Fortigate VNF Firewall Walkthrough on OpenStack

You are here:
< Back

*THIS IS A WORK IN PROGRESS*

First install Cloudify Manager on your local machine with Docker

This tutorial assumes that you have Docker installed on your local machine

Open your terminal and create/start the Docker container (requires password)

sudo docker run --name cfy_manager_local -d --restart unless-stopped -v /sys/fs/cgroup:/sys/fs/cgroup:ro --tmpfs /run --tmpfs /run/lock --security-opt seccomp:unconfined --cap-add SYS_ADMIN -p 80:80 -p 8000:8000 cloudifyplatform/community:18.10.4

 

Deploy Fortigate VNF (with prerequisites)

 

1. Create the secrets (credentials) on your local manager:

For Openstack

docker exec -it cfy_manager_local sh -c "cfy secrets create keystone_username --secret-string <value>"
docker exec -it cfy_manager_local sh -c "cfy secrets create keystone_password --secret-string <value>"
docker exec -it cfy_manager_local sh -c "cfy secrets create keystone_tenant_name --secret-string <value>"
docker exec -it cfy_manager_local sh -c "cfy secrets create keystone_url --secret-string <value>"
docker exec -it cfy_manager_local sh -c "cfy secrets create keystone_region --secret-string <value>"

2. Upload the OpenStack plugin

docker exec -it cfy_manager_local sh -c "cfy plugins upload http://repository.cloudifysource.org/cloudify/wagons/cloudify-openstack-plugin/2.14.7/cloudify_openstack_plugin-2.14.7-py27-none-linux_x86_64-centos-Core.wgn -y http://www.getcloudify.org/spec/openstack-plugin/2.14.7/plugin.yaml"

3. Run the OpenStack Example Network blueprint to create the necessary networks

docker exec -it cfy_manager_local sh -c "cfy install https://github.com/cloudify-examples/openstack-example-network/archive/master.zip -n simple-blueprint.yaml -i external_network_name=<NETWORK_NAME>"

4. Get the URL of the webserver
For AWS

docker exec -it cfy_manager_local sh -c "cfy deployment outputs cloudify-hello-world-example-master.aws"

For GCP

docker exec -it cfy_manager_local sh -c "cfy deployment outputs cloudify-hello-world-example-master.gcp"

For Azure

docker exec -it cfy_manager_local sh -c "cfy deployment outputs cloudify-hello-world-example-master.azure"

For OpenStack

docker exec -it cfy_manager_local sh -c "cfy deployment outputs cloudify-hello-world-example-master.openstack"

You will see output like this:

Retrieving outputs for deployment cloudify-hello-world-example-master.aws...
 - "application_endpoint":
     Description: The external endpoint of the application.
     Value: http://3.122.71.142:80

Copy and paste the URL “Value” into your browser, and if you see something similar to the below image on the page, you did it!

To check out some more commands to use with Cloudify Manager, run cfy --help
5. Tear down the deployment

docker exec -it cfy_manager_local sh -c "cfy uninstall cloudify-hello-world-example-master.<aws/gcp/azure/openstack>"

6. You can uninstall Cloudify by removing the Docker container using

docker rm -f cfy_manager_local

 

 

1. Go to localhost in your browser to see the Cloudify UI. Login and password are both admin.

2. Go to “Cloudify Catalog” on the left side menu and find the Plugins widget. Click  for the Cloudify plugin for your specific cloud (AWS SDK for AWS) and choose “Upload”.

3. Go to “System Resources” on the left side menu and scroll down to the ‘Secret Store Management’ widget. Create secrets using the ‘Create’ button according to your cloud provider’s specifications (make sure to use the exact names below for each secret):

aws_access_key_id
aws_secret_access_key

For Azure

subscription_id
tenant_id
client_id
client_secret

For GCP

gcp_client_x509_cert_url
gcp_client_email
gcp_client_id
gcp_project_id
gcp_private_key_id
gcp_private_key
gcp_project_id
gcp_zone

For OpenStack

keystone_username
keystone_password
keystone_tenant_name
keystone_url

4. Go to “Local Blueprints” on the left side menu and click the “Upload” button.

  • In the “Blueprint package” URL section paste https://github.com/cloudify-cosmo/cloudify-hello-world-example/archive/master.zip and hit Tab to autofill the rest.
  • In the “Blueprint YAML file” section select the file based on your cloud (aws.yaml, azure.yaml, etc). Then, click “upload”.

5. In the Blueprints widget, find the ‘cloudify-hello-world-example-master’ blueprint and click on .

  • Type cloudify-hello-world-example-master in the deployment name field
  • Complete the inputs’ values:

For AWS

aws_region_name

For Azure

location
agent_password

For GCP

region

For Openstack

region
external_network
image
flavor
  • Click “Deploy”

6. Go to Deployments on the left side menu, find your deployment, then click the hamburger menu on the right and select “Install” and “Execute”.

7. Click on your blueprint link to see the details and scroll down a bit to find the “Deployment Outputs” widget which will contain the URL of your application. Paste that URL into your browser.

If you see the something similar to the following image on the page, you did it!

Want to learn more about the Cloudify Manager UI? Click on the image at the bottom right corner to take a tour.
8. Tear down your deployment by going back to the Deployments menu, clicking on , and choosing “Uninstall” then “Execute”
9. You can uninstall Cloudify by removing the Docker container using docker rm -f cfy_manager_local in the terminal

 



Cloudify was designed from the ground up on principles of openness to power the IT transformation revolution - enabling organizations to design, build and deliver core business applications and network services more economically, without compromising on security or IT simplicity