x/vmware-nsx
Code Issues Proposed changes
e86347e3a0
vmware-nsx/vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml
Vijay Kankatala d0b40d2b5c [Tempest] Deploy and Validate Neutron resources using HEAT Orchestration Template 
The script validates all resouces from the template and
  performs full range of datapath tests as below :
       1. Verifies server connectivy in the same network
       2. Verifies server conectivity across the network
       3. Verifies server connectity to external network
  The template currently has two topologies with shared and
  exclusive router edges which can be easily expanded.

Change-Id: I634b7d26d57adaa2e1ab7ca745a9c51ca36cdb88
2017-03-30 22:06:34 -07:00

454 lines
11 KiB
YAML
Raw Blame History

heat_template_version: 2013-05-23
description: >
Topology 1:
- 4 servers (Cirros))
- 2 Logical Switches
- 1 Logical Router (Shared)
- 2 Security Group allowing HTTP
Topology 2:
- 2 servers (Cirros))
- 2 Logical Switch
- 1 Logical Router (Exclusive)
- 1 Security Group allowing HTTP
parameters:
public_net:
label: Public Network ID for external connectivity
type: string
description: >
ID or name of public network
# Need to update this network UUID for each vPod.
default: ext-net
dmz_network:
default: ext-net
description: "External network"
type: string
ubuntu_image:
default: cirros
description: "Ubuntu image"
type: string
resources:
# Topology1
heat_NAT_web_net:
type: OS::Neutron::Net
properties:
name: heat_NAT_web
heat_NAT_web_subnet:
type: OS::Neutron::Subnet
properties:
network_id: { get_resource: heat_NAT_web_net }
cidr: 10.21.1.0/24
dns_nameservers: [ "10.166.17.90" ]
heat_NAT_db_net:
type: OS::Neutron::Net
properties:
name: heat_NAT_db
heat_NAT_db_subnet:
type: OS::Neutron::Subnet
properties:
network_id: { get_resource: heat_NAT_db_net }
cidr: 10.21.2.0/24
dns_nameservers: [ "10.166.17.90" ]
my_key:
type: OS::Nova::KeyPair
properties:
save_private_key: true
name: my_key
router:
type: OS::Neutron::Router
properties:
admin_state_up: true
name: heat_NAT_router
router_gw:
type: OS::Neutron::RouterGateway
properties:
network_id: { get_param: public_net}
router_id: { get_resource: router }
router_interface1:
type: OS::Neutron::RouterInterface
properties:
router_id: { get_resource: router }
subnet_id: { get_resource: heat_NAT_web_subnet }
router_interface2:
type: OS::Neutron::RouterInterface
properties:
router_id: { get_resource: router }
subnet_id: { get_resource: heat_NAT_db_subnet }
heat_NAT_web_secgroup:
type: OS::Neutron::SecurityGroup
properties:
name: heat_NAT_web_secgroup
rules:
- protocol: tcp
remote_ip_prefix: 0.0.0.0/0
port_range_min: 443
port_range_max: 443
- protocol: tcp
remote_ip_prefix: 0.0.0.0/0
port_range_min: 22
port_range_max: 22
- protocol: icmp
remote_ip_prefix: 0.0.0.0/0
heat_NAT_db_secgroup:
type: OS::Neutron::SecurityGroup
properties:
name: heat_NAT_db_secgroup
rules:
- protocol: tcp
remote_mode: remote_group_id
remote_group_id: { get_resource: heat_NAT_web_secgroup }
port_range_min: 3307
port_range_max: 3307
- protocol: icmp
remote_ip_prefix: 0.0.0.0/0
server1_port:
type: OS::Neutron::Port
properties:
network_id: { get_resource: heat_NAT_web_net }
security_groups:
- { get_resource: heat_NAT_web_secgroup }
server1_instance:
type: OS::Nova::Server
properties:
image: cirros
flavor: m1.tiny
key_name: { get_resource: my_key }
networks:
- port: { get_resource: server1_port }
server1_floating_ip:
type: OS::Neutron::FloatingIP
properties:
floating_network_id: { get_param: public_net }
port_id: { get_resource: server1_port }
server2_port:
type: OS::Neutron::Port
properties:
network_id: { get_resource: heat_NAT_db_net }
security_groups:
- { get_resource: heat_NAT_db_secgroup }
server2_instance:
type: OS::Nova::Server
properties:
image: cirros
flavor: m1.tiny
key_name: { get_resource: my_key }
networks:
- port: { get_resource: server2_port }
server3_port:
type: OS::Neutron::Port
properties:
network_id: { get_resource: heat_NAT_db_net }
security_groups:
- { get_resource: heat_NAT_db_secgroup }
server3_instance:
type: OS::Nova::Server
properties:
image: cirros
flavor: m1.tiny
key_name: { get_resource: my_key }
networks:
- port: { get_resource: server3_port }
server4_port:
type: OS::Neutron::Port
properties:
network_id: { get_resource: heat_NAT_web_net }
security_groups:
- { get_resource: heat_NAT_web_secgroup }
server4_instance:
type: OS::Nova::Server
properties:
image: cirros
flavor: m1.tiny
key_name: { get_resource: my_key }
networks:
- port: { get_resource: server4_port }
# Topology2
dmz_router:
properties:
admin_state_up: true
external_gateway_info:
network:
get_param: dmz_network
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "DmzGateway"]
value_specs:
router_type: exclusive
type: "OS::Neutron::Router"
floatingip_jump:
properties:
floating_network:
get_param: dmz_network
type: "OS::Neutron::FloatingIP"
floatingip_jump_association:
depends_on:
- floatingip_jump
- server_jump1
- router_interface_subnet_mgmt_dmz
properties:
floating_ip:
get_resource: floatingip_jump
server_id:
get_resource: server_jump1
type: "OS::Nova::FloatingIPAssociation"
network_mgmt:
properties:
admin_state_up: true
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "mgmt"]
shared: false
type: "OS::Neutron::Net"
network_mgmt2:
properties:
admin_state_up: true
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "mgmt2"]
shared: false
type: "OS::Neutron::Net"
port_dmz_jump:
depends_on:
- security_group
- subnet_mgmt
properties:
fixed_ips:
- ip_address: "50.0.0.10"
security_groups:
- get_resource: security_group
network_id:
get_resource: network_mgmt
type: "OS::Neutron::Port"
port_dmz_jump2:
depends_on:
- security_group
- subnet_mgmt
properties:
fixed_ips:
- ip_address: "60.0.0.10"
security_groups:
- get_resource: security_group
network_id:
get_resource: network_mgmt2
type: "OS::Neutron::Port"
port_mgmt_dmz_router:
depends_on:
- security_group
- subnet_mgmt
properties:
fixed_ips:
- ip_address: "50.0.0.254"
network_id:
get_resource: network_mgmt
security_groups:
- get_resource: security_group
type: "OS::Neutron::Port"
router_interface_subnet_mgmt_dmz:
depends_on:
- dmz_router
- port_mgmt_dmz_router
properties:
port_id:
get_resource: port_mgmt_dmz_router
router_id:
get_resource: dmz_router
type: "OS::Neutron::RouterInterface"
port_mgmt_dmz_router2:
depends_on:
- security_group
- subnet_mgmt2
properties:
fixed_ips:
- ip_address: "60.0.0.254"
network_id:
get_resource: network_mgmt2
security_groups:
- get_resource: security_group
type: "OS::Neutron::Port"
router_interface_subnet_mgmt_dmz2:
depends_on:
- dmz_router
- port_mgmt_dmz_router2
properties:
port_id:
get_resource: port_mgmt_dmz_router2
router_id:
get_resource: dmz_router
type: "OS::Neutron::RouterInterface"
security_group:
properties:
description: "Allows all"
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "Permissive"]
rules:
-
direction: ingress
ethertype: IPv4
port_range_max: 65535
port_range_min: 1
protocol: tcp
remote_ip_prefix: 0.0.0.0/0
-
direction: ingress
ethertype: IPv4
port_range_max: 65535
port_range_min: 1
protocol: udp
remote_ip_prefix: 0.0.0.0/0
-
direction: ingress
ethertype: IPv4
protocol: icmp
remote_ip_prefix: 0.0.0.0/0
-
direction: egress
ethertype: IPv4
port_range_max: 65535
port_range_min: 1
protocol: tcp
remote_ip_prefix: 0.0.0.0/0
-
direction: egress
ethertype: IPv4
port_range_max: 65535
port_range_min: 1
protocol: udp
remote_ip_prefix: 0.0.0.0/0
-
direction: egress
ethertype: IPv4
protocol: icmp
remote_ip_prefix: 0.0.0.0/0
type: "OS::Neutron::SecurityGroup"
server_jump1:
depends_on:
- port_dmz_jump
properties:
diskConfig: MANUAL
flavor: m1.tiny
image:
get_param: ubuntu_image
key_name: { get_resource: my_key }
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "JumpServer1"]
networks:
- port:
get_resource: port_dmz_jump
networks:
- port:
get_resource: port_dmz_jump
type: "OS::Nova::Server"
subnet_mgmt:
depends_on:
- network_mgmt
properties:
allocation_pools:
-
end: "50.0.0.250"
start: "50.0.0.2"
cidr: 50.0.0.0/24
dns_nameservers:
- "172.17.100.11"
enable_dhcp: true
ip_version: 4
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "DMZSubnet"]
network_id:
get_resource: network_mgmt
type: "OS::Neutron::Subnet"
subnet_mgmt2:
depends_on:
- network_mgmt2
properties:
allocation_pools:
-
end: "60.0.0.250"
start: "60.0.0.2"
cidr: 60.0.0.0/24
dns_nameservers:
- "172.17.100.11"
enable_dhcp: true
ip_version: 4
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "DMZSubnet2"]
network_id:
get_resource: network_mgmt2
type: "OS::Neutron::Subnet"
server_jump2:
properties:
diskConfig: MANUAL
flavor: m1.tiny
image:
get_param: ubuntu_image
key_name: { get_resource: my_key }
name:
Fn::Join:
- '_'
- [get_param: "OS::stack_name", "JumpServer2"]
networks:
- port:
get_resource: port_dmz_jump2
depends_on: [ port_dmz_jump2 ]
type: OS::Nova::Server
outputs:
topo1_server1_floatingip:
description: Floating IP address of Topology1_Server1_floatingip
value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
topo1_server1_private_ip:
description: Private IP address of the deployed compute instance
value: { get_attr: [server1_instance, networks, heat_NAT_web, 0] }
topo1_server2_private_ip:
description: Private IP address of the deployed compute instance
value: { get_attr: [server2_instance, networks, heat_NAT_db, 0] }
topo1_server3_private_ip:
description: Private IP address of the deployed compute instance
value: { get_attr: [server3_instance, networks, heat_NAT_db, 0] }
topo1_server4_private_ip:
description: Private IP address of the deployed compute instance
value: { get_attr: [server4_instance, networks, heat_NAT_web, 0] }
private_key:
description: Private key
value: { get_attr: [ my_key, private_key ] }
View Git Blame Copy Permalink