2019-01-04T21:53:50.828Z|| o.onap.so.adapters.catalogdb.CatalogDBApplication - Starting CatalogDBApplication on dev-so-so-catalog-db-adapter-768cf4c795-9dkk9 with PID 17 (/app/app.jar started by so in /app) 2019-01-04T21:53:50.899Z|| o.onap.so.adapters.catalogdb.CatalogDBApplication - Running with Spring Boot v1.5.13.RELEASE, Spring v4.3.17.RELEASE 2019-01-04T21:53:50.899Z|| o.onap.so.adapters.catalogdb.CatalogDBApplication - No active profile set, falling back to default profiles: default 2019-01-04T21:54:11.560Z|| org.flywaydb.core.internal.command.DbMigrate - outOfOrder mode is active. Migration of schema `catalogdb` may not be reproducible. 2019-01-04T21:56:22.133Z|| o.onap.so.adapters.catalogdb.CatalogDBApplication - Started CatalogDBApplication in 154.129 seconds (JVM running for 156.256) 2019-01-04T22:03:49.654Z|89621989-d61b-40d7-a275-5bf9537b383d| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:03:49.654Z|89621989-d61b-40d7-a275-5bf9537b383d| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:03:49.666Z|89621989-d61b-40d7-a275-5bf9537b383d| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:03:49.666Z|89621989-d61b-40d7-a275-5bf9537b383d| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:03:49.667Z|89621989-d61b-40d7-a275-5bf9537b383d| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:04:49.398Z|b5672b6b-37d5-445f-ae93-2da61d0382cf| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:04:49.398Z|b5672b6b-37d5-445f-ae93-2da61d0382cf| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:04:49.401Z|b5672b6b-37d5-445f-ae93-2da61d0382cf| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:04:49.402Z|b5672b6b-37d5-445f-ae93-2da61d0382cf| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:04:49.402Z|b5672b6b-37d5-445f-ae93-2da61d0382cf| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:05:49.413Z|42bf9396-68fc-422e-97ac-f2a991197b59| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:05:49.413Z|42bf9396-68fc-422e-97ac-f2a991197b59| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:05:49.414Z|42bf9396-68fc-422e-97ac-f2a991197b59| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:05:49.414Z|42bf9396-68fc-422e-97ac-f2a991197b59| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:05:49.414Z|42bf9396-68fc-422e-97ac-f2a991197b59| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:06:49.400Z|9c050c72-cebb-4b75-9ffa-490a047924e9| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:06:49.400Z|9c050c72-cebb-4b75-9ffa-490a047924e9| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:06:49.400Z|9c050c72-cebb-4b75-9ffa-490a047924e9| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:06:49.401Z|9c050c72-cebb-4b75-9ffa-490a047924e9| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:06:49.402Z|9c050c72-cebb-4b75-9ffa-490a047924e9| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:07:49.512Z|66e8fcaa-f428-449a-b177-7ee1207c7415| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:07:49.513Z|66e8fcaa-f428-449a-b177-7ee1207c7415| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:07:49.515Z|66e8fcaa-f428-449a-b177-7ee1207c7415| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:07:49.515Z|66e8fcaa-f428-449a-b177-7ee1207c7415| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:07:49.562Z|66e8fcaa-f428-449a-b177-7ee1207c7415| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:08:49.412Z|e6b82300-ca04-440c-a37d-972ab1812a92| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:08:49.412Z|e6b82300-ca04-440c-a37d-972ab1812a92| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:08:49.424Z|e6b82300-ca04-440c-a37d-972ab1812a92| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:08:49.424Z|e6b82300-ca04-440c-a37d-972ab1812a92| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:08:49.425Z|e6b82300-ca04-440c-a37d-972ab1812a92| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:09:49.415Z|9895d867-4bab-4816-b23a-22dc9b6c8925| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:09:49.427Z|9895d867-4bab-4816-b23a-22dc9b6c8925| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:09:49.428Z|9895d867-4bab-4816-b23a-22dc9b6c8925| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:09:49.429Z|9895d867-4bab-4816-b23a-22dc9b6c8925| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:09:49.443Z|9895d867-4bab-4816-b23a-22dc9b6c8925| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:10:49.416Z|6449d781-b782-49d3-931f-7104b30286a4| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:10:49.416Z|6449d781-b782-49d3-931f-7104b30286a4| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:10:49.417Z|6449d781-b782-49d3-931f-7104b30286a4| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:10:49.417Z|6449d781-b782-49d3-931f-7104b30286a4| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:10:49.418Z|6449d781-b782-49d3-931f-7104b30286a4| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:11:49.410Z|c3c9aee8-66f9-45ae-9b32-9c7113f78d8f| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:11:49.410Z|c3c9aee8-66f9-45ae-9b32-9c7113f78d8f| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:11:49.411Z|c3c9aee8-66f9-45ae-9b32-9c7113f78d8f| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:11:49.411Z|c3c9aee8-66f9-45ae-9b32-9c7113f78d8f| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:11:49.412Z|c3c9aee8-66f9-45ae-9b32-9c7113f78d8f| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:12:49.409Z|4676e2f6-8235-49de-8bd3-597ed5474fca| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:12:49.409Z|4676e2f6-8235-49de-8bd3-597ed5474fca| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:12:49.411Z|4676e2f6-8235-49de-8bd3-597ed5474fca| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:12:49.411Z|4676e2f6-8235-49de-8bd3-597ed5474fca| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:12:49.411Z|4676e2f6-8235-49de-8bd3-597ed5474fca| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:13:49.403Z|4adc80ab-d3fc-44eb-be3c-77b472c7ad1f| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:13:49.403Z|4adc80ab-d3fc-44eb-be3c-77b472c7ad1f| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:13:49.404Z|4adc80ab-d3fc-44eb-be3c-77b472c7ad1f| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:13:49.404Z|4adc80ab-d3fc-44eb-be3c-77b472c7ad1f| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:13:49.404Z|4adc80ab-d3fc-44eb-be3c-77b472c7ad1f| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:14:49.427Z|5a7c7848-d64e-4b29-bc63-5cc47fdcebbe| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:14:49.427Z|5a7c7848-d64e-4b29-bc63-5cc47fdcebbe| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:14:49.427Z|5a7c7848-d64e-4b29-bc63-5cc47fdcebbe| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:14:49.428Z|5a7c7848-d64e-4b29-bc63-5cc47fdcebbe| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:14:49.428Z|5a7c7848-d64e-4b29-bc63-5cc47fdcebbe| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:15:49.428Z|6684ea4c-daa3-4f72-a4e4-0c5bf6a1b8a1| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:15:49.431Z|6684ea4c-daa3-4f72-a4e4-0c5bf6a1b8a1| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:15:49.431Z|6684ea4c-daa3-4f72-a4e4-0c5bf6a1b8a1| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:15:49.431Z|6684ea4c-daa3-4f72-a4e4-0c5bf6a1b8a1| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:15:49.434Z|6684ea4c-daa3-4f72-a4e4-0c5bf6a1b8a1| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:16:49.408Z|637122e2-fddc-413a-83ab-7f7adcab33ab| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:16:49.409Z|637122e2-fddc-413a-83ab-7f7adcab33ab| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:16:49.420Z|637122e2-fddc-413a-83ab-7f7adcab33ab| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:16:49.424Z|637122e2-fddc-413a-83ab-7f7adcab33ab| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:16:49.425Z|637122e2-fddc-413a-83ab-7f7adcab33ab| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:17:49.395Z|d4a08b65-4fd0-4d05-9252-2f2e6e347cf5| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:17:49.395Z|d4a08b65-4fd0-4d05-9252-2f2e6e347cf5| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:17:49.396Z|d4a08b65-4fd0-4d05-9252-2f2e6e347cf5| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:17:49.396Z|d4a08b65-4fd0-4d05-9252-2f2e6e347cf5| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:17:49.396Z|d4a08b65-4fd0-4d05-9252-2f2e6e347cf5| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:18:49.403Z|1140334b-c831-4c7b-a17d-00bf7f4c235a| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:18:49.404Z|1140334b-c831-4c7b-a17d-00bf7f4c235a| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:18:49.404Z|1140334b-c831-4c7b-a17d-00bf7f4c235a| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:18:49.404Z|1140334b-c831-4c7b-a17d-00bf7f4c235a| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:18:49.405Z|1140334b-c831-4c7b-a17d-00bf7f4c235a| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:19:49.396Z|cfc29963-b719-4c2d-9cbc-8cda35f7ad79| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:19:49.397Z|cfc29963-b719-4c2d-9cbc-8cda35f7ad79| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:19:49.397Z|cfc29963-b719-4c2d-9cbc-8cda35f7ad79| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:19:49.400Z|cfc29963-b719-4c2d-9cbc-8cda35f7ad79| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:19:49.400Z|cfc29963-b719-4c2d-9cbc-8cda35f7ad79| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:20:49.477Z|3ee6b011-5622-464b-b839-f80af28ae221| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:20:49.498Z|3ee6b011-5622-464b-b839-f80af28ae221| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:20:49.498Z|3ee6b011-5622-464b-b839-f80af28ae221| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:20:49.500Z|3ee6b011-5622-464b-b839-f80af28ae221| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:20:49.501Z|3ee6b011-5622-464b-b839-f80af28ae221| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:21:49.452Z|c1cff09e-cef9-4f91-ab0d-329b627c1552| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:21:49.463Z|c1cff09e-cef9-4f91-ab0d-329b627c1552| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:21:49.464Z|c1cff09e-cef9-4f91-ab0d-329b627c1552| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:21:49.466Z|c1cff09e-cef9-4f91-ab0d-329b627c1552| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:21:49.468Z|c1cff09e-cef9-4f91-ab0d-329b627c1552| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:22:49.395Z|a748c818-8a60-4fd8-821f-f78f7fd1d103| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:22:49.396Z|a748c818-8a60-4fd8-821f-f78f7fd1d103| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:22:49.396Z|a748c818-8a60-4fd8-821f-f78f7fd1d103| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:22:49.397Z|a748c818-8a60-4fd8-821f-f78f7fd1d103| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:22:49.399Z|a748c818-8a60-4fd8-821f-f78f7fd1d103| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:23:49.395Z|97de9f54-22f3-44eb-99ab-408e7d20c1c4| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:23:49.396Z|97de9f54-22f3-44eb-99ab-408e7d20c1c4| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:23:49.407Z|97de9f54-22f3-44eb-99ab-408e7d20c1c4| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:23:49.407Z|97de9f54-22f3-44eb-99ab-408e7d20c1c4| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:23:49.407Z|97de9f54-22f3-44eb-99ab-408e7d20c1c4| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:24:49.395Z|ee04d32f-4486-46e4-a1eb-177ffe16f35b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:24:49.395Z|ee04d32f-4486-46e4-a1eb-177ffe16f35b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:24:49.396Z|ee04d32f-4486-46e4-a1eb-177ffe16f35b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:24:49.396Z|ee04d32f-4486-46e4-a1eb-177ffe16f35b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:24:49.396Z|ee04d32f-4486-46e4-a1eb-177ffe16f35b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:25:49.397Z|7a447bce-0759-4751-ab68-9ffbcced0fa7| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:25:49.397Z|7a447bce-0759-4751-ab68-9ffbcced0fa7| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:25:49.397Z|7a447bce-0759-4751-ab68-9ffbcced0fa7| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:25:49.398Z|7a447bce-0759-4751-ab68-9ffbcced0fa7| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:25:49.398Z|7a447bce-0759-4751-ab68-9ffbcced0fa7| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:26:49.460Z|791d8b3f-2fb8-44c1-95ae-6155ed656ae2| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:26:49.461Z|791d8b3f-2fb8-44c1-95ae-6155ed656ae2| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:26:49.461Z|791d8b3f-2fb8-44c1-95ae-6155ed656ae2| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:26:49.462Z|791d8b3f-2fb8-44c1-95ae-6155ed656ae2| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:26:49.462Z|791d8b3f-2fb8-44c1-95ae-6155ed656ae2| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:27:49.416Z|af215a80-77be-4fc1-a3eb-68249a1f220b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:27:49.416Z|af215a80-77be-4fc1-a3eb-68249a1f220b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:27:49.416Z|af215a80-77be-4fc1-a3eb-68249a1f220b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:27:49.417Z|af215a80-77be-4fc1-a3eb-68249a1f220b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:27:49.441Z|af215a80-77be-4fc1-a3eb-68249a1f220b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:28:49.423Z|1e00250b-ea8a-4a1f-a6be-ca3b4ee97a09| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:28:49.452Z|1e00250b-ea8a-4a1f-a6be-ca3b4ee97a09| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:28:49.452Z|1e00250b-ea8a-4a1f-a6be-ca3b4ee97a09| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:28:49.452Z|1e00250b-ea8a-4a1f-a6be-ca3b4ee97a09| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:28:49.454Z|1e00250b-ea8a-4a1f-a6be-ca3b4ee97a09| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:29:49.404Z|e990ed81-79b0-4ae6-b375-982c2c8dae45| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:29:49.405Z|e990ed81-79b0-4ae6-b375-982c2c8dae45| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:29:49.417Z|e990ed81-79b0-4ae6-b375-982c2c8dae45| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:29:49.418Z|e990ed81-79b0-4ae6-b375-982c2c8dae45| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:29:49.418Z|e990ed81-79b0-4ae6-b375-982c2c8dae45| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:30:49.401Z|e3da883c-0f82-46f4-ac34-89271688eb56| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:30:49.401Z|e3da883c-0f82-46f4-ac34-89271688eb56| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:30:49.402Z|e3da883c-0f82-46f4-ac34-89271688eb56| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:30:49.402Z|e3da883c-0f82-46f4-ac34-89271688eb56| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:30:49.402Z|e3da883c-0f82-46f4-ac34-89271688eb56| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:31:49.416Z|c62ae6e1-a47a-4a99-9523-f4b3c3845f6b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:31:49.416Z|c62ae6e1-a47a-4a99-9523-f4b3c3845f6b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:31:49.416Z|c62ae6e1-a47a-4a99-9523-f4b3c3845f6b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:31:49.416Z|c62ae6e1-a47a-4a99-9523-f4b3c3845f6b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:31:49.417Z|c62ae6e1-a47a-4a99-9523-f4b3c3845f6b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:32:49.396Z|6504f794-484d-4688-8448-2f3ef2f0edb9| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:32:49.396Z|6504f794-484d-4688-8448-2f3ef2f0edb9| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:32:49.397Z|6504f794-484d-4688-8448-2f3ef2f0edb9| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:32:49.397Z|6504f794-484d-4688-8448-2f3ef2f0edb9| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:32:49.398Z|6504f794-484d-4688-8448-2f3ef2f0edb9| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:33:49.446Z|f75fe867-6ce4-43e8-a480-ac54c5858290| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:33:49.446Z|f75fe867-6ce4-43e8-a480-ac54c5858290| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:33:49.447Z|f75fe867-6ce4-43e8-a480-ac54c5858290| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:33:49.447Z|f75fe867-6ce4-43e8-a480-ac54c5858290| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:33:49.447Z|f75fe867-6ce4-43e8-a480-ac54c5858290| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:34:49.400Z|3d4b3933-75c6-4593-b927-d80bc23fb064| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:34:49.401Z|3d4b3933-75c6-4593-b927-d80bc23fb064| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:34:49.401Z|3d4b3933-75c6-4593-b927-d80bc23fb064| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:34:49.445Z|3d4b3933-75c6-4593-b927-d80bc23fb064| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:34:49.446Z|3d4b3933-75c6-4593-b927-d80bc23fb064| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:35:49.405Z|f3fd8534-fec3-4b21-af4e-1cae528fe1f2| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:35:49.406Z|f3fd8534-fec3-4b21-af4e-1cae528fe1f2| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:35:49.406Z|f3fd8534-fec3-4b21-af4e-1cae528fe1f2| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:35:49.406Z|f3fd8534-fec3-4b21-af4e-1cae528fe1f2| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:35:49.407Z|f3fd8534-fec3-4b21-af4e-1cae528fe1f2| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:36:49.395Z|ca0174c0-1453-4b43-86b1-97ee75d4addc| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:36:49.395Z|ca0174c0-1453-4b43-86b1-97ee75d4addc| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:36:49.395Z|ca0174c0-1453-4b43-86b1-97ee75d4addc| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:36:49.395Z|ca0174c0-1453-4b43-86b1-97ee75d4addc| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:36:49.396Z|ca0174c0-1453-4b43-86b1-97ee75d4addc| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:37:49.510Z|15073867-c380-4579-8f53-74839d141def| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:37:49.530Z|15073867-c380-4579-8f53-74839d141def| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:37:49.530Z|15073867-c380-4579-8f53-74839d141def| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:37:49.531Z|15073867-c380-4579-8f53-74839d141def| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:37:49.531Z|15073867-c380-4579-8f53-74839d141def| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:38:49.421Z|43db707b-660d-4cb4-9f8a-28599aec4afc| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:38:49.422Z|43db707b-660d-4cb4-9f8a-28599aec4afc| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:38:49.422Z|43db707b-660d-4cb4-9f8a-28599aec4afc| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:38:49.423Z|43db707b-660d-4cb4-9f8a-28599aec4afc| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:38:49.423Z|43db707b-660d-4cb4-9f8a-28599aec4afc| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:39:49.405Z|e4e3740e-7d02-4925-bc36-267374513b06| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:39:49.412Z|e4e3740e-7d02-4925-bc36-267374513b06| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:39:49.412Z|e4e3740e-7d02-4925-bc36-267374513b06| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:39:49.413Z|e4e3740e-7d02-4925-bc36-267374513b06| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:39:49.413Z|e4e3740e-7d02-4925-bc36-267374513b06| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:40:49.397Z|39f5a274-1d59-4a51-a915-8ce4ae424704| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:40:49.398Z|39f5a274-1d59-4a51-a915-8ce4ae424704| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:40:49.398Z|39f5a274-1d59-4a51-a915-8ce4ae424704| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:40:49.399Z|39f5a274-1d59-4a51-a915-8ce4ae424704| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:40:49.399Z|39f5a274-1d59-4a51-a915-8ce4ae424704| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:41:49.495Z|b6852a34-46af-4477-acf9-1a322d21c17f| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:41:49.495Z|b6852a34-46af-4477-acf9-1a322d21c17f| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:41:49.510Z|b6852a34-46af-4477-acf9-1a322d21c17f| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:41:49.511Z|b6852a34-46af-4477-acf9-1a322d21c17f| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:41:49.511Z|b6852a34-46af-4477-acf9-1a322d21c17f| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:42:49.410Z|62a089d8-bd9a-4f9b-8f62-7b4a0c3a0945| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:42:49.412Z|62a089d8-bd9a-4f9b-8f62-7b4a0c3a0945| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:42:49.414Z|62a089d8-bd9a-4f9b-8f62-7b4a0c3a0945| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:42:49.415Z|62a089d8-bd9a-4f9b-8f62-7b4a0c3a0945| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:42:49.415Z|62a089d8-bd9a-4f9b-8f62-7b4a0c3a0945| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:43:49.458Z|720b809c-f457-43a3-849c-af3b16a9465c| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:43:49.458Z|720b809c-f457-43a3-849c-af3b16a9465c| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:43:49.460Z|720b809c-f457-43a3-849c-af3b16a9465c| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:43:49.474Z|720b809c-f457-43a3-849c-af3b16a9465c| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:43:49.477Z|720b809c-f457-43a3-849c-af3b16a9465c| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:44:49.399Z|ef3560a1-8900-46ec-b020-e8237b986b3e| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:44:49.400Z|ef3560a1-8900-46ec-b020-e8237b986b3e| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:44:49.400Z|ef3560a1-8900-46ec-b020-e8237b986b3e| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:44:49.402Z|ef3560a1-8900-46ec-b020-e8237b986b3e| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:44:49.404Z|ef3560a1-8900-46ec-b020-e8237b986b3e| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:45:49.426Z|76b22f91-b5ad-4f62-9c78-bea4373fb497| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:45:49.426Z|76b22f91-b5ad-4f62-9c78-bea4373fb497| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:45:49.426Z|76b22f91-b5ad-4f62-9c78-bea4373fb497| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:45:49.427Z|76b22f91-b5ad-4f62-9c78-bea4373fb497| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:45:49.427Z|76b22f91-b5ad-4f62-9c78-bea4373fb497| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:46:49.408Z|994eee18-7b63-4172-a041-d87362aea950| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:46:49.408Z|994eee18-7b63-4172-a041-d87362aea950| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:46:49.408Z|994eee18-7b63-4172-a041-d87362aea950| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:46:49.408Z|994eee18-7b63-4172-a041-d87362aea950| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:46:49.409Z|994eee18-7b63-4172-a041-d87362aea950| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:47:49.399Z|51b1151d-e85d-47b5-b10e-8d6e8fd04779| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:47:49.400Z|51b1151d-e85d-47b5-b10e-8d6e8fd04779| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:47:49.400Z|51b1151d-e85d-47b5-b10e-8d6e8fd04779| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:47:49.401Z|51b1151d-e85d-47b5-b10e-8d6e8fd04779| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:47:49.401Z|51b1151d-e85d-47b5-b10e-8d6e8fd04779| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:48:49.396Z|a2c65e22-27e2-4e5a-af8d-352c20033ef4| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:48:49.397Z|a2c65e22-27e2-4e5a-af8d-352c20033ef4| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:48:49.413Z|a2c65e22-27e2-4e5a-af8d-352c20033ef4| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:48:49.413Z|a2c65e22-27e2-4e5a-af8d-352c20033ef4| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:48:49.414Z|a2c65e22-27e2-4e5a-af8d-352c20033ef4| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:49:49.436Z|b3de25af-8201-4793-8cd8-1f1e88b5f651| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:49:49.436Z|b3de25af-8201-4793-8cd8-1f1e88b5f651| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:49:49.436Z|b3de25af-8201-4793-8cd8-1f1e88b5f651| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:49:49.436Z|b3de25af-8201-4793-8cd8-1f1e88b5f651| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:49:49.437Z|b3de25af-8201-4793-8cd8-1f1e88b5f651| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:50:49.430Z|fcfc1b8f-8758-41b8-a277-a3d159aa87a7| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:50:49.430Z|fcfc1b8f-8758-41b8-a277-a3d159aa87a7| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:50:49.431Z|fcfc1b8f-8758-41b8-a277-a3d159aa87a7| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:50:49.448Z|fcfc1b8f-8758-41b8-a277-a3d159aa87a7| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:50:49.449Z|fcfc1b8f-8758-41b8-a277-a3d159aa87a7| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:51:49.411Z|801e96b5-e283-428e-8e00-e21e94273887| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:51:49.425Z|801e96b5-e283-428e-8e00-e21e94273887| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:51:49.425Z|801e96b5-e283-428e-8e00-e21e94273887| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:51:49.426Z|801e96b5-e283-428e-8e00-e21e94273887| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:51:49.426Z|801e96b5-e283-428e-8e00-e21e94273887| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:52:49.395Z|754d9265-3b95-488b-9f37-f31ab8a6c993| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:52:49.395Z|754d9265-3b95-488b-9f37-f31ab8a6c993| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:52:49.396Z|754d9265-3b95-488b-9f37-f31ab8a6c993| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:52:49.396Z|754d9265-3b95-488b-9f37-f31ab8a6c993| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:52:49.396Z|754d9265-3b95-488b-9f37-f31ab8a6c993| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:53:49.437Z|d3665e52-cc14-4e15-9820-6ce1684c2ade| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:53:49.438Z|d3665e52-cc14-4e15-9820-6ce1684c2ade| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:53:49.438Z|d3665e52-cc14-4e15-9820-6ce1684c2ade| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:53:49.438Z|d3665e52-cc14-4e15-9820-6ce1684c2ade| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:53:49.439Z|d3665e52-cc14-4e15-9820-6ce1684c2ade| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:54:49.407Z|6091c5bd-3853-4407-97c2-471033c12cc3| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:54:49.408Z|6091c5bd-3853-4407-97c2-471033c12cc3| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:54:49.408Z|6091c5bd-3853-4407-97c2-471033c12cc3| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:54:49.408Z|6091c5bd-3853-4407-97c2-471033c12cc3| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:54:49.409Z|6091c5bd-3853-4407-97c2-471033c12cc3| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:55:49.427Z|b14d1163-65f0-41e4-a86f-9eb876613f3a| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:55:49.428Z|b14d1163-65f0-41e4-a86f-9eb876613f3a| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:55:49.428Z|b14d1163-65f0-41e4-a86f-9eb876613f3a| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:55:49.428Z|b14d1163-65f0-41e4-a86f-9eb876613f3a| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:55:49.428Z|b14d1163-65f0-41e4-a86f-9eb876613f3a| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:56:13.244Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:56:13.251Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /service/search/findFirstByModelNameOrderByModelVersionDesc 2019-01-04T22:56:13.252Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:56:13.252Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {authorization=Basic YnBlbDpwYXNzd29yZDEk, x-onap-invocationid=, x-onap-partnername=SO, host=so-catalog-db-adapter.onap:8082, connection=Keep-Alive, content-type=application/hal+json, x-onap-requestid=da1f738a-3bbe-48ca-98d3-e45a4ef75b8b, x-target-entity=SO:CatalogDB, accept-encoding=gzip,deflate, user-agent=Apache-HttpClient/4.5.5 (Java/1.8.0_181), accept=application/hal+json} 2019-01-04T22:56:13.252Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:56:14.872Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:56:14.924Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /serviceRecipe/search/findFirstByServiceModelUUIDAndAction 2019-01-04T22:56:14.925Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:56:14.925Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {authorization=Basic YnBlbDpwYXNzd29yZDEk, cookie=JSESSIONID=B9FFEA92B8E4CD17FBA355264186F42C, x-onap-invocationid=, x-onap-partnername=SO, host=so-catalog-db-adapter.onap:8082, connection=Keep-Alive, content-type=application/hal+json, x-onap-requestid=da1f738a-3bbe-48ca-98d3-e45a4ef75b8b, x-target-entity=SO:CatalogDB, accept-encoding=gzip,deflate, user-agent=Apache-HttpClient/4.5.5 (Java/1.8.0_181), accept=application/hal+json} 2019-01-04T22:56:14.925Z|da1f738a-3bbe-48ca-98d3-e45a4ef75b8b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:56:25.679Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - Query serviceMacroHolder getAllResourcesByServiceModelUuid serviceModelUuid: 8e52e188-5c20-4f14-9478-fd133d46c54e 2019-01-04T22:56:26.052Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - serviceMacroHolder qryResp= ServicePlus: service: org.onap.so.db.catalog.beans.Service@1099d5e1[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@7435548f,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@d5908ee[artifactUUID=d3fb8785-40fa-4701-87bf-3d976f7b064c,name=service-Vfw20181218192853-csar.csar,artifactChecksum=MzIyMjliZDQwMzNiOWVjNDQ2MTY2NzViMDA2MTQ1Y2I=,url=/sdc/v1/catalog/services/Vfw2018121819:28:53/1.0/artifacts/service-Vfw20181218192853-csar.csar,description=TOSCA definition package of the asset,created=2019-01-04 22:35:51.0,version=1,services=[org.onap.so.db.catalog.beans.Service@1099d5e1[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@7435548f,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@d5908ee]]]]VnfResources: , vnfResourceCustomization[0]:org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@7435548f,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]none 2019-01-04T22:56:26.632Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.s.a.catalogdb.catalogrest.QueryServiceVnfs - org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@7435548f,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]] 2019-01-04T22:56:26.732Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@715c01ef[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6d63b5f2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@614d8287[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2ec2c70d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13ef31a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@73373749[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ad93fa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ef51f1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e9d904d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@55c8baf5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ecddd33[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c81b6b9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@504ebaab[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3b37b736[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6250679d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6160c2dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1663efc7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@510ace9a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@19645c35[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@311b8177[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@388fdc9c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@32237a40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@36e2e7d0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1c5c4023[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2de04d9b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3545daa5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13c0bd25[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7bdc7c3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@31d553be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7aebbca6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@401d7169[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4833325a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@769783f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@590224ae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@179d054d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@2713a131[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@5122a907,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@473157c7[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2e9c5632]],vnfcInstanceGroupCustomizations=[]]]]]] 2019-01-04T22:56:26.733Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : }, "isBase" : , "vfModuleLabel" : , "initialCount" : , "hasVolumeGroup" : } 2019-01-04T22:56:26.734Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T22:56:26.735Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T22:56:26.735Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T22:56:26.736Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T22:56:26.736Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T22:56:26.737Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: IS_BASE contains key? true 2019-01-04T22:56:26.737Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: VF_MODULE_LABEL contains key? true 2019-01-04T22:56:26.739Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: INITIAL_COUNT contains key? true 2019-01-04T22:56:26.740Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: HAS_VOLUME_GROUP contains key? true 2019-01-04T22:56:26.740Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } 2019-01-04T22:56:26.762Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : , "modelInstanceName" : }, "toscaNodeType" : , "nfFunction" : , "nfType" : , "nfRole" : , "nfNamingCode" : , "multiStageDesign" : , "resourceInput" : , <_VFMODULES_> } 2019-01-04T22:56:26.763Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T22:56:26.763Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T22:56:26.764Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T22:56:26.765Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T22:56:26.765Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T22:56:26.766Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INSTANCE_NAME contains key? true 2019-01-04T22:56:26.767Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: TOSCA_NODE_TYPE contains key? true 2019-01-04T22:56:26.767Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_FUNCTION contains key? true 2019-01-04T22:56:26.768Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_TYPE contains key? true 2019-01-04T22:56:26.768Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_ROLE contains key? true 2019-01-04T22:56:26.769Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_NAMING_CODE contains key? true 2019-01-04T22:56:26.770Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MULTI_STEP_DESIGN contains key? true 2019-01-04T22:56:26.770Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_INPUT contains key? true 2019-01-04T22:56:26.771Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _VFMODULES_ contains key? true 2019-01-04T22:56:26.771Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } 2019-01-04T22:56:26.772Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.s.a.catalogdb.catalogrest.QueryServiceNetworks - QueryServiceNetworks: 2019-01-04T22:56:26.773Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "serviceResources" : { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : }, "serviceType" : , "serviceRole" : , "environmentContext" : , "resourceOrder" : , "workloadContext" : , <_SERVICEVNFS_>, <_SERVICENETWORKS_>, <_SERVICEALLOTTEDRESOURCES_> }} 2019-01-04T22:56:26.774Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_NAME contains key? true 2019-01-04T22:56:26.774Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_UUID contains key? true 2019-01-04T22:56:26.775Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_INVARIANT_ID contains key? true 2019-01-04T22:56:26.784Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_VERSION contains key? true 2019-01-04T22:56:26.784Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_TYPE contains key? true 2019-01-04T22:56:26.785Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_ROLE contains key? true 2019-01-04T22:56:26.786Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: ENVIRONMENT_CONTEXT contains key? true 2019-01-04T22:56:26.787Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_ORDER contains key? true 2019-01-04T22:56:26.787Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: WORKLOAD_CONTEXT contains key? true 2019-01-04T22:56:26.789Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEVNFS_ contains key? true 2019-01-04T22:56:26.820Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICENETWORKS_ contains key? true 2019-01-04T22:56:26.821Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEALLOTTEDRESOURCES_ contains key? true 2019-01-04T22:56:26.821Z|805a0fae-ef47-47d8-9987-aac39fde9e55| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "serviceResources" : { "modelInfo" : { "modelName" : "vFW 2018-12-18 19:28:53", "modelUuid" : "8e52e188-5c20-4f14-9478-fd133d46c54e", "modelInvariantUuid" : "bcd39c74-fe81-4404-95fa-c84f1481bbff", "modelVersion" : "1.0" }, "serviceType" : "", "serviceRole" : "", "environmentContext" : "General_Revenue-Bearing", "resourceOrder" : "6c1cdb18-b10f-47b3-98dc", "workloadContext" : "Production", "serviceVnfs": [ { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } ], "serviceNetworks": [], "serviceAllottedResources": [] }} 2019-01-04T22:56:49.395Z|ef440bc7-56b4-4870-b27c-3cb471990e36| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:56:49.395Z|ef440bc7-56b4-4870-b27c-3cb471990e36| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:56:49.396Z|ef440bc7-56b4-4870-b27c-3cb471990e36| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:56:49.396Z|ef440bc7-56b4-4870-b27c-3cb471990e36| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:56:49.396Z|ef440bc7-56b4-4870-b27c-3cb471990e36| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:57:49.395Z|206d01b7-3eb8-47d4-99b0-5f102c30c76e| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:57:49.395Z|206d01b7-3eb8-47d4-99b0-5f102c30c76e| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:57:49.395Z|206d01b7-3eb8-47d4-99b0-5f102c30c76e| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:57:49.396Z|206d01b7-3eb8-47d4-99b0-5f102c30c76e| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:57:49.409Z|206d01b7-3eb8-47d4-99b0-5f102c30c76e| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:58:49.395Z|f98d5c81-1c36-4029-9df1-fb9e1bb1e69b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:58:49.395Z|f98d5c81-1c36-4029-9df1-fb9e1bb1e69b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:58:49.395Z|f98d5c81-1c36-4029-9df1-fb9e1bb1e69b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:58:49.396Z|f98d5c81-1c36-4029-9df1-fb9e1bb1e69b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:58:49.396Z|f98d5c81-1c36-4029-9df1-fb9e1bb1e69b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T22:59:49.407Z|3b1f7084-1bc7-4cd1-94e7-b3de420e8291| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T22:59:49.409Z|3b1f7084-1bc7-4cd1-94e7-b3de420e8291| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T22:59:49.424Z|3b1f7084-1bc7-4cd1-94e7-b3de420e8291| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T22:59:49.437Z|3b1f7084-1bc7-4cd1-94e7-b3de420e8291| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T22:59:49.441Z|3b1f7084-1bc7-4cd1-94e7-b3de420e8291| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:00:49.398Z|7ef05d23-c5c6-4d2d-92e3-a4bc486d7629| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:00:49.398Z|7ef05d23-c5c6-4d2d-92e3-a4bc486d7629| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:00:49.398Z|7ef05d23-c5c6-4d2d-92e3-a4bc486d7629| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:00:49.399Z|7ef05d23-c5c6-4d2d-92e3-a4bc486d7629| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:00:49.399Z|7ef05d23-c5c6-4d2d-92e3-a4bc486d7629| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:01:11.340Z|62903cda-dfad-49af-a371-141090976308| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:01:11.340Z|62903cda-dfad-49af-a371-141090976308| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /error 2019-01-04T23:01:11.340Z|62903cda-dfad-49af-a371-141090976308| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:01:11.340Z|62903cda-dfad-49af-a371-141090976308| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=so-catalog-db-adapter.onap:8082, accept=*/*, user-agent=curl/7.61.1} 2019-01-04T23:01:11.356Z|62903cda-dfad-49af-a371-141090976308| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:01:49.395Z|a1640eac-1382-47a6-a606-d14a2be18375| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:01:49.395Z|a1640eac-1382-47a6-a606-d14a2be18375| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:01:49.395Z|a1640eac-1382-47a6-a606-d14a2be18375| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:01:49.396Z|a1640eac-1382-47a6-a606-d14a2be18375| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:01:49.396Z|a1640eac-1382-47a6-a606-d14a2be18375| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:02:27.694Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - Query serviceMacroHolder getAllResourcesByServiceModelUuid serviceModelUuid: 8e52e188-5c20-4f14-9478-fd133d46c54e 2019-01-04T23:02:27.753Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - serviceMacroHolder qryResp= ServicePlus: service: org.onap.so.db.catalog.beans.Service@17e6146b[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@89206d7,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@37cd6295[artifactUUID=d3fb8785-40fa-4701-87bf-3d976f7b064c,name=service-Vfw20181218192853-csar.csar,artifactChecksum=MzIyMjliZDQwMzNiOWVjNDQ2MTY2NzViMDA2MTQ1Y2I=,url=/sdc/v1/catalog/services/Vfw2018121819:28:53/1.0/artifacts/service-Vfw20181218192853-csar.csar,description=TOSCA definition package of the asset,created=2019-01-04 22:35:51.0,version=1,services=[org.onap.so.db.catalog.beans.Service@17e6146b[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@89206d7,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@37cd6295]]]]VnfResources: , vnfResourceCustomization[0]:org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@89206d7,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]none 2019-01-04T23:02:27.895Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.s.a.catalogdb.catalogrest.QueryServiceVnfs - org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@89206d7,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]] 2019-01-04T23:02:27.901Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@470a501b[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@55bab4d1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@27b41e4b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5255d029[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@37ba60a0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a668407[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@41976c8d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6d7da64c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@457d1d0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2235d6df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5eda6603[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4d279dae[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5d1e08fd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c0bd40d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@297e78f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@78ac1b86[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7724bcd8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@67de753a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7515e04e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e14af52[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6fe0b5d3[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6e9b6d28[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5a77740f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@65790c56[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@721f8c98[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@207e88c8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@788c198c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@30ac43fc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@703adaa6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2cc0e493[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@199ad3b6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f7c88c2[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4c702650[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3583f26b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@436fd9e6[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@3cdb989e[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@40546e13,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@6afb44c6[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@2bb68068]],vnfcInstanceGroupCustomizations=[]]]]]] 2019-01-04T23:02:27.904Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : }, "isBase" : , "vfModuleLabel" : , "initialCount" : , "hasVolumeGroup" : } 2019-01-04T23:02:27.906Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:02:27.907Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:02:27.908Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:02:27.910Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:02:27.911Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:02:27.913Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: IS_BASE contains key? true 2019-01-04T23:02:27.913Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: VF_MODULE_LABEL contains key? true 2019-01-04T23:02:27.913Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: INITIAL_COUNT contains key? true 2019-01-04T23:02:27.916Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: HAS_VOLUME_GROUP contains key? true 2019-01-04T23:02:27.916Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } 2019-01-04T23:02:27.918Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : , "modelInstanceName" : }, "toscaNodeType" : , "nfFunction" : , "nfType" : , "nfRole" : , "nfNamingCode" : , "multiStageDesign" : , "resourceInput" : , <_VFMODULES_> } 2019-01-04T23:02:27.918Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:02:27.920Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:02:27.922Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:02:27.922Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:02:27.922Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:02:27.925Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INSTANCE_NAME contains key? true 2019-01-04T23:02:27.925Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: TOSCA_NODE_TYPE contains key? true 2019-01-04T23:02:27.925Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_FUNCTION contains key? true 2019-01-04T23:02:27.927Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_TYPE contains key? true 2019-01-04T23:02:27.928Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_ROLE contains key? true 2019-01-04T23:02:27.928Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_NAMING_CODE contains key? true 2019-01-04T23:02:27.929Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MULTI_STEP_DESIGN contains key? true 2019-01-04T23:02:27.930Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_INPUT contains key? true 2019-01-04T23:02:27.933Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _VFMODULES_ contains key? true 2019-01-04T23:02:27.935Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } 2019-01-04T23:02:27.935Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.s.a.catalogdb.catalogrest.QueryServiceNetworks - QueryServiceNetworks: 2019-01-04T23:02:27.937Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "serviceResources" : { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : }, "serviceType" : , "serviceRole" : , "environmentContext" : , "resourceOrder" : , "workloadContext" : , <_SERVICEVNFS_>, <_SERVICENETWORKS_>, <_SERVICEALLOTTEDRESOURCES_> }} 2019-01-04T23:02:27.938Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_NAME contains key? true 2019-01-04T23:02:27.955Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_UUID contains key? true 2019-01-04T23:02:27.956Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_INVARIANT_ID contains key? true 2019-01-04T23:02:27.956Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_VERSION contains key? true 2019-01-04T23:02:27.956Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_TYPE contains key? true 2019-01-04T23:02:27.957Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_ROLE contains key? true 2019-01-04T23:02:27.957Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: ENVIRONMENT_CONTEXT contains key? true 2019-01-04T23:02:27.957Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_ORDER contains key? true 2019-01-04T23:02:27.958Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: WORKLOAD_CONTEXT contains key? true 2019-01-04T23:02:27.958Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEVNFS_ contains key? true 2019-01-04T23:02:27.958Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICENETWORKS_ contains key? true 2019-01-04T23:02:27.959Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEALLOTTEDRESOURCES_ contains key? true 2019-01-04T23:02:27.959Z|df867d7f-b4bb-41b0-95e2-a834d0a7df1b| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "serviceResources" : { "modelInfo" : { "modelName" : "vFW 2018-12-18 19:28:53", "modelUuid" : "8e52e188-5c20-4f14-9478-fd133d46c54e", "modelInvariantUuid" : "bcd39c74-fe81-4404-95fa-c84f1481bbff", "modelVersion" : "1.0" }, "serviceType" : "", "serviceRole" : "", "environmentContext" : "General_Revenue-Bearing", "resourceOrder" : "6c1cdb18-b10f-47b3-98dc", "workloadContext" : "Production", "serviceVnfs": [ { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } ], "serviceNetworks": [], "serviceAllottedResources": [] }} 2019-01-04T23:02:49.417Z|d2037622-47fe-430d-bbe3-de7258edc675| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:02:49.417Z|d2037622-47fe-430d-bbe3-de7258edc675| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:02:49.417Z|d2037622-47fe-430d-bbe3-de7258edc675| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:02:49.417Z|d2037622-47fe-430d-bbe3-de7258edc675| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:02:49.458Z|d2037622-47fe-430d-bbe3-de7258edc675| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:03:49.410Z|a17cfc65-5bc2-43be-8e68-fd3f0318e124| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:03:49.443Z|a17cfc65-5bc2-43be-8e68-fd3f0318e124| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:03:49.444Z|a17cfc65-5bc2-43be-8e68-fd3f0318e124| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:03:49.475Z|a17cfc65-5bc2-43be-8e68-fd3f0318e124| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:03:49.477Z|a17cfc65-5bc2-43be-8e68-fd3f0318e124| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:04:16.521Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - Query serviceMacroHolder getAllResourcesByServiceModelUuid serviceModelUuid: 8e52e188-5c20-4f14-9478-fd133d46c54e 2019-01-04T23:04:16.616Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - serviceMacroHolder qryResp= ServicePlus: service: org.onap.so.db.catalog.beans.Service@5aa2e69b[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@395638b4,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@4714f6ac[artifactUUID=d3fb8785-40fa-4701-87bf-3d976f7b064c,name=service-Vfw20181218192853-csar.csar,artifactChecksum=MzIyMjliZDQwMzNiOWVjNDQ2MTY2NzViMDA2MTQ1Y2I=,url=/sdc/v1/catalog/services/Vfw2018121819:28:53/1.0/artifacts/service-Vfw20181218192853-csar.csar,description=TOSCA definition package of the asset,created=2019-01-04 22:35:51.0,version=1,services=[org.onap.so.db.catalog.beans.Service@5aa2e69b[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@395638b4,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@4714f6ac]]]]VnfResources: , vnfResourceCustomization[0]:org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@395638b4,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]none 2019-01-04T23:04:17.275Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.s.a.catalogdb.catalogrest.QueryServiceVnfs - org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@395638b4,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]] 2019-01-04T23:04:17.276Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@4c2d1933[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@3e10968a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7c1f785f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1e0176d7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5dcd0075[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@bc9df40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7fe33bfe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@278e3ece[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a1ca6a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@22f486bd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@18c6ca1c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c13831d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@423a0b7f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@b6eb5db[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76a857[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3e14b2df[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@61f63be5[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7b7b6c9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c97e2aa[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2a0ea504[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1131cb36[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b978e40[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@10354f72[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@252bec1e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5b999b0c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@766faa41[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@44a1d64a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6f785474[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6523b1f0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@35a22afe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@46023fe[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2bafab5c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@5596aced[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@2430ebf7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e407be[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@26ec6744[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@7db908c8,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@ce0d4cb[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@650ea9d]],vnfcInstanceGroupCustomizations=[]]]]]] 2019-01-04T23:04:17.276Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : }, "isBase" : , "vfModuleLabel" : , "initialCount" : , "hasVolumeGroup" : } 2019-01-04T23:04:17.277Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:04:17.277Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:04:17.277Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:04:17.278Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:04:17.286Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:04:17.287Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: IS_BASE contains key? true 2019-01-04T23:04:17.287Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: VF_MODULE_LABEL contains key? true 2019-01-04T23:04:17.287Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: INITIAL_COUNT contains key? true 2019-01-04T23:04:17.288Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: HAS_VOLUME_GROUP contains key? true 2019-01-04T23:04:17.288Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } 2019-01-04T23:04:17.288Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : , "modelInstanceName" : }, "toscaNodeType" : , "nfFunction" : , "nfType" : , "nfRole" : , "nfNamingCode" : , "multiStageDesign" : , "resourceInput" : , <_VFMODULES_> } 2019-01-04T23:04:17.289Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:04:17.289Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:04:17.289Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:04:17.290Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:04:17.290Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:04:17.290Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INSTANCE_NAME contains key? true 2019-01-04T23:04:17.291Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: TOSCA_NODE_TYPE contains key? true 2019-01-04T23:04:17.291Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_FUNCTION contains key? true 2019-01-04T23:04:17.291Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_TYPE contains key? true 2019-01-04T23:04:17.292Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_ROLE contains key? true 2019-01-04T23:04:17.292Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_NAMING_CODE contains key? true 2019-01-04T23:04:17.292Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MULTI_STEP_DESIGN contains key? true 2019-01-04T23:04:17.293Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_INPUT contains key? true 2019-01-04T23:04:17.293Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _VFMODULES_ contains key? true 2019-01-04T23:04:17.294Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } 2019-01-04T23:04:17.294Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.s.a.catalogdb.catalogrest.QueryServiceNetworks - QueryServiceNetworks: 2019-01-04T23:04:17.295Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "serviceResources" : { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : }, "serviceType" : , "serviceRole" : , "environmentContext" : , "resourceOrder" : , "workloadContext" : , <_SERVICEVNFS_>, <_SERVICENETWORKS_>, <_SERVICEALLOTTEDRESOURCES_> }} 2019-01-04T23:04:17.296Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_NAME contains key? true 2019-01-04T23:04:17.296Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_UUID contains key? true 2019-01-04T23:04:17.314Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_INVARIANT_ID contains key? true 2019-01-04T23:04:17.314Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_VERSION contains key? true 2019-01-04T23:04:17.314Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_TYPE contains key? true 2019-01-04T23:04:17.315Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_ROLE contains key? true 2019-01-04T23:04:17.315Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: ENVIRONMENT_CONTEXT contains key? true 2019-01-04T23:04:17.317Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_ORDER contains key? true 2019-01-04T23:04:17.317Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: WORKLOAD_CONTEXT contains key? true 2019-01-04T23:04:17.318Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEVNFS_ contains key? true 2019-01-04T23:04:17.319Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICENETWORKS_ contains key? true 2019-01-04T23:04:17.319Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEALLOTTEDRESOURCES_ contains key? true 2019-01-04T23:04:17.320Z|164a62c9-4dcc-4ba8-84ec-244411519927| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "serviceResources" : { "modelInfo" : { "modelName" : "vFW 2018-12-18 19:28:53", "modelUuid" : "8e52e188-5c20-4f14-9478-fd133d46c54e", "modelInvariantUuid" : "bcd39c74-fe81-4404-95fa-c84f1481bbff", "modelVersion" : "1.0" }, "serviceType" : "", "serviceRole" : "", "environmentContext" : "General_Revenue-Bearing", "resourceOrder" : "6c1cdb18-b10f-47b3-98dc", "workloadContext" : "Production", "serviceVnfs": [ { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUT THE PUBLIC NETWORK ID HERE","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","sec_group":"PUT THE ONAP SECURITY GROUP HERE","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PUT THE ONAP PRIVATE NETWORK NAME HERE","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"PUT THE VM FLAVOR NAME HERE (m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } ], "serviceNetworks": [], "serviceAllottedResources": [] }} 2019-01-04T23:04:49.395Z|25f946c6-3fcd-477a-9118-0ed156ccee17| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:04:49.395Z|25f946c6-3fcd-477a-9118-0ed156ccee17| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:04:49.396Z|25f946c6-3fcd-477a-9118-0ed156ccee17| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:04:49.396Z|25f946c6-3fcd-477a-9118-0ed156ccee17| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:04:49.396Z|25f946c6-3fcd-477a-9118-0ed156ccee17| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:05:49.406Z|1d67deb7-4bb6-48f5-bc4e-004f13635bd6| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:05:49.407Z|1d67deb7-4bb6-48f5-bc4e-004f13635bd6| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:05:49.407Z|1d67deb7-4bb6-48f5-bc4e-004f13635bd6| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:05:49.407Z|1d67deb7-4bb6-48f5-bc4e-004f13635bd6| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:05:49.407Z|1d67deb7-4bb6-48f5-bc4e-004f13635bd6| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:06:49.396Z|f24d142f-458b-439b-9cbd-8708fa7ac150| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:06:49.397Z|f24d142f-458b-439b-9cbd-8708fa7ac150| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:06:49.397Z|f24d142f-458b-439b-9cbd-8708fa7ac150| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:06:49.397Z|f24d142f-458b-439b-9cbd-8708fa7ac150| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:06:49.397Z|f24d142f-458b-439b-9cbd-8708fa7ac150| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:07:49.394Z|b3357dd3-0908-40fc-8d7b-cf612e6b68fe| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:07:49.395Z|b3357dd3-0908-40fc-8d7b-cf612e6b68fe| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:07:49.395Z|b3357dd3-0908-40fc-8d7b-cf612e6b68fe| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:07:49.396Z|b3357dd3-0908-40fc-8d7b-cf612e6b68fe| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:07:49.396Z|b3357dd3-0908-40fc-8d7b-cf612e6b68fe| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:08:49.394Z|3e9ec014-f9b6-41d4-b32c-62402d31132b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:08:49.395Z|3e9ec014-f9b6-41d4-b32c-62402d31132b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:08:49.396Z|3e9ec014-f9b6-41d4-b32c-62402d31132b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:08:49.396Z|3e9ec014-f9b6-41d4-b32c-62402d31132b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:08:49.397Z|3e9ec014-f9b6-41d4-b32c-62402d31132b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:09:49.396Z|0b12aacb-8e50-4585-8b43-82ba5c596afa| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:09:49.396Z|0b12aacb-8e50-4585-8b43-82ba5c596afa| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:09:49.397Z|0b12aacb-8e50-4585-8b43-82ba5c596afa| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:09:49.397Z|0b12aacb-8e50-4585-8b43-82ba5c596afa| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:09:49.398Z|0b12aacb-8e50-4585-8b43-82ba5c596afa| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:10:49.394Z|2b85942f-5640-4f50-9db9-f233fb732b24| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:10:49.394Z|2b85942f-5640-4f50-9db9-f233fb732b24| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:10:49.394Z|2b85942f-5640-4f50-9db9-f233fb732b24| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:10:49.395Z|2b85942f-5640-4f50-9db9-f233fb732b24| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:10:49.395Z|2b85942f-5640-4f50-9db9-f233fb732b24| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:11:49.447Z|0842f936-30bd-49e5-b1cf-7fb9fa767ce6| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:11:49.448Z|0842f936-30bd-49e5-b1cf-7fb9fa767ce6| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:11:49.448Z|0842f936-30bd-49e5-b1cf-7fb9fa767ce6| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:11:49.448Z|0842f936-30bd-49e5-b1cf-7fb9fa767ce6| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:11:49.448Z|0842f936-30bd-49e5-b1cf-7fb9fa767ce6| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:12:49.401Z|37a15d69-60f0-4413-86e8-54e75eaadc6f| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:12:49.401Z|37a15d69-60f0-4413-86e8-54e75eaadc6f| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:12:49.402Z|37a15d69-60f0-4413-86e8-54e75eaadc6f| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:12:49.402Z|37a15d69-60f0-4413-86e8-54e75eaadc6f| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:12:49.402Z|37a15d69-60f0-4413-86e8-54e75eaadc6f| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:13:49.407Z|2220ead3-dd9f-4474-bf44-56c6ff885413| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:13:49.436Z|2220ead3-dd9f-4474-bf44-56c6ff885413| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:13:49.436Z|2220ead3-dd9f-4474-bf44-56c6ff885413| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:13:49.437Z|2220ead3-dd9f-4474-bf44-56c6ff885413| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:13:49.437Z|2220ead3-dd9f-4474-bf44-56c6ff885413| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:14:49.395Z|cafa5439-0033-425f-8f95-1f2e71d0ed73| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:14:49.396Z|cafa5439-0033-425f-8f95-1f2e71d0ed73| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:14:49.396Z|cafa5439-0033-425f-8f95-1f2e71d0ed73| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:14:49.396Z|cafa5439-0033-425f-8f95-1f2e71d0ed73| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:14:49.397Z|cafa5439-0033-425f-8f95-1f2e71d0ed73| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:15:49.409Z|9e853613-638d-4428-9c29-60d96edcff77| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:15:49.409Z|9e853613-638d-4428-9c29-60d96edcff77| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:15:49.410Z|9e853613-638d-4428-9c29-60d96edcff77| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:15:49.410Z|9e853613-638d-4428-9c29-60d96edcff77| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:15:49.411Z|9e853613-638d-4428-9c29-60d96edcff77| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:16:49.404Z|85efc7e5-7e9d-4bba-a3e0-644027e5a327| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:16:49.445Z|85efc7e5-7e9d-4bba-a3e0-644027e5a327| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:16:49.446Z|85efc7e5-7e9d-4bba-a3e0-644027e5a327| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:16:49.446Z|85efc7e5-7e9d-4bba-a3e0-644027e5a327| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:16:49.447Z|85efc7e5-7e9d-4bba-a3e0-644027e5a327| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:17:49.427Z|bf5525d4-504a-4f31-b35d-d7553fb3e037| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:17:49.428Z|bf5525d4-504a-4f31-b35d-d7553fb3e037| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:17:49.463Z|bf5525d4-504a-4f31-b35d-d7553fb3e037| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:17:49.474Z|bf5525d4-504a-4f31-b35d-d7553fb3e037| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:17:49.475Z|bf5525d4-504a-4f31-b35d-d7553fb3e037| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:18:49.396Z|69f62b0e-6f3a-4bcd-b771-77f650ce424e| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:18:49.396Z|69f62b0e-6f3a-4bcd-b771-77f650ce424e| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:18:49.396Z|69f62b0e-6f3a-4bcd-b771-77f650ce424e| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:18:49.397Z|69f62b0e-6f3a-4bcd-b771-77f650ce424e| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:18:49.397Z|69f62b0e-6f3a-4bcd-b771-77f650ce424e| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:19:49.394Z|866d8a01-1291-4e9b-aa71-718ed4ce69f2| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:19:49.394Z|866d8a01-1291-4e9b-aa71-718ed4ce69f2| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:19:49.395Z|866d8a01-1291-4e9b-aa71-718ed4ce69f2| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:19:49.395Z|866d8a01-1291-4e9b-aa71-718ed4ce69f2| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:19:49.395Z|866d8a01-1291-4e9b-aa71-718ed4ce69f2| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:20:31.255Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:20:31.255Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /service/search/findFirstByModelNameOrderByModelVersionDesc 2019-01-04T23:20:31.255Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:20:31.255Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {authorization=Basic YnBlbDpwYXNzd29yZDEk, cookie=JSESSIONID=B9FFEA92B8E4CD17FBA355264186F42C, x-onap-invocationid=, x-onap-partnername=SO, host=so-catalog-db-adapter.onap:8082, connection=Keep-Alive, content-type=application/hal+json, x-onap-requestid=2d849707-d92b-4c14-87d9-b7fa702156be, x-target-entity=SO:CatalogDB, accept-encoding=gzip,deflate, user-agent=Apache-HttpClient/4.5.5 (Java/1.8.0_181), accept=application/hal+json} 2019-01-04T23:20:31.256Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:20:31.515Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:20:31.515Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /serviceRecipe/search/findFirstByServiceModelUUIDAndAction 2019-01-04T23:20:31.516Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:20:31.516Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {authorization=Basic YnBlbDpwYXNzd29yZDEk, cookie=JSESSIONID=B9FFEA92B8E4CD17FBA355264186F42C, x-onap-invocationid=, x-onap-partnername=SO, host=so-catalog-db-adapter.onap:8082, connection=Keep-Alive, content-type=application/hal+json, x-onap-requestid=2d849707-d92b-4c14-87d9-b7fa702156be, x-target-entity=SO:CatalogDB, accept-encoding=gzip,deflate, user-agent=Apache-HttpClient/4.5.5 (Java/1.8.0_181), accept=application/hal+json} 2019-01-04T23:20:31.516Z|2d849707-d92b-4c14-87d9-b7fa702156be| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:20:33.607Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - Query serviceMacroHolder getAllResourcesByServiceModelUuid serviceModelUuid: 8e52e188-5c20-4f14-9478-fd133d46c54e 2019-01-04T23:20:33.758Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.s.adapters.catalogdb.rest.CatalogDbAdapterRest - serviceMacroHolder qryResp= ServicePlus: service: org.onap.so.db.catalog.beans.Service@21be7b50[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@3b113146,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@41099115[artifactUUID=d3fb8785-40fa-4701-87bf-3d976f7b064c,name=service-Vfw20181218192853-csar.csar,artifactChecksum=MzIyMjliZDQwMzNiOWVjNDQ2MTY2NzViMDA2MTQ1Y2I=,url=/sdc/v1/catalog/services/Vfw2018121819:28:53/1.0/artifacts/service-Vfw20181218192853-csar.csar,description=TOSCA definition package of the asset,created=2019-01-04 22:35:51.0,version=1,services=[org.onap.so.db.catalog.beans.Service@21be7b50[modelName=vFW 2018-12-18 19:28:53,description=catalog service description,modelUUID=8e52e188-5c20-4f14-9478-fd133d46c54e,modelInvariantUUID=bcd39c74-fe81-4404-95fa-c84f1481bbff,created=2019-01-04 22:35:51.0,modelVersion=1.0,serviceType=,serviceRole=,environmentContext=General_Revenue-Bearing,workloadContext=Production,category=,networkCustomizations=[],vnfCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@3b113146,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]],allottedCustomizations=[],collectionResourceCustomizations=[],serviceProxyCustomizations=[],configurationCustomizations=[],recipes={},csar=org.onap.so.db.catalog.beans.ToscaCsar@41099115]]]]VnfResources: , vnfResourceCustomization[0]:org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@3b113146,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]]none 2019-01-04T23:20:34.437Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.s.a.catalogdb.catalogrest.QueryServiceVnfs - org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a]]],vnfcInstanceGroupCustomizations=[]]]],vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=org.hibernate.collection.internal.PersistentBag@3b113146,vnfcInstanceGroupCustomizations=[]]]]]]],vnfcInstanceGroupCustomizations=[]] 2019-01-04T23:20:34.439Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716[modelUUID=48fa943c-387f-4cef-878a-05eca06a6150,modelInvariantUUID=5571190d-7750-42f1-948b-dcd14897121d,modelName=6c1cdb18B10f47b398dc..base_vfw..module-0,modelVersion=1,description=,isBase=true,volumeHeatTemplate=,moduleHeatTemplate=org.onap.so.db.catalog.beans.HeatTemplate@6beea319[artifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,templateName=base_vfw.yaml,templateBody=########################################################################## # #==================LICENSE_START========================================== # # # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # #==================LICENSE_END============================================ # # ECOMP is a trademark and service mark of AT&T Intellectual Property. # ########################################################################## heat_template_version: 2013-05-23 description: Heat template that deploys vFirewall demo app for ONAP ############## # # # PARAMETERS # # # ############## parameters: vfw_image_name: type: string label: Image name or ID description: Image to be used for compute instance vfw_flavor_name: type: string label: Flavor description: Type of instance (flavor) to be used public_net_id: type: string label: Public network name or ID description: Public network that enables remote connection to VNF unprotected_private_net_id: type: string label: Unprotected private network name or ID description: Private network that connects vPacketGenerator with vFirewall protected_private_net_id: type: string label: Protected private network name or ID description: Private network that connects vFirewall with vSink onap_private_net_id: type: string label: ONAP management network name or ID description: Private network that connects ONAP components and the VNF onap_private_subnet_id: type: string label: ONAP management sub-network name or ID description: Private sub-network that connects ONAP components and the VNF unprotected_private_net_cidr: type: string label: Unprotected private network CIDR description: The CIDR of the unprotected private network protected_private_net_cidr: type: string label: Protected private network CIDR description: The CIDR of the protected private network onap_private_net_cidr: type: string label: ONAP private network CIDR description: The CIDR of the protected private network vfw_private_ip_0: type: string label: vFirewall private IP address towards the unprotected network description: Private IP address that is assigned to the vFirewall to communicate with the vPacketGenerator vfw_private_ip_1: type: string label: vFirewall private IP address towards the protected network description: Private IP address that is assigned to the vFirewall to communicate with the vSink vfw_private_ip_2: type: string label: vFirewall private IP address towards the ONAP management network description: Private IP address that is assigned to the vFirewall to communicate with ONAP components vpg_private_ip_0: type: string label: vPacketGenerator private IP address towards the unprotected network description: Private IP address that is assigned to the vPacketGenerator to communicate with the vFirewall vpg_private_ip_1: type: string label: vPacketGenerator private IP address towards the ONAP management network description: Private IP address that is assigned to the vPacketGenerator to communicate with ONAP components vsn_private_ip_0: type: string label: vSink private IP address towards the protected network description: Private IP address that is assigned to the vSink to communicate with the vFirewall vsn_private_ip_1: type: string label: vSink private IP address towards the ONAP management network description: Private IP address that is assigned to the vSink to communicate with ONAP components vfw_name_0: type: string label: vFirewall name description: Name of the vFirewall vpg_name_0: type: string label: vPacketGenerator name description: Name of the vPacketGenerator vsn_name_0: type: string label: vSink name description: Name of the vSink vnf_id: type: string label: VNF ID description: The VNF ID is provided by ONAP vf_module_id: type: string label: vFirewall module ID description: The vFirewall Module ID is provided by ONAP dcae_collector_ip: type: string label: DCAE collector IP address description: IP address of the DCAE collector dcae_collector_port: type: string label: DCAE collector port description: Port of the DCAE collector key_name: type: string label: Key pair name description: Public/Private key pair name pub_key: type: string label: Public key description: Public key to be installed on the compute instance install_script_version: type: string label: Installation script version number description: Version number of the scripts that install the vFW demo app demo_artifacts_version: type: string label: Artifacts version used in demo vnfs description: Artifacts (jar, tar.gz) version used in demo vnfs nexus_artifact_repo: type: string description: Root URL for the Nexus repository for Maven artifacts. default: "https://nexus.onap.org" cloud_env: type: string label: Cloud environment description: Cloud environment (e.g., openstack, rackspace) sec_group: type: string description: ONAP Security Group sdnc_model_name: type: string description: SDNC Model Name metatada sdnc_model_version: type: string description: SDNC Model Version metatada sdnc_artifact_name: type: string description: SDNC Artifact Name metatada ############# # # # RESOURCES # # # ############# resources: random-str: type: OS::Heat::RandomString properties: length: 4 my_keypair: type: OS::Nova::KeyPair properties: name: str_replace: template: base_rand params: base: { get_param: key_name } rand: { get_resource: random-str } public_key: { get_param: pub_key } save_private_key: false unprotected_private_network: type: OS::Neutron::Net properties: name: { get_param: unprotected_private_net_id } protected_private_network: type: OS::Neutron::Net properties: name: { get_param: protected_private_net_id } unprotected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: unprotected_private_network } cidr: { get_param: unprotected_private_net_cidr } protected_private_subnet: type: OS::Neutron::Subnet properties: network_id: { get_resource: protected_private_network } cidr: { get_param: protected_private_net_cidr } # Virtual Firewall instantiation vfw_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vfw_private_ip_0 }}] security_groups: - { get_param: sec_group } vfw_private_1_port: type: OS::Neutron::Port properties: allowed_address_pairs: [{ "ip_address": { get_param: vpg_private_ip_0 }}] network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vfw_private_ip_1 }}] security_groups: - { get_param: sec_group } vfw_private_2_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vfw_private_ip_2 }}] security_groups: - { get_param: sec_group } vfw_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vfw_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vfw_private_0_port } - port: { get_resource: vfw_private_1_port } - port: { get_resource: vfw_private_2_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __dcae_collector_ip__ : { get_param: dcae_collector_ip } __dcae_collector_port__ : { get_param: dcae_collector_port } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vfw_private_ip_0__ : { get_param: vfw_private_ip_0 } __vfw_private_ip_1__ : { get_param: vfw_private_ip_1 } __vfw_private_ip_2__ : { get_param: vfw_private_ip_2 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__dcae_collector_ip__" > /opt/config/dcae_collector_ip.txt echo "__dcae_collector_port__" > /opt/config/dcae_collector_port.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vfw_private_ip_0__" > /opt/config/vfw_private_ip_0.txt echo "__vfw_private_ip_1__" > /opt/config/vfw_private_ip_1.txt echo "__vfw_private_ip_2__" > /opt/config/vfw_private_ip_2.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_firewall_install.sh cd /opt chmod +x v_firewall_install.sh ./v_firewall_install.sh # Virtual Packet Generator instantiation vpg_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: unprotected_private_network } fixed_ips: [{"subnet": { get_resource: unprotected_private_subnet }, "ip_address": { get_param: vpg_private_ip_0 }}] security_groups: - { get_param: sec_group } vpg_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vpg_private_ip_1 }}] security_groups: - { get_param: sec_group } vpg_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vpg_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vpg_private_0_port } - port: { get_resource: vpg_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __fw_ipaddr__: { get_param: vfw_private_ip_0 } __protected_net_cidr__: { get_param: protected_private_net_cidr } __sink_ipaddr__: { get_param: vsn_private_ip_0 } __demo_artifacts_version__ : { get_param: demo_artifacts_version } __install_script_version__ : { get_param: install_script_version } __vpg_private_ip_0__ : { get_param: vpg_private_ip_0 } __vpg_private_ip_1__ : { get_param: vpg_private_ip_1 } __unprotected_private_net_cidr__ : { get_param: unprotected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__fw_ipaddr__" > /opt/config/fw_ipaddr.txt echo "__protected_net_cidr__" > /opt/config/protected_net_cidr.txt echo "__sink_ipaddr__" > /opt/config/sink_ipaddr.txt echo "__demo_artifacts_version__" > /opt/config/demo_artifacts_version.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vpg_private_ip_0__" > /opt/config/vpg_private_ip_0.txt echo "__vpg_private_ip_1__" > /opt/config/vpg_private_ip_1.txt echo "__unprotected_private_net_cidr__" > /opt/config/unprotected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_packetgen_install.sh cd /opt chmod +x v_packetgen_install.sh ./v_packetgen_install.sh # Virtual Sink instantiation vsn_private_0_port: type: OS::Neutron::Port properties: network: { get_resource: protected_private_network } fixed_ips: [{"subnet": { get_resource: protected_private_subnet }, "ip_address": { get_param: vsn_private_ip_0 }}] security_groups: - { get_param: sec_group } vsn_private_1_port: type: OS::Neutron::Port properties: network: { get_param: onap_private_net_id } fixed_ips: [{"subnet": { get_param: onap_private_subnet_id }, "ip_address": { get_param: vsn_private_ip_1 }}] security_groups: - { get_param: sec_group } vsn_0: type: OS::Nova::Server properties: image: { get_param: vfw_image_name } flavor: { get_param: vfw_flavor_name } name: { get_param: vsn_name_0 } key_name: { get_resource: my_keypair } networks: - network: { get_param: public_net_id } - port: { get_resource: vsn_private_0_port } - port: { get_resource: vsn_private_1_port } metadata: {vnf_id: { get_param: vnf_id }, vf_module_id: { get_param: vf_module_id }} user_data_format: RAW user_data: str_replace: params: __protected_net_gw__: { get_param: vfw_private_ip_1 } __unprotected_net__: { get_param: unprotected_private_net_cidr } __install_script_version__ : { get_param: install_script_version } __vsn_private_ip_0__ : { get_param: vsn_private_ip_0 } __vsn_private_ip_1__ : { get_param: vsn_private_ip_1 } __protected_private_net_cidr__ : { get_param: protected_private_net_cidr } __onap_private_net_cidr__ : { get_param: onap_private_net_cidr } __cloud_env__ : { get_param: cloud_env } __nexus_artifact_repo__: { get_param: nexus_artifact_repo } template: | #!/bin/bash # Create configuration files mkdir /opt/config echo "__protected_net_gw__" > /opt/config/protected_net_gw.txt echo "__unprotected_net__" > /opt/config/unprotected_net.txt echo "__install_script_version__" > /opt/config/install_script_version.txt echo "__vsn_private_ip_0__" > /opt/config/vsn_private_ip_0.txt echo "__vsn_private_ip_1__" > /opt/config/vsn_private_ip_1.txt echo "__protected_private_net_cidr__" > /opt/config/protected_private_net_cidr.txt echo "__onap_private_net_cidr__" > /opt/config/onap_private_net_cidr.txt echo "__cloud_env__" > /opt/config/cloud_env.txt echo "__nexus_artifact_repo__" > /opt/config/nexus_artifact_repo.txt # Download and run install script apt-get update apt-get -y install unzip if [[ "__install_script_version__" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi curl -k -L "__nexus_artifact_repo__/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.vfw&a=vfw-scripts&e=zip&v=__install_script_version__" -o /opt/vfw-scripts-__install_script_version__.zip unzip -j /opt/vfw-scripts-__install_script_version__.zip -d /opt v_sink_install.sh cd /opt chmod +x v_sink_install.sh ./v_sink_install.sh,timeoutMinutes=120,version=2,description=created from csar,artifactChecksum=ZThhNGY2NmIwMDJiZWM2YjI4MzgxZDE5OTQ5ZTQ2ZDk=,created=2019-01-04 22:35:51.0,parameters=[org.onap.so.db.catalog.beans.HeatTemplateParam@6271f2ce[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=demo_artifacts_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@42d6f707[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_artifact_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4a663dfc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@39cf9256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@542f8da9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4e0e003b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_flavor_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c92ce7b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7e40206[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@13661e62[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6950bbba[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@21343847[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sec_group,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77ed66dd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_subnet_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@49e192c1[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=protected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@d84623f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_port,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7adf4a1d[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vnf_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4f43af3a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@737c5118[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=unprotected_private_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@c9de256[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vsn_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@6612710e[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@12db96e0[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=nexus_artifact_repo,required=false,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@1b09deb8[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=public_net_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@77770845[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76dc4034[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=cloud_env,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@40cacaca[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_2,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4946d148[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_private_ip_1,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@76b8d354[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=install_script_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@4ef8ffbd[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vfw_image_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@52cdf05c[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=sdnc_model_version,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@56c189f[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vpg_name_0,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@352549dc[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=vf_module_id,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7f51e1f7[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=onap_private_net_cidr,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3ade099b[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=dcae_collector_ip,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@3c608ec9[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=key_name,required=true,paramType=string,paramAlias=], org.onap.so.db.catalog.beans.HeatTemplateParam@7ce988a[heatTemplateArtifactUuid=791ecb25-0f91-4bab-9302-4b80363ea885,paramName=pub_key,required=true,paramType=string,paramAlias=]],childTemplates=[]],created=2019-01-04 22:35:52.0,heatFiles=[],vfModuleCustomization=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a[modelUUID=9bb24848-4930-4fc0-b359-fbd390b6428b,modelInvariantUUID=55159677-f07f-4828-af0f-414353bec62f,modelName=6c1cdb18-b10f-47b3-98dc,modelVersion=1.0,toscaNodeType=org.openecomp.resource.vf.6c1cdb18B10f47b398dc,description=vendor software product,orchestrationMode=HEAT,aicVersionMin=,aicVersionMax=,created=2019-01-04 22:35:51.0,heatTemplates=,vnfResourceCustomizations=[org.onap.so.db.catalog.beans.VnfResourceCustomization@23ec9f93[modelCustomizationUUID=c27964e7-f466-4692-8dcb-7a343a35b86a,modelInstanceName=6c1cdb18-b10f-47b3-98dc 0,created=2019-01-04 22:35:51.0,minInstances=,maxInstances=,availabilityZoneMaxCount=,nfFunction=,nfType=,nfRole=,nfNamingCode=,multiStageDesign=false,vnfResources=org.onap.so.db.catalog.beans.VnfResource@3525d06a,vfModuleCustomizations=[org.onap.so.db.catalog.beans.VfModuleCustomization@1430dc73[modelCustomizationUUID=a31d85f6-c32f-44ce-8d4c-70dad0f954df,label=base_vfw,minInstances=1,maxInstances=1,initialCount=1,availabilityZoneCount=,created=2019-01-04 22:35:52.0,volumeHeatEnv=,heatEnvironment=Artifact UUID=f2236185-4a53-46b7-8e03-677d9e12a31a, name=base_vfw.env, version=2, description=Auto-generated HEAT Environment deployment artifact, body=parameters: cloud_env: "openstack" dcae_collector_ip: "10.0.4.1" dcae_collector_port: "8081" demo_artifacts_version: "1.3.0-SNAPSHOT" install_script_version: "1.3.0-SNAPSHOT" key_name: "vfw_key" nexus_artifact_repo: "https://nexus.onap.org" onap_private_net_cidr: "10.0.0.0/16" onap_private_net_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" onap_private_subnet_id: "PUT THE ONAP PRIVATE NETWORK NAME HERE" protected_private_net_cidr: "192.168.20.0/24" protected_private_net_id: "zdfw1fwl01_protected" pub_key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN" public_net_id: "PUT THE PUBLIC NETWORK ID HERE" sec_group: "PUT THE ONAP SECURITY GROUP HERE" unprotected_private_net_cidr: "192.168.10.0/24" unprotected_private_net_id: "zdfw1fwl01_unprotected" vf_module_id: "vFirewall" vfw_flavor_name: "PUT THE VM FLAVOR NAME HERE (m1.medium suggested)" vfw_image_name: "PUT THE VM IMAGE NAME HERE (UBUNTU 1404 required)" vfw_name_0: "zdfw1fwl01fwl01" vfw_private_ip_0: "192.168.10.100" vfw_private_ip_1: "192.168.20.100" vfw_private_ip_2: "10.0.100.1" vnf_id: "vFirewall_demo_app" vpg_name_0: "zdfw1fwl01pgn01" vpg_private_ip_0: "192.168.10.200" vpg_private_ip_1: "10.0.100.2" vsn_name_0: "zdfw1fwl01snk01" vsn_private_ip_0: "192.168.20.250" vsn_private_ip_1: "10.0.100.3" sdnc_artifact_name: sdnc_model_name: sdnc_model_version: ,creationTimestamp=1/4/19 10:35 PM,vfModule=org.onap.so.db.catalog.beans.VfModule@25750716]],vnfcInstanceGroupCustomizations=[]]]]]] 2019-01-04T23:20:34.442Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : }, "isBase" : , "vfModuleLabel" : , "initialCount" : , "hasVolumeGroup" : } 2019-01-04T23:20:34.443Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:20:34.446Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:20:34.447Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:20:34.448Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:20:34.449Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:20:34.451Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: IS_BASE contains key? true 2019-01-04T23:20:34.453Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: VF_MODULE_LABEL contains key? true 2019-01-04T23:20:34.455Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: INITIAL_COUNT contains key? true 2019-01-04T23:20:34.455Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: HAS_VOLUME_GROUP contains key? true 2019-01-04T23:20:34.457Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } 2019-01-04T23:20:34.458Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : , "modelCustomizationUuid" : , "modelInstanceName" : }, "toscaNodeType" : , "nfFunction" : , "nfType" : , "nfRole" : , "nfNamingCode" : , "multiStageDesign" : , "resourceInput" : , <_VFMODULES_> } 2019-01-04T23:20:34.460Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_NAME contains key? true 2019-01-04T23:20:34.461Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_UUID contains key? true 2019-01-04T23:20:34.461Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INVARIANT_ID contains key? true 2019-01-04T23:20:34.463Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_VERSION contains key? true 2019-01-04T23:20:34.463Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_CUSTOMIZATION_UUID contains key? true 2019-01-04T23:20:34.465Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MODEL_INSTANCE_NAME contains key? true 2019-01-04T23:20:34.465Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: TOSCA_NODE_TYPE contains key? true 2019-01-04T23:20:34.467Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_FUNCTION contains key? true 2019-01-04T23:20:34.467Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_TYPE contains key? true 2019-01-04T23:20:34.467Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_ROLE contains key? true 2019-01-04T23:20:34.469Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: NF_NAMING_CODE contains key? true 2019-01-04T23:20:34.469Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: MULTI_STEP_DESIGN contains key? true 2019-01-04T23:20:34.471Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_INPUT contains key? true 2019-01-04T23:20:34.471Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _VFMODULES_ contains key? true 2019-01-04T23:20:34.473Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{\"vf_module_id\":\"vFirewall\",\"vfw_private_ip_1\":\"192.168.20.100\",\"public_net_id\":\"PUBLIC NET ID\",\"vfw_private_ip_0\":\"192.168.10.100\",\"onap_private_subnet_id\":\"PRIVATE NETWORK\",\"sec_group\":\"SECURITY GROUP\",\"vfw_private_ip_2\":\"10.0.100.1\",\"vfw_name_0\":\"zdfw1fwl01fwl01\",\"nexus_artifact_repo\":\"https://nexus.onap.org\",\"onap_private_net_cidr\":\"10.0.0.0/16\",\"dcae_collector_ip\":\"10.0.4.1\",\"vnf_id\":\"vFirewall_demo_app\",\"dcae_collector_port\":\"8081\",\"vpg_name_0\":\"zdfw1fwl01pgn01\",\"vsn_private_ip_0\":\"192.168.20.250\",\"vpg_private_ip_1\":\"10.0.100.2\",\"vsn_private_ip_1\":\"10.0.100.3\",\"vpg_private_ip_0\":\"192.168.10.200\",\"protected_private_net_cidr\":\"192.168.20.0/24\",\"unprotected_private_net_cidr\":\"192.168.10.0/24\",\"nf_naming\":\"true\",\"vsn_name_0\":\"zdfw1fwl01snk01\",\"multi_stage_design\":\"false\",\"onap_private_net_id\":\"PRIVATE NETWORK\",\"unprotected_private_net_id\":\"zdfw1fwl01_unprotected\",\"availability_zone_max_count\":\"1\",\"vfw_flavor_name\":\"(m1.medium suggested)\",\"demo_artifacts_version\":\"1.3.0-SNAPSHOT\",\"pub_key\":\"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN\",\"key_name\":\"vfw_key\",\"install_script_version\":\"1.3.0-SNAPSHOT\",\"vfw_image_name\":\"(UBUNTU 1404 required)\",\"protected_private_net_id\":\"zdfw1fwl01_protected\",\"cloud_env\":\"openstack\"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } 2019-01-04T23:20:34.477Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.s.a.catalogdb.catalogrest.QueryServiceNetworks - QueryServiceNetworks: 2019-01-04T23:20:34.479Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery template: { "serviceResources" : { "modelInfo" : { "modelName" : , "modelUuid" : , "modelInvariantUuid" : , "modelVersion" : }, "serviceType" : , "serviceRole" : , "environmentContext" : , "resourceOrder" : , "workloadContext" : , <_SERVICEVNFS_>, <_SERVICENETWORKS_>, <_SERVICEALLOTTEDRESOURCES_> }} 2019-01-04T23:20:34.479Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_NAME contains key? true 2019-01-04T23:20:34.479Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_UUID contains key? true 2019-01-04T23:20:34.481Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_INVARIANT_ID contains key? true 2019-01-04T23:20:34.482Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_MODEL_VERSION contains key? true 2019-01-04T23:20:34.482Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_TYPE contains key? true 2019-01-04T23:20:34.484Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: SERVICE_ROLE contains key? true 2019-01-04T23:20:34.486Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: ENVIRONMENT_CONTEXT contains key? true 2019-01-04T23:20:34.487Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: RESOURCE_ORDER contains key? true 2019-01-04T23:20:34.489Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: WORKLOAD_CONTEXT contains key? true 2019-01-04T23:20:34.491Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEVNFS_ contains key? true 2019-01-04T23:20:34.493Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICENETWORKS_ contains key? true 2019-01-04T23:20:34.493Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery key: _SERVICEALLOTTEDRESOURCES_ contains key? true 2019-01-04T23:20:34.494Z|bf45fd77-8fd2-49ee-a5e7-04fa984ea584| o.o.so.adapters.catalogdb.catalogrest.CatalogQuery - CatalogQuery return: { "serviceResources" : { "modelInfo" : { "modelName" : "vFW 2018-12-18 19:28:53", "modelUuid" : "8e52e188-5c20-4f14-9478-fd133d46c54e", "modelInvariantUuid" : "bcd39c74-fe81-4404-95fa-c84f1481bbff", "modelVersion" : "1.0" }, "serviceType" : "", "serviceRole" : "", "environmentContext" : "General_Revenue-Bearing", "resourceOrder" : "6c1cdb18-b10f-47b3-98dc", "workloadContext" : "Production", "serviceVnfs": [ { "modelInfo" : { "modelName" : "6c1cdb18-b10f-47b3-98dc", "modelUuid" : "9bb24848-4930-4fc0-b359-fbd390b6428b", "modelInvariantUuid" : "55159677-f07f-4828-af0f-414353bec62f", "modelVersion" : "1.0", "modelCustomizationUuid" : "c27964e7-f466-4692-8dcb-7a343a35b86a", "modelInstanceName" : "6c1cdb18-b10f-47b3-98dc 0" }, "toscaNodeType" : "org.openecomp.resource.vf.6c1cdb18B10f47b398dc", "nfFunction" : null, "nfType" : null, "nfRole" : null, "nfNamingCode" : null, "multiStageDesign" : "false", "resourceInput" : "{"vf_module_id":"vFirewall","vfw_private_ip_1":"192.168.20.100","public_net_id":"PUBLIC NET ID","vfw_private_ip_0":"192.168.10.100","onap_private_subnet_id":"PRIVATE NETWORK","sec_group":"SECURITY GROUP","vfw_private_ip_2":"10.0.100.1","vfw_name_0":"zdfw1fwl01fwl01","nexus_artifact_repo":"https://nexus.onap.org","onap_private_net_cidr":"10.0.0.0/16","dcae_collector_ip":"10.0.4.1","vnf_id":"vFirewall_demo_app","dcae_collector_port":"8081","vpg_name_0":"zdfw1fwl01pgn01","vsn_private_ip_0":"192.168.20.250","vpg_private_ip_1":"10.0.100.2","vsn_private_ip_1":"10.0.100.3","vpg_private_ip_0":"192.168.10.200","protected_private_net_cidr":"192.168.20.0/24","unprotected_private_net_cidr":"192.168.10.0/24","nf_naming":"true","vsn_name_0":"zdfw1fwl01snk01","multi_stage_design":"false","onap_private_net_id":"PRIVATE NETWORK","unprotected_private_net_id":"zdfw1fwl01_unprotected","availability_zone_max_count":"1","vfw_flavor_name":"(m1.medium suggested)","demo_artifacts_version":"1.3.0-SNAPSHOT","pub_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQXYJYYi3/OUZXUiCYWdtc7K0m5C0dJKVxPG0eI8EWZrEHYdfYe6WoTSDJCww+1qlBSpA5ac/Ba4Wn9vh+lR1vtUKkyIC/nrYb90ReUd385Glkgzrfh5HdR5y5S2cL/Frh86lAn9r6b3iWTJD8wBwXFyoe1S2nMTOIuG4RPNvfmyCTYVh8XTCCE8HPvh3xv2r4egawG1P4Q4UDwk+hDBXThY2KS8M5/8EMyxHV0ImpLbpYCTBA6KYDIRtqmgS6iKyy8v2D1aSY5mc9J0T5t9S2Gv+VZQNWQDDKNFnxqYaAo1uEoq/i1q63XC5AD3ckXb2VT6dp23BQMdDfbHyUWfJN","key_name":"vfw_key","install_script_version":"1.3.0-SNAPSHOT","vfw_image_name":"(UBUNTU 1404 required)","protected_private_net_id":"zdfw1fwl01_protected","cloud_env":"openstack"}", "vfModules": [ { "modelInfo" : { "modelName" : "6c1cdb18B10f47b398dc..base_vfw..module-0", "modelUuid" : "48fa943c-387f-4cef-878a-05eca06a6150", "modelInvariantUuid" : "5571190d-7750-42f1-948b-dcd14897121d", "modelVersion" : "1", "modelCustomizationUuid" : "a31d85f6-c32f-44ce-8d4c-70dad0f954df" }, "isBase" : true, "vfModuleLabel" : "base_vfw", "initialCount" : 1, "hasVolumeGroup" : false } ] } ], "serviceNetworks": [], "serviceAllottedResources": [] }} 2019-01-04T23:20:49.434Z|fda8c5cb-de1e-4318-a422-2b48652e8580| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:20:49.434Z|fda8c5cb-de1e-4318-a422-2b48652e8580| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:20:49.450Z|fda8c5cb-de1e-4318-a422-2b48652e8580| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:20:49.450Z|fda8c5cb-de1e-4318-a422-2b48652e8580| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:20:49.451Z|fda8c5cb-de1e-4318-a422-2b48652e8580| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:21:49.416Z|079a7f38-3fb3-4955-a9c5-1c0b4052e147| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:21:49.416Z|079a7f38-3fb3-4955-a9c5-1c0b4052e147| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:21:49.432Z|079a7f38-3fb3-4955-a9c5-1c0b4052e147| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:21:49.432Z|079a7f38-3fb3-4955-a9c5-1c0b4052e147| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:21:49.434Z|079a7f38-3fb3-4955-a9c5-1c0b4052e147| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:22:49.440Z|cde28fb0-7986-4c88-9ed9-51188e5d3af4| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:22:49.443Z|cde28fb0-7986-4c88-9ed9-51188e5d3af4| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:22:49.443Z|cde28fb0-7986-4c88-9ed9-51188e5d3af4| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:22:49.445Z|cde28fb0-7986-4c88-9ed9-51188e5d3af4| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:22:49.446Z|cde28fb0-7986-4c88-9ed9-51188e5d3af4| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:23:49.395Z|29d47f57-fbcd-4a9b-b8dd-b90784c4efb8| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:23:49.395Z|29d47f57-fbcd-4a9b-b8dd-b90784c4efb8| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:23:49.395Z|29d47f57-fbcd-4a9b-b8dd-b90784c4efb8| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:23:49.395Z|29d47f57-fbcd-4a9b-b8dd-b90784c4efb8| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:23:49.396Z|29d47f57-fbcd-4a9b-b8dd-b90784c4efb8| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:24:49.396Z|6a65a7bd-6fd7-451d-9120-f64c97dba0f9| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:24:49.405Z|6a65a7bd-6fd7-451d-9120-f64c97dba0f9| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:24:49.406Z|6a65a7bd-6fd7-451d-9120-f64c97dba0f9| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:24:49.406Z|6a65a7bd-6fd7-451d-9120-f64c97dba0f9| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:24:49.407Z|6a65a7bd-6fd7-451d-9120-f64c97dba0f9| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:25:49.394Z|7a7786f1-feea-45fb-bdee-1036c902cb2b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:25:49.395Z|7a7786f1-feea-45fb-bdee-1036c902cb2b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:25:49.395Z|7a7786f1-feea-45fb-bdee-1036c902cb2b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:25:49.395Z|7a7786f1-feea-45fb-bdee-1036c902cb2b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:25:49.396Z|7a7786f1-feea-45fb-bdee-1036c902cb2b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:26:49.395Z|340f410f-18ab-4188-8f57-963bdc17210b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:26:49.395Z|340f410f-18ab-4188-8f57-963bdc17210b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:26:49.401Z|340f410f-18ab-4188-8f57-963bdc17210b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:26:49.401Z|340f410f-18ab-4188-8f57-963bdc17210b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:26:49.402Z|340f410f-18ab-4188-8f57-963bdc17210b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:27:49.394Z|3ab8e4f0-02e6-466d-a496-29ed19fbbd0d| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:27:49.395Z|3ab8e4f0-02e6-466d-a496-29ed19fbbd0d| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:27:49.395Z|3ab8e4f0-02e6-466d-a496-29ed19fbbd0d| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:27:49.395Z|3ab8e4f0-02e6-466d-a496-29ed19fbbd0d| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:27:49.395Z|3ab8e4f0-02e6-466d-a496-29ed19fbbd0d| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:28:49.394Z|15b247d5-8c2c-46eb-8134-20e258095a28| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:28:49.394Z|15b247d5-8c2c-46eb-8134-20e258095a28| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:28:49.394Z|15b247d5-8c2c-46eb-8134-20e258095a28| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:28:49.395Z|15b247d5-8c2c-46eb-8134-20e258095a28| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:28:49.395Z|15b247d5-8c2c-46eb-8134-20e258095a28| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:29:49.411Z|abfaef41-1cd8-40ad-b64b-7941f3c3f7ee| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:29:49.412Z|abfaef41-1cd8-40ad-b64b-7941f3c3f7ee| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:29:49.412Z|abfaef41-1cd8-40ad-b64b-7941f3c3f7ee| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:29:49.412Z|abfaef41-1cd8-40ad-b64b-7941f3c3f7ee| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:29:49.412Z|abfaef41-1cd8-40ad-b64b-7941f3c3f7ee| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:30:49.394Z|855b7c65-cdea-44bd-a009-1131ac999b15| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:30:49.394Z|855b7c65-cdea-44bd-a009-1131ac999b15| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:30:49.395Z|855b7c65-cdea-44bd-a009-1131ac999b15| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:30:49.395Z|855b7c65-cdea-44bd-a009-1131ac999b15| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:30:49.395Z|855b7c65-cdea-44bd-a009-1131ac999b15| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:31:49.415Z|5f984b41-4041-4d1c-84cc-46aeaf987c0a| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:31:49.415Z|5f984b41-4041-4d1c-84cc-46aeaf987c0a| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:31:49.415Z|5f984b41-4041-4d1c-84cc-46aeaf987c0a| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:31:49.415Z|5f984b41-4041-4d1c-84cc-46aeaf987c0a| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:31:49.416Z|5f984b41-4041-4d1c-84cc-46aeaf987c0a| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:32:49.405Z|82e4a3f8-5990-4709-a2c5-7f063e181ed9| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:32:49.405Z|82e4a3f8-5990-4709-a2c5-7f063e181ed9| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:32:49.406Z|82e4a3f8-5990-4709-a2c5-7f063e181ed9| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:32:49.406Z|82e4a3f8-5990-4709-a2c5-7f063e181ed9| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:32:49.407Z|82e4a3f8-5990-4709-a2c5-7f063e181ed9| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:33:49.394Z|1e13321f-7ba7-4ab5-99e1-dc011f7d7364| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:33:49.394Z|1e13321f-7ba7-4ab5-99e1-dc011f7d7364| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:33:49.395Z|1e13321f-7ba7-4ab5-99e1-dc011f7d7364| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:33:49.395Z|1e13321f-7ba7-4ab5-99e1-dc011f7d7364| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:33:49.395Z|1e13321f-7ba7-4ab5-99e1-dc011f7d7364| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:34:49.394Z|075a623f-ebf4-4546-bf6d-fd39d85f5af9| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:34:49.394Z|075a623f-ebf4-4546-bf6d-fd39d85f5af9| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:34:49.394Z|075a623f-ebf4-4546-bf6d-fd39d85f5af9| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:34:49.395Z|075a623f-ebf4-4546-bf6d-fd39d85f5af9| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:34:49.395Z|075a623f-ebf4-4546-bf6d-fd39d85f5af9| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:35:49.394Z|d43269a5-8580-4756-beaa-6d11b8b21be1| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:35:49.394Z|d43269a5-8580-4756-beaa-6d11b8b21be1| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:35:49.395Z|d43269a5-8580-4756-beaa-6d11b8b21be1| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:35:49.395Z|d43269a5-8580-4756-beaa-6d11b8b21be1| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:35:49.395Z|d43269a5-8580-4756-beaa-6d11b8b21be1| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:36:49.394Z|c133575e-638f-4b89-b2f5-e8920dd8993e| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:36:49.394Z|c133575e-638f-4b89-b2f5-e8920dd8993e| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:36:49.395Z|c133575e-638f-4b89-b2f5-e8920dd8993e| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:36:49.395Z|c133575e-638f-4b89-b2f5-e8920dd8993e| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:36:49.395Z|c133575e-638f-4b89-b2f5-e8920dd8993e| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:37:49.468Z|1bcc94fb-1707-4164-957b-3543187178a4| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:37:49.478Z|1bcc94fb-1707-4164-957b-3543187178a4| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:37:49.479Z|1bcc94fb-1707-4164-957b-3543187178a4| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:37:49.479Z|1bcc94fb-1707-4164-957b-3543187178a4| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:37:49.479Z|1bcc94fb-1707-4164-957b-3543187178a4| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:38:49.394Z|062d0194-e397-45e4-9b9d-f067a2e1542b| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:38:49.396Z|062d0194-e397-45e4-9b9d-f067a2e1542b| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:38:49.396Z|062d0194-e397-45e4-9b9d-f067a2e1542b| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:38:49.396Z|062d0194-e397-45e4-9b9d-f067a2e1542b| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:38:49.396Z|062d0194-e397-45e4-9b9d-f067a2e1542b| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:39:49.412Z|a6e89db7-e129-4612-a554-60c35e6db10d| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:39:49.413Z|a6e89db7-e129-4612-a554-60c35e6db10d| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:39:49.414Z|a6e89db7-e129-4612-a554-60c35e6db10d| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:39:49.414Z|a6e89db7-e129-4612-a554-60c35e6db10d| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:39:49.414Z|a6e89db7-e129-4612-a554-60c35e6db10d| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:40:49.420Z|7f8eb1bb-7013-4447-88bc-554ec86538cb| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:40:49.423Z|7f8eb1bb-7013-4447-88bc-554ec86538cb| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:40:49.424Z|7f8eb1bb-7013-4447-88bc-554ec86538cb| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:40:49.442Z|7f8eb1bb-7013-4447-88bc-554ec86538cb| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:40:49.442Z|7f8eb1bb-7013-4447-88bc-554ec86538cb| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:41:49.403Z|8be65a9c-e50b-48fb-995d-7ee5bcc881e7| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:41:49.403Z|8be65a9c-e50b-48fb-995d-7ee5bcc881e7| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:41:49.403Z|8be65a9c-e50b-48fb-995d-7ee5bcc881e7| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:41:49.404Z|8be65a9c-e50b-48fb-995d-7ee5bcc881e7| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:41:49.404Z|8be65a9c-e50b-48fb-995d-7ee5bcc881e7| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:42:49.394Z|604d702d-f661-4ddc-b1f8-6febe5652441| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:42:49.394Z|604d702d-f661-4ddc-b1f8-6febe5652441| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:42:49.394Z|604d702d-f661-4ddc-b1f8-6febe5652441| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:42:49.395Z|604d702d-f661-4ddc-b1f8-6febe5652441| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:42:49.395Z|604d702d-f661-4ddc-b1f8-6febe5652441| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:43:49.411Z|64a88dd9-8ea9-497c-98ee-707e9c8d8602| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:43:49.411Z|64a88dd9-8ea9-497c-98ee-707e9c8d8602| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:43:49.411Z|64a88dd9-8ea9-497c-98ee-707e9c8d8602| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:43:49.411Z|64a88dd9-8ea9-497c-98ee-707e9c8d8602| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:43:49.412Z|64a88dd9-8ea9-497c-98ee-707e9c8d8602| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:44:49.400Z|ba5627ec-b10d-4d03-8240-1ee047930267| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:44:49.401Z|ba5627ec-b10d-4d03-8240-1ee047930267| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:44:49.408Z|ba5627ec-b10d-4d03-8240-1ee047930267| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:44:49.408Z|ba5627ec-b10d-4d03-8240-1ee047930267| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:44:49.415Z|ba5627ec-b10d-4d03-8240-1ee047930267| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:45:49.408Z|c7b5de87-184e-4536-b75d-b2b898a3809a| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:45:49.409Z|c7b5de87-184e-4536-b75d-b2b898a3809a| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:45:49.409Z|c7b5de87-184e-4536-b75d-b2b898a3809a| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:45:49.409Z|c7b5de87-184e-4536-b75d-b2b898a3809a| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:45:49.414Z|c7b5de87-184e-4536-b75d-b2b898a3809a| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================ 2019-01-04T23:46:49.487Z|3e03fe33-8cdd-4df8-93c3-d32efdcaf491| o.o.s.l.spring.interceptor.LoggingInterceptor - ===========================request begin================================================ 2019-01-04T23:46:49.492Z|3e03fe33-8cdd-4df8-93c3-d32efdcaf491| o.o.s.l.spring.interceptor.LoggingInterceptor - URI : /manage/health 2019-01-04T23:46:49.493Z|3e03fe33-8cdd-4df8-93c3-d32efdcaf491| o.o.s.l.spring.interceptor.LoggingInterceptor - Method : GET 2019-01-04T23:46:49.493Z|3e03fe33-8cdd-4df8-93c3-d32efdcaf491| o.o.s.l.spring.interceptor.LoggingInterceptor - Headers : {host=10.42.115.161:8082, connection=close, accept-encoding=gzip, user-agent=kube-probe/1.11+} 2019-01-04T23:46:49.502Z|3e03fe33-8cdd-4df8-93c3-d32efdcaf491| o.o.s.l.spring.interceptor.LoggingInterceptor - ==========================request end================================================