initial commit

7 years ago · ff8ab740db
6 changed files with 1066 additions and 0 deletions
--- a/demo1-getting-started.py
+++ b/demo1-getting-started.py
@ -0,0 +1,62 @@
+import getpass
+
+import libcloud.security
+from libcloud.compute.providers import get_driver
+from libcloud.compute.types import Provider
+
+auth_username = 'fdai109'
+auth_url = 'https://192.168.72.40:5000'
+project_name = 'ai-netlab-pro'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+
+def main():
+    print(auth_username)
+    auth_password = getpass.getpass("Enter your OpenStack password:")
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK)
+    conn = provider(auth_username,
+                    auth_password,
+                    ex_force_auth_url=auth_url,
+                    ex_force_auth_version='3.x_password',
+                    ex_tenant_name=project_name,
+                    ex_force_service_region=region_name,
+                    ex_domain_name=domain_name)
+
+    images = conn.list_images()
+    for image in images:
+        print(image)
+
+    flavors = conn.list_sizes()
+    for flavor in flavors:
+        print(flavor)
+
+    image_id = '95718fad-2b33-469c-a256-15888f461f66'
+    image = conn.get_image(image_id)
+    print(image)
+
+    flavor_id = '2'
+    flavor = conn.ex_get_size(flavor_id)
+    print(flavor)
+
+    networks = conn.ex_list_networks()
+    network = ''
+    for net in networks:
+        if net.name == "ai-netlab-pro-net":
+            network = net
+
+    instance_name = 'testing'
+    testing_instance = conn.create_node(name=instance_name, image=image, size=flavor, networks={network})
+    print(testing_instance)
+
+    instances = conn.list_nodes()
+    for instance in instances:
+        print(instance)
+
+    conn.destroy_node(testing_instance)
+
+
+if __name__ == '__main__':
+    main()
--- a/demo2-instance-with-init-script.py
+++ b/demo2-instance-with-init-script.py
@ -0,0 +1,209 @@
+import getpass
+
+import libcloud.security
+import os
+from libcloud.compute.providers import get_driver
+from libcloud.compute.types import Provider
+
+auth_url = 'https://192.168.72.40:5000'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+ubuntu_image_name = "Ubuntu 14.04 - Trusty Tahr - 64-bit - Cloud Based Image"
+
+flavor_name = 'm1.small'
+
+network_name = "ai-netlab-pro-net"
+
+keypair_name = 'srieger-pub'
+pub_key_file = '~/.ssh/id_rsa.pub'
+
+
+def main():
+    ###########################################################################
+    #
+    # get credentials
+    #
+    ###########################################################################
+
+    if "OS_PROJECT_NAME" in os.environ:
+        project_name = os.environ["OS_PROJECT_NAME"]
+    else:
+        project_name = input("Enter your OpenStack project:")
+
+    if "OS_USERNAME" in os.environ:
+        auth_username = os.environ["OS_USERNAME"]
+    else:
+        auth_username = input("Enter your OpenStack username:")
+
+    if "OS_PASSWORD" in os.environ:
+        auth_password = os.environ["OS_PASSWORD"]
+    else:
+        auth_password = getpass.getpass("Enter your OpenStack password:")
+
+    ###########################################################################
+    #
+    # create connection
+    #
+    ###########################################################################
+
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK)
+    conn = provider(auth_username,
+                    auth_password,
+                    ex_force_auth_url=auth_url,
+                    ex_force_auth_version='3.x_password',
+                    ex_tenant_name=project_name,
+                    ex_force_service_region=region_name,
+                    ex_domain_name=domain_name)
+
+    ###########################################################################
+    #
+    # get image, flavor, network for instance creation
+    #
+    ###########################################################################
+    images = conn.list_images()
+    image = ''
+    for img in images:
+        if img.name == ubuntu_image_name:
+            image = img
+
+    flavors = conn.list_sizes()
+    flavor = ''
+    for flav in flavors:
+        if flav.name == flavor_name:
+            flavor = conn.ex_get_size(flav.id)
+
+    networks = conn.ex_list_networks()
+    network = ''
+    for net in networks:
+        if net.name == network_name:
+            network = net
+
+    ###########################################################################
+    #
+    # create keypair dependency
+    #
+    ###########################################################################
+
+    print('Checking for existing SSH key pair...')
+    keypair_exists = False
+    for keypair in conn.list_key_pairs():
+        if keypair.name == keypair_name:
+            keypair_exists = True
+
+    if keypair_exists:
+        print('Keypair ' + keypair_name + ' already exists. Skipping import.')
+    else:
+        print('adding keypair...')
+        conn.import_key_pair_from_file(keypair_name, pub_key_file)
+
+    for keypair in conn.list_key_pairs():
+        print(keypair)
+
+    ###########################################################################
+    #
+    # create security group dependency
+    #
+    ###########################################################################
+
+    print('Checking for existing security group...')
+    security_group_name = 'all-in-one'
+    security_group_exists = False
+    all_in_one_security_group = ''
+    for security_group in conn.ex_list_security_groups():
+        if security_group.name == security_group_name:
+            all_in_one_security_group = security_group
+            security_group_exists = True
+
+    if security_group_exists:
+        print('Security Group ' + all_in_one_security_group.name + ' already exists. Skipping creation.')
+    else:
+        all_in_one_security_group = conn.ex_create_security_group(security_group_name,
+                                                                  'network access for all-in-one application.')
+        conn.ex_create_security_group_rule(all_in_one_security_group, 'TCP', 80, 80)
+        conn.ex_create_security_group_rule(all_in_one_security_group, 'TCP', 22, 22)
+
+    for security_group in conn.ex_list_security_groups():
+        print(security_group)
+
+    ###########################################################################
+    #
+    # create all-in-one instance
+    #
+    ###########################################################################
+
+    userdata = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i faafo -i messaging -r api -r worker -r demo
+    '''
+
+    print('Checking for existing instance...')
+    instance_name = 'all-in-one'
+    instance_exists = False
+    testing_instance = ''
+    for instance in conn.list_nodes():
+        if instance.name == instance_name:
+            testing_instance = instance
+            instance_exists = True
+
+    if instance_exists:
+        print('Instance ' + testing_instance.name + ' already exists. Skipping creation.')
+    else:
+        print('Starting new all-in-one instance and wait until it is running...')
+        testing_instance = conn.create_node(name=instance_name,
+                                            image=image,
+                                            size=flavor,
+                                            networks=[network],
+                                            ex_keyname=keypair_name,
+                                            ex_userdata=userdata,
+                                            ex_security_groups=[all_in_one_security_group])
+        conn.wait_until_running(nodes=[testing_instance], timeout=120, ssh_interface='private_ips')
+
+    ###########################################################################
+    #
+    # assign all-in-one instance floating ip
+    #
+    ###########################################################################
+
+    private_ip = None
+    if len(testing_instance.private_ips):
+        private_ip = testing_instance.private_ips[0]
+        print('Private IP found: {}'.format(private_ip))
+
+    public_ip = None
+    if len(testing_instance.public_ips):
+        public_ip = testing_instance.public_ips[0]
+        print('Public IP found: {}'.format(public_ip))
+
+    print('Checking for unused Floating IP...')
+    unused_floating_ip = None
+    for floating_ip in conn.ex_list_floating_ips():
+        if not floating_ip.node_id:
+            unused_floating_ip = floating_ip
+            break
+
+    if not unused_floating_ip and len(conn.ex_list_floating_ip_pools()):
+        pool = conn.ex_list_floating_ip_pools()[0]
+        print('Allocating new Floating IP from pool: {}'.format(pool))
+        unused_floating_ip = pool.create_floating_ip()
+
+    if public_ip:
+        print('Instance ' + testing_instance.name + ' already has a public ip. Skipping attachment.')
+    elif unused_floating_ip:
+        conn.ex_attach_floating_ip_to_node(testing_instance, unused_floating_ip)
+
+    actual_ip_address = None
+    if public_ip:
+        actual_ip_address = public_ip
+    elif unused_floating_ip:
+        actual_ip_address = unused_floating_ip.ip_address
+    elif private_ip:
+        actual_ip_address = private_ip
+
+    print('The Fractals app will be deployed to http://{}'.format(actual_ip_address))
+
+
+if __name__ == '__main__':
+    main()
--- a/demo3-microservice.py
+++ b/demo3-microservice.py
@ -0,0 +1,253 @@
+import getpass
+import os
+
+import libcloud.security
+from libcloud.compute.providers import get_driver
+from libcloud.compute.types import Provider
+
+# reqs:
+#   services: nova, glance, neutron
+#   resources: 2 instances, 2 floating ips (1 keypair, 2 security groups)
+
+# HS-Fulda Private Cloud
+auth_url = 'https://192.168.72.40:5000'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+ubuntu_image_name = "Ubuntu 14.04 - Trusty Tahr - 64-bit - Cloud Based Image"
+
+flavor_name = 'm1.small'
+
+network_name = "ai-netlab-pro-net"
+
+keypair_name = 'srieger-pub'
+pub_key_file = '~/.ssh/id_rsa.pub'
+
+
+def main():
+    ###########################################################################
+    #
+    # get credentials
+    #
+    ###########################################################################
+
+    if "OS_PROJECT_NAME" in os.environ:
+        project_name = os.environ["OS_PROJECT_NAME"]
+    else:
+        project_name = input("Enter your OpenStack project:")
+
+    if "OS_USERNAME" in os.environ:
+        auth_username = os.environ["OS_USERNAME"]
+    else:
+        auth_username = input("Enter your OpenStack username:")
+
+    if "OS_PASSWORD" in os.environ:
+        auth_password = os.environ["OS_PASSWORD"]
+    else:
+        auth_password = getpass.getpass("Enter your OpenStack password:")
+
+    ###########################################################################
+    #
+    # create connection
+    #
+    ###########################################################################
+
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK)
+    conn = provider(auth_username,
+                    auth_password,
+                    ex_force_auth_url=auth_url,
+                    ex_force_auth_version='3.x_password',
+                    ex_tenant_name=project_name,
+                    ex_force_service_region=region_name,
+                    ex_domain_name=domain_name)
+
+    ###########################################################################
+    #
+    # get image, flavor, network for instance creation
+    #
+    ###########################################################################
+
+    images = conn.list_images()
+    image = ''
+    for img in images:
+        if img.name == ubuntu_image_name:
+            image = img
+
+    flavors = conn.list_sizes()
+    flavor = ''
+    for flav in flavors:
+        if flav.name == flavor_name:
+            flavor = conn.ex_get_size(flav.id)
+
+    networks = conn.ex_list_networks()
+    network = ''
+    for net in networks:
+        if net.name == network_name:
+            network = net
+
+    ###########################################################################
+    #
+    # create keypair dependency
+    #
+    ###########################################################################
+
+    print('Checking for existing SSH key pair...')
+    keypair_exists = False
+    for keypair in conn.list_key_pairs():
+        if keypair.name == keypair_name:
+            keypair_exists = True
+
+    if keypair_exists:
+        print('Keypair ' + keypair_name + ' already exists. Skipping import.')
+    else:
+        print('adding keypair...')
+        conn.import_key_pair_from_file(keypair_name, pub_key_file)
+
+    for keypair in conn.list_key_pairs():
+        print(keypair)
+
+    ###########################################################################
+    #
+    # create security group dependency
+    #
+    ###########################################################################
+
+    print('Checking for existing worker security group...')
+    security_group_name = 'worker'
+    security_group_exists = False
+    worker_security_group = ''
+    for security_group in conn.ex_list_security_groups():
+        if security_group.name == security_group_name:
+            worker_security_group = security_group
+            security_group_exists = True
+
+    if security_group_exists:
+        print('Worker Security Group ' + worker_security_group.name + ' already exists. Skipping creation.')
+    else:
+        worker_security_group = conn.ex_create_security_group('worker', 'for services that run on a worker node')
+        conn.ex_create_security_group_rule(worker_security_group, 'TCP', 22, 22)
+
+    print('Checking for existing controller security group...')
+    security_group_name = 'control'
+    security_group_exists = False
+    controller_security_group = ''
+    for security_group in conn.ex_list_security_groups():
+        if security_group.name == security_group_name:
+            controller_security_group = security_group
+            security_group_exists = True
+
+    if security_group_exists:
+        print('Controller Security Group ' + controller_security_group.name + ' already exists. Skipping creation.')
+    else:
+        controller_security_group = conn.ex_create_security_group('control', 'for services that run on a control node')
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 22, 22)
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 80, 80)
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 5672, 5672,
+                                           source_security_group=worker_security_group)
+
+    for security_group in conn.ex_list_security_groups():
+        print(security_group)
+
+    ###########################################################################
+    #
+    # create app-controller
+    #
+    ###########################################################################
+
+    userdata = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i messaging -i faafo -r api
+    '''
+
+    print('Starting new app-controller instance and wait until it is running...')
+    instance_controller_1 = conn.create_node(name='app-controller',
+                                             image=image,
+                                             size=flavor,
+                                             networks=[network],
+                                             ex_keyname=keypair_name,
+                                             ex_userdata=userdata,
+                                             ex_security_groups=[controller_security_group])
+
+    conn.wait_until_running(nodes=[instance_controller_1], timeout=120, ssh_interface='private_ips')
+
+    ###########################################################################
+    #
+    # assign app-controller floating ip
+    #
+    ###########################################################################
+
+    print('Checking for unused Floating IP...')
+    unused_floating_ip = None
+    for floating_ip in conn.ex_list_floating_ips():
+        if not floating_ip.node_id:
+            unused_floating_ip = floating_ip
+            break
+
+    if not unused_floating_ip:
+        pool = conn.ex_list_floating_ip_pools()[0]
+        print('Allocating new Floating IP from pool: {}'.format(pool))
+        unused_floating_ip = pool.create_floating_ip()
+
+    conn.ex_attach_floating_ip_to_node(instance_controller_1, unused_floating_ip)
+    print('Controller Application will be deployed to http://%s' % unused_floating_ip.ip_address)
+
+    ###########################################################################
+    #
+    # getting id and ip address of app-controller instance
+    #
+    ###########################################################################
+
+    # instance should not have a public ip? floating ips are assigned later
+    instance_controller_1 = conn.ex_get_node_details(instance_controller_1.id)
+    if instance_controller_1.public_ips:
+        ip_controller = instance_controller_1.public_ips[0]
+    else:
+        ip_controller = instance_controller_1.private_ips[0]
+
+    ###########################################################################
+    #
+    # create app-worker-1
+    #
+    ###########################################################################
+
+    userdata = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i faafo -r worker -e 'http://%(ip_controller)s' -m 'amqp://guest:guest@%(ip_controller)s:5672/'
+    ''' % {'ip_controller': ip_controller}
+
+    print('Starting new app-worker-1 instance and wait until it is running...')
+    instance_worker_1 = conn.create_node(name='app-worker-1',
+                                         image=image,
+                                         size=flavor,
+                                         ex_keyname=keypair_name,
+                                         ex_userdata=userdata,
+                                         ex_security_groups=[worker_security_group])
+
+    conn.wait_until_running(nodes=[instance_worker_1], timeout=120, ssh_interface='private_ips')
+
+    ###########################################################################
+    #
+    # assign app-worker floating ip
+    #
+    ###########################################################################
+
+    print('Checking for unused Floating IP...')
+    unused_floating_ip = None
+    for floating_ip in conn.ex_list_floating_ips():
+        if not floating_ip.node_id:
+            unused_floating_ip = floating_ip
+            break
+
+    if not unused_floating_ip:
+        pool = conn.ex_list_floating_ip_pools()[0]
+        print('Allocating new Floating IP from pool: {}'.format(pool))
+        unused_floating_ip = pool.create_floating_ip()
+
+    conn.ex_attach_floating_ip_to_node(instance_worker_1, unused_floating_ip)
+    print('The worker will be available for SSH at %s' % unused_floating_ip.ip_address)
+
+
+if __name__ == '__main__':
+    main()
--- a/demo4-scale-out.py
+++ b/demo4-scale-out.py
@ -0,0 +1,322 @@
+import getpass
+import os
+
+import libcloud.security
+import time
+from libcloud.compute.providers import get_driver
+from libcloud.compute.types import Provider
+
+# reqs:
+#   services: nova, glance, neutron
+#   resources: 2 instances (m1.small), 2 floating ips (1 keypair, 2 security groups)
+
+# HS-Fulda Private Cloud
+auth_url = 'https://192.168.72.40:5000'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+ubuntu_image_name = "Ubuntu 14.04 - Trusty Tahr - 64-bit - Cloud Based Image"
+
+flavor_name = 'm1.small'
+
+network_name = "ai-netlab-pro-net"
+
+keypair_name = 'srieger-pub'
+pub_key_file = '~/.ssh/id_rsa.pub'
+
+
+def main():
+    ###########################################################################
+    #
+    # get credentials
+    #
+    ###########################################################################
+
+    if "OS_PROJECT_NAME" in os.environ:
+        project_name = os.environ["OS_PROJECT_NAME"]
+    else:
+        project_name = input("Enter your OpenStack project:")
+
+    if "OS_USERNAME" in os.environ:
+        auth_username = os.environ["OS_USERNAME"]
+    else:
+        auth_username = input("Enter your OpenStack username:")
+
+    if "OS_PASSWORD" in os.environ:
+        auth_password = os.environ["OS_PASSWORD"]
+    else:
+        auth_password = getpass.getpass("Enter your OpenStack password:")
+
+    ###########################################################################
+    #
+    # create connection
+    #
+    ###########################################################################
+
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK)
+    conn = provider(auth_username,
+                    auth_password,
+                    ex_force_auth_url=auth_url,
+                    ex_force_auth_version='3.x_password',
+                    ex_tenant_name=project_name,
+                    ex_force_service_region=region_name,
+                    ex_domain_name=domain_name)
+
+    ###########################################################################
+    #
+    # get image, flavor, network for instance creation
+    #
+    ###########################################################################
+
+    images = conn.list_images()
+    image = ''
+    for img in images:
+        if img.name == ubuntu_image_name:
+            image = img
+
+    flavors = conn.list_sizes()
+    flavor = ''
+    for flav in flavors:
+        if flav.name == flavor_name:
+            flavor = conn.ex_get_size(flav.id)
+
+    networks = conn.ex_list_networks()
+    network = ''
+    for net in networks:
+        if net.name == network_name:
+            network = net
+
+    ###########################################################################
+    #
+    # create keypair dependency
+    #
+    ###########################################################################
+
+    print('Checking for existing SSH key pair...')
+    keypair_exists = False
+    for keypair in conn.list_key_pairs():
+        if keypair.name == keypair_name:
+            keypair_exists = True
+
+    if keypair_exists:
+        print('Keypair ' + keypair_name + ' already exists. Skipping import.')
+    else:
+        print('adding keypair...')
+        conn.import_key_pair_from_file(keypair_name, pub_key_file)
+
+    for keypair in conn.list_key_pairs():
+        print(keypair)
+
+    ###########################################################################
+    #
+    # clean up resources from previous demos
+    #
+    ###########################################################################
+
+    # destroy running demo instances
+    for instance in conn.list_nodes():
+        if instance.name in ['all-in-one', 'app-worker-1', 'app-worker-2', 'app-worker-3', 'app-controller',
+                             'app-services', 'app-api-1', 'app-api-2']:
+            print('Destroying Instance: %s' % instance.name)
+            conn.destroy_node(instance)
+
+    # wait until all nodes are destroyed to be able to remove depended security groups
+    nodes_still_running = True
+    while nodes_still_running:
+        nodes_still_running = False
+        time.sleep(3)
+        instances = conn.list_nodes()
+        for instance in instances:
+            # if we see any demo instances still running continue to wait for them to stop
+            if instance.name in ['all-in-one', 'app-worker-1', 'app-worker-2', 'app-controller']:
+                nodes_still_running = True
+        print('There are still instances running, waiting for them to be destroyed...')
+
+    # delete security groups
+    for group in conn.ex_list_security_groups():
+        if group.name in ['control', 'worker', 'api', 'services']:
+            print('Deleting security group: %s' % group.name)
+            conn.ex_delete_security_group(group)
+
+    ###########################################################################
+    #
+    # create security group dependency
+    #
+    ###########################################################################
+
+    def get_security_group(connection, security_group_name):
+        """A helper function to check if security group already exists"""
+        print('Checking for existing ' + security_group_name + ' security group...')
+        for security_grp in connection.ex_list_security_groups():
+            if security_grp.name == security_group_name:
+                print('Security Group ' + security_group_name + ' already exists. Skipping creation.')
+                return worker_security_group
+        return False
+
+    if not get_security_group(conn, "api"):
+        api_security_group = conn.ex_create_security_group('api', 'for API services only')
+        conn.ex_create_security_group_rule(api_security_group, 'TCP', 80, 80)
+        conn.ex_create_security_group_rule(api_security_group, 'TCP', 22, 22)
+    else:
+        api_security_group = get_security_group(conn, "api")
+
+    if not get_security_group(conn, "worker"):
+        worker_security_group = conn.ex_create_security_group('worker', 'for services that run on a worker node')
+        conn.ex_create_security_group_rule(worker_security_group, 'TCP', 22, 22)
+    else:
+        worker_security_group = get_security_group(conn, "worker")
+
+    if not get_security_group(conn, "control"):
+        controller_security_group = conn.ex_create_security_group('control', 'for services that run on a control node')
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 22, 22)
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 80, 80)
+        conn.ex_create_security_group_rule(controller_security_group, 'TCP', 5672, 5672,
+                                           source_security_group=worker_security_group)
+
+    if not get_security_group(conn, "services"):
+        services_security_group = conn.ex_create_security_group('services', 'for DB and AMQP services only')
+        conn.ex_create_security_group_rule(services_security_group, 'TCP', 22, 22)
+        conn.ex_create_security_group_rule(services_security_group, 'TCP', 3306, 3306,
+                                           source_security_group=api_security_group)
+        conn.ex_create_security_group_rule(services_security_group, 'TCP', 5672, 5672,
+                                           source_security_group=worker_security_group)
+        conn.ex_create_security_group_rule(services_security_group, 'TCP', 5672, 5672,
+                                           source_security_group=api_security_group)
+    else:
+        services_security_group = get_security_group(conn, "services")
+
+    for security_group in conn.ex_list_security_groups():
+        print(security_group)
+
+    ###########################################################################
+    #
+    # get floating ip helper function
+    #
+    ###########################################################################
+
+    def get_floating_ip(connection):
+        """A helper function to re-use available Floating IPs"""
+        unused_floating_ip = None
+        for float_ip in connection.ex_list_floating_ips():
+            if not float_ip.node_id:
+                unused_floating_ip = float_ip
+                break
+        if not unused_floating_ip:
+            pool = connection.ex_list_floating_ip_pools()[0]
+            unused_floating_ip = pool.create_floating_ip()
+        return unused_floating_ip
+
+    ###########################################################################
+    #
+    # create app-services instance (database & messaging)
+    #
+    ###########################################################################
+
+    userdata = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i database -i messaging
+    '''
+
+    print('Starting new app-services instance and wait until it is running...')
+    instance_services = conn.create_node(name='app-services',
+                                         image=image,
+                                         size=flavor,
+                                         networks=[network],
+                                         ex_keyname=keypair_name,
+                                         ex_userdata=userdata,
+                                         ex_security_groups=[services_security_group])
+    instance_services = conn.wait_until_running(nodes=[instance_services], timeout=120,
+                                                ssh_interface='private_ips')[0][0]
+    services_ip = instance_services.private_ips[0]
+
+    ###########################################################################
+    #
+    # create app-api instances
+    #
+    ###########################################################################
+
+    userdata = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i faafo -r api -m 'amqp://guest:guest@%(services_ip)s:5672/' \
+        -d 'mysql+pymysql://faafo:password@%(services_ip)s:3306/faafo'
+    ''' % {'services_ip': services_ip}
+
+    print('Starting new app-api-1 instance and wait until it is running...')
+    instance_api_1 = conn.create_node(name='app-api-1',
+                                      image=image,
+                                      size=flavor,
+                                      networks=[network],
+                                      ex_keyname=keypair_name,
+                                      ex_userdata=userdata,
+                                      ex_security_groups=[api_security_group])
+
+    print('Starting new app-api-2 instance and wait until it is running...')
+    instance_api_2 = conn.create_node(name='app-api-2',
+                                      image=image,
+                                      size=flavor,
+                                      networks=[network],
+                                      ex_keyname=keypair_name,
+                                      ex_userdata=userdata,
+                                      ex_security_groups=[api_security_group])
+
+    instance_api_1 = conn.wait_until_running(nodes=[instance_api_1], timeout=120,
+                                             ssh_interface='private_ips')[0][0]
+    api_1_ip = instance_api_1.private_ips[0]
+    instance_api_2 = conn.wait_until_running(nodes=[instance_api_2], timeout=120,
+                                             ssh_interface='private_ips')[0][0]
+    # api_2_ip = instance_api_2.private_ips[0]
+
+    for instance in [instance_api_1, instance_api_2]:
+        floating_ip = get_floating_ip(conn)
+        conn.ex_attach_floating_ip_to_node(instance, floating_ip)
+        print('allocated %(ip)s to %(host)s' % {'ip': floating_ip.ip_address, 'host': instance.name})
+
+    ###########################################################################
+    #
+    # create worker instances
+    #
+    ###########################################################################
+
+    userdata_api_1 = '''#!/usr/bin/env bash
+    curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+        -i faafo -r worker -e 'http://%(api_1_ip)s' -m 'amqp://guest:guest@%(services_ip)s:5672/'
+    ''' % {'api_1_ip': api_1_ip, 'services_ip': services_ip}
+
+    # userdata-api-2 = '''#!/usr/bin/env bash
+    # curl -L -s https://git.openstack.org/cgit/openstack/faafo/plain/contrib/install.sh | bash -s -- \
+    #     -i faafo -r worker -e 'http://%(api_2_ip)s' -m 'amqp://guest:guest@%(services_ip)s:5672/'
+    # ''' % {'api_2_ip': api_2_ip, 'services_ip': services_ip}
+
+    print('Starting new app-worker-1 instance and wait until it is running...')
+    instance_worker_1 = conn.create_node(name='app-worker-1',
+                                         image=image, size=flavor,
+                                         networks=[network],
+                                         ex_keyname=keypair_name,
+                                         ex_userdata=userdata_api_1,
+                                         ex_security_groups=[worker_security_group])
+
+    print('Starting new app-worker-1 instance and wait until it is running...')
+    instance_worker_2 = conn.create_node(name='app-worker-2',
+                                         image=image, size=flavor,
+                                         networks=[network],
+                                         ex_keyname=keypair_name,
+                                         ex_userdata=userdata_api_1,
+                                         ex_security_groups=[worker_security_group])
+
+    print('Starting new app-worker-1 instance and wait until it is running...')
+    instance_worker_3 = conn.create_node(name='app-worker-3',
+                                         image=image, size=flavor,
+                                         networks=[network],
+                                         ex_keyname=keypair_name,
+                                         ex_userdata=userdata_api_1,
+                                         ex_security_groups=[worker_security_group])
+
+    print(instance_worker_1)
+    print(instance_worker_2)
+    print(instance_worker_3)
+
+
+if __name__ == '__main__':
+    main()
--- a/demo5-1-durable-storage.py
+++ b/demo5-1-durable-storage.py
@ -0,0 +1,123 @@
+from __future__ import print_function
+
+import getpass
+import os
+
+import libcloud.security
+from libcloud.storage.providers import get_driver
+from libcloud.storage.types import Provider
+
+# reqs:
+#   services: nova, glance, neutron
+#   resources: 2 instances (m1.small), 2 floating ips (1 keypair, 2 security groups)
+
+# HS-Fulda Private Cloud
+auth_url = 'https://192.168.72.40:5000'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+
+def main():
+    ###########################################################################
+    #
+    # get credentials
+    #
+    ###########################################################################
+
+    if "OS_PROJECT_NAME" in os.environ:
+        project_name = os.environ["OS_PROJECT_NAME"]
+    else:
+        project_name = input("Enter your OpenStack project:")
+
+    if "OS_USERNAME" in os.environ:
+        auth_username = os.environ["OS_USERNAME"]
+    else:
+        auth_username = input("Enter your OpenStack username:")
+
+    if "OS_PASSWORD" in os.environ:
+        auth_password = os.environ["OS_PASSWORD"]
+    else:
+        auth_password = getpass.getpass("Enter your OpenStack password:")
+
+    ###########################################################################
+    #
+    # create connection
+    #
+    ###########################################################################
+
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK_SWIFT)
+    swift = provider(auth_username,
+                     auth_password,
+                     ex_force_auth_url=auth_url,
+                     ex_force_auth_version='3.x_password',
+                     ex_tenant_name=project_name,
+                     ex_force_service_region=region_name,
+                     ex_domain_name=domain_name)
+
+    ###########################################################################
+    #
+    # create container
+    #
+    ###########################################################################
+
+    container_name = 'fractals'
+    containers = swift.list_containers()
+    container = False
+    for con in containers:
+        if con.name == container_name:
+            container = con
+
+    if not container:
+        container = swift.create_container(container_name=container_name)
+
+    print(container)
+
+    print(swift.list_containers())
+
+    ###########################################################################
+    #
+    # upload a goat
+    #
+    ###########################################################################
+
+    object_name = 'an amazing goat'
+    file_path = 'C:\\Users\\Sebastian\\goat.jpg'
+    objects = container.list_objects()
+    object_data = False
+    for obj in objects:
+        if obj.name == object_name:
+            object_data = obj
+
+    if not object_data:
+        # print(os.getcwd())
+        container = swift.get_container(container_name=container_name)
+        object_data = container.upload_object(file_path=file_path, object_name=object_name)
+
+    objects = container.list_objects()
+    print(objects)
+
+    ###########################################################################
+    #
+    # check goat integrity
+    #
+    ###########################################################################
+
+    import hashlib
+    print(hashlib.md5(open(file_path, 'rb').read()).hexdigest())
+
+    ###########################################################################
+    #
+    # delete goat
+    #
+    ###########################################################################
+
+    swift.delete_object(object_data)
+
+    objects = container.list_objects()
+    print(objects)
+
+
+if __name__ == '__main__':
+    main()
--- a/demo5-2-backup-fractals.py
+++ b/demo5-2-backup-fractals.py
@ -0,0 +1,97 @@
+from __future__ import print_function
+
+import getpass
+import json
+import os
+
+import libcloud
+import libcloud.security
+import requests
+from libcloud.storage.providers import get_driver
+from libcloud.storage.types import Provider
+
+# HS-Fulda Private Cloud
+auth_url = 'https://192.168.72.40:5000'
+region_name = 'RegionOne'
+domain_name = "hsfulda"
+
+api_ip = '192.168.72.102'
+
+
+def main():
+    ###########################################################################
+    #
+    # get credentials
+    #
+    ###########################################################################
+
+    if "OS_PROJECT_NAME" in os.environ:
+        project_name = os.environ["OS_PROJECT_NAME"]
+    else:
+        project_name = input("Enter your OpenStack project:")
+
+    if "OS_USERNAME" in os.environ:
+        auth_username = os.environ["OS_USERNAME"]
+    else:
+        auth_username = input("Enter your OpenStack username:")
+
+    if "OS_PASSWORD" in os.environ:
+        auth_password = os.environ["OS_PASSWORD"]
+    else:
+        auth_password = getpass.getpass("Enter your OpenStack password:")
+
+    ###########################################################################
+    #
+    # create connection
+    #
+    ###########################################################################
+
+    libcloud.security.VERIFY_SSL_CERT = False
+
+    provider = get_driver(Provider.OPENSTACK_SWIFT)
+    swift = provider(auth_username,
+                     auth_password,
+                     ex_force_auth_url=auth_url,
+                     ex_force_auth_version='3.x_password',
+                     ex_tenant_name=project_name,
+                     ex_force_service_region=region_name,
+                     ex_domain_name=domain_name)
+
+    ###########################################################################
+    #
+    # create container
+    #
+    ###########################################################################
+
+    container_name = 'fractals'
+    containers = swift.list_containers()
+    container = False
+    for con in containers:
+        if con.name == container_name:
+            container = con
+
+    if not container:
+        container = swift.create_container(container_name=container_name)
+
+    print(container)
+
+    ###########################################################################
+    #
+    # backup existing fractals to container
+    #
+    ###########################################################################
+
+    endpoint = 'http://' + api_ip
+    params = { 'results_per_page': '-1' }
+    response = requests.get('%s/v1/fractal' % endpoint, params=params)
+    data = json.loads(response.text)
+    for fractal in data['objects']:
+        response = requests.get('%s/fractal/%s' % (endpoint, fractal['uuid']), stream=True)
+        container.upload_object_via_stream(response.iter_content(), object_name=fractal['uuid'])
+
+    for object_data in container.list_objects():
+        print(object_data)
+
+
+if __name__ == '__main__':
+    main()