Merge pull request #10 from cloudify-examples/Add-GCP-Blueprint

Add gcp blueprint

Author: EarthmanT

README.md

@@ -5,6 +5,8 @@ _Note: Without bootstrap, deployment should take 5 minutes. With bootstrap, up t
 
 To ask a question or report an issue, please use [github issues](https://github.com/cloudify-examples/cloudify-environment-setup/issues) or visit the [Cloudify users groups](https://groups.google.com/forum/#!forum/cloudify-users).
 
+*Alternative: Deploy your Cloudify Manager using an [IaaS Variant](https://github.com/cloudify-examples/environment-setup-variants).*
+
 
 # Purpose
 
@@ -17,6 +19,7 @@ This blueprint sets up a reference environment for executing the Cloudify Exampl
   - [AWS Credentials](http://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html)
   - [Openstack Credentials](https://docs.openstack.org/user-guide/common/cli-set-environment-variables-using-openstack-rc.html) - *skip step 5 in those instructions -- do not "source" the file*.
   - [Azure Credentials](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-api-authentication)
+  - [GCP Credentials](https://cloud.google.com/docs/authentication/getting-started)
 - A virtual environment application such as [virtualenv](https://virtualenv.pypa.io/en/stable/) installed on your computer.
 - [Cloudify CLI](http://docs.getcloudify.org/4.1.0/installation/from-packages/) installed in a virtual environment.
 
@@ -74,6 +77,15 @@ When you execute the blueprint, you will provision the following resources in yo
   * cloudify_host_cloud_config
   * cloudify_host
 
+* GCP Infrastructure
+  * cfys0ip0 - Static External IP
+  * cfynetwork
+  * cfynetwork_subnet0
+  * cfynetwork_subnet1
+  * cfycloudify_security_group
+  * cfycloudify_security_group1
+  * controller_key
+  * cfycloudify_host - Cloudify Manager VM
 
 #### Secrets
 
@@ -119,7 +131,23 @@ When you execute the blueprint, you will provision the following resources in yo
   * keystone_password: Your Keystone V2 password.
   * keystone_username:Your Keystone V2 username.
 
-_Note: This command should be run from the same directory in which you extracted the blueprint in the previous step._
+
+* GCP Secrets
+  * client_x509_cert_url
+  * client_email
+  * client_id
+  * project_id
+  * private_key_id
+  * private_key
+  * management_network_name
+  * zone
+  * region
+  * management_subnetwork_name
+  * private_subnetwork_name
+  * ubuntu_trusty_image
+  * centos_core_image
+  * small_instance_type
+
 
 ## Preparation
 
@@ -142,7 +170,7 @@ You will find a list of pre-bootstrapped images on [Cloudify's Downloads page](h
     Also, change the "bootstrap: True" to "False" in your inputs file.
   - Openstack: Follow [these instructions](https://docs.openstack.org/user-guide/dashboard-manage-images.html) to upload the [Openstack QCOW image](https://repository.cloudifysource.org/cloudify/4.1.1/ga-release/cloudify-enterprise-manager-4.1.1ga.qcow2) to Openstack.
     You will also need to find the correct values for cloudify_image, centos_core_image, ubuntu_trusty_image, small_image_flavor, large_image_flavor. Ask your Openstack Admin for more info on these.
-  - Azure: There is not currently a pre-bootstrapped image for Azure, so bootstrap is the only option.
+  - Azure & GCP: There is not currently a pre-bootstrapped image for Azure and GCP, so bootstrap is the only option.
 
 
 
@@ -176,6 +204,12 @@ For Openstack run:
 $ cfy install cloudify-environment-setup-latest/openstack-blueprint.yaml -i cloudify-environment-setup-latest/inputs/openstack.yaml --install-plugins
 ```
 
+For GCP run:
+
+```shell
+$ cfy install cloudify-environment-setup-latest/gcp-blueprint.yaml -i cloudify-environment-setup-latest/inputs/gcp.yaml --install-plugins
+```
+
 
 ## Manager Setup Steps
 

gcp-blueprint.yaml

@@ -0,0 +1,250 @@
+tosca_definitions_version: cloudify_dsl_1_3
+
+imports:
+  - https://raw.githubusercontent.com/cloudify-cosmo/cloudify-manager/4.1/resources/rest-service/cloudify/types/types.yaml
+  - http://getcloudify.org.s3.amazonaws.com/spec/gcp-plugin/1.0/plugin.yaml
+  - https://raw.githubusercontent.com/cloudify-incubator/cloudify-utilities-plugin/1.2.5/plugin.yaml
+  - imports/manager-configuration.yaml
+
+inputs:
+
+  client_x509_cert_url:
+    type: string
+
+  client_email:
+    type: string
+
+  client_id:
+    type: string
+
+  project_id:
+    type: string
+
+  private_key_id:
+    type: string
+
+  private_key:
+    type: string
+
+  zone:
+    default: us-east1-b
+
+  region:
+    default: us-east1
+
+  network_subnet0_cidr:
+    default: 10.11.12.0/22
+
+  network_subnet1_cidr:
+    default: 10.11.16.0/22
+
+  resource_prefix:
+    default: cfy
+
+  cloudify_image_username:
+    default: centos
+
+  local_ssh_directory:
+    default: '~/.ssh/'
+
+  manager_key_name:
+    default: cfy-manager-key
+
+  cloudify_key_file:
+    default: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name } ] }
+
+  cloudify_image:
+    default: https://www.googleapis.com/compute/v1/projects/centos-cloud/global/images/centos-7-v20170523
+
+  centos_core_image:
+    default: https://www.googleapis.com/compute/v1/projects/centos-cloud/global/images/centos-7-v20170523
+
+  ubuntu_trusty_image:
+    default: https://www.googleapis.com/compute/v1/projects/ubuntu-os-cloud/global/images/ubuntu-1404-trusty-v20170517
+
+  small_instance_type:
+    default: n1-standard-2
+
+  manager_ip:
+    description: >
+      Resolving the IP for manager setup.
+    default: { get_attribute: [ network_subnet0_staticip, address ] }
+
+  secrets:
+    description: >
+      key, value pairs of secrets used in AWS blueprint examples.
+    default:
+    - key: client_x509_cert_url
+      value: { get_input: client_x509_cert_url }
+    - key: client_email
+      value: { get_input: client_email }
+    - key: client_id
+      value: { get_input: client_id }
+    - key: project_id
+      value: { get_input: project_id }
+    - key: private_key_id
+      value: { get_input: private_key_id }
+    - key: private_key
+      value: { get_input: private_key }
+    - key: management_network_name
+      value: { get_property: [ network, name ] }
+    - key: zone
+      value: { get_input: zone }
+    - key: region
+      value: { get_input: region }
+    - key: management_subnetwork_name
+      value: { get_property: [ network_subnet0, name ] }
+    - key: private_subnetwork_name
+      value: { get_property: [ network_subnet1, name ] }
+    - key: ubuntu_trusty_image
+      value: { get_input: ubuntu_trusty_image }
+    - key: centos_core_image
+      value: { get_input: centos_core_image }
+    - key: small_instance_type
+      value: { get_input: small_instance_type }
+    - key: agent_key_public
+      value: { get_attribute: [ manager_key, public_key_export ] }
+    - key: agent_key_private
+      value: { get_attribute: [ manager_key, private_key_export ] }
+
+  create_inputs:
+    default:
+      local_private_key: { get_input: cloudify_key_file  }
+      rpm_package: { get_input: cli_package_url }
+      public_ip: { get_input: manager_ip }
+      private_ip: { get_attribute: [ cloudify_host, ip ] }
+      ssh_user: { get_input: cloudify_image_username }
+      ssh_key_filename:
+        concat:
+        - '/home/'
+        - { get_input: cloudify_image_username }
+        - '/.ssh/key.pem'
+
+dsl_definitions:
+
+  client_config: &client_config
+    auth:
+      type: service_account
+      auth_uri: https://accounts.google.com/o/oauth2/auth
+      token_uri: https://accounts.google.com/o/oauth2/token
+      auth_provider_x509_cert_url: https://www.googleapis.com/oauth2/v1/certs
+      client_x509_cert_url: { get_input: client_x509_cert_url }
+      client_email: { get_input: client_email }
+      client_id: { get_input: client_id }
+      project_id: { get_input: project_id }
+      private_key_id: { get_input: private_key_id }
+      private_key: { get_input: private_key }
+    project: { get_input: project_id }
+    zone: { get_input: zone }
+
+node_templates:
+
+  manager_key:
+    type: cloudify.keys.nodes.RSAKey
+    properties:
+      resource_config:
+        public_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name }, '.pub' ] }
+        private_key_path: { concat: [ { get_input: local_ssh_directory }, { get_input: manager_key_name } ] }
+        openssh_format: true
+      use_secret_store: false
+      key_name: { get_input: manager_key_name }
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        create:
+          implementation: keys.cloudify_ssh_key.operations.create
+          inputs:
+            store_private_key_material: true
+
+  network_subnet0_staticip:
+    type: cloudify.gcp.nodes.Address
+    properties:
+      region: { get_input: region }
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 's0ip0' ] }
+
+  network:
+    type: cloudify.gcp.nodes.Network
+    properties:
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 'network' ] }
+      auto_subnets: false
+
+  network_subnet0:
+    type: cloudify.gcp.nodes.SubNetwork
+    properties:
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 'network_subnet0' ] }
+      subnet: { get_input: network_subnet0_cidr }
+      region: { get_input: region }
+    relationships:
+    - type: cloudify.gcp.relationships.contained_in_network
+      target: network
+
+  network_subnet1:
+    type: cloudify.gcp.nodes.SubNetwork
+    properties:
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 'network_subnet1' ] }
+      subnet: { get_input: network_subnet1_cidr }
+      region: { get_input: region }
+    relationships:
+    - type: cloudify.gcp.relationships.contained_in_network
+      target: network
+
+  cloudify_security_group:
+    type: cloudify.gcp.nodes.FirewallRule
+    properties:
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 'cloudify_security_group' ] }
+      sources:
+        - 0.0.0.0/0
+      allowed:
+        tcp: [22, 80, 443]
+        icmp:
+    relationships:
+      - type: cloudify.relationships.connected_to
+        target: network
+
+  cloudify_security_group1:
+    type: cloudify.gcp.nodes.FirewallRule
+    properties:
+      gcp_config: *client_config
+      name: { concat: [ { get_input: resource_prefix }, 'cloudify_security_group1' ] }
+      sources:
+        - { get_property: [ network_subnet0, subnet ] }
+        - { get_property: [ network_subnet1, subnet ] }
+      allowed:
+        tcp: [5671, 8101, 53333, 8300, 8301, 8500, 22000, 15432]
+    relationships:
+      - type: cloudify.relationships.connected_to
+        target: network
+
+  controller_key:
+    type: cloudify.gcp.nodes.KeyPair
+    properties:
+      use_external_resource: true
+      gcp_config: *client_config
+      private_key_path: { get_property: [ manager_key, resource_config, private_key_path ] }
+      public_key_path: { get_property: [ manager_key, resource_config, public_key_path ] }
+      user: { get_input: cloudify_image_username }
+    relationships:
+      - type: cloudify.relationships.depends_on
+        target: manager_key
+
+  cloudify_host:
+    type: cloudify.gcp.nodes.Instance
+    properties:
+      name: { concat: [ { get_input: resource_prefix }, 'cloudify_host' ] }
+      gcp_config: *client_config
+      image_id: { get_input: cloudify_image }
+      instance_type: { get_input: small_instance_type }
+      zone: { get_input: zone }
+      agent_config:
+        install_method: none
+    relationships:
+    - type: cloudify.gcp.relationships.contained_in_network
+      target: network_subnet0
+    - type: cloudify.gcp.relationships.instance_connected_to_ip
+      target: network_subnet0_staticip
+    - type: cloudify.gcp.relationships.instance_connected_to_keypair
+      target: controller_key

imports/manager-configuration.yaml

@@ -46,6 +46,7 @@ inputs:
     - https://github.com/cloudify-cosmo/cloudify-openstack-plugin/releases/download/2.2.0/cloudify_openstack_plugin-2.2.0-py27-none-linux_x86_64-centos-Core.wgn
     - http://repository.cloudifysource.org/cloudify/wagons/cloudify-azure-plugin/1.4.1/cloudify_azure_plugin-1.4.1-py27-none-linux_x86_64-centos-Core.wgn
     - https://github.com/cloudify-incubator/cloudify-azure-plugin/releases/download/1.4.3/cloudify_azure_plugin-1.4.3-py27-none-linux_x86_64.wgn
+    - http://repository.cloudifysource.org/cloudify/wagons/cloudify-gcp-plugin/1.0/cloudify_gcp_plugin-1.0-py27-none-linux_x86_64-centos-Core.wgn
 
 node_types: