You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Openstack Heat is an "orchestration tool" which is used to define a collection of virtual resources (Servers, networks, volumes, firewalls etc) which should be created in bulk. To define such a collection of resources you use text-files in a YAML format called the "Heat Orchestration Template", or HOT files. When a collection of resources is defined you can create one or more instances of that collection. A typical use-case can be to create a HOT-template describing a single lab-instance for a student-group, and then instantiate it multiple times to create multiple identical LAB scenarios.

Documentation

Heat is a large tool, with online documentation which is updated by the team developing Heat. The online documentation is found HERE, and it is recommended to familiarize yourself with it. It might be a bit overwhelming at first, so the guide on the following wiki-page might be a good starting-point to understand some of the Heat functionality.

Example-case

To demonstrate the use of heat we are going to create a virtual lab infrastructure consisting of two virtual servers connected to a single network. One of the servers should have an extra disk connected which it is going to share to the other using NFS, to demonstrate multiple bits of Heats functionality. We are going to create two Heat-templates for this example, one for some common resources needed by all the labs, and one for each server-pair. The following figure might help visualize the intended setup:

Common infrastructure

The common infrastructure is in this case a virtual network connected to a virtual switch. In addition we create a common firewall-group allowing traffic to/from our servers.

Base template structure

A heat-template is a YAML file, and the base structure looks something like so:

Heat template structure 
heat_template_version: 2018-08-31

description:
  # a description of the template

parameters:
  # declaration of input parameters

resources:
  # declaration of template resources

outputs:
  # declaration of output parameters

Basicly there is a block for inputs, a block for resources and a block for outputs. For our common infrastructure we do not need any inputs, but we would like to create som resources and give the ID of the created resources as output so that we can use them as inputs for other templates. This can result in a template looking like this:

Common Infrastructure 
heat_template_version: 2018-08-31

description: >
  A template to create common base infrastructure for the heat-guide at 
  https://www.ntnu.no/wiki/display/skyhigh/Openstack+Heat

resources:
  network:
    type: OS::Neutron::Net

  router:
    type: OS::Neutron::Router
    properties:
      external_gateway_info: { network: ntnu-internal }

  router_interface_v4:
    type: OS::Neutron::RouterInterface
    properties:
      router_id: { get_resource: router }
      subnet: { get_resource: subnet_v4 }

  secgroup_generic:
    type: OS::Neutron::SecurityGroup
    properties:
      description: |
        A security group allowing users connect to the VM's using ssh
      rules:
       - protocol: icmp
         remote_ip_prefix: '0.0.0.0/0'
       - protocol: tcp
         port_range_min: 22
         port_range_max: 22
         remote_ip_prefix: '0.0.0.0/0'
       - protocol: tcp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 111
         port_range_max: 111
       - protocol: udp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 111
         port_range_max: 111
       - protocol: tcp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 2049
         port_range_max: 2049
       - protocol: udp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 2049
         port_range_max: 2049
       - protocol: tcp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 32767
         port_range_max: 32768
       - protocol: udp
         remote_ip_prefix: '192.168.0.0/24'
         port_range_min: 32767
         port_range_max: 32768

  subnet_v4:
    type: OS::Neutron::Subnet
    properties:
      network_id: { get_resource: network }
      cidr: '192.168.0.0/24'
      dns_nameservers: [ '129.241.0.200', '129.241.0.201' ]
      ip_version: 4

outputs:
  network:
    description: The network created by the template
    value: { get_resource: network }
  secgroup_generic:
    description: The security-group allowing generiv VM access.
    value: { get_resource: secgroup_generic }

Student Lab


  • No labels