joe-at-cp · July 25, 2019 14:21
diff --git a/gistfile1.txt b/gistfile1.txt
 heat_template_version: 2018-08-31

 description: Check Point CloudGuard Standalone Heat Template

 parameters:

 cp_name:
  type: string
  description: Gateway/Cluster/MGMT Image Name as it will be created in Openstack
  default: CPOpenStack

 cp_sic_otp:
  type: string
  description: SIC one time password

 cp_admin_hash:
  type: string
  description: admin password hash - to generate - openssl passwd -1 (-one not l) - default admin123
  default: $1$0JcTFZjf$zd67.5HSIKz8.7K4bvmv31

 cp_glance_image:
  type: string
  description: CP Gateway image name in Glance

 cp_gw_flavor:
  type: string
  description: CP Gateway CPU/Mem/Disk Flavor Name - min 100gb disk - recommended 2vCPU , 2gb RAM

 nova_affinity:
  type: string
  description: nova affinity - affinity - deploy cluster in one hypervisor - anti-affinity - deploy cluster on different hypervisors
  default: anti-affinity

 cp_name:
   type: string
   description: "Cluster Member 1 Virtual Machine Name"

 cp_hostname:
   type: string
   description: "Cluster Member 1 Hostname Name"

 cp_az:
   type: string
   description: "Cluster Member 1 Availability Zone"

 fixed_ip_assignment:
  type: boolean
  label: Subnet UUIDs
  description: Deploy Template with Static IP Addresses
  default: false

 subnets:
  type: comma_delimited_list
  label: Subnet UUIDs
  description: Comma Seperated List of Subnet UUIDs

 fixedips:
  type: comma_delimited_list
  label: Fixed IP List
  default: ''
  description: Comma Seperated List of Fixed IPs

 parameter_groups:
  - label: General Settings
    parameters:
      - cp_name
      - cp_glance_image
      - cp_gw_flavor
      - nova_affinity
      - cp_sic_otp
      - cp_admin_hash
      - cp_hostname
      - cp_az
  - label: Network Settings
    parameters:
      - fixed_ip_assignment
      - subnets
      - fixedips

 # Conditions
 conditions:
  fixed_ip_assignment: {equals : [{get_param: fixed_ip_assignment}, true]}
  dynamic_ip_assignment: {equals : [{get_param: fixed_ip_assignment}, false]}

 resources:

 ## Check Point Standalone - Fixed IP
 cp_static:
  type: OS::Nova::Server
  condition: fixed_ip_assignment
  properties:
   name: { get_param: cp_name}
   image: {get_param: cp_glance_image}
   flavor: {get_param: cp_gw_flavor}
   availability_zone: {get_param: cp_az}
   config_drive: true
   metadata:
     cp_admin_pw_hash: { get_param: cp_admin_hash }
     cp_hostname: { get_param: cp_hostname }
     cp_ftw: 'blink_config -s "gateway_cluster_member=false&ftw_sic_key=vpn123&upload_info=true&download_info=true&reboot_if_required=true"'
     cp_config_001: 'set ntp active on'
     cp_config_002: 'set ntp server primary ntp.checkpoint.com version 4'
   networks:
     repeat:
       permutations: false
       for_each:
         <%subnet%>: { get_param: subnets }
         <%fixedip%>: { get_param: fixedips }
       template:
         subnet: <%subnet%>
         fixed_ip: <%fixedip%>
         port_extra_properties:
           port_security_enabled: false


 ## Check Point Standalone - Dynamic IP
 cp_dynamic:
  type: OS::Nova::Server
  condition: dynamic_ip_assignment
  properties:
   name: { get_param: cp_name}
   image: {get_param: cp_glance_image}
   flavor: {get_param: cp_gw_flavor}
   availability_zone: {get_param: cp_az}
   config_drive: true
   metadata:
     cp_admin_pw_hash: { get_param: cp_admin_hash }
     cp_hostname: { get_param: cp_hostname }
     cp_ftw: 'blink_config -s "gateway_cluster_member=false&ftw_sic_key=vpn123&upload_info=true&download_info=true&reboot_if_required=true"'
     cp_config_001: 'set ntp active on'
     cp_config_002: 'set ntp server primary ntp.checkpoint.com version 4'
   networks:
     repeat:
       permutations: false
       for_each:
         <%subnet%>: { get_param: subnets }
       template:
         subnet: <%subnet%>
         port_extra_properties:
           port_security_enabled: false


 outputs:
  cp_template_version:
    description: Check Point Heat Template Version
    value: 5-8-19_NNICs_Standalone
	heat_template_version: 2018-08-31

	description: Check Point CloudGuard Standalone Heat Template

	parameters:

	cp_name:
	type: string
	description: Gateway/Cluster/MGMT Image Name as it will be created in Openstack
	default: CPOpenStack

	cp_sic_otp:
	type: string
	description: SIC one time password

	cp_admin_hash:
	type: string
	description: admin password hash - to generate - openssl passwd -1 (-one not l) - default admin123
	default: $1$0JcTFZjf$zd67.5HSIKz8.7K4bvmv31

	cp_glance_image:
	type: string
	description: CP Gateway image name in Glance

	cp_gw_flavor:
	type: string
	description: CP Gateway CPU/Mem/Disk Flavor Name - min 100gb disk - recommended 2vCPU , 2gb RAM

	nova_affinity:
	type: string
	description: nova affinity - affinity - deploy cluster in one hypervisor - anti-affinity - deploy cluster on different hypervisors
	default: anti-affinity

	cp_name:
	type: string
	description: "Cluster Member 1 Virtual Machine Name"

	cp_hostname:
	type: string
	description: "Cluster Member 1 Hostname Name"

	cp_az:
	type: string
	description: "Cluster Member 1 Availability Zone"

	fixed_ip_assignment:
	type: boolean
	label: Subnet UUIDs
	description: Deploy Template with Static IP Addresses
	default: false

	subnets:
	type: comma_delimited_list
	label: Subnet UUIDs
	description: Comma Seperated List of Subnet UUIDs

	fixedips:
	type: comma_delimited_list
	label: Fixed IP List
	default: ''
	description: Comma Seperated List of Fixed IPs

	parameter_groups:
	- label: General Settings
	parameters:
	- cp_name
	- cp_glance_image
	- cp_gw_flavor
	- nova_affinity
	- cp_sic_otp
	- cp_admin_hash
	- cp_hostname
	- cp_az
	- label: Network Settings
	parameters:
	- fixed_ip_assignment
	- subnets
	- fixedips

	# Conditions
	conditions:
	fixed_ip_assignment: {equals : [{get_param: fixed_ip_assignment}, true]}
	dynamic_ip_assignment: {equals : [{get_param: fixed_ip_assignment}, false]}

	resources:

	## Check Point Standalone - Fixed IP
	cp_static:
	type: OS::Nova::Server
	condition: fixed_ip_assignment
	properties:
	name: { get_param: cp_name}
	image: {get_param: cp_glance_image}
	flavor: {get_param: cp_gw_flavor}
	availability_zone: {get_param: cp_az}
	config_drive: true
	metadata:
	cp_admin_pw_hash: { get_param: cp_admin_hash }
	cp_hostname: { get_param: cp_hostname }
	cp_ftw: 'blink_config -s "gateway_cluster_member=false&ftw_sic_key=vpn123&upload_info=true&download_info=true&reboot_if_required=true"'
	cp_config_001: 'set ntp active on'
	cp_config_002: 'set ntp server primary ntp.checkpoint.com version 4'
	networks:
	repeat:
	permutations: false
	for_each:
	<%subnet%>: { get_param: subnets }
	<%fixedip%>: { get_param: fixedips }
	template:
	subnet: <%subnet%>
	fixed_ip: <%fixedip%>
	port_extra_properties:
	port_security_enabled: false


	## Check Point Standalone - Dynamic IP
	cp_dynamic:
	type: OS::Nova::Server
	condition: dynamic_ip_assignment
	properties:
	name: { get_param: cp_name}
	image: {get_param: cp_glance_image}
	flavor: {get_param: cp_gw_flavor}
	availability_zone: {get_param: cp_az}
	config_drive: true
	metadata:
	cp_admin_pw_hash: { get_param: cp_admin_hash }
	cp_hostname: { get_param: cp_hostname }
	cp_ftw: 'blink_config -s "gateway_cluster_member=false&ftw_sic_key=vpn123&upload_info=true&download_info=true&reboot_if_required=true"'
	cp_config_001: 'set ntp active on'
	cp_config_002: 'set ntp server primary ntp.checkpoint.com version 4'
	networks:
	repeat:
	permutations: false
	for_each:
	<%subnet%>: { get_param: subnets }
	template:
	subnet: <%subnet%>
	port_extra_properties:
	port_security_enabled: false


	outputs:
	cp_template_version:
	description: Check Point Heat Template Version
	value: 5-8-19_NNICs_Standalone
No results found