10
.. For consistency let's define a few values to use in the samples:
11
* image name: ubuntu-trusty-x86_64
12
* shared/provider network name: "public"
13
* tenant network and subnet names: "private" and "private-subnet"
20
Use the :ref:`OS::Nova::Server` resource to create a Compute instance. The
21
``flavor`` property is the only mandatory one, but you need to define a boot
22
source using one of the ``image`` or ``block_device_mapping`` properties.
24
You also need to define the ``networks`` property to indicate to which networks
25
your instance must connect if multiple networks are available in your tenant.
27
The following example creates a simple instance, booted from an image, and
28
connecting to the ``private`` network:
35
type: OS::Nova::Server
38
image: ubuntu-trusty-x86_64
43
Connect an instance to a network
44
--------------------------------
45
Use the ``networks`` property of an :ref:`OS::Nova::Server` resource to
46
define which networks an instance should connect to. Define each network as a
47
YAML map, containing one of the following keys:
50
The ID of an existing Networking port. You usually create this port in the
51
same template using an :ref:`OS::Neutron::Port` resource. You will be
52
able to associate a floating IP to this port, and the port to your Compute
56
The name or ID of an existing network. You don't need to create an
57
:ref:`OS::Neutron::Port` resource if you use this property, but you will
58
not be able to associate a floating IP with the instance interface in the
61
The following example demonstrates the use of the ``port`` and ``network``
69
type: OS::Neutron::Port
73
- subnet_id: "private-subnet"
76
type: OS::Nova::Server
79
image: ubuntu-trusty-x86_64
81
- port: { get_resource: instance_port }
84
type: OS::Nova::Server
87
image: ubuntu-trusty-x86_64
92
Create and associate security groups to an instance
93
---------------------------------------------------
94
Use the :ref:`OS::Neutron::SecurityGroup` resource to create security
97
Define the ``security_groups`` property of the :ref:`OS::Neutron::Port`
98
resource to associate security groups to a port, then associate the port to an
101
The following example creates a security group allowing inbound connections on
102
ports 80 and 443 (web server) and associates this security group to an instance
110
type: OS::Neutron::SecurityGroup
114
remote_ip_prefix: 0.0.0.0/0
118
remote_ip_prefix: 0.0.0.0/0
123
type: OS::Neutron::Port
128
- { get_resource: web_secgroup }
130
- subnet_id: private-subnet
133
type: OS::Nova::Server
136
image: ubuntu-trusty-x86_64
138
- port: { get_resource: instance_port }
141
Create and associate a floating IP to an instance
142
-------------------------------------------------
143
You can use two sets of resources to create and associate floating IPs to
148
Use the :ref:`OS::Nova::FloatingIP` resource to create a floating IP, and
149
the :ref:`OS::Nova::FloatingIPAssociation` resource to associate the
150
floating IP to an instance.
152
The following example creates an instance and a floating IP, and associate the
153
floating IP to the instance:
160
type: OS::Nova::FloatingIP
165
type: OS::Nova::Server
168
image: ubuntu-trusty-x86_64
173
type: OS::Nova::FloatingIPAssociation
175
floating_ip: { get_resource: floating_ip }
176
server_id: { get_resource: instance }
178
OS::Neutron resources
179
+++++++++++++++++++++
181
The Networking service (neutron) must be enabled on your OpenStack
182
deployment to use these resources.
184
Use the :ref:`OS::Neutron::FloatingIP` resource to create a floating IP, and
185
the :ref:`OS::Neutron::FloatingIPAssociation` resource to associate the
186
floating IP to a port:
193
description: name of network used to launch instance.
199
type: OS::Nova::Server
202
image: ubuntu-trusty-x86_64
204
- network: {get_param: net}
207
type: OS::Neutron::FloatingIP
209
floating_network: public
212
type: OS::Neutron::FloatingIPAssociation
214
floatingip_id: { get_resource: floating_ip }
215
port_id: {get_attr: [inst1, addresses, {get_param: net}, 0, port]}
217
You can also create an OS::Neutron::Port and associate that with the server and
218
the floating IP. However the approach mentioned above will work better
226
type: OS::Neutron::Port
230
- subnet_id: "private-subnet"
233
type: OS::Neutron::FloatingIP
235
floating_network: public
238
type: OS::Neutron::FloatingIPAssociation
240
floatingip_id: { get_resource: floating_ip }
241
port_id: { get_resource: instance_port }
243
Enable remote access to an instance
244
-----------------------------------
245
The ``key_name`` attribute of the :ref:`OS::Nova::Server` resource defines
246
the key pair to use to enable SSH remote access:
253
type: OS::Nova::Server
256
image: ubuntu-trusty-x86_64
260
For more information about key pairs, see
261
`Configure access and security for instances <http://docs.openstack.org/user-guide/configure_access_and_security_for_instances.html>`_.
265
You can create new key pairs with the :ref:`OS::Nova::KeyPair` resource. Key
266
pairs can be imported or created during the stack creation.
268
If the ``public_key`` property is not specified, the Orchestration module
269
creates a new key pair. If the ``save_private_key`` property is set to
270
``true``, the ``private_key`` attribute of the resource holds the private key.
272
The following example creates a new key pair and uses it as authentication key
280
type: OS::Nova::KeyPair
282
save_private_key: true
286
type: OS::Nova::Server
289
image: ubuntu-trusty-x86_64
290
key_name: { get_resource: my_key }
294
description: Private key
295
value: { get_attr: [ my_key, private_key ] }
299
Create a network and a subnet
300
-----------------------------
302
The Networking service (neutron) must be enabled on your OpenStack
303
deployment to create and manage networks and subnets. Networks and subnets
304
cannot be created if your deployment uses legacy networking (nova-network).
306
Use the :ref:`OS::Neutron::Net` resource to create a network, and the
307
:ref:`OS::Neutron::Subnet` resource to provide a subnet for this network:
314
type: OS::Neutron::Net
317
type: OS::Neutron::Subnet
319
network_id: { get_resource: new_net }
321
dns_nameservers: [ "8.8.8.8", "8.8.4.4" ]
325
Create and manage a router
326
--------------------------
327
Use the :ref:`OS::Neutron::Router` resource to create a router. You can
328
define its gateway with the ``external_gateway_info`` property:
335
type: OS::Neutron::Router
337
external_gateway_info: { network: public }
339
You can connect subnets to routers with the
340
:ref:`OS::Neutron::RouterInterface` resource:
347
type: OS::Neutron::RouterInterface
349
router_id: { get_resource: router1 }
350
subnet: private-subnet
353
Complete network example
354
------------------------
355
The following example creates a network stack:
357
* A network and an associated subnet.
358
* A router with an external gateway.
359
* An interface to the new subnet for the new router.
361
In this example, the ``public`` network is an existing shared network:
368
type: OS::Neutron::Net
371
type: OS::Neutron::Subnet
373
network_id: { get_resource: internal_net }
375
dns_nameservers: [ "8.8.8.8", "8.8.4.4" ]
379
type: OS::Neutron::Router
381
external_gateway_info: { network: public }
384
type: OS::Neutron::RouterInterface
386
router_id: { get_resource: internal_router }
387
subnet: { get_resource: internal_subnet }
394
Use the :ref:`OS::Cinder::Volume` resource to create a new Block Storage
404
type: OS::Cinder::Volume
408
The volumes that you create are empty by default. Use the ``image`` property to
409
create a bootable volume from an existing image:
415
my_new_bootable_volume:
416
type: OS::Cinder::Volume
419
image: ubuntu-trusty-x86_64
422
You can also create new volumes from another volume, a volume snapshot, or a
423
volume backup. Use the ``source_volid``, ``snapshot_id`` or ``backup_id``
424
properties to create a new volume from an existing source.
426
For example, to create a new volume from a backup:
433
type: OS::Cinder::Volume
435
backup_id: 2fff50ab-1a9c-4d45-ae60-1d054d6bc868
437
In this example the ``size`` property is not defined because the Block Storage
438
service uses the size of the backup to define the size of the new volume.
440
Attach a volume to an instance
441
------------------------------
442
Use the :ref:`OS::Cinder::VolumeAttachment` resource to attach a volume to
445
The following example creates a volume and an instance, and attaches the volume
453
type: OS::Cinder::Volume
458
type: OS::Nova::Server
461
image: ubuntu-trusty-x86_64
464
type: OS::Cinder::VolumeAttachment
466
volume_id: { get_resource: new_volume }
467
instance_uuid: { get_resource: new_instance }
469
Boot an instance from a volume
470
------------------------------
471
Use the ``block_device_mapping`` property of the :ref:`OS::Nova::Server`
472
resource to define a volume used to boot the instance. This property is a list
473
of volumes to attach to the instance before its boot.
475
The following example creates a bootable volume from an image, and uses it to
483
type: OS::Cinder::Volume
486
image: ubuntu-trusty-x86_64
489
type: OS::Nova::Server
494
block_device_mapping:
496
volume_id: { get_resource: bootable_volume }
497
delete_on_termination: false
500
A few elements that probably belong here:
501
- OS::Swift::Container
502
- OS::Trove::Instance