From 2ffce5b676ebb01e2cd6ef4a6c4955d2c5e91c3a Mon Sep 17 00:00:00 2001
From: Giuliano Taffoni <taffoni@oats.inaf.it>
Date: Thu, 22 Nov 2018 17:34:24 +0100
Subject: [PATCH] heat

---
 OpenStack/heat/heat01.yaml                    |  47 ++++
 OpenStack/heat/tutorial/heat_1a.yaml          |  13 +
 OpenStack/heat/tutorial/heat_1b.yaml          |  40 +++
 OpenStack/heat/tutorial/heat_2a.yaml          |  47 ++++
 OpenStack/heat/tutorial/heat_2b.yaml          | 145 +++++++++++
 OpenStack/heat/tutorial/heat_2b2.yaml         | 184 ++++++++++++++
 OpenStack/heat/tutorial/heat_2c.yaml          | 202 +++++++++++++++
 OpenStack/heat/tutorial/heat_2d.yaml          | 214 ++++++++++++++++
 OpenStack/heat/tutorial/heat_3a.yaml          |  48 ++++
 OpenStack/heat/tutorial/heat_3b.yaml          |  53 ++++
 OpenStack/heat/tutorial/heat_3c.yaml          |  64 +++++
 OpenStack/heat/tutorial/heat_3d.yaml          |  64 +++++
 OpenStack/heat/tutorial/heat_4a.yaml          |  50 ++++
 OpenStack/heat/tutorial/heat_4b.yaml          |  68 +++++
 "OpenStack/heat/tutorial/lib/Icon\r"          |   0
 OpenStack/heat/tutorial/lib/env.yaml          |   9 +
 OpenStack/heat/tutorial/lib/flasky.yaml       | 187 ++++++++++++++
 OpenStack/heat/tutorial/lib/floating_ip.yaml  |  32 +++
 OpenStack/heat/tutorial/lib/haproxy.yaml      | 154 ++++++++++++
 OpenStack/heat/tutorial/lib/keypair.yaml      |  37 +++
 OpenStack/heat/tutorial/lib/mysql.yaml        | 135 ++++++++++
 .../heat/tutorial/lib/private_network.yaml    |  48 ++++
 OpenStack/heat/tutorial/lib/tiny.yaml         | 151 ++++++++++++
 OpenStack/heat/tutorial/lib/wordpress.yaml    | 126 ++++++++++
 OpenStack/heat/tutorial/wordpress03.yaml      | 232 ++++++++++++++++++
 25 files changed, 2350 insertions(+)
 create mode 100644 OpenStack/heat/heat01.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_1a.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_1b.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_2a.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_2b.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_2b2.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_2c.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_2d.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_3a.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_3b.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_3c.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_3d.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_4a.yaml
 create mode 100644 OpenStack/heat/tutorial/heat_4b.yaml
 create mode 100644 "OpenStack/heat/tutorial/lib/Icon\r"
 create mode 100644 OpenStack/heat/tutorial/lib/env.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/flasky.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/floating_ip.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/haproxy.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/keypair.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/mysql.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/private_network.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/tiny.yaml
 create mode 100644 OpenStack/heat/tutorial/lib/wordpress.yaml
 create mode 100644 OpenStack/heat/tutorial/wordpress03.yaml

diff --git a/OpenStack/heat/heat01.yaml b/OpenStack/heat/heat01.yaml
new file mode 100644
index 0000000..797b47d
--- /dev/null
+++ b/OpenStack/heat/heat01.yaml
@@ -0,0 +1,47 @@
+heat_template_version: 2013-05-23
+
+description: Simple template to deploy a single compute instance
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+    default: CentOS 7.4 x86_64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+    default: m1.medium
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be used for compute instance
+    default: taffoni_rsa
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach instance to.
+    default: oats_net
+
+resources:
+  my_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - network: { get_param: private_network }
+      user_data: |
+        #!/bin/sh
+        echo "Hello, World!"
+      user_data_format: RAW
+
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [my_instance, name] }
+  instance_ip:
+    description: IP address of the instance
+    value: { get_attr: [my_instance, first_address] }
diff --git a/OpenStack/heat/tutorial/heat_1a.yaml b/OpenStack/heat/tutorial/heat_1a.yaml
new file mode 100644
index 0000000..a1a8407
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_1a.yaml
@@ -0,0 +1,13 @@
+heat_template_version: 2013-05-23
+
+description: Simple template to deploy a single compute instance
+
+resources:
+  my_instance:
+    type: OS::Nova::Server
+    properties:
+      image: cirros-0.3.3-x86_64
+      flavor: m1.small
+      key_name: my_key
+      networks:
+        - network: private-net
diff --git a/OpenStack/heat/tutorial/heat_1b.yaml b/OpenStack/heat/tutorial/heat_1b.yaml
new file mode 100644
index 0000000..15bcd64
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_1b.yaml
@@ -0,0 +1,40 @@
+heat_template_version: 2013-05-23
+
+description: Simple template to deploy a single compute instance
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+    default: cirros-0.3.3-x86_64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be used for compute instance
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach instance to.
+    default: private-net
+
+resources:
+  my_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - network: { get_param: private_network }
+
+outputs:
+  instance_ip:
+    description: IP address of the instance
+    value: { get_attr: [my_instance, first_address] }
diff --git a/OpenStack/heat/tutorial/heat_2a.yaml b/OpenStack/heat/tutorial/heat_2a.yaml
new file mode 100644
index 0000000..aedbb72
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_2a.yaml
@@ -0,0 +1,47 @@
+heat_template_version: 2013-05-23
+ 
+description: Simple template to deploy a single compute instance
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for compute instance
+    default: cirros-0.3.3-x86_64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be used for compute instance
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach instance to.
+    default: private-net
+ 
+resources:
+  my_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - network: { get_param: private_network }
+      user_data: |
+        #!/bin/sh
+        echo "Hello, World!"
+      user_data_format: RAW
+ 
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [my_instance, name] }
+  instance_ip:
+    description: IP address of the instance
+    value: { get_attr: [my_instance, first_address] }
diff --git a/OpenStack/heat/tutorial/heat_2b.yaml b/OpenStack/heat/tutorial/heat_2b.yaml
new file mode 100644
index 0000000..02edcb7
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_2b.yaml
@@ -0,0 +1,145 @@
+heat_template_version: 2013-05-23
+
+description: This template deploys a Flasky single instance server with a SQLite database.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for the server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Private network to attach server to.
+    default: private-net
+  gmail_username:
+    type: string
+    label: Gmail account username
+    description: Username of the Gmail account to use for notifications.
+  gmail_password:
+    type: string
+    label: Gmail account password
+    description: Password of the Gmail account to use for notifications.
+    hidden: true
+
+resources:
+  flask_secret_key:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+
+  flasky_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - network: { get_param: private_network }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __gmail_username__: { get_param: gmail_username }
+            __gmail_password__: { get_param: gmail_password }
+            __flask_secret_key__: { get_attr: [flask_secret_key, value] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv nginx supervisor git
+
+            # create a flasky user to run the server process
+            adduser --disabled-password --gecos "" flasky
+
+            # clone flasky from github
+            cd /home/flasky
+            git clone https://github.com/miguelgrinberg/flasky-first-edition.git
+            mv flasky-first-edition flasky
+            cd flasky
+
+            # Write configuration file
+            cat >.env <<EOF
+            FLASK_CONFIG=heroku
+            SECRET_KEY=__flask_secret_key__
+            DATABASE_URL=sqlite:////home/flasky/flasky/appdb.sqlite
+            MAIL_USERNAME=__gmail_username__
+            MAIL_PASSWORD=__gmail_password__
+            FLASKY_ADMIN=__gmail_username__@gmail.com
+            SSL_DISABLE=1
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install -r requirements/prod.txt
+            venv/bin/pip install gunicorn==18.0
+
+            # create database
+            venv/bin/python manage.py deploy
+
+            # make the flasky user the owner of the application
+            chown -R flasky:flasky ./
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/flasky
+            mkdir /var/log/flasky
+            cat >/etc/supervisor/conf.d/flasky.conf <<EOF
+            [program:flasky]
+            command=/home/flasky/flasky/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/flasky/flasky --log-file - manage:app
+            user=flasky
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/flasky/stderr.log
+            stdout_logfile=/var/log/flasky/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/flasky <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/flasky.access.log;
+                error_log /var/log/nginx/flasky.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+                location /static {
+                    alias /home/flasky/flasky/static;
+                }
+                location /favicon.ico {
+                    alias /home/flasky/flasky/favicon.ico;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/flasky /etc/nginx/sites-enabled/
+            service nginx restart
+
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [flasky_instance, name] }
+  instance_ip:
+    description: The IP address of the deployed instance
+    value: { get_attr: [flasky_instance, first_address] }
diff --git a/OpenStack/heat/tutorial/heat_2b2.yaml b/OpenStack/heat/tutorial/heat_2b2.yaml
new file mode 100644
index 0000000..092406d
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_2b2.yaml
@@ -0,0 +1,184 @@
+heat_template_version: 2013-05-23
+
+description: This template deploys a Flasky single instance server with a SQLite database.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for the server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Private network to attach server to.
+    default: private-net
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network with floating IP addresses.
+    default: public-net
+  floating_ip_id:
+    type: string
+    label: Floating IP Addr
+    description: Floating Ip to assing to the resource
+    default: 6a5fb121-3b86-455f-b11b-cd162af5d3bf
+  gmail_username:
+    type: string
+    label: Gmail account username
+    description: Username of the Gmail account to use for notifications.
+  gmail_password:
+    type: string
+    label: Gmail account password
+    description: Password of the Gmail account to use for notifications.
+    hidden: true
+
+resources:
+  flask_secret_key:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+
+  web_server_security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name: web_server_security_group
+      rules:
+        - protocol: icmp
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+        - protocol: tcp
+          port_range_min: 443
+          port_range_max: 443
+        - protocol: tcp
+          port_range_min: 80
+          port_range_max: 80
+
+
+  flasky_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: web_server_security_group }
+
+  flasky_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: flasky_port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __flask_secret_key__: { get_attr: [flask_secret_key, value] }
+            __gmail_username__: { get_param: gmail_username }
+            __gmail_password__: { get_param: gmail_password }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv nginx supervisor git
+
+            # create a flasky user to run the server process
+            adduser --disabled-password --gecos "" flasky
+
+            # clone flasky from github
+            cd /home/flasky
+            git clone https://github.com/miguelgrinberg/flasky-first-edition.git
+            mv flasky-first-edition flasky
+            cd flasky
+
+            # Write configuration file
+            cat >.env <<EOF
+            FLASK_CONFIG=heroku
+            SECRET_KEY=__flask_secret_key__
+            DATABASE_URL=sqlite:////home/flasky/flasky/appdb.sqlite
+            MAIL_USERNAME=__gmail_username__
+            MAIL_PASSWORD=__gmail_password__
+            FLASKY_ADMIN=__gmail_username__@gmail.com
+            SSL_DISABLE=1
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install -r requirements/prod.txt
+            venv/bin/pip install gunicorn==18.0
+
+            # create database
+            venv/bin/python manage.py deploy
+
+            # make the flasky user the owner of the application
+            chown -R flasky:flasky ./
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/flasky
+            mkdir /var/log/flasky
+            cat >/etc/supervisor/conf.d/flasky.conf <<EOF
+            [program:flasky]
+            command=/home/flasky/flasky/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/flasky/flasky --log-file - manage:app
+            user=flasky
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/flasky/stderr.log
+            stdout_logfile=/var/log/flasky/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/flasky <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/flasky.access.log;
+                error_log /var/log/nginx/flasky.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+                location /static {
+                    alias /home/flasky/flasky/static;
+                }
+                location /favicon.ico {
+                    alias /home/flasky/flasky/favicon.ico;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/flasky /etc/nginx/sites-enabled/
+            service nginx restart
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+
+  floating_ip_assoc:
+    type: OS::Neutron::FloatingIPAssociation
+    properties:
+      floatingip_id: { get_param: floating_ip_id }
+      port_id: { get_resource: flasky_port }
+
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [flasky_instance, name] }
diff --git a/OpenStack/heat/tutorial/heat_2c.yaml b/OpenStack/heat/tutorial/heat_2c.yaml
new file mode 100644
index 0000000..f408ff8
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_2c.yaml
@@ -0,0 +1,202 @@
+heat_template_version: 2013-05-23
+
+description: This template deploys a Flasky single instance server with a SQLite database.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for the server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network with floating IP addresses.
+    default: public-net
+  gmail_username:
+    type: string
+    label: Gmail account username
+    description: Username of the Gmail account to use for notifications.
+  gmail_password:
+    type: string
+    label: Gmail account password
+    description: Password of the Gmail account to use for notifications.
+    hidden: true
+
+resources:
+  flask_secret_key:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+
+  web_server_security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name: web_server_security_group
+      rules:
+        - protocol: icmp
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+        - protocol: tcp
+          port_range_min: 443
+          port_range_max: 443
+        - protocol: tcp
+          port_range_min: 80
+          port_range_max: 80
+
+  private_network:
+    type: OS::Neutron::Net
+
+  private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      network_id: { get_resource: private_network }
+      cidr: 10.10.10.0/24
+      dns_nameservers:
+        - 8.8.8.8
+
+  router:
+    type: OS::Neutron::Router
+    properties:
+      external_gateway_info:
+        network: { get_param: public_network }
+
+  router-interface:
+    type: OS::Neutron::RouterInterface
+    properties:
+      router_id: { get_resource: router }
+      subnet: { get_resource: private_subnet }
+
+  flasky_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: private_network }
+      security_groups:
+        - { get_resource: web_server_security_group }
+
+  flasky_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: flasky_port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __flask_secret_key__: { get_attr: [flask_secret_key, value] }
+            __gmail_username__: { get_param: gmail_username }
+            __gmail_password__: { get_param: gmail_password }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv nginx supervisor git
+
+            # create a flasky user to run the server process
+            adduser --disabled-password --gecos "" flasky
+
+            # clone flasky from github
+            cd /home/flasky
+            git clone https://github.com/miguelgrinberg/flasky-first-edition.git
+            mv flasky-first-edition flasky
+            cd flasky
+
+            # Write configuration file
+            cat >.env <<EOF
+            FLASK_CONFIG=heroku
+            SECRET_KEY=__flask_secret_key__
+            DATABASE_URL=sqlite:////home/flasky/flasky/appdb.sqlite
+            MAIL_USERNAME=__gmail_username__
+            MAIL_PASSWORD=__gmail_password__
+            FLASKY_ADMIN=__gmail_username__@gmail.com
+            SSL_DISABLE=1
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install -r requirements/prod.txt
+            venv/bin/pip install gunicorn==18.0
+
+            # create database
+            venv/bin/python manage.py deploy
+
+            # make the flasky user the owner of the application
+            chown -R flasky:flasky ./
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/flasky
+            mkdir /var/log/flasky
+            cat >/etc/supervisor/conf.d/flasky.conf <<EOF
+            [program:flasky]
+            command=/home/flasky/flasky/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/flasky/flasky --log-file - manage:app
+            user=flasky
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/flasky/stderr.log
+            stdout_logfile=/var/log/flasky/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/flasky <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/flasky.access.log;
+                error_log /var/log/nginx/flasky.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+                location /static {
+                    alias /home/flasky/flasky/static;
+                }
+                location /favicon.ico {
+                    alias /home/flasky/flasky/favicon.ico;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/flasky /etc/nginx/sites-enabled/
+            service nginx restart
+
+  floating_ip:
+    type: OS::Neutron::FloatingIP
+    properties:
+      floating_network: { get_param: public_network }
+
+  floating_ip_assoc:
+    type: OS::Neutron::FloatingIPAssociation
+    properties:
+      floatingip_id: { get_resource: floating_ip }
+      port_id: { get_resource: flasky_port }
+
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [flasky_instance, name] }
+  instance_ip:
+    description: The IP address of the deployed instance
+    value: { get_attr: [floating_ip, floating_ip_address] }
diff --git a/OpenStack/heat/tutorial/heat_2d.yaml b/OpenStack/heat/tutorial/heat_2d.yaml
new file mode 100644
index 0000000..73dfbd3
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_2d.yaml
@@ -0,0 +1,214 @@
+heat_template_version: 2013-05-23
+
+description: This template deploys a Flasky single instance server with a SQLite database.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for the server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network with floating IP addresses.
+    default: public-net
+  gmail_username:
+    type: string
+    label: Gmail account username
+    description: Username of the Gmail account to use for notifications.
+  gmail_password:
+    type: string
+    label: Gmail account password
+    description: Password of the Gmail account to use for notifications.
+    hidden: true
+
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wait_handle }
+      count: 1
+      timeout: 600
+
+  wait_handle:
+    type: OS::Heat::WaitConditionHandle
+
+  flask_secret_key:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+
+  web_server_security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name: web_server_security_group
+      rules:
+        - protocol: icmp
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+        - protocol: tcp
+          port_range_min: 443
+          port_range_max: 443
+        - protocol: tcp
+          port_range_min: 80
+          port_range_max: 80
+
+  private_network:
+    type: OS::Neutron::Net
+
+  private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      network_id: { get_resource: private_network }
+      cidr: 10.10.10.0/24
+      dns_nameservers:
+        - 8.8.8.8
+
+  router:
+    type: OS::Neutron::Router
+    properties:
+      external_gateway_info:
+        network: { get_param: public_network }
+
+  router-interface:
+    type: OS::Neutron::RouterInterface
+    properties:
+      router_id: { get_resource: router }
+      subnet: { get_resource: private_subnet }
+
+  flasky_port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_resource: private_network }
+      security_groups:
+        - { get_resource: web_server_security_group }
+
+  flasky_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: flasky_port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __flask_secret_key__: { get_attr: [flask_secret_key, value] }
+            __gmail_username__: { get_param: gmail_username }
+            __gmail_password__: { get_param: gmail_password }
+            wc_notify: { get_attr: ['wait_handle', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv nginx supervisor git
+
+            # create a flasky user to run the server process
+            adduser --disabled-password --gecos "" flasky
+
+            # clone flasky from github
+            cd /home/flasky
+            git clone https://github.com/miguelgrinberg/flasky-first-edition.git
+	    mv flasky-first-edition flasky
+            cd flasky
+
+            # Write configuration file
+            cat >.env <<EOF
+            FLASK_CONFIG=heroku
+            SECRET_KEY=__flask_secret_key__
+            DATABASE_URL=sqlite:////home/flasky/flasky/appdb.sqlite
+            MAIL_USERNAME=__gmail_username__
+            MAIL_PASSWORD=__gmail_password__
+            FLASKY_ADMIN=__gmail_username__@gmail.com
+            SSL_DISABLE=1
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install -r requirements/prod.txt
+            venv/bin/pip install gunicorn==18.0
+
+            # create database
+            venv/bin/python manage.py deploy
+
+            # make the flasky user the owner of the application
+            chown -R flasky:flasky ./
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/flasky
+            mkdir /var/log/flasky
+            cat >/etc/supervisor/conf.d/flasky.conf <<EOF
+            [program:flasky]
+            command=/home/flasky/flasky/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/flasky/flasky --log-file - manage:app
+            user=flasky
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/flasky/stderr.log
+            stdout_logfile=/var/log/flasky/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/flasky <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/flasky.access.log;
+                error_log /var/log/nginx/flasky.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+                location /static {
+                    alias /home/flasky/flasky/static;
+                }
+                location /favicon.ico {
+                    alias /home/flasky/flasky/favicon.ico;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/flasky /etc/nginx/sites-enabled/
+            service nginx restart
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+  floating_ip:
+    type: OS::Neutron::FloatingIP
+    properties:
+      floating_network: { get_param: public_network }
+
+  floating_ip_assoc:
+    type: OS::Neutron::FloatingIPAssociation
+    properties:
+      floatingip_id: { get_resource: floating_ip }
+      port_id: { get_resource: flasky_port }
+
+outputs:
+  instance_name:
+    description: Name of the instance
+    value: { get_attr: [flasky_instance, name] }
+  instance_ip:
+    description: The IP address of the deployed instance
+    value: { get_attr: [floating_ip, floating_ip_address] }
diff --git a/OpenStack/heat/tutorial/heat_3a.yaml b/OpenStack/heat/tutorial/heat_3a.yaml
new file mode 100644
index 0000000..dd9dfe2
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_3a.yaml
@@ -0,0 +1,48 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a wordpress server and supporting MySQL database running on separate servers
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+ 
+resources:
+  mysql:
+    type: lib/mysql.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_param: private_network }
+      database_name: wordpress
+      database_user: wordpress_user
+ 
+  wordpress:
+    type: lib/wordpress.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_param: private_network }
+      mysql_server: { get_attr: [mysql, ip] }
+      database_name: wordpress
+      database_user: wordpress_user
+      database_password: { get_attr: [mysql, database_password] }
diff --git a/OpenStack/heat/tutorial/heat_3b.yaml b/OpenStack/heat/tutorial/heat_3b.yaml
new file mode 100644
index 0000000..cf20bec
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_3b.yaml
@@ -0,0 +1,53 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a wordpress server and supporting MySQL database running on separate servers
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network to attach server to.
+    default: public
+ 
+resources:
+  network:
+    type: lib/private_network.yaml
+    properties:
+      public_network: { get_param: public_network }
+
+  mysql:
+    type: lib/mysql.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      database_name: wordpress
+      database_user: wordpress_user
+ 
+  wordpress:
+    type: lib/wordpress.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      mysql_server: { get_attr: [mysql, ip] }
+      database_name: wordpress
+      database_user: wordpress_user
+      database_password: { get_attr: [mysql, database_password] }
diff --git a/OpenStack/heat/tutorial/heat_3c.yaml b/OpenStack/heat/tutorial/heat_3c.yaml
new file mode 100644
index 0000000..d0c7a9d
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_3c.yaml
@@ -0,0 +1,64 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a wordpress server and supporting MySQL database running on separate servers
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network to attach server to.
+    default: public
+ 
+resources:
+  network:
+    type: lib/private_network.yaml
+    properties:
+      public_network: { get_param: public_network }
+
+  mysql:
+    type: lib/mysql.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      database_name: wordpress
+      database_user: wordpress_user
+ 
+  wordpress:
+    type: lib/wordpress.yaml
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      mysql_server: { get_attr: [mysql, ip] }
+      database_name: wordpress
+      database_user: wordpress_user
+      database_password: { get_attr: [mysql, database_password] }
+
+  floating_ip:
+    type: lib/floating_ip.yaml
+    properties:
+      port: { get_attr: [wordpress, port] }
+      public_network: { get_param: public_network }
+
+outputs:
+  ip:
+    description: The public IP address to access Wordpress.
+    value: { get_attr: [floating_ip, ip] }
diff --git a/OpenStack/heat/tutorial/heat_3d.yaml b/OpenStack/heat/tutorial/heat_3d.yaml
new file mode 100644
index 0000000..e518131
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_3d.yaml
@@ -0,0 +1,64 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a wordpress server and supporting MySQL database running on separate servers
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network to attach server to.
+    default: public
+ 
+resources:
+  network:
+    type: Lib::MSG::PrivateNetwork
+    properties:
+      public_network: { get_param: public_network }
+
+  mysql:
+    type: Lib::MSG::MySQL
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      database_name: wordpress
+      database_user: wordpress_user
+ 
+  wordpress:
+    type: Lib::MSG::Wordpress
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      mysql_server: { get_attr: [mysql, ip] }
+      database_name: wordpress
+      database_user: wordpress_user
+      database_password: { get_attr: [mysql, database_password] }
+
+  floating_ip:
+    type: Lib::MSG::FloatingIP
+    properties:
+      port: { get_attr: [wordpress, port] }
+      public_network: { get_param: public_network }
+
+outputs:
+  ip:
+    description: The public IP address to access Wordpress.
+    value: { get_attr: [floating_ip, ip] }
diff --git a/OpenStack/heat/tutorial/heat_4a.yaml b/OpenStack/heat/tutorial/heat_4a.yaml
new file mode 100644
index 0000000..4f70bc1
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_4a.yaml
@@ -0,0 +1,50 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a simple test server.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network to attach server to.
+    default: public
+
+resources:
+  network:
+    type: Lib::MSG::PrivateNetwork
+    properties:
+      public_network: { get_param: public_network }
+
+  tiny_instance:
+    type: Lib::MSG::Tiny
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+
+  floating_ip:
+    type: Lib::MSG::FloatingIP
+    properties:
+      port: { get_attr: [tiny_instance, port] }
+      public_network: { get_param: public_network }
+
+outputs:
+  ip:
+    description: The public IP address to access the server.
+    value: { get_attr: [floating_ip, ip] }
diff --git a/OpenStack/heat/tutorial/heat_4b.yaml b/OpenStack/heat/tutorial/heat_4b.yaml
new file mode 100644
index 0000000..18b3a34
--- /dev/null
+++ b/OpenStack/heat/tutorial/heat_4b.yaml
@@ -0,0 +1,68 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a cluster of servers with a load balancer.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network to attach server to.
+    default: public
+  cluster_size:
+    type: number
+    label: Cluster size
+    description: Number of instances in cluster.
+    default: 2
+
+resources:
+  network:
+    type: Lib::MSG::PrivateNetwork
+    properties:
+      public_network: { get_param: public_network }
+
+  tiny_cluster:
+    type: OS::Heat::ResourceGroup
+    properties:
+      count: { get_param: cluster_size }
+      resource_def:
+        type: Lib::MSG::Tiny
+        properties:
+          image: { get_param: image }
+          flavor: { get_param: flavor }
+          key: { get_param: key }
+          private_network: { get_attr: [network, name] }
+
+  load_balancer:
+    type: Lib::MSG::HAProxy
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key: { get_param: key }
+      private_network: { get_attr: [network, name] }
+      servers: { get_attr: [tiny_cluster, ip] }
+
+  floating_ip:
+    type: Lib::MSG::FloatingIP
+    properties:
+      port: { get_attr: [load_balancer, port] }
+      public_network: { get_param: public_network }
+
+outputs:
+  ip:
+    description: The public IP address to access the server.
+    value: { get_attr: [floating_ip, ip] }
diff --git "a/OpenStack/heat/tutorial/lib/Icon\r" "b/OpenStack/heat/tutorial/lib/Icon\r"
new file mode 100644
index 0000000..e69de29
diff --git a/OpenStack/heat/tutorial/lib/env.yaml b/OpenStack/heat/tutorial/lib/env.yaml
new file mode 100644
index 0000000..1d834e8
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/env.yaml
@@ -0,0 +1,9 @@
+resource_registry:
+  Lib::MSG::MySQL: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/mysql.yaml
+  Lib::MSG::Wordpress: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/wordpress.yaml
+  Lib::MSG::Flasky: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/flasky.yaml
+  Lib::MSG::Tiny: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/tiny.yaml
+  Lib::MSG::KeyPair: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/keypair.yaml
+  Lib::MSG::PrivateNetwork: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/private_network.yaml
+  Lib::MSG::FloatingIP: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/floating_ip.yaml
+  Lib::MSG::HAProxy: https://raw.githubusercontent.com/miguelgrinberg/heat-tutorial/master/lib/haproxy.yaml
diff --git a/OpenStack/heat/tutorial/lib/flasky.yaml b/OpenStack/heat/tutorial/lib/flasky.yaml
new file mode 100644
index 0000000..335670e
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/flasky.yaml
@@ -0,0 +1,187 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a Flasky server.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+  mysql_server:
+    type: string
+    label: MySQL database server
+    description: IP address of the MySQL database server.
+  database_name:
+    type: string
+    label: Database name
+    description: Name of the application database.
+  database_user:
+    type: string
+    label: Database user
+    description: Name of the database user.
+  database_password:
+    type: string
+    label: Database password
+    hidden: true
+    description: Password to access the database.
+  gmail_username:
+    type: string
+    label: Gmail account username
+    description: Username of the Gmail account to use for notifications.
+  gmail_password:
+    type: string
+    label: Gmail account password
+    description: Password of the Gmail account to use for notifications.
+    hidden: true
+
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wh }
+      count: 1
+      timeout: 600
+
+  wh:
+    type: OS::Heat::WaitConditionHandle
+
+  security_group:
+      type: OS::Neutron::SecurityGroup
+      properties:
+        name: web_server_security_group
+        rules:
+          - protocol: tcp
+            port_range_min: 80
+            port_range_max: 80
+
+  port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group }
+
+  flasky_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __mysql_ip__: { get_param: mysql_server }
+            __database_name__: { get_param: database_name }
+            __database_user__: { get_param: database_user }
+            __database_password__: { get_param: database_password }
+            wc_notify: { get_attr: ['wh', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv libmysqlclient-dev nginx supervisor git
+
+            # create a flasky user to run the server process
+            adduser --disabled-password --gecos "" flasky
+
+            # clone flasky from github
+            cd /home/flasky
+            git clone https://github.com/miguelgrinberg/flasky.git
+            cd flasky
+
+            # Write configuration file
+            cat >.env <<EOF
+            FLASK_CONFIG=heroku
+            SECRET_KEY=__flask_secret_key__
+            DATABASE_URL=mysql://__database_user__:__database_password__@__mysql_ip__/__database_name__
+            MAIL_USERNAME=__gmail_username__
+            MAIL_PASSWORD=__gmail_password__
+            FLASKY_ADMIN=__gmail_username__@gmail.com
+            SSL_DISABLE=1
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install -r requirements/prod.txt
+            venv/bin/pip install mysql-python gunicorn==18.0
+
+            # create database
+            venv/bin/python manage.py deploy
+
+            # make the flasky user the owner of the application
+            chown -R flasky:flasky ./
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/flasky
+            mkdir /var/log/flasky
+            cat >/etc/supervisor/conf.d/flasky.conf <<EOF
+            [program:flasky]
+            command=/home/flasky/flasky/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/flasky/flasky --log-file - manage:app
+            user=flasky
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/flasky/stderr.log
+            stdout_logfile=/var/log/flasky/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/flasky <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/flasky.access.log;
+                error_log /var/log/nginx/flasky.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+                location /static {
+                    alias /home/flasky/flasky/static;
+                }
+                location /favicon.ico {
+                    alias /home/flasky/flasky/favicon.ico;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/flasky /etc/nginx/sites-enabled/
+            service nginx restart
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+outputs:
+  name:
+    description: Name of the Flasky instance.
+    value: { get_attr: [flasky_instance, name] }
+  ip:
+    description: The IP address of the Flasky instance.
+    value: { get_attr: [flasky_instance, first_address] }
+  port:
+    description: The network port of the Flasky instance.
+    value: { get_resource: port }
diff --git a/OpenStack/heat/tutorial/lib/floating_ip.yaml b/OpenStack/heat/tutorial/lib/floating_ip.yaml
new file mode 100644
index 0000000..3f6b248
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/floating_ip.yaml
@@ -0,0 +1,32 @@
+heat_template_version: 2013-05-23
+
+description: Template that assigns a floating IP address to a server.
+
+parameters:
+  port:
+    type: string
+    label: Server port
+    description: The server port that receives the floating IP address.
+    
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network with floating IP addresses.
+    default: public
+
+resources:
+  floating_ip:
+    type: OS::Neutron::FloatingIP
+    properties:
+      floating_network: { get_param: public_network }
+
+  floating_ip_assoc:
+    type: OS::Neutron::FloatingIPAssociation
+    properties:
+      floatingip_id: { get_resource: floating_ip }
+      port_id: { get_param: port }
+
+outputs:
+  ip:
+    description: The floating IP address assigned to the server.
+    value: { get_attr: [floating_ip, floating_ip_address] }
diff --git a/OpenStack/heat/tutorial/lib/haproxy.yaml b/OpenStack/heat/tutorial/lib/haproxy.yaml
new file mode 100644
index 0000000..cbc1492
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/haproxy.yaml
@@ -0,0 +1,154 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a HAProxy server.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+  servers:
+    type: comma_delimited_list
+    label: Servers
+    description: Comma separated list of servers in the cluster.
+  port_number:
+    type: number
+    label: Port number
+    description: Port number to proxy.
+    default: 80
+
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wait_handle }
+      count: 1
+      timeout: 600
+
+  wait_handle:
+    type: OS::Heat::WaitConditionHandle
+
+  security_group:
+      type: OS::Neutron::SecurityGroup
+      properties:
+        name: web_server_security_group
+        rules:
+          - protocol: tcp
+            port_range_min: { get_param: port_number }
+            port_range_max: { get_param: port_number }
+
+  port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group }
+      replacement_policy: AUTO
+
+  haproxy_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port }
+      metadata:
+        servers: { get_param: servers }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __port__: { get_param: port_number }
+            wc_notify: { get_attr: ['wait_handle', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv supervisor haproxy
+
+            sed -i 's/ENABLED=0/ENABLED=1/' /etc/default/haproxy
+
+            # save haproxy original configuration
+            cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy_base.cfg
+
+            # write an initial empty list of worker servers
+            cat >>/etc/haproxy/servers.json <<EOF
+            []
+            EOF
+
+            # write the update script
+            cat >>/etc/haproxy/update.py <<EOF
+            import sys
+            import json
+            import subprocess
+
+            # load server list from metadata
+            metadata = json.loads(sys.stdin.read())
+            new_servers = json.loads(metadata.get('meta', {}).get('servers', '[]'))
+            if not new_servers:
+                sys.exit(1)  # bad metadata
+
+            # compare against known list of servers
+            current_servers = json.loads(open('/etc/haproxy/servers.json').read())
+            if current_servers == new_servers:
+                sys.exit(0)  # no changes
+
+            # record updated list of servers
+            open('/etc/haproxy/servers.json', 'wt').write(json.dumps(new_servers))
+
+            # generate a new haproxy config file
+            f = open('/etc/haproxy/haproxy.cfg', 'wt')
+            f.write(open('/etc/haproxy/haproxy_base.cfg').read())
+            f.write("""
+            listen app *:80
+                mode http
+                balance roundrobin
+                option httpclose
+                option forwardfor
+            """)
+            for i, server in enumerate(new_servers):
+                f.write('    server server-{0} {1}:{2}\n'.format(i, server, __port__))
+            f.close()
+
+            # reload haproxy's configuration
+            print('Reloading haproxy with servers: ' + ', '.join(new_servers))
+            subprocess.call(['service', 'haproxy', 'reload'])
+            EOF
+
+            # add a cron job to monitor the metadata and update haproxy
+            crontab -l >_crontab || true
+            echo "* * * * * curl -s http://169.254.169.254/openstack/latest/meta_data.json | python /etc/haproxy/update.py | /usr/bin/logger -t haproxy_update" >>_crontab
+            crontab <_crontab
+            rm _crontab
+
+            # let Heat know that we are done here
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+outputs:
+  name:
+    description: Name of the HAProxy instance.
+    value: { get_attr: [haproxy_instance, name] }
+  ip:
+    description: The IP address of the HAProxy instance.
+    value: { get_attr: [haproxy_instance, first_address] }
+  port:
+    description: The network port of the HAProxy instance.
+    value: { get_resource: port }
diff --git a/OpenStack/heat/tutorial/lib/keypair.yaml b/OpenStack/heat/tutorial/lib/keypair.yaml
new file mode 100644
index 0000000..3657a51
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/keypair.yaml
@@ -0,0 +1,37 @@
+heat_template_version: 2013-05-23
+
+description: Template that creates a keypair.
+
+parameters:
+  prefix:
+    type: string
+    label: Name prefix
+    description: The prefix to use for the keypair name.
+
+resources:
+  keypair:
+    type: OS::Nova::KeyPair
+    properties:
+      name:
+        str_replace:
+          params:
+            __prefix__: { get_param: prefix }
+            __id__: { get_param: "OS::stack_name" }
+          template: __prefix__-__id__
+      save_private_key: true
+
+outputs:
+  name:
+    description: The name of the keypair.
+    value:
+        str_replace:
+          params:
+            __prefix__: { get_param: prefix }
+            __id__: { get_param: "OS::stack_name" }
+          template: __prefix__-__id__
+  public_key:
+    description: The public key of the keypair.
+    value: { get_attr: [keypair, public_key] }
+  private_key:
+    description: The private key of the keypair.
+    value: { get_attr: [keypair, private_key] }
diff --git a/OpenStack/heat/tutorial/lib/mysql.yaml b/OpenStack/heat/tutorial/lib/mysql.yaml
new file mode 100644
index 0000000..92be870
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/mysql.yaml
@@ -0,0 +1,135 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a MySQL server with a database.
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+  database_name:
+    type: string
+    label: Database name
+    description: Name of the application database.
+  database_user:
+    type: string
+    label: Database username
+    description: Name of the database user.
+ 
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wait_handle }
+      count: 1
+      timeout: 600
+ 
+  wait_handle:
+    type: OS::Heat::WaitConditionHandle
+ 
+  mysql_root_password:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+ 
+  database_password:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+ 
+  security_group:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name: db_server_security_group
+      rules:
+        - protocol: tcp
+          port_range_min: 3306
+          port_range_max: 3306
+ 
+  port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group }
+      
+  mysql_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __mysql_root_password__: { get_attr: [mysql_root_password, value] }
+            __database_name__: { get_param: database_name }
+            __database_user__: { get_param: database_user }
+            __database_password__: { get_attr: [database_password, value] }
+            wc_notify: { get_attr: ['wait_handle', 'curl_cli'] }
+          template: |
+            #!/bin/bash
+
+            # install MySQL
+            apt-get update
+            export DEBIAN_FRONTEND=noninteractive
+            apt-get install -y mysql-server
+ 
+            # configure MySQL root password
+            mysqladmin -u root password "__mysql_root_password__"
+ 
+            # listen on all network interfaces
+            sed -i "s/bind-address.*/bind-address = 0.0.0.0/" /etc/mysql/my.cnf
+ 
+            # restart service
+            service mysql restart
+ 
+            # create wordpress database
+            mysql -u root --password="__mysql_root_password__" <<EOF
+            CREATE DATABASE __database_name__;
+            CREATE USER '__database_user__'@'localhost';
+            SET PASSWORD FOR '__database_user__'@'localhost'=PASSWORD("__database_password__");
+            GRANT ALL PRIVILEGES ON __database_name__.* TO '__database_user__'@'localhost' IDENTIFIED BY '__database_password__';
+            CREATE USER '__database_user__'@'%';
+            SET PASSWORD FOR '__database_user__'@'%'=PASSWORD("__database_password__");
+            GRANT ALL PRIVILEGES ON __database_name__.* TO '__database_user__'@'%' IDENTIFIED BY '__database_password__';
+            FLUSH PRIVILEGES;
+            EOF
+ 
+            # notify heat that we are done here
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+outputs:
+  name:
+    description: Name of the MySQL instance.
+    value: { get_attr: [mysql_instance, name] }
+  ip:
+    description: The IP address of the MySQL instance.
+    value: { get_attr: [mysql_instance, first_address] }
+  port:
+    description: The network port of the MySQL instance.
+    value: { get_resource: port }
+  database_password:
+    description: The MySQL database password.
+    value: { get_attr: [database_password, value] }
diff --git a/OpenStack/heat/tutorial/lib/private_network.yaml b/OpenStack/heat/tutorial/lib/private_network.yaml
new file mode 100644
index 0000000..bc6474f
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/private_network.yaml
@@ -0,0 +1,48 @@
+heat_template_version: 2013-05-23
+
+description: Template that creates a private network.
+
+parameters:
+  public_network:
+    type: string
+    label: Public network name or ID
+    description: Public network with floating IP addresses.
+    default: public
+  cidr:
+    type: string
+    label: CIDR
+    description: The CIDR of the private network.
+    default: '10.10.10.0/24'
+  dns:
+    type: comma_delimited_list
+    label: DNS nameservers
+    description: Comma separated list of DNS nameservers for the private network.
+    default: '8.8.8.8'
+
+resources:
+  private_network:
+    type: OS::Neutron::Net
+
+  private_subnet:
+    type: OS::Neutron::Subnet
+    properties:
+      network_id: { get_resource: private_network }
+      cidr: 10.10.10.0/24
+      dns_nameservers: { get_param: dns }
+
+  router:
+    type: OS::Neutron::Router
+    properties:
+      external_gateway_info:
+        network: { get_param: public_network }
+
+  router-interface:
+    type: OS::Neutron::RouterInterface
+    properties:
+      router_id: { get_resource: router }
+      subnet: { get_resource: private_subnet }
+
+outputs:
+  name:
+    description: The private network.
+    value: { get_attr: [private_network, name] }
diff --git a/OpenStack/heat/tutorial/lib/tiny.yaml b/OpenStack/heat/tutorial/lib/tiny.yaml
new file mode 100644
index 0000000..f9933bc
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/tiny.yaml
@@ -0,0 +1,151 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a small example web server.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wh }
+      count: 1
+      timeout: 600
+
+  wh:
+    type: OS::Heat::WaitConditionHandle
+
+  security_group:
+      type: OS::Neutron::SecurityGroup
+      properties:
+        name: web_server_security_group
+        rules:
+          - protocol: tcp
+            port_range_min: 80
+            port_range_max: 80
+
+  port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group }
+
+  tiny_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            wc_notify: { get_attr: ['wh', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install build-essential python python-dev python-virtualenv nginx supervisor git
+
+            # create a tiny user to run the server process
+            adduser --disabled-password --gecos "" tiny
+
+            # install the tiny application
+            cd /home/tiny
+            cat >app.py <<EOF
+            #!/usr/bin/env python
+            import socket
+            from flask import Flask
+
+            hostname = socket.gethostname()
+            app = Flask(__name__)
+
+            @app.route('/')
+            def index():
+                return 'Hello from {0}!'.format(hostname)
+
+            if __name__ == '__main__':
+                app.run(debug=True)
+            EOF
+
+            # create a virtualenv and install dependencies
+            virtualenv venv
+            venv/bin/pip install flask gunicorn==18.0
+
+            # make the tiny user the owner of the application
+            chown -R tiny:tiny app.py
+
+            # configure supervisor to run a private gunicorn web server, and
+            # to autostart it on boot and when it crashes
+            # stdout and stderr logs from the server will go to /var/log/tiny
+            mkdir /var/log/tiny
+            cat >/etc/supervisor/conf.d/tiny.conf <<EOF
+            [program:tiny]
+            command=/home/tiny/venv/bin/gunicorn -b 127.0.0.1:8000 -w 4 --chdir /home/tiny --log-file - app:app
+            user=tiny
+            autostart=true
+            autorestart=true
+            stderr_logfile=/var/log/tiny/stderr.log
+            stdout_logfile=/var/log/tiny/stdout.log
+            EOF
+            supervisorctl reread
+            supervisorctl update
+
+            # configure nginx as the front-end web server with a reverse proxy
+            # rule to the gunicorn server
+            cat >/etc/nginx/sites-available/tiny <<EOF
+            server {
+                listen 80;
+                server_name _;
+                access_log /var/log/nginx/tiny.access.log;
+                error_log /var/log/nginx/tiny.error.log;
+                location / {
+                    proxy_pass http://127.0.0.1:8000;
+                    proxy_redirect off;
+                    proxy_set_header Host \$host;
+                    proxy_set_header X-Real-IP \$remote_addr;
+                    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
+                }
+            }
+            EOF
+            rm -f /etc/nginx/sites-enabled/default
+            ln -s /etc/nginx/sites-available/tiny /etc/nginx/sites-enabled/
+            service nginx restart
+
+            # let Heat know we are done
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+outputs:
+  name:
+    description: Name of the tiny instance.
+    value: { get_attr: [tiny_instance, name] }
+  ip:
+    description: The IP address of the tiny instance.
+    value: { get_attr: [tiny_instance, first_address] }
+  port:
+    description: The network port of the Flasky instance.
+    value: { get_resource: port }
diff --git a/OpenStack/heat/tutorial/lib/wordpress.yaml b/OpenStack/heat/tutorial/lib/wordpress.yaml
new file mode 100644
index 0000000..ea50aa8
--- /dev/null
+++ b/OpenStack/heat/tutorial/lib/wordpress.yaml
@@ -0,0 +1,126 @@
+heat_template_version: 2013-05-23
+
+description: Template that installs a wordpress server.
+
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: trusty-server-cloudimg-amd64
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: my_key
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: private
+  mysql_server:
+    type: string
+    label: MySQL database server
+    description: IP address of the MySQL database server.
+  database_name:
+    type: string
+    label: Database name
+    description: Name of the application database.
+  database_user:
+    type: string
+    label: Database user
+    description: Name of the database user.
+  database_password:
+    type: string
+    label: Database password
+    hidden: true
+    description: Password to access the database.
+
+resources:
+  wait_condition:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wh }
+      count: 1
+      timeout: 600
+
+  wh:
+    type: OS::Heat::WaitConditionHandle
+
+  security_group:
+      type: OS::Neutron::SecurityGroup
+      properties:
+        name: web_server_security_group
+        rules:
+          - protocol: tcp
+            port_range_min: 80
+            port_range_max: 80
+
+  port:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group }
+
+  wordpress_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __mysql_ip__: { get_param: mysql_server }
+            __database_name__: { get_param: database_name }
+            __database_user__: { get_param: database_user }
+            __database_password__: { get_param: database_password }
+            wc_notify: { get_attr: ['wh', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+
+            # install dependencies
+            apt-get update
+            apt-get -y install apache2 php5 libapache2-mod-php5 php5-mysql php5-gd mysql-client
+
+            # download wordpress
+            wget http://wordpress.org/latest.tar.gz
+            tar -xzf latest.tar.gz
+
+            # configure wordpress
+            cp wordpress/wp-config-sample.php wordpress/wp-config.php
+            sed -i 's/database_name_here/__database_name__/' wordpress/wp-config.php
+            sed -i 's/username_here/__database_user__/' wordpress/wp-config.php
+            sed -i 's/password_here/__database_password__/' wordpress/wp-config.php
+            sed -i 's/localhost/__mysql_ip__/' wordpress/wp-config.php
+
+            # install a copy of the configured wordpress into apache's www directory
+            rm /var/www/html/index.html
+            cp -R wordpress/* /var/www/html/
+
+            # give apache ownership of the application files
+            chown -R www-data:www-data /var/www/html/
+            chmod -R g+w /var/www/html/
+
+            # notify heat that we are done here
+            wc_notify --data-binary '{"status": "SUCCESS"}'
+
+outputs:
+  name:
+    description: Name of the wordpress instance.
+    value: { get_attr: [wordpress_instance, name] }
+  ip:
+    description: The IP address of the wordpress instance.
+    value: { get_attr: [wordpress_instance, first_address] }
+  port:
+    description: The network port of the wordpress instance.
+    value: { get_resource: port }
diff --git a/OpenStack/heat/tutorial/wordpress03.yaml b/OpenStack/heat/tutorial/wordpress03.yaml
new file mode 100644
index 0000000..d93ecf7
--- /dev/null
+++ b/OpenStack/heat/tutorial/wordpress03.yaml
@@ -0,0 +1,232 @@
+heat_template_version: 2013-05-23
+ 
+description: Template that installs a wordpress server and supporting MySQL database running on separate servers
+ 
+parameters:
+  image:
+    type: string
+    label: Image name or ID
+    description: Image to be used for server. Please use an Ubuntu based image.
+    default: Ubuntu (LTS) 18.04
+  flavor:
+    type: string
+    label: Flavor
+    description: Type of instance (flavor) to be used on the compute instance.
+    default: m1.small
+  key:
+    type: string
+    label: Key name
+    description: Name of key-pair to be installed on the compute instance.
+    default: taffoni_rsa
+  private_network:
+    type: string
+    label: Private network name or ID
+    description: Network to attach server to.
+    default: oats_net
+  database_name:
+    type: string
+    label: Database name
+    description: Name of the application database.
+    default: wordpress
+  database_user:
+    type: string
+    label: Database username
+    description: Name of the database user.
+    default: wordpress_user
+
+resources:
+  wait_condition_my:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wait_handle_my }
+      count: 1
+      timeout: 300
+ 
+  wait_handle_my:
+     type: OS::Heat::WaitConditionHandle
+ 
+  mysql_root_password:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+ 
+  database_password:
+    type: OS::Heat::RandomString
+    properties:
+      length: 32
+      sequence: lettersdigits
+ 
+  security_group_my:
+    type: OS::Neutron::SecurityGroup
+    properties:
+      name: db_server_security_group
+      rules:
+        - protocol: tcp
+          port_range_min: 3306
+          port_range_max: 3306
+        - protocol: tcp
+          port_range_min: 22
+          port_range_max: 22
+ 
+  port_my:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group_my }
+      
+  mysql_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port_my }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __mysql_root_password__: { get_attr: [mysql_root_password, value] }
+            __database_name__: { get_param: database_name }
+            __database_user__: { get_param: database_user }
+            __database_password__: { get_attr: [database_password, value] }
+            wc_notify_my: { get_attr: ['wait_handle_my', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+            # install MySQL
+            apt-get update
+            export DEBIAN_FRONTEND=noninteractive
+            apt-get install -y mysql-server
+            # configure MySQL root password
+            mysqladmin -u root password "__mysql_root_password__"
+            # listen on all network interfaces
+            sed -i "s/bind-address.*/bind-address = 0.0.0.0/" /etc/mysql/mysql.conf.d/mysqld.cnf
+            # restart service
+            service mysql restart
+            # create wordpress database
+            mysql -u root --password="__mysql_root_password__" <<EOF
+            CREATE DATABASE __database_name__;
+            CREATE USER '__database_user__'@'localhost';
+            SET PASSWORD FOR '__database_user__'@'localhost'=PASSWORD("__database_password__");
+            GRANT ALL PRIVILEGES ON __database_name__.* TO '__database_user__'@'localhost' IDENTIFIED BY '__database_password__';
+            CREATE USER '__database_user__'@'%';
+            SET PASSWORD FOR '__database_user__'@'%'=PASSWORD("__database_password__");
+            GRANT ALL PRIVILEGES ON __database_name__.* TO '__database_user__'@'%' IDENTIFIED BY '__database_password__';
+            FLUSH PRIVILEGES;
+            EOF
+ 
+            echo "ROOT: __mysql_root_password__"
+            echo "DBN: __database_name__" 
+            echo "DBU: __database_user__"
+            echo "DBP: __database_password__"
+            # notify heat that we are done here
+            wc_notify_my --data-binary '{"status": "SUCCESS"}'
+
+  wait_condition_wp:
+    type: OS::Heat::WaitCondition
+    properties:
+      handle: { get_resource: wait_handle_wp }
+      count: 1
+      timeout: 300
+ 
+  wait_handle_wp:
+     type: OS::Heat::WaitConditionHandle
+ 
+ 
+
+  security_group_wp:
+      type: OS::Neutron::SecurityGroup
+      properties:
+        name: web_server_security_group
+        rules:
+          - protocol: tcp
+            port_range_min: 80
+            port_range_max: 80
+          - protocol: tcp
+            port_range_min: 22
+            port_range_max: 22
+
+  port_wp:
+    type: OS::Neutron::Port
+    properties:
+      network: { get_param: private_network }
+      security_groups:
+        - { get_resource: security_group_wp }
+
+  wp_instance:
+    type: OS::Nova::Server
+    properties:
+      image: { get_param: image }
+      flavor: { get_param: flavor }
+      key_name: { get_param: key }
+      networks:
+        - port: { get_resource: port_wp }
+      user_data_format: RAW
+      user_data:
+        str_replace:
+          params:
+            __mysql_ip__: { get_attr: [mysql_instance, first_address] }
+            __database_name__: { get_param: database_name }
+            __database_user__: { get_param: database_user }
+            __database_password__: { get_attr: [database_password, value] }
+            wc_notify_wp: { get_attr: ['wait_handle_wp', 'curl_cli'] }
+          template: |
+            #!/bin/bash -ex
+            # install dependencies
+            apt-get update
+            apt-get -y install apache2 php libapache2-mod-php php-mysql php-gd mysql-client            
+            # download wordpress
+            wget http://wordpress.org/latest.tar.gz
+            tar -xzf latest.tar.gz
+            # configure wordpress
+            cp wordpress/wp-config-sample.php wordpress/wp-config.php
+            sed -i 's/database_name_here/__database_name__/' wordpress/wp-config.php
+            sed -i 's/username_here/__database_user__/' wordpress/wp-config.php
+            sed -i 's/password_here/__database_password__/' wordpress/wp-config.php
+            sed -i 's/localhost/__mysql_ip__/' wordpress/wp-config.php
+
+            # install a copy of the configured wordpress into apache's www directory
+            rm /var/www/html/index.html
+            cp -R wordpress/* /var/www/html/
+
+            # give apache ownership of the application files
+            chown -R www-data:www-data /var/www/html/
+            chmod -R g+w /var/www/html/
+
+            service apache2 restart
+
+            # install WP
+            echo "Sono WP e ho finito"
+            echo "DB_IP: __mysql_ip__"
+            echo "DB_USER: __database_user__"
+            echo "DB_NAME: __database_name__"
+
+            wc_notify_wp --data-binary '{"status": "SUCCESS"}'
+
+
+outputs:
+ myname:
+    description: Name of the MySQL instance.
+    value: { get_attr: [mysql_instance, name] }
+ myip:
+    description: The IP address of the MySQL instance.
+    value: { get_attr: [mysql_instance, first_address] }
+ myport:
+    description: The network port of the MySQL instance.
+    value: { get_resource: port_my }
+ database_password:
+    description: The MySQL database password.
+    value: { get_attr: [database_password, value] }
+ wpname:
+    description: Name of the wordpress instance.
+    value: { get_attr: [wp_instance, name] }
+ wpip:
+    description: The IP address of the wordpress instance.
+    value: { get_attr: [wp_instance, first_address] }
+ wpport:
+    description: The network port of the wordpress instance.
+    value: { get_resource: port_wp }
+
+
-- 
GitLab