diff --git a/contrib/drivers/heat/dcos_centos_template_def.py b/contrib/drivers/heat/dcos_centos_template_def.py
new file mode 100644
index 0000000000000000000000000000000000000000..09f003f67df9000f62a6c761d6688cc0a0505ea5
--- /dev/null
+++ b/contrib/drivers/heat/dcos_centos_template_def.py
@@ -0,0 +1,166 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from oslo_config import cfg
+from oslo_log import log as logging
+from oslo_serialization import jsonutils
+
+from magnum.drivers.heat import template_def
+
+CONF = cfg.CONF
+
+LOG = logging.getLogger(__name__)
+
+
+class ServerAddressOutputMapping(template_def.OutputMapping):
+
+ public_ip_output_key = None
+ private_ip_output_key = None
+
+ def __init__(self, dummy_arg, cluster_attr=None):
+ self.cluster_attr = cluster_attr
+ self.heat_output = self.public_ip_output_key
+
+ def set_output(self, stack, cluster_template, cluster):
+ if not cluster_template.floating_ip_enabled:
+ self.heat_output = self.private_ip_output_key
+
+ LOG.debug("Using heat_output: %s", self.heat_output)
+ super(ServerAddressOutputMapping,
+ self).set_output(stack, cluster_template, cluster)
+
+
+class MasterAddressOutputMapping(ServerAddressOutputMapping):
+ public_ip_output_key = 'dcos_master'
+ private_ip_output_key = 'dcos_master_private'
+
+
+class NodeAddressOutputMapping(ServerAddressOutputMapping):
+ public_ip_output_key = 'dcos_slaves'
+ private_ip_output_key = 'dcos_slaves_private'
+
+
+class DcosCentosTemplateDefinition(template_def.BaseTemplateDefinition):
+ """DC/OS template for Centos."""
+
+ def __init__(self):
+ super(DcosCentosTemplateDefinition, self).__init__()
+ self.add_parameter('external_network',
+ cluster_template_attr='external_network_id',
+ required=True)
+ self.add_parameter('number_of_slaves',
+ cluster_attr='node_count')
+ self.add_parameter('master_flavor',
+ cluster_template_attr='master_flavor_id')
+ self.add_parameter('slave_flavor',
+ cluster_template_attr='flavor_id')
+ self.add_parameter('cluster_name',
+ cluster_attr='name')
+ self.add_parameter('volume_driver',
+ cluster_template_attr='volume_driver')
+
+ self.add_output('api_address',
+ cluster_attr='api_address')
+ self.add_output('dcos_master_private',
+ cluster_attr=None)
+ self.add_output('dcos_slaves_private',
+ cluster_attr=None)
+ self.add_output('dcos_slaves',
+ cluster_attr='node_addresses',
+ mapping_type=NodeAddressOutputMapping)
+ self.add_output('dcos_master',
+ cluster_attr='master_addresses',
+ mapping_type=MasterAddressOutputMapping)
+
+ def get_params(self, context, cluster_template, cluster, **kwargs):
+ extra_params = kwargs.pop('extra_params', {})
+ # HACK(apmelton) - This uses the user's bearer token, ideally
+ # it should be replaced with an actual trust token with only
+ # access to do what the template needs it to do.
+ osc = self.get_osc(context)
+ extra_params['auth_url'] = context.auth_url
+ extra_params['username'] = context.user_name
+ extra_params['tenant_name'] = context.tenant
+ extra_params['domain_name'] = context.domain_name
+ extra_params['region_name'] = osc.cinder_region_name()
+
+ # Mesos related label parameters are deleted
+ # Because they are not optional in DC/OS configuration
+ label_list = ['rexray_preempt',
+ 'exhibitor_storage_backend',
+ 'exhibitor_zk_hosts',
+ 'exhibitor_zk_path',
+ 'aws_access_key_id',
+ 'aws_region',
+ 'aws_secret_access_key',
+ 'exhibitor_explicit_keys',
+ 's3_bucket',
+ 's3_prefix',
+ 'exhibitor_azure_account_name',
+ 'exhibitor_azure_account_key',
+ 'exhibitor_azure_prefix',
+ 'dcos_overlay_enable',
+ 'dcos_overlay_config_attempts',
+ 'dcos_overlay_mtu',
+ 'dcos_overlay_network',
+ 'dns_search',
+ 'check_time',
+ 'docker_remove_delay',
+ 'gc_delay',
+ 'log_directory',
+ 'process_timeout',
+ 'oauth_enabled',
+ 'telemetry_enabled']
+
+ for label in label_list:
+ extra_params[label] = cluster_template.labels.get(label)
+
+ # By default, master_discovery is set to 'static'
+ # If --master-lb-enabled is specified,
+ # master_discovery will be set to 'master_http_loadbalancer'
+ if cluster_template.master_lb_enabled:
+ extra_params['master_discovery'] = 'master_http_loadbalancer'
+
+ if 'true' == extra_params['dcos_overlay_enable']:
+ overlay_obj = jsonutils.loads(extra_params['dcos_overlay_network'])
+ extra_params['dcos_overlay_network'] = ''' vtep_subnet: %s
+ vtep_mac_oui: %s
+ overlays:''' % (overlay_obj['vtep_subnet'],
+ overlay_obj['vtep_mac_oui'])
+
+ for item in overlay_obj['overlays']:
+ extra_params['dcos_overlay_network'] += '''
+ - name: %s
+ subnet: %s
+ prefix: %s''' % (item['name'],
+ item['subnet'],
+ item['prefix'])
+
+ scale_mgr = kwargs.pop('scale_manager', None)
+ if scale_mgr:
+ hosts = self.get_output('dcos_slaves_private')
+ extra_params['slaves_to_remove'] = (
+ scale_mgr.get_removal_nodes(hosts))
+
+ return super(DcosCentosTemplateDefinition,
+ self).get_params(context, cluster_template, cluster,
+ extra_params=extra_params,
+ **kwargs)
+
+ def get_env_files(self, cluster_template):
+ env_files = []
+
+ template_def.add_priv_net_env_file(env_files, cluster_template)
+ template_def.add_lb_env_file(env_files, cluster_template)
+ template_def.add_fip_env_file(env_files, cluster_template)
+
+ return env_files
diff --git a/magnum/drivers/common/templates/environments/disable_floating_ip.yaml b/magnum/drivers/common/templates/environments/disable_floating_ip.yaml
index cf512734c178244b7864855d1d344a15e40aaf65..521f0025a7d89f2f53897c83c7c9bc2ba7967548 100644
--- a/magnum/drivers/common/templates/environments/disable_floating_ip.yaml
+++ b/magnum/drivers/common/templates/environments/disable_floating_ip.yaml
@@ -11,3 +11,9 @@ resource_registry:
# kubeminion.yaml
"Magnum::Optional::KubeMinion::Neutron::FloatingIP": "OS::Heat::None"
+
+ # dcosmaster.yaml
+ "Magnum::Optional::DcosMaster::Neutron::FloatingIP": "OS::Heat::None"
+
+ # dcosslave.yaml
+ "Magnum::Optional::DcosSlave::Neutron::FloatingIP": "OS::Heat::None"
diff --git a/magnum/drivers/common/templates/environments/enable_floating_ip.yaml b/magnum/drivers/common/templates/environments/enable_floating_ip.yaml
index 19e2d741ca3d10c71ae358b1075756ea1376e73a..a5de1492a952bf5ead32627189d684883ca9c2d2 100644
--- a/magnum/drivers/common/templates/environments/enable_floating_ip.yaml
+++ b/magnum/drivers/common/templates/environments/enable_floating_ip.yaml
@@ -8,3 +8,9 @@ resource_registry:
# kubeminion.yaml
"Magnum::Optional::KubeMinion::Neutron::FloatingIP": "OS::Neutron::FloatingIP"
+
+ # dcosmaster.yaml
+ "Magnum::Optional::DcosMaster::Neutron::FloatingIP": "OS::Neutron::FloatingIP"
+
+ # dcosslave.yaml
+ "Magnum::Optional::DcosSlave::Neutron::FloatingIP": "OS::Neutron::FloatingIP"
diff --git a/magnum/drivers/dcos_centos_v1/README.md b/magnum/drivers/dcos_centos_v1/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..cb13ec0235e52ee408f647f091a151b6ebb2daa0
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/README.md
@@ -0,0 +1,103 @@
+How to build a centos image which contains DC/OS 1.8.x
+======================================================
+
+Here is the advanced DC/OS 1.8 installation guide.
+
+See [Advanced DC/OS Installation Guide]
+(https://dcos.io/docs/1.8/administration/installing/custom/advanced/)
+See [Install Docker on CentOS]
+(https://dcos.io/docs/1.8/administration/installing/custom/system-requirements/install-docker-centos/)
+See [Adding agent nodes]
+(https://dcos.io/docs/1.8/administration/installing/custom/add-a-node/)
+
+Create a centos image using DIB following the steps outlined in DC/OS installation guide.
+
+1. Install and configure docker in chroot.
+2. Install system requirements in chroot.
+3. Download `dcos_generate_config.sh` outside chroot.
+ This file will be used to run `dcos_generate_config.sh --genconf` to generate
+ config files on the node during magnum cluster creation.
+4. Some configuration changes are required for DC/OS, i.e disabling the firewalld
+ and adding the group named nogroup.
+ See comments in the script file.
+
+Use the centos image to build a DC/OS cluster.
+Command:
+ `magnum cluster-template-create`
+ `magnum cluster-create`
+
+After all the instances with centos image are created.
+1. Pass parameters to config.yaml with magnum cluster template properties.
+2. Run `dcos_generate_config.sh --genconf` to generate config files.
+3. Run `dcos_install.sh master` on master node and `dcos_install.sh slave` on slave node.
+
+If we want to scale the DC/OS cluster.
+Command:
+ `magnum cluster-update`
+
+The same steps as cluster creation.
+1. Create new instances, generate config files on them and install.
+2. Or delete those agent nodes where containers are not running.
+
+
+How to use magnum dcos coe
+===============================================
+
+We are assuming that magnum has been installed and the magnum path is `/opt/stack/magnum`.
+
+1. Copy dcos magnum coe source code
+$ mv -r /opt/stack/magnum/contrib/drivers/dcos_centos_v1 /opt/stack/magnum/magnum/drivers/
+$ mv /opt/stack/magnum/contrib/drivers/common/dcos_* /opt/stack/magnum/magnum/drivers/common/
+$ cd /opt/stack/magnum
+$ sudo python setup.py install
+
+2. Add driver in setup.cfg
+dcos_centos_v1 = magnum.drivers.dcos_centos_v1.driver:Driver
+
+3. Restart your magnum services.
+
+4. Prepare centos image with elements dcos and docker installed
+ See how to build a centos image in /opt/stack/magnum/magnum/drivers/dcos_centos_v1/image/README.md
+
+5. Create glance image
+$ glance image-create --name centos-7-dcos.qcow2 \
+ --visibility public \
+ --disk-format qcow2 \
+ --container-format bare \
+ --os-distro=centos \
+ < centos-7-dcos.qcow2
+
+6. Create magnum cluster template
+ Configure DC/OS cluster with --labels
+ See https://dcos.io/docs/1.8/administration/installing/custom/configuration-parameters/
+$ magnum cluster-template-create --name dcos-cluster-template \
+ --image-id centos-7-dcos.qcow2 \
+ --keypair-id testkey \
+ --external-network-id public \
+ --dns-nameserver 8.8.8.8 \
+ --flavor-id m1.medium \
+ --labels oauth_enabled=false \
+ --coe dcos
+
+ Here is an example to specify the overlay network in DC/OS,
+ 'dcos_overlay_network' should be json string format.
+$ magnum cluster-template-create --name dcos-cluster-template \
+ --image-id centos-7-dcos.qcow2 \
+ --keypair-id testkey \
+ --external-network-id public \
+ --dns-nameserver 8.8.8.8 \
+ --flavor-id m1.medium \
+ --labels oauth_enabled=false \
+ --labels dcos_overlay_enable='true' \
+ --labels dcos_overlay_config_attempts='6' \
+ --labels dcos_overlay_mtu='9001' \
+ --labels dcos_overlay_network='{"vtep_subnet": "44.128.0.0/20",\
+ "vtep_mac_oui": "70:B3:D5:00:00:00","overlays":\
+ [{"name": "dcos","subnet": "9.0.0.0/8","prefix": 26}]}' \
+ --coe dcos
+
+7. Create magnum cluster
+$ magnum cluster-create --name dcos-cluster --cluster-template dcos-cluster-template --node-count 1
+
+8. You need to wait for a while after magnum cluster creation completed to make
+ DC/OS web interface accessible.
diff --git a/magnum/drivers/dcos_centos_v1/__init__.py b/magnum/drivers/dcos_centos_v1/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391
diff --git a/magnum/drivers/dcos_centos_v1/template_def.py b/magnum/drivers/dcos_centos_v1/template_def.py
new file mode 100644
index 0000000000000000000000000000000000000000..6cb23b7984bfd78e0b397a833dc16ed55c0c7322
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/template_def.py
@@ -0,0 +1,181 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os
+
+from oslo_config import cfg
+from oslo_log import log as logging
+from oslo_serialization import jsonutils
+
+from magnum.drivers.common import template_def
+
+CONF = cfg.CONF
+
+LOG = logging.getLogger(__name__)
+
+class ServerAddressOutputMapping(template_def.OutputMapping):
+
+ public_ip_output_key = None
+ private_ip_output_key = None
+
+ def __init__(self, dummy_arg, cluster_attr=None):
+ self.cluster_attr = cluster_attr
+ self.heat_output = self.public_ip_output_key
+
+ def set_output(self, stack, cluster_template, cluster):
+ if not cluster_template.floating_ip_enabled:
+ self.heat_output = self.private_ip_output_key
+
+ LOG.debug("Using heat_output: %s", self.heat_output)
+ super(ServerAddressOutputMapping,
+ self).set_output(stack, cluster_template, cluster)
+
+
+class MasterAddressOutputMapping(ServerAddressOutputMapping):
+ public_ip_output_key = 'dcos_master'
+ private_ip_output_key = 'dcos_master_private'
+
+
+class NodeAddressOutputMapping(ServerAddressOutputMapping):
+ public_ip_output_key = 'dcos_slaves'
+ private_ip_output_key = 'dcos_slaves_private'
+
+
+class DcosCentosTemplateDefinition(template_def.BaseTemplateDefinition):
+ """DC/OS template for Centos."""
+
+ def __init__(self):
+ super(DcosCentosTemplateDefinition, self).__init__()
+ self.add_parameter('external_network',
+ cluster_template_attr='external_network_id',
+ required=True)
+ self.add_parameter('number_of_slaves',
+ cluster_attr='node_count')
+ self.add_parameter('master_flavor',
+ cluster_template_attr='master_flavor_id')
+ self.add_parameter('slave_flavor',
+ cluster_template_attr='flavor_id')
+ self.add_parameter('cluster_name',
+ cluster_attr='name')
+ self.add_parameter('volume_driver',
+ cluster_template_attr='volume_driver')
+
+ self.add_output('api_address',
+ cluster_attr='api_address')
+ self.add_output('dcos_master_private',
+ cluster_attr=None)
+ self.add_output('dcos_slaves_private',
+ cluster_attr=None)
+ self.add_output('dcos_slaves',
+ cluster_attr='node_addresses',
+ mapping_type=NodeAddressOutputMapping)
+ self.add_output('dcos_master',
+ cluster_attr='master_addresses',
+ mapping_type=MasterAddressOutputMapping)
+
+ def get_params(self, context, cluster_template, cluster, **kwargs):
+ extra_params = kwargs.pop('extra_params', {})
+ # HACK(apmelton) - This uses the user's bearer token, ideally
+ # it should be replaced with an actual trust token with only
+ # access to do what the template needs it to do.
+ osc = self.get_osc(context)
+ extra_params['auth_url'] = context.auth_url
+ extra_params['username'] = context.user_name
+ extra_params['tenant_name'] = context.tenant
+ extra_params['domain_name'] = context.domain_name
+ extra_params['region_name'] = osc.cinder_region_name()
+
+ # Mesos related label parameters are deleted
+ # Because they are not optional in DC/OS configuration
+ label_list = ['rexray_preempt',
+ 'exhibitor_storage_backend',
+ 'exhibitor_zk_hosts',
+ 'exhibitor_zk_path',
+ 'aws_access_key_id',
+ 'aws_region',
+ 'aws_secret_access_key',
+ 'exhibitor_explicit_keys',
+ 's3_bucket',
+ 's3_prefix',
+ 'exhibitor_azure_account_name',
+ 'exhibitor_azure_account_key',
+ 'exhibitor_azure_prefix',
+ 'dcos_overlay_enable',
+ 'dcos_overlay_config_attempts',
+ 'dcos_overlay_mtu',
+ 'dcos_overlay_network',
+ 'dns_search',
+ 'check_time',
+ 'docker_remove_delay',
+ 'gc_delay',
+ 'log_directory',
+ 'process_timeout',
+ 'oauth_enabled',
+ 'telemetry_enabled']
+
+ for label in label_list:
+ extra_params[label] = cluster_template.labels.get(label)
+
+ # By default, master_discovery is set to 'static'
+ # If --master-lb-enabled is specified,
+ # master_discovery will be set to 'master_http_loadbalancer'
+ if cluster_template.master_lb_enabled:
+ extra_params['master_discovery'] = 'master_http_loadbalancer'
+
+ if 'true' == extra_params['dcos_overlay_enable']:
+ overlay_obj = jsonutils.loads(extra_params['dcos_overlay_network'])
+ extra_params['dcos_overlay_network'] = ''' vtep_subnet: %s
+ vtep_mac_oui: %s
+ overlays:''' % (overlay_obj['vtep_subnet'],
+ overlay_obj['vtep_mac_oui'])
+
+ for item in overlay_obj['overlays']:
+ extra_params['dcos_overlay_network'] += '''
+ - name: %s
+ subnet: %s
+ prefix: %s''' % (item['name'],
+ item['subnet'],
+ item['prefix'])
+
+ scale_mgr = kwargs.pop('scale_manager', None)
+ if scale_mgr:
+ hosts = self.get_output('dcos_slaves_private')
+ extra_params['slaves_to_remove'] = (
+ scale_mgr.get_removal_nodes(hosts))
+
+ return super(DcosCentosTemplateDefinition,
+ self).get_params(context, cluster_template, cluster,
+ extra_params=extra_params,
+ **kwargs)
+
+ def get_env_files(self, cluster_template):
+ env_files = []
+
+ return env_files
+
+class DcosCentosVMTemplateDefinition(DcosCentosTemplateDefinition):
+ """DC/OS template for Centos VM."""
+
+ provides = [
+ {'server_type': 'vm',
+ 'os': 'centos',
+ 'coe': 'mesos'},
+ ]
+
+ @property
+ def driver_module_path(self):
+ return __name__[:__name__.rindex('.')]
+
+ @property
+ def template_path(self):
+ return os.path.join(os.path.dirname(os.path.realpath(__file__)),
+ 'templates/dcoscluster.yaml')
diff --git a/magnum/drivers/dcos_centos_v1/templates/dcoscluster.yaml b/magnum/drivers/dcos_centos_v1/templates/dcoscluster.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..3fb7accb94b5f7529952b4bd41f3f78c6765b047
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/dcoscluster.yaml
@@ -0,0 +1,629 @@
+heat_template_version: 2016-04-08
+
+description: >
+ This template will boot a DC/OS cluster with one or more masters
+ (as specified by number_of_masters, default is 1) and one or more slaves
+ (as specified by the number_of_slaves parameter, which
+ defaults to 1).
+
+parameters:
+
+ cluster_name:
+ type: string
+ description: human readable name for the DC/OS cluster
+ default: my-cluster
+
+ number_of_masters:
+ type: number
+ description: how many DC/OS masters to spawn initially
+ default: 1
+
+ # In DC/OS, there are two types of slave nodes, public and private.
+ # Public slave nodes have external access and private slave nodes don't.
+ # Magnum only supports one type of slave nodes and I decide not to modify
+ # cluster template properties. So I create slave nodes as private agents.
+ number_of_slaves:
+ type: number
+ description: how many DC/OS agents or slaves to spawn initially
+ default: 1
+
+ master_flavor:
+ type: string
+ default: m1.medium
+ description: flavor to use when booting the master servers
+
+ slave_flavor:
+ type: string
+ default: m1.medium
+ description: flavor to use when booting the slave servers
+
+ server_image:
+ type: string
+ default: centos-dcos
+ description: glance image used to boot the server
+
+ ssh_key_name:
+ type: string
+ description: name of ssh key to be provisioned on our server
+
+ external_network:
+ type: string
+ description: uuid/name of a network to use for floating ip addresses
+ default: public
+
+ fixed_network:
+ type: string
+ description: uuid/name of an existing network to use to provision machines
+ default: ""
+
+ fixed_subnet:
+ type: string
+ description: uuid/name of an existing subnet to use to provision machines
+ default: ""
+
+ fixed_network_cidr:
+ type: string
+ description: network range for fixed ip network
+ default: 10.0.0.0/24
+
+ dns_nameserver:
+ type: string
+ description: address of a dns nameserver reachable in your environment
+
+ http_proxy:
+ type: string
+ description: http proxy address for docker
+ default: ""
+
+ https_proxy:
+ type: string
+ description: https proxy address for docker
+ default: ""
+
+ no_proxy:
+ type: string
+ description: no proxies for docker
+ default: ""
+
+ ######################################################################
+ #
+ # Rexray Configuration
+ #
+
+ trustee_domain_id:
+ type: string
+ description: domain id of the trustee
+ default: ""
+
+ trustee_user_id:
+ type: string
+ description: user id of the trustee
+ default: ""
+
+ trustee_username:
+ type: string
+ description: username of the trustee
+ default: ""
+
+ trustee_password:
+ type: string
+ description: password of the trustee
+ default: ""
+ hidden: true
+
+ trust_id:
+ type: string
+ description: id of the trust which is used by the trustee
+ default: ""
+ hidden: true
+
+ ######################################################################
+ #
+ # Rexray Configuration
+ #
+
+ volume_driver:
+ type: string
+ description: volume driver to use for container storage
+ default: ""
+
+ username:
+ type: string
+ description: user name
+
+ tenant_name:
+ type: string
+ description: >
+ tenant_name is used to isolate access to cloud resources
+
+ domain_name:
+ type: string
+ description: >
+ domain is to define the administrative boundaries for management
+ of Keystone entities
+
+ region_name:
+ type: string
+ description: a logically separate section of the cluster
+
+ rexray_preempt:
+ type: string
+ description: >
+ enables any host to take control of a volume irrespective of whether
+ other hosts are using the volume
+ default: "false"
+
+ auth_url:
+ type: string
+ description: url for keystone
+
+ slaves_to_remove:
+ type: comma_delimited_list
+ description: >
+ List of slaves to be removed when doing an update. Individual slave may
+ be referenced several ways: (1) The resource name (e.g.['1', '3']),
+ (2) The private IP address ['10.0.0.4', '10.0.0.6']. Note: the list should
+ be empty when doing a create.
+ default: []
+
+ wait_condition_timeout:
+ type: number
+ description: >
+ timeout for the Wait Conditions
+ default: 6000
+
+ password:
+ type: string
+ description: >
+ user password, not set in current implementation, only used to
+ fill in for DC/OS config file
+ default:
+ password
+ hidden: true
+
+ ######################################################################
+ #
+ # DC/OS parameters
+ #
+
+ # cluster_name
+
+ exhibitor_storage_backend:
+ type: string
+ default: "static"
+
+ exhibitor_zk_hosts:
+ type: string
+ default: ""
+
+ exhibitor_zk_path:
+ type: string
+ default: ""
+
+ aws_access_key_id:
+ type: string
+ default: ""
+
+ aws_region:
+ type: string
+ default: ""
+
+ aws_secret_access_key:
+ type: string
+ default: ""
+
+ exhibitor_explicit_keys:
+ type: string
+ default: ""
+
+ s3_bucket:
+ type: string
+ default: ""
+
+ s3_prefix:
+ type: string
+ default: ""
+
+ exhibitor_azure_account_name:
+ type: string
+ default: ""
+
+ exhibitor_azure_account_key:
+ type: string
+ default: ""
+
+ exhibitor_azure_prefix:
+ type: string
+ default: ""
+
+ # master_discovery default set to "static"
+ # If --master-lb-enabled is specified,
+ # master_discovery will be set to "master_http_loadbalancer"
+ master_discovery:
+ type: string
+ default: "static"
+
+ # master_list
+
+ # exhibitor_address
+
+ # num_masters
+
+ ####################################################
+ # Networking
+
+ dcos_overlay_enable:
+ type: string
+ default: ""
+ constraints:
+ - allowed_values:
+ - "true"
+ - "false"
+ - ""
+
+ dcos_overlay_config_attempts:
+ type: string
+ default: ""
+
+ dcos_overlay_mtu:
+ type: string
+ default: ""
+
+ dcos_overlay_network:
+ type: string
+ default: ""
+
+ dns_search:
+ type: string
+ description: >
+ This parameter specifies a space-separated list of domains that
+ are tried when an unqualified domain is entered
+ default: ""
+
+ # resolvers
+
+ # use_proxy
+
+ ####################################################
+ # Performance and Tuning
+
+ check_time:
+ type: string
+ default: "true"
+ constraints:
+ - allowed_values:
+ - "true"
+ - "false"
+
+ docker_remove_delay:
+ type: number
+ default: 1
+
+ gc_delay:
+ type: number
+ default: 2
+
+ log_directory:
+ type: string
+ default: "/genconf/logs"
+
+ process_timeout:
+ type: number
+ default: 120
+
+ ####################################################
+ # Security And Authentication
+
+ oauth_enabled:
+ type: string
+ default: "true"
+ constraints:
+ - allowed_values:
+ - "true"
+ - "false"
+
+ telemetry_enabled:
+ type: string
+ default: "true"
+ constraints:
+ - allowed_values:
+ - "true"
+ - "false"
+
+resources:
+
+ ######################################################################
+ #
+ # Master SoftwareConfig.
+ #
+
+ write_params_master:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: fragments/write-heat-params.sh}
+ inputs:
+ - name: HTTP_PROXY
+ type: String
+ - name: HTTPS_PROXY
+ type: String
+ - name: NO_PROXY
+ type: String
+ - name: AUTH_URL
+ type: String
+ - name: USERNAME
+ type: String
+ - name: PASSWORD
+ type: String
+ - name: TENANT_NAME
+ type: String
+ - name: VOLUME_DRIVER
+ type: String
+ - name: REGION_NAME
+ type: String
+ - name: DOMAIN_NAME
+ type: String
+ - name: REXRAY_PREEMPT
+ type: String
+ - name: CLUSTER_NAME
+ type: String
+ - name: EXHIBITOR_STORAGE_BACKEND
+ type: String
+ - name: EXHIBITOR_ZK_HOSTS
+ type: String
+ - name: EXHIBITOR_ZK_PATH
+ type: String
+ - name: AWS_ACCESS_KEY_ID
+ type: String
+ - name: AWS_REGION
+ type: String
+ - name: AWS_SECRET_ACCESS_KEY
+ type: String
+ - name: EXHIBITOR_EXPLICIT_KEYS
+ type: String
+ - name: S3_BUCKET
+ type: String
+ - name: S3_PREFIX
+ type: String
+ - name: EXHIBITOR_AZURE_ACCOUNT_NAME
+ type: String
+ - name: EXHIBITOR_AZURE_ACCOUNT_KEY
+ type: String
+ - name: EXHIBITOR_AZURE_PREFIX
+ type: String
+ - name: MASTER_DISCOVERY
+ type: String
+ - name: MASTER_LIST
+ type: String
+ - name: EXHIBITOR_ADDRESS
+ type: String
+ - name: NUM_MASTERS
+ type: String
+ - name: DCOS_OVERLAY_ENABLE
+ type: String
+ - name: DCOS_OVERLAY_CONFIG_ATTEMPTS
+ type: String
+ - name: DCOS_OVERLAY_MTU
+ type: String
+ - name: DCOS_OVERLAY_NETWORK
+ type: String
+ - name: DNS_SEARCH
+ type: String
+ - name: RESOLVERS
+ type: String
+ - name: CHECK_TIME
+ type: String
+ - name: DOCKER_REMOVE_DELAY
+ type: String
+ - name: GC_DELAY
+ type: String
+ - name: LOG_DIRECTORY
+ type: String
+ - name: PROCESS_TIMEOUT
+ type: String
+ - name: OAUTH_ENABLED
+ type: String
+ - name: TELEMETRY_ENABLED
+ type: String
+ - name: ROLES
+ type: String
+
+ ######################################################################
+ #
+ # DC/OS configuration SoftwareConfig.
+ # Configuration files are readered and injected into instance.
+ #
+
+ dcos_config:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: script
+ config: {get_file: fragments/configure-dcos.sh}
+
+ ######################################################################
+ #
+ # Master SoftwareDeployment.
+ #
+
+ write_params_master_deployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ properties:
+ config: {get_resource: write_params_master}
+ servers: {get_attr: [dcos_masters, attributes, dcos_server_id]}
+ input_values:
+ HTTP_PROXY: {get_param: http_proxy}
+ HTTPS_PROXY: {get_param: https_proxy}
+ NO_PROXY: {get_param: no_proxy}
+ AUTH_URL: {get_param: auth_url}
+ USERNAME: {get_param: username}
+ PASSWORD: {get_param: password}
+ TENANT_NAME: {get_param: tenant_name}
+ VOLUME_DRIVER: {get_param: volume_driver}
+ REGION_NAME: {get_param: region_name}
+ DOMAIN_NAME: {get_param: domain_name}
+ REXRAY_PREEMPT: {get_param: rexray_preempt}
+ CLUSTER_NAME: {get_param: cluster_name}
+ EXHIBITOR_STORAGE_BACKEND: {get_param: exhibitor_storage_backend}
+ EXHIBITOR_ZK_HOSTS: {get_param: exhibitor_zk_hosts}
+ EXHIBITOR_ZK_PATH: {get_param: exhibitor_zk_path}
+ AWS_ACCESS_KEY_ID: {get_param: aws_access_key_id}
+ AWS_REGION: {get_param: aws_region}
+ AWS_SECRET_ACCESS_KEY: {get_param: aws_secret_access_key}
+ EXHIBITOR_EXPLICIT_KEYS: {get_param: exhibitor_explicit_keys}
+ S3_BUCKET: {get_param: s3_bucket}
+ S3_PREFIX: {get_param: s3_prefix}
+ EXHIBITOR_AZURE_ACCOUNT_NAME: {get_param: exhibitor_azure_account_name}
+ EXHIBITOR_AZURE_ACCOUNT_KEY: {get_param: exhibitor_azure_account_key}
+ EXHIBITOR_AZURE_PREFIX: {get_param: exhibitor_azure_prefix}
+ MASTER_DISCOVERY: {get_param: master_discovery}
+ MASTER_LIST: {list_join: [' ', {get_attr: [dcos_masters, dcos_master_ip]}]}
+ EXHIBITOR_ADDRESS: {get_attr: [dcos_masters, dcos_master_ip]}
+ NUM_MASTERS: {get_param: number_of_masters}
+ DCOS_OVERLAY_ENABLE: {get_param: dcos_overlay_enable}
+ DCOS_OVERLAY_CONFIG_ATTEMPTS: {get_param: dcos_overlay_config_attempts}
+ DCOS_OVERLAY_MTU: {get_param: dcos_overlay_mtu}
+ DCOS_OVERLAY_NETWORK: {get_param: dcos_overlay_network}
+ DNS_SEARCH: {get_param: dns_search}
+ RESOLVERS: {get_param: dns_nameserver}
+ CHECK_TIME: {get_param: check_time}
+ DOCKER_REMOVE_DELAY: {get_param: docker_remove_delay}
+ GC_DELAY: {get_param: gc_delay}
+ LOG_DIRECTORY: {get_param: log_directory}
+ PROCESS_TIMEOUT: {get_param: process_timeout}
+ OAUTH_ENABLED: {get_param: oauth_enabled}
+ TELEMETRY_ENABLED: {get_param: telemetry_enabled}
+ ROLES: master
+
+ dcos_config_deployment:
+ type: OS::Heat::SoftwareDeploymentGroup
+ depends_on:
+ - write_params_master_deployment
+ properties:
+ config: {get_resource: dcos_config}
+ servers: {get_attr: [dcos_masters, attributes, dcos_server_id]}
+
+ ######################################################################
+ #
+ # DC/OS masters. This is a resource group that will create
+ # <number_of_masters> masters.
+ #
+
+ dcos_masters:
+ type: OS::Heat::ResourceGroup
+ properties:
+ count: {get_param: number_of_masters}
+ resource_def:
+ type: dcosmaster.yaml
+ properties:
+ ssh_key_name: {get_param: ssh_key_name}
+ server_image: {get_param: server_image}
+ master_flavor: {get_param: master_flavor}
+ external_network: {get_param: external_network}
+ fixed_network: ""
+ fixed_subnet: ""
+ secgroup_base_id: ""
+ secgroup_dcos_id: ""
+ api_pool_80_id: ""
+ api_pool_443_id: ""
+ api_pool_8080_id: ""
+ api_pool_5050_id: ""
+ api_pool_2181_id: ""
+ api_pool_8181_id: ""
+
+ ######################################################################
+ #
+ # DC/OS slaves. This is a resource group that will initially
+ # create <number_of_slaves> public or private slaves,
+ # and needs to be manually scaled.
+ #
+
+ dcos_slaves:
+ type: OS::Heat::ResourceGroup
+ depends_on:
+ - dcos_masters
+ properties:
+ count: {get_param: number_of_slaves}
+ removal_policies: [{resource_list: {get_param: slaves_to_remove}}]
+ resource_def:
+ type: dcosslave.yaml
+ properties:
+ ssh_key_name: {get_param: ssh_key_name}
+ server_image: {get_param: server_image}
+ slave_flavor: {get_param: slave_flavor}
+ fixed_network: ""
+ fixed_subnet: ""
+ external_network: {get_param: external_network}
+ wait_condition_timeout: {get_param: wait_condition_timeout}
+ secgroup_base_id: ""
+ # DC/OS params
+ auth_url: {get_param: auth_url}
+ username: {get_param: username}
+ password: {get_param: password}
+ tenant_name: {get_param: tenant_name}
+ volume_driver: {get_param: volume_driver}
+ region_name: {get_param: region_name}
+ domain_name: {get_param: domain_name}
+ rexray_preempt: {get_param: rexray_preempt}
+ http_proxy: {get_param: http_proxy}
+ https_proxy: {get_param: https_proxy}
+ no_proxy: {get_param: no_proxy}
+ cluster_name: {get_param: cluster_name}
+ exhibitor_storage_backend: {get_param: exhibitor_storage_backend}
+ exhibitor_zk_hosts: {get_param: exhibitor_zk_hosts}
+ exhibitor_zk_path: {get_param: exhibitor_zk_path}
+ aws_access_key_id: {get_param: aws_access_key_id}
+ aws_region: {get_param: aws_region}
+ aws_secret_access_key: {get_param: aws_secret_access_key}
+ exhibitor_explicit_keys: {get_param: exhibitor_explicit_keys}
+ s3_bucket: {get_param: s3_bucket}
+ s3_prefix: {get_param: s3_prefix}
+ exhibitor_azure_account_name: {get_param: exhibitor_azure_account_name}
+ exhibitor_azure_account_key: {get_param: exhibitor_azure_account_key}
+ exhibitor_azure_prefix: {get_param: exhibitor_azure_prefix}
+ master_discovery: {get_param: master_discovery}
+ master_list: {list_join: [' ', {get_attr: [dcos_masters, dcos_master_ip]}]}
+ exhibitor_address: {get_attr: [dcos_masters, resource.0.dcos_master_external_ip]}
+ num_masters: {get_param: number_of_masters}
+ dcos_overlay_enable: {get_param: dcos_overlay_enable}
+ dcos_overlay_config_attempts: {get_param: dcos_overlay_config_attempts}
+ dcos_overlay_mtu: {get_param: dcos_overlay_mtu}
+ dcos_overlay_network: {get_param: dcos_overlay_network}
+ dns_search: {get_param: dns_search}
+ resolvers: {get_param: dns_nameserver}
+ check_time: {get_param: check_time}
+ docker_remove_delay: {get_param: docker_remove_delay}
+ gc_delay: {get_param: gc_delay}
+ log_directory: {get_param: log_directory}
+ process_timeout: {get_param: process_timeout}
+ oauth_enabled: {get_param: oauth_enabled}
+ telemetry_enabled: {get_param: telemetry_enabled}
+
+outputs:
+
+ api_address:
+ value: {get_attr: [dcos_masters, resource.0.dcos_master_external_ip]}
+ description: >
+ This is the API endpoint of the DC/OS master. Use this to access
+ the DC/OS API from outside the cluster.
+
+ dcos_master_private:
+ value: {get_attr: [dcos_masters, dcos_master_ip]}
+ description: >
+ This is a list of the "private" addresses of all the DC/OS masters.
+
+ dcos_master:
+ value: {get_attr: [dcos_masters, dcos_master_external_ip]}
+ description: >
+ This is the "public" ip address of the DC/OS master server. Use this address to
+ log in to the DC/OS master via ssh or to access the DC/OS API
+ from outside the cluster.
+
+ dcos_slaves_private:
+ value: {get_attr: [dcos_slaves, dcos_slave_ip]}
+ description: >
+ This is a list of the "private" addresses of all the DC/OS slaves.
+
+ dcos_slaves:
+ value: {get_attr: [dcos_slaves, dcos_slave_external_ip]}
+ description: >
+ This is a list of the "public" addresses of all the DC/OS slaves.
diff --git a/magnum/drivers/dcos_centos_v1/templates/dcosmaster.yaml b/magnum/drivers/dcos_centos_v1/templates/dcosmaster.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e2a7c431bb16c4da07cdf60b6ade25b19206e897
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/dcosmaster.yaml
@@ -0,0 +1,96 @@
+heat_template_version: 2016-04-08
+
+description: >
+ This is a nested stack that defines a single DC/OS master, This stack is
+ included by a ResourceGroup resource in the parent template
+ (dcoscluster.yaml).
+
+parameters:
+
+ server_image:
+ type: string
+ description: glance image used to boot the server
+
+ master_flavor:
+ type: string
+ description: flavor to use when booting the server
+
+ ssh_key_name:
+ type: string
+ description: name of ssh key to be provisioned on our server
+
+ external_network:
+ type: string
+ description: uuid/name of a network to use for floating ip addresses
+
+ fixed_network:
+ type: string
+ description: Network from which to allocate fixed addresses.
+
+ fixed_subnet:
+ type: string
+ description: Subnet from which to allocate fixed addresses.
+
+ secgroup_base_id:
+ type: string
+ description: ID of the security group for base.
+
+ secgroup_dcos_id:
+ type: string
+ description: ID of the security group for DC/OS master.
+
+ api_pool_80_id:
+ type: string
+ description: ID of the load balancer pool of Http.
+
+ api_pool_443_id:
+ type: string
+ description: ID of the load balancer pool of Https.
+
+ api_pool_8080_id:
+ type: string
+ description: ID of the load balancer pool of Marathon.
+
+ api_pool_5050_id:
+ type: string
+ description: ID of the load balancer pool of Mesos master.
+
+ api_pool_2181_id:
+ type: string
+ description: ID of the load balancer pool of Zookeeper.
+
+ api_pool_8181_id:
+ type: string
+ description: ID of the load balancer pool of Exhibitor.
+
+resources:
+
+ ######################################################################
+ #
+ # DC/OS master server.
+ #
+
+ dcos-master:
+ type: OS::Nova::Server
+ properties:
+ image: {get_param: server_image}
+ flavor: {get_param: master_flavor}
+ key_name: {get_param: ssh_key_name}
+ user_data_format: SOFTWARE_CONFIG
+ metadata:
+ cern-services: false
+
+outputs:
+
+ dcos_master_ip:
+ value: {get_attr: [dcos-master, first_address]}
+ description: >
+ This is the "private" address of the DC/OS master node.
+ dcos_master_external_ip:
+ value: {get_attr: [dcos-master, first_address]}
+ description: >
+ This is the "public" address of the DC/OS master node.
+ dcos_server_id:
+ value: {get_resource: dcos-master}
+ description: >
+ This is the logical id of the DC/OS master node.
diff --git a/magnum/drivers/dcos_centos_v1/templates/dcosslave.yaml b/magnum/drivers/dcos_centos_v1/templates/dcosslave.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..9c166ae1e98abf506b97867a906934df1101d1a7
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/dcosslave.yaml
@@ -0,0 +1,314 @@
+heat_template_version: 2016-04-08
+
+description: >
+ This is a nested stack that defines a single DC/OS slave, This stack is
+ included by a ResourceGroup resource in the parent template
+ (dcoscluster.yaml).
+
+parameters:
+
+ server_image:
+ type: string
+ description: glance image used to boot the server
+
+ slave_flavor:
+ type: string
+ description: flavor to use when booting the server
+
+ ssh_key_name:
+ type: string
+ description: name of ssh key to be provisioned on our server
+
+ external_network:
+ type: string
+ description: uuid/name of a network to use for floating ip addresses
+
+ wait_condition_timeout:
+ type: number
+ description : >
+ timeout for the Wait Conditions
+
+ http_proxy:
+ type: string
+ description: http proxy address for docker
+
+ https_proxy:
+ type: string
+ description: https proxy address for docker
+
+ no_proxy:
+ type: string
+ description: no proxies for docker
+
+ auth_url:
+ type: string
+ description: >
+ url for DC/OS to authenticate before sending request
+
+ username:
+ type: string
+ description: user name
+
+ password:
+ type: string
+ description: >
+ user password, not set in current implementation, only used to
+ fill in for Kubernetes config file
+ hidden: true
+
+ tenant_name:
+ type: string
+ description: >
+ tenant_name is used to isolate access to Compute resources
+
+ volume_driver:
+ type: string
+ description: volume driver to use for container storage
+
+ region_name:
+ type: string
+ description: A logically separate section of the cluster
+
+ domain_name:
+ type: string
+ description: >
+ domain is to define the administrative boundaries for management
+ of Keystone entities
+
+ fixed_network:
+ type: string
+ description: Network from which to allocate fixed addresses.
+
+ fixed_subnet:
+ type: string
+ description: Subnet from which to allocate fixed addresses.
+
+ secgroup_base_id:
+ type: string
+ description: ID of the security group for base.
+
+ rexray_preempt:
+ type: string
+ description: >
+ enables any host to take control of a volume irrespective of whether
+ other hosts are using the volume
+
+ ######################################################################
+ #
+ # DC/OS parameters
+ #
+ cluster_name:
+ type: string
+ description: human readable name for the DC/OS cluster
+ default: my-cluster
+
+ exhibitor_storage_backend:
+ type: string
+
+ exhibitor_zk_hosts:
+ type: string
+
+ exhibitor_zk_path:
+ type: string
+
+ aws_access_key_id:
+ type: string
+
+ aws_region:
+ type: string
+
+ aws_secret_access_key:
+ type: string
+
+ exhibitor_explicit_keys:
+ type: string
+
+ s3_bucket:
+ type: string
+
+ s3_prefix:
+ type: string
+
+ exhibitor_azure_account_name:
+ type: string
+
+ exhibitor_azure_account_key:
+ type: string
+
+ exhibitor_azure_prefix:
+ type: string
+
+ master_discovery:
+ type: string
+
+ master_list:
+ type: string
+
+ exhibitor_address:
+ type: string
+ default: 127.0.0.1
+
+ num_masters:
+ type: number
+
+ dcos_overlay_enable:
+ type: string
+
+ dcos_overlay_config_attempts:
+ type: string
+
+ dcos_overlay_mtu:
+ type: string
+
+ dcos_overlay_network:
+ type: string
+
+ dns_search:
+ type: string
+
+ resolvers:
+ type: string
+
+ check_time:
+ type: string
+
+ docker_remove_delay:
+ type: number
+
+ gc_delay:
+ type: number
+
+ log_directory:
+ type: string
+
+ process_timeout:
+ type: number
+
+ oauth_enabled:
+ type: string
+
+ telemetry_enabled:
+ type: string
+
+resources:
+
+ slave_wait_handle:
+ type: OS::Heat::WaitConditionHandle
+
+ slave_wait_condition:
+ type: OS::Heat::WaitCondition
+ depends_on: dcos-slave
+ properties:
+ handle: {get_resource: slave_wait_handle}
+ timeout: {get_param: wait_condition_timeout}
+
+ #####################################################################
+ #
+ # software configs. these are components that are combined into
+ # a multipart MIME user-data archive.
+ #
+
+ write_heat_params:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: ungrouped
+ config:
+ str_replace:
+ template: {get_file: fragments/write-heat-params.sh}
+ params:
+ "$HTTP_PROXY": {get_param: http_proxy}
+ "$HTTPS_PROXY": {get_param: https_proxy}
+ "$NO_PROXY": {get_param: no_proxy}
+ "$AUTH_URL": {get_param: auth_url}
+ "$USERNAME": {get_param: username}
+ "$PASSWORD": {get_param: password}
+ "$TENANT_NAME": {get_param: tenant_name}
+ "$VOLUME_DRIVER": {get_param: volume_driver}
+ "$REGION_NAME": {get_param: region_name}
+ "$DOMAIN_NAME": {get_param: domain_name}
+ "$REXRAY_PREEMPT": {get_param: rexray_preempt}
+ "$CLUSTER_NAME": {get_param: cluster_name}
+ "$EXHIBITOR_STORAGE_BACKEND": {get_param: exhibitor_storage_backend}
+ "$EXHIBITOR_ZK_HOSTS": {get_param: exhibitor_zk_hosts}
+ "$EXHIBITOR_ZK_PATH": {get_param: exhibitor_zk_path}
+ "$AWS_ACCESS_KEY_ID": {get_param: aws_access_key_id}
+ "$AWS_REGION": {get_param: aws_region}
+ "$AWS_SECRET_ACCESS_KEY": {get_param: aws_secret_access_key}
+ "$EXHIBITOR_EXPLICIT_KEYS": {get_param: exhibitor_explicit_keys}
+ "$S3_BUCKET": {get_param: s3_bucket}
+ "$S3_PREFIX": {get_param: s3_prefix}
+ "$EXHIBITOR_AZURE_ACCOUNT_NAME": {get_param: exhibitor_azure_account_name}
+ "$EXHIBITOR_AZURE_ACCOUNT_KEY": {get_param: exhibitor_azure_account_key}
+ "$EXHIBITOR_AZURE_PREFIX": {get_param: exhibitor_azure_prefix}
+ "$MASTER_DISCOVERY": {get_param: master_discovery}
+ "$MASTER_LIST": {get_param: master_list}
+ "$EXHIBITOR_ADDRESS": {get_param: exhibitor_address}
+ "$NUM_MASTERS": {get_param: num_masters}
+ "$DCOS_OVERLAY_ENABLE": {get_param: dcos_overlay_enable}
+ "$DCOS_OVERLAY_CONFIG_ATTEMPTS": {get_param: dcos_overlay_config_attempts}
+ "$DCOS_OVERLAY_MTU": {get_param: dcos_overlay_mtu}
+ "$DCOS_OVERLAY_NETWORK": {get_param: dcos_overlay_network}
+ "$DNS_SEARCH": {get_param: dns_search}
+ "$RESOLVERS": {get_param: resolvers}
+ "$CHECK_TIME": {get_param: check_time}
+ "$DOCKER_REMOVE_DELAY": {get_param: docker_remove_delay}
+ "$GC_DELAY": {get_param: gc_delay}
+ "$LOG_DIRECTORY": {get_param: log_directory}
+ "$PROCESS_TIMEOUT": {get_param: process_timeout}
+ "$OAUTH_ENABLED": {get_param: oauth_enabled}
+ "$TELEMETRY_ENABLED": {get_param: telemetry_enabled}
+ "$ROLES": slave
+
+ dcos_config:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: ungrouped
+ config: {get_file: fragments/configure-dcos.sh}
+
+ slave_wc_notify:
+ type: OS::Heat::SoftwareConfig
+ properties:
+ group: ungrouped
+ config:
+ str_replace:
+ template: |
+ #!/bin/bash -v
+ wc_notify --data-binary '{"status": "SUCCESS"}'
+ params:
+ wc_notify: {get_attr: [slave_wait_handle, curl_cli]}
+
+ dcos_slave_init:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: write_heat_params}
+ - config: {get_resource: dcos_config}
+ - config: {get_resource: slave_wc_notify}
+
+ ######################################################################
+ #
+ # a single DC/OS slave.
+ #
+
+ dcos-slave:
+ type: OS::Nova::Server
+ properties:
+ image: {get_param: server_image}
+ flavor: {get_param: slave_flavor}
+ key_name: {get_param: ssh_key_name}
+ user_data_format: RAW
+ user_data: {get_resource: dcos_slave_init}
+ metadata:
+ cern-services: false
+
+outputs:
+
+ dcos_slave_ip:
+ value: {get_attr: [dcos-slave, first_address]}
+ description: >
+ This is the "private" address of the DC/OS slave node.
+
+ dcos_slave_external_ip:
+ value: {get_attr: [dcos-slave, first_address]}
+ description: >
+ This is the "public" address of the DC/OS slave node.
diff --git a/magnum/drivers/dcos_centos_v1/templates/fragments/configure-dcos.sh b/magnum/drivers/dcos_centos_v1/templates/fragments/configure-dcos.sh
new file mode 100644
index 0000000000000000000000000000000000000000..b592982474ca6d3d1ccf16a2972626a7c6a4a9da
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/fragments/configure-dcos.sh
@@ -0,0 +1,187 @@
+#!/bin/bash
+
+. /etc/sysconfig/heat-params
+
+GENCONF_SCRIPT_DIR=/opt/dcos
+
+sudo mkdir -p $GENCONF_SCRIPT_DIR/genconf
+sudo chown -R centos $GENCONF_SCRIPT_DIR/genconf
+
+# Configure ip-detect
+cat > $GENCONF_SCRIPT_DIR/genconf/ip-detect <<EOF
+#!/usr/bin/env bash
+set -o nounset -o errexit
+export PATH=/usr/sbin:/usr/bin:\$PATH
+echo \$(ip addr show eth0 | grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -1)
+EOF
+
+# Configure config.yaml
+CONFIG_YAML_FILE=$GENCONF_SCRIPT_DIR/genconf/config.yaml
+
+####################################################
+# Cluster Setup
+
+# bootstrap_url is not configurable
+echo "bootstrap_url: file://$GENCONF_SCRIPT_DIR/genconf/serve" > $CONFIG_YAML_FILE
+
+# cluster_name
+echo "cluster_name: $CLUSTER_NAME" >> $CONFIG_YAML_FILE
+
+# exhibitor_storage_backend
+if [ "static" == "$EXHIBITOR_STORAGE_BACKEND" ]; then
+ echo "exhibitor_storage_backend: static" >> $CONFIG_YAML_FILE
+elif [ "zookeeper" == "$EXHIBITOR_STORAGE_BACKEND" ]; then
+ echo "exhibitor_storage_backend: zookeeper" >> $CONFIG_YAML_FILE
+ echo "exhibitor_zk_hosts: $EXHIBITOR_ZK_HOSTS" >> $CONFIG_YAML_FILE
+ echo "exhibitor_zk_path: $EXHIBITOR_ZK_PATH" >> $CONFIG_YAML_FILE
+elif [ "aws_s3" == "$EXHIBITOR_STORAGE_BACKEND" ]; then
+ echo "exhibitor_storage_backend: aws_s3" >> $CONFIG_YAML_FILE
+ echo "aws_access_key_id: $AWS_ACCESS_KEY_ID" >> $CONFIG_YAML_FILE
+ echo "aws_region: $AWS_REGIION" >> $CONFIG_YAML_FILE
+ echo "aws_secret_access_key: $AWS_SECRET_ACCESS_KEY" >> $CONFIG_YAML_FILE
+ echo "exhibitor_explicit_keys: $EXHIBITOR_EXPLICIT_KEYS" >> $CONFIG_YAML_FILE
+ echo "s3_bucket: $S3_BUCKET" >> $CONFIG_YAML_FILE
+ echo "s3_prefix: $S3_PREFIX" >> $CONFIG_YAML_FILE
+elif [ "azure" == "$EXHIBITOR_STORAGE_BACKEND" ]; then
+ echo "exhibitor_storage_backend: azure" >> $CONFIG_YAML_FILE
+ echo "exhibitor_azure_account_name: $EXHIBITOR_AZURE_ACCOUNT_NAME" >> $CONFIG_YAML_FILE
+ echo "exhibitor_azure_account_key: $EXHIBITOR_AZURE_ACCOUNT_KEY" >> $CONFIG_YAML_FILE
+ echo "exhibitor_azure_prefix: $EXHIBITOR_AZURE_PREFIX" >> $CONFIG_YAML_FILE
+fi
+
+# master_discovery
+if [ "static" == "$MASTER_DISCOVERY" ]; then
+ echo "master_discovery: static" >> $CONFIG_YAML_FILE
+ echo "master_list:" >> $CONFIG_YAML_FILE
+ for ip in $MASTER_LIST; do
+ echo "- ${ip}" >> $CONFIG_YAML_FILE
+ done
+elif [ "master_http_loadbalancer" == "$MASTER_DISCOVERY" ]; then
+ echo "master_discovery: master_http_loadbalancer" >> $CONFIG_YAML_FILE
+ echo "exhibitor_address: $EXHIBITOR_ADDRESS" >> $CONFIG_YAML_FILE
+ echo "num_masters: $NUM_MASTERS" >> $CONFIG_YAML_FILE
+ echo "master_list:" >> $CONFIG_YAML_FILE
+ for ip in $MASTER_LIST; do
+ echo "- ${ip}" >> $CONFIG_YAML_FILE
+ done
+fi
+
+####################################################
+# Networking
+
+# dcos_overlay_enable
+if [ "false" == "$DCOS_OVERLAY_ENABLE" ]; then
+ echo "dcos_overlay_enable: false" >> $CONFIG_YAML_FILE
+elif [ "true" == "$DCOS_OVERLAY_ENABLE" ]; then
+ echo "dcos_overlay_enable: true" >> $CONFIG_YAML_FILE
+ echo "dcos_overlay_config_attempts: $DCOS_OVERLAY_CONFIG_ATTEMPTS" >> $CONFIG_YAML_FILE
+ echo "dcos_overlay_mtu: $DCOS_OVERLAY_MTU" >> $CONFIG_YAML_FILE
+ echo "dcos_overlay_network:" >> $CONFIG_YAML_FILE
+ echo "$DCOS_OVERLAY_NETWORK" >> $CONFIG_YAML_FILE
+fi
+
+# dns_search
+if [ -n "$DNS_SEARCH" ]; then
+ echo "dns_search: $DNS_SEARCH" >> $CONFIG_YAML_FILE
+fi
+
+# resolvers
+echo "resolvers:" >> $CONFIG_YAML_FILE
+for ip in $RESOLVERS; do
+echo "- ${ip}" >> $CONFIG_YAML_FILE
+done
+
+# use_proxy
+if [ -n "$HTTP_PROXY" ] && [ -n "$HTTPS_PROXY" ]; then
+echo "use_proxy: true" >> $CONFIG_YAML_FILE
+echo "http_proxy: $HTTP_PROXY" >> $CONFIG_YAML_FILE
+echo "https_proxy: $HTTPS_PROXY" >> $CONFIG_YAML_FILE
+if [ -n "$NO_PROXY" ]; then
+ echo "no_proxy:" >> $CONFIG_YAML_FILE
+ for ip in $NO_PROXY; do
+ echo "- ${ip}" >> $CONFIG_YAML_FILE
+ done
+fi
+fi
+
+####################################################
+# Performance and Tuning
+
+# check_time
+if [ "false" == "$CHECK_TIME" ]; then
+ echo "check_time: false" >> $CONFIG_YAML_FILE
+fi
+
+# docker_remove_delay
+if [ "1" != "$DOCKER_REMOVE_DELAY" ]; then
+ echo "docker_remove_delay: $DOCKER_REMOVE_DELAY" >> $CONFIG_YAML_FILE
+fi
+
+# gc_delay
+if [ "2" != "$GC_DELAY" ]; then
+ echo "gc_delay: $GC_DELAY" >> $CONFIG_YAML_FILE
+fi
+
+# log_directory
+if [ "/genconf/logs" != "$LOG_DIRECTORY" ]; then
+ echo "log_directory: $LOG_DIRECTORY" >> $CONFIG_YAML_FILE
+fi
+
+# process_timeout
+if [ "120" != "$PROCESS_TIMEOUT" ]; then
+ echo "process_timeout: $PROCESS_TIMEOUT" >> $CONFIG_YAML_FILE
+fi
+
+####################################################
+# Security And Authentication
+
+# oauth_enabled
+if [ "false" == "$OAUTH_ENABLED" ]; then
+ echo "oauth_enabled: false" >> $CONFIG_YAML_FILE
+fi
+
+# telemetry_enabled
+if [ "false" == "$TELEMETRY_ENABLED" ]; then
+ echo "telemetry_enabled: false" >> $CONFIG_YAML_FILE
+fi
+
+####################################################
+# Rexray Configuration
+
+# NOTE: This feature is considered experimental: use it at your own risk.
+# We might add, change, or delete any functionality as described in this document.
+# See https://dcos.io/docs/1.8/usage/storage/external-storage/
+if [ "$VOLUME_DRIVER" == "rexray" ]; then
+
+if [ ${AUTH_URL##*/}=="v3" ]; then
+ extra_configs="domainName: $DOMAIN_NAME"
+else
+ extra_configs=""
+fi
+
+ echo "rexray_config:" >> $CONFIG_YAML_FILE
+ echo " rexray:" >> $CONFIG_YAML_FILE
+ echo " modules:" >> $CONFIG_YAML_FILE
+ echo " default-admin:" >> $CONFIG_YAML_FILE
+ echo " host: tcp://127.0.0.1:61003" >> $CONFIG_YAML_FILE
+ echo " storageDrivers:" >> $CONFIG_YAML_FILE
+ echo " - openstack" >> $CONFIG_YAML_FILE
+ echo " volume:" >> $CONFIG_YAML_FILE
+ echo " mount:" >> $CONFIG_YAML_FILE
+ echo " preempt: $REXRAY_PREEMPT" >> $CONFIG_YAML_FILE
+ echo " openstack:" >> $CONFIG_YAML_FILE
+ echo " authUrl: $AUTH_URL" >> $CONFIG_YAML_FILE
+ echo " username: $USERNAME" >> $CONFIG_YAML_FILE
+ echo " password: $PASSWORD" >> $CONFIG_YAML_FILE
+ echo " tenantName: $TENANT_NAME" >> $CONFIG_YAML_FILE
+ echo " regionName: $REGION_NAME" >> $CONFIG_YAML_FILE
+ echo " availabilityZoneName: nova" >> $CONFIG_YAML_FILE
+ echo " $extra_configs" >> $CONFIG_YAML_FILE
+fi
+
+
+cd $GENCONF_SCRIPT_DIR
+sudo bash $GENCONF_SCRIPT_DIR/dcos_generate_config.sh --genconf
+
+cd $GENCONF_SCRIPT_DIR/genconf/serve
+sudo bash $GENCONF_SCRIPT_DIR/genconf/serve/dcos_install.sh --no-block-dcos-setup $ROLES
diff --git a/magnum/drivers/dcos_centos_v1/templates/fragments/write-heat-params.sh b/magnum/drivers/dcos_centos_v1/templates/fragments/write-heat-params.sh
new file mode 100644
index 0000000000000000000000000000000000000000..9f7284b7f68b3061b145a585e9f8361ff40d3fc1
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/fragments/write-heat-params.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+mkdir -p /etc/sysconfig
+cat > /etc/sysconfig/heat-params <<EOF
+HTTP_PROXY="$HTTP_PROXY"
+HTTPS_PROXY="$HTTPS_PROXY"
+NO_PROXY="$NO_PROXY"
+
+AUTH_URL="$AUTH_URL"
+USERNAME="$USERNAME"
+PASSWORD="$PASSWORD"
+TENANT_NAME="$TENANT_NAME"
+VOLUME_DRIVER="$VOLUME_DRIVER"
+REGION_NAME="$REGION_NAME"
+DOMAIN_NAME="$DOMAIN_NAME"
+REXRAY_PREEMPT="$REXRAY_PREEMPT"
+
+CLUSTER_NAME="$CLUSTER_NAME"
+
+EXHIBITOR_STORAGE_BACKEND="$EXHIBITOR_STORAGE_BACKEND"
+EXHIBITOR_ZK_HOSTS="$EXHIBITOR_ZK_HOSTS"
+EXHIBITOR_ZK_PATH="$EXHIBITOR_ZK_PATH"
+AWS_ACCESS_KEY_ID="$AWS_ACCESS_KEY_ID"
+AWS_REGIION="$AWS_REGIION"
+AWS_SECRET_ACCESS_KEY="$AWS_SECRET_ACCESS_KEY"
+EXHIBITOR_EXPLICIT_KEYS="$EXHIBITOR_EXPLICIT_KEYS"
+S3_BUCKET="$S3_BUCKET"
+S3_PREFIX="$S3_PREFIX"
+EXHIBITOR_AZURE_ACCOUNT_NAME="$EXHIBITOR_AZURE_ACCOUNT_NAME"
+EXHIBITOR_AZURE_ACCOUNT_KEY="$EXHIBITOR_AZURE_ACCOUNT_KEY"
+EXHIBITOR_AZURE_PREFIX="$EXHIBITOR_AZURE_PREFIX"
+
+MASTER_DISCOVERY="$MASTER_DISCOVERY"
+MASTER_LIST="$MASTER_LIST"
+EXHIBITOR_ADDRESS="$EXHIBITOR_ADDRESS"
+NUM_MASTERS="$NUM_MASTERS"
+
+DCOS_OVERLAY_ENABLE="$DCOS_OVERLAY_ENABLE"
+DCOS_OVERLAY_CONFIG_ATTEMPTS="$DCOS_OVERLAY_CONFIG_ATTEMPTS"
+DCOS_OVERLAY_MTU="$DCOS_OVERLAY_MTU"
+DCOS_OVERLAY_NETWORK="$DCOS_OVERLAY_NETWORK"
+
+DNS_SEARCH="$DNS_SEARCH"
+RESOLVERS="$RESOLVERS"
+
+CHECK_TIME="$CHECK_TIME"
+DOCKER_REMOVE_DELAY="$DOCKER_REMOVE_DELAY"
+GC_DELAY="$GC_DELAY"
+LOG_DIRECTORY="$LOG_DIRECTORY"
+PROCESS_TIMEOUT="$PROCESS_TIMEOUT"
+
+OAUTH_ENABLED="$OAUTH_ENABLED"
+TELEMETRY_ENABLED="$TELEMETRY_ENABLED"
+
+ROLES="$ROLES"
+EOF
diff --git a/magnum/drivers/dcos_centos_v1/templates/lb.yaml b/magnum/drivers/dcos_centos_v1/templates/lb.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..68481adea8ca5a88f230d9933fc9f95e07c4bb1e
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/lb.yaml
@@ -0,0 +1,201 @@
+heat_template_version: 2014-10-16
+
+parameters:
+
+ fixed_subnet:
+ type: string
+
+ external_network:
+ type: string
+
+resources:
+ # Admin Router is a customized Nginx that proxies all of the internal
+ # services on port 80 and 443 (if https is configured)
+ # See https://dcos.io/docs/1.8/administration/installing/custom/configuration-parameters/#-a-name-master-a-master_discovery
+ # If parameter is specified to master_http_loadbalancer, the
+ # load balancer must accept traffic on ports 8080, 5050, 80, and 443,
+ # and forward it to the same ports on the master
+ #
+ # Opening ports 2181 and 8181 are not mentioned in DC/OS document.
+ # When I create a cluster with load balancer, slave nodes will connect to
+ # some services in master nodes with the IP of load balancer, if the port
+ # is not open it will fail.
+ loadbalancer:
+ type: Magnum::Optional::Neutron::LBaaS::LoadBalancer
+ properties:
+ vip_subnet: {get_param: fixed_subnet}
+
+ listener_80:
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: HTTP
+ protocol_port: 80
+
+ pool_80:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_80}
+ protocol: HTTP
+
+ monitor_80:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_80 }
+
+ listener_443:
+ depends_on: monitor_80
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: HTTPS
+ protocol_port: 443
+
+ pool_443:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_443}
+ protocol: HTTPS
+
+ monitor_443:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_443 }
+
+ listener_8080:
+ depends_on: monitor_443
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: TCP
+ protocol_port: 8080
+
+ pool_8080:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_8080}
+ protocol: TCP
+
+ monitor_8080:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_8080 }
+
+ listener_5050:
+ depends_on: monitor_8080
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: TCP
+ protocol_port: 5050
+
+ pool_5050:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_5050}
+ protocol: TCP
+
+ monitor_5050:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_5050 }
+
+ listener_2181:
+ depends_on: monitor_5050
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: TCP
+ protocol_port: 2181
+
+ pool_2181:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_2181}
+ protocol: TCP
+
+ monitor_2181:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_2181 }
+
+ listener_8181:
+ depends_on: monitor_2181
+ type: Magnum::Optional::Neutron::LBaaS::Listener
+ properties:
+ loadbalancer: {get_resource: loadbalancer}
+ protocol: TCP
+ protocol_port: 8181
+
+ pool_8181:
+ type: Magnum::Optional::Neutron::LBaaS::Pool
+ properties:
+ lb_algorithm: ROUND_ROBIN
+ listener: {get_resource: listener_8181}
+ protocol: TCP
+
+ monitor_8181:
+ type: Magnum::Optional::Neutron::LBaaS::HealthMonitor
+ properties:
+ type: TCP
+ delay: 5
+ max_retries: 5
+ timeout: 5
+ pool: { get_resource: pool_8181 }
+
+ floating:
+ type: Magnum::Optional::Neutron::LBaaS::FloatingIP
+ properties:
+ floating_network: {get_param: external_network}
+ port_id: {get_attr: [loadbalancer, vip_port_id]}
+
+outputs:
+
+ pool_80_id:
+ value: {get_resource: pool_80}
+
+ pool_443_id:
+ value: {get_resource: pool_443}
+
+ pool_8080_id:
+ value: {get_resource: pool_8080}
+
+ pool_5050_id:
+ value: {get_resource: pool_5050}
+
+ pool_2181_id:
+ value: {get_resource: pool_2181}
+
+ pool_8181_id:
+ value: {get_resource: pool_8181}
+
+ address:
+ value: {get_attr: [loadbalancer, vip_address]}
+
+ floating_address:
+ value: {get_attr: [floating, floating_ip_address]}
diff --git a/magnum/drivers/dcos_centos_v1/templates/secgroup.yaml b/magnum/drivers/dcos_centos_v1/templates/secgroup.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..8bd60fbb663f88ac9cfc65b7d4ca241b4fa50bd2
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/templates/secgroup.yaml
@@ -0,0 +1,115 @@
+heat_template_version: 2014-10-16
+
+parameters:
+
+resources:
+
+ ######################################################################
+ #
+ # security groups. we need to permit network traffic of various
+ # sorts.
+ # The following is a list of ports used by internal DC/OS components,
+ # and their corresponding systemd unit.
+ # https://dcos.io/docs/1.8/administration/installing/ports/
+ #
+ # The VIP features, added in DC/OS 1.8, require that ports 32768 - 65535
+ # are open between all agent and master nodes for both TCP and UDP.
+ # https://dcos.io/docs/1.8/administration/upgrading/
+ #
+
+ secgroup_base:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ rules:
+ - protocol: icmp
+ - protocol: tcp
+ port_range_min: 22
+ port_range_max: 22
+ - protocol: tcp
+ remote_mode: remote_group_id
+ - protocol: udp
+ remote_mode: remote_group_id
+ # All nodes
+ - protocol: tcp
+ port_range_min: 32768
+ port_range_max: 65535
+ # Master nodes
+ - protocol: tcp
+ port_range_min: 53
+ port_range_max: 53
+ - protocol: tcp
+ port_range_min: 1050
+ port_range_max: 1050
+ - protocol: tcp
+ port_range_min: 1801
+ port_range_max: 1801
+ - protocol: tcp
+ port_range_min: 7070
+ port_range_max: 7070
+ # dcos-oauth
+ - protocol: tcp
+ port_range_min: 8101
+ port_range_max: 8101
+ - protocol: tcp
+ port_range_min: 8123
+ port_range_max: 8123
+ - protocol: tcp
+ port_range_min: 9000
+ port_range_max: 9000
+ - protocol: tcp
+ port_range_min: 9942
+ port_range_max: 9942
+ - protocol: tcp
+ port_range_min: 9990
+ port_range_max: 9990
+ - protocol: tcp
+ port_range_min: 15055
+ port_range_max: 15055
+ - protocol: udp
+ port_range_min: 53
+ port_range_max: 53
+ - protocol: udp
+ port_range_min: 32768
+ port_range_max: 65535
+
+ secgroup_dcos:
+ type: OS::Neutron::SecurityGroup
+ properties:
+ rules:
+ # Admin Router is a customized Nginx that proxies all of the internal
+ # services on port 80 and 443 (if https is configured)
+ # See https://github.com/dcos/adminrouter
+ # If parameter is specified to master_http_loadbalancer, the
+ # load balancer must accept traffic on ports 8080, 5050, 80, and 443,
+ # and forward it to the same ports on the master
+ # Admin Router http
+ - protocol: tcp
+ port_range_min: 80
+ port_range_max: 80
+ # Admin Router https
+ - protocol: tcp
+ port_range_min: 443
+ port_range_max: 443
+ # Marathon
+ - protocol: tcp
+ port_range_min: 8080
+ port_range_max: 8080
+ # Mesos master
+ - protocol: tcp
+ port_range_min: 5050
+ port_range_max: 5050
+ # Exhibitor
+ - protocol: tcp
+ port_range_min: 8181
+ port_range_max: 8181
+ # Zookeeper
+ - protocol: tcp
+ port_range_min: 2181
+ port_range_max: 2181
+outputs:
+
+ secgroup_base_id:
+ value: {get_resource: secgroup_base}
+
+ secgroup_dcos_id:
+ value: {get_resource: secgroup_dcos}
diff --git a/magnum/drivers/dcos_centos_v1/version.py b/magnum/drivers/dcos_centos_v1/version.py
new file mode 100644
index 0000000000000000000000000000000000000000..35d1ccb6098747453d827debdeba73cb11345582
--- /dev/null
+++ b/magnum/drivers/dcos_centos_v1/version.py
@@ -0,0 +1,15 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+version = '1.0.0'
+driver = 'dcos_centos_v1'
+container_version = '1.11.2'