built | |
| resources: | |
| # Create ssh remote access | |
| ssh_security_group: | |
| type: OS::Neutron::SecurityGroup | |
| properties: | |
| description: mongodb server security group | |
| name: ssh-access | |
| rules: | |
| # allow inbound ssh and ping from my ip | |
| - remote_ip_prefix: { get_param: my_ip } | |
| protocol: tcp | |
| port_range_min: 22 | |
| port_range_max: 22 | |
| - remote_ip_prefix: { get_param: my_ip } | |
| protocol: icmp | |
| # Create mongodb server security group | |
| mongodb_security_group: | |
| type: OS::Neutron::SecurityGroup | |
| properties: | |
| description: Mongodb services | |
| name: mongodb-services | |
| rules: | |
| # allow mongodb services to communicate with Cloud Foundry Network | |
| - remote_ip_prefix: "62.60.0.0/16" | |
| protocol: tcp | |
| port_range_min: 27017 | |
| port_range_max: 27019 | |
| - remote_ip_prefix: "62.60.0.0/16" | |
| protocol: tcp | |
| port_range_min: 28017 | |
| port_range_max: 28017 | |
| # allow mongodb services to communicate with my pc | |
| - remote_ip_prefix: { get_param: my_ip } | |
| protocol: tcp | |
| port_range_min: 27017 | |
| port_range_max: 27019 | |
| - remote_ip_prefix: { get_param: my_ip } | |
| protocol: tcp | |
| port_range_min: 28017 | |
| port_range_max: 28017 | |
| ############################################################################## | |
| # Create a new port for the server interface, assign an ip address and security group | |
| mongodb-server-port: | |
| type: OS::Neutron::Port | |
| depends_on: [ mongodb_security_group, ssh_security_group ] | |
| properties: | |
| availability_zone: { get_param: az } | |
| network_id: { get_param: private_net } | |
| security_groups: [{ get_resource: mongodb_security_group }, { get_resource: ssh_security_group }] | |
| # Allocate a floating/global ip address | |
| mongodb-server-floating-ip: | |
| type: OS::Neutron::FloatingIP | |
| properties: | |
| availability_zone: { get_param: az } | |
| floating_network_id: { get_param: public_net } | |
| # Assign a floating/global ip address to the fixed server ip address | |
| mongodb-server-floating-ip-association: | |
| type: OS::Neutron::FloatingIPAssociation | |
| depends_on: mongodb-server-floating-ip | |
| properties: | |
| floatingip_id: { get_resource: mongodb-server-floating-ip } | |
| port_id: { get_resource: mongodb-server-port } | |
| # Create a system volume for use with the server | |
| mongodb-sys-vol: | |
| type: OS::Cinder::Volume | |
| properties: | |
| availability_zone: { get_param: az } | |
| name: "mongodb-box" | |
| size: 30 | |
| volume_type: "M1" | |
| image : { get_param: k5_ubuntu_image } | |
| # Build a server using the system volume defined above | |
| mongodb-server: | |
| type: OS::Nova::Server | |
| # depends_on: [ nginx1-server, phaser-app1-server, mongodb-server-port ] | |
| properties: | |
| key_name: { get_param: key_pair } | |
| image: { get_param: k5_ubuntu_image } | |
| flavor: { get_param: flavor } | |
| admin_user: ubuntu | |
| metadata: { "fcx.autofailover": True } | |
| block_device_mapping: [{"volume_size": "30", "volume_id": {get_resource: mongodb-sys-vol}, "delete_on_termination": True, "device_name": "/dev/vda"}] | |
| name: "cf-mongodb-service" | |
| networks: | |
| - port: { get_resource: mongodb-server-port } | |
| user_data_format: RAW | |
| user_data: | |
| str_replace: | |
| template: | | |
| #cloud-config | |
| write_files: | |
| - path: /home/ubuntu/configureMongoDBusers.js | |
| content: | | |
| db = connect('localhost:27017/admin'); | |
| db.createUser({user:'admin',pwd:'password',roles:[{role:'__system',db:'admin'}]}); | |
| db = connect('localhost:27017/cloudfoundry'); | |
| db.createUser({ user:'cfdemoadmin',pwd:'cfd3m0admin',roles:[{ role:'dbOwner',db:'cloudfoundry'}]}); | |
| #apt_update: true | |
| runcmd: | |
| # Config hostname resolution | |
| - echo $app_ip `hostname` >> /etc/hosts | |
| # Install MongoDB | |
| - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6 | |
| - echo "deb [ arch=amd64 ] http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-3.4.list | |
| - apt-get update | |
| - apt-get install -y mongodb-org | |
| - service mongod status | |
| - sleep 60 | |
| # Add new database user accounts | |
| - mongo /home/ubuntu/configureMongoDBusers.js | |
| # Enable MongoDB Authentication | |
| - echo "security:\n authorization:\tenabled" >> /etc/mongod.conf | |
| # Bind to all interfaces - not just localhost | |
| - sed -i '/bindIp:/s/^/#/' /etc/mongod.conf | |
| - service mongod restart | |
| params: | |
| $app_ip: { get_attr: [mongodb-server-port, fixed_ips, 0, ip_address]} | |
| message: "Installation of MongoDB Service Complete" | |
| ######################################################################################################### |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment