Skip to the content.

TOSCA OpenStack Profile Examples

For OpenStack Puccini can generate Ansible playbooks that rely on the Ansible OpenStack collection. Custom operation artifacts, if included, are deployed to the virtual machines and executed.

Effectively, the combination of TOSCA + Ansible provides an equivalent set of features to Heat/Mistral. However, Ansible is a general-purpose orchestrator that can do a lot more than Heat. The generated playbooks comprise roles that can be imported and used in other playbooks, allowing for custom orchestration integrations.

Note that though Puccini can compile HOT directly, we recommend TOSCA because of its much richer grammar and features. See the HOT examples.

If you have Ansible installed and configured then you can run something like this to deploy the example:

puccini-tosca compile examples/openstack/hello-world.yaml --exec=openstack.generate --output=dist/openstack
cd dist/openstack
ansible-playbook install.yaml

When run for the first time it will provision keys for your deployment. The public and private keys will be under the keys subdirectory. Note that the private key cannot be retrieved after creation, so make sure not to lose it!

You can now use the private key to login to servers, e.g.:

ssh -i keys/topology -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@

(Note the ssh options to avoid storing certificates for the IP address. It’s good practice because IP addresses in the cloud may be reused.)

You can run the playbook multiple times. If the servers are already running, they will not be recreated.

Installing Ansible

Many operating systems have Ansible as a package, but you can install a specific version manually in a Python virtual environment. Here’s our example script.

Configuring for Your OpenStack

The openstack.generate scriptlet will generate a template clouds.yaml skeleton for you if the file does not exist. You will need to edit it with the proper credentials for accessing your OpenStack instance. See the documentation.

Testing with Rackspace

Rackspace provides a public OpenStack cloud.

You will also need to install Rackspace’s authentication plugin:

pip install rackspaceauth

Edit your clouds.yaml to look something like this:

    region_name: ORD
    auth_type: rackspace_apikey
      username: USERNAME
      api_key: API_KEY

Rackspace uses non-standard image and flavor names, so you will need to provide inputs to change the defaults:

puccini-tosca compile examples/openstack/hello-world.yaml -i image_id="CentOS 7 (PVHVM)" -i flavor="512MB Standard Instance"