Merge "ansible profile"
diff --git a/cord-pod-ansible/Makefile b/cord-pod-ansible/Makefile
new file mode 100644
index 0000000..80bb48c
--- /dev/null
+++ b/cord-pod-ansible/Makefile
@@ -0,0 +1,20 @@
+CONFIG_DIR=$(shell pwd)
+
+everything: /usr/bin/ansible
+	ansible-playbook -i inventory/local --connection=local -e "config_dir=$(CONFIG_DIR)" cord-pod-playbook.yaml
+
+/usr/bin/ansible: 
+	sudo apt-get update
+	sudo apt-get -y install software-properties-common curl git mosh tmux dnsutils python-netaddr
+	sudo add-apt-repository -y ppa:ansible/ansible
+	sudo apt-get update
+	sudo apt-get install -y ansible
+
+stop:
+	ansible-playbook -i inventory/local --connection=local -e "config_dir=$(CONFIG_DIR)" cord-pod-stop-playbook.yaml
+
+rm: stop
+	ansible-playbook -i inventory/local --connection=local -e "config_dir=$(CONFIG_DIR)" cord-pod-rm-playbook.yaml
+
+local_containers:
+	ansible-playbook -i inventory/local --connection=local -e "config_dir=$(CONFIG_DIR)" local-containers-playbook.yaml
diff --git a/cord-pod-ansible/ansible.cfg b/cord-pod-ansible/ansible.cfg
new file mode 100644
index 0000000..0189b86
--- /dev/null
+++ b/cord-pod-ansible/ansible.cfg
@@ -0,0 +1,7 @@
+[ssh_connection]
+ssh_args=-o ControlMaster=no
+
+[defaults]
+callback_whitelist = profile_tasks
+host_key_checking = false
+forks=20
diff --git a/cord-pod-ansible/base-config-2x2 b/cord-pod-ansible/base-config-2x2
new file mode 100644
index 0000000..bc6c95b
--- /dev/null
+++ b/cord-pod-ansible/base-config-2x2
@@ -0,0 +1,139 @@
+{
+    "ports" : {
+    "of:0000cc37ab6180ca/5" : {
+        "interfaces" : [
+            {
+                "ips" : [ "10.6.1.254/24" ]
+            }
+        ]
+    },
+    "of:0000cc37ab6182d2/5" : {
+        "interfaces" : [
+            {
+                "ips" : [ "10.6.2.254/24" ]
+            }
+        ]
+    },
+    "of:0000cc37ab6182d2/32" : {
+        "interfaces" : [
+            {
+                "name" : "internet-router",
+                "ips" : [ "10.231.254.202/30" ],
+                "mac" : "00:16:3e:4b:5a:04"
+            }
+        ],
+        "pimInterface" : {
+            "interfaceName" : "internet-router",
+            "enabled" : true,
+            "helloInterval" : 1,
+            "holdTime" : 3,
+            "propagationDelay" : 500,
+            "overrideInterval" : 2500
+         }
+    }
+    },
+    "devices" : {
+        "of:0000cc37ab6180ca" : {
+            "segmentrouting" : {
+                "name" : "Leaf-R1",
+                "nodeSid" : 101,
+                "routerIp" : "10.6.0.8",
+                "routerMac" : "00:00:00:00:01:80",
+                "isEdgeRouter" : true,
+                "adjacencySids" : []
+            }
+        },
+        "of:0000cc37ab6182d2" : {
+            "segmentrouting" : {
+                "name" : "Leaf-R2",
+                "nodeSid" : 102,
+                "routerIp" : "10.6.0.11",
+                "routerMac" : "00:00:00:00:02:80",
+                "isEdgeRouter" : true,
+                "adjacencySids" : []
+            }
+        },
+        "of:0000cc37ab618048" : {
+            "segmentrouting" : {
+                "name" : "Spine-R1",
+                "nodeSid" : 103,
+                "routerIp" : "10.6.0.18",
+                "routerMac" : "00:00:01:00:11:80",
+                "isEdgeRouter" : false,
+                "adjacencySids" : []
+            }
+        },
+        "of:0000cc37ab617ec2" : {
+            "segmentrouting" : {
+                "name" : "Spine-R2",
+                "nodeSid" : 104,
+                "routerIp" : "10.6.0.17",
+                "routerMac" : "00:00:01:00:22:80",
+                "isEdgeRouter" : false,
+                "adjacencySids" : []
+            }
+        }
+    },
+    "links" : {
+        "of:0000cc37ab6180ca/1-of:0000cc37ab618048/1" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab6180ca/3-of:0000cc37ab617ec2/1" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab6182d2/1-of:0000cc37ab618048/3" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab6182d2/3-of:0000cc37ab617ec2/3" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab618048/1-of:0000cc37ab6180ca/1" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab617ec2/1-of:0000cc37ab6180ca/3" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab618048/3-of:0000cc37ab6182d2/1" : {
+            "basic" : {}
+        },
+        "of:0000cc37ab617ec2/3-of:0000cc37ab6182d2/3" : {
+            "basic" : {}
+        }
+    },
+    "apps" : {
+        "org.onosproject.core" : {
+            "core" : {
+                "linkDiscoveryMode" : "STRICT"
+            },
+            "multicast": {
+                "ingressVlan": "None",
+                "egressVlan": "None"
+            }
+        },
+        "org.onosproject.segmentrouting" : {
+            "segmentrouting" : {
+                "vRouterMacs" : [
+                    "a4:23:05:34:56:78", "a4:23:05:34:56:79"
+                ],
+                "vRouterId" : "of:0000cc37ab6182d2",
+                "suppressSubnet" : [
+                    "of:0000cc37ab6182d2/31", "of:0000cc37ab6182d2/32"
+                ],
+                "suppressHostByProvider" : [
+                    "org.onosproject.provider.host"
+                ],
+                "suppressHostByPort" : [
+                    "of:0000cc37ab6182d2/31", "of:0000cc37ab6182d2/32"
+                ]
+            }
+        },
+        "org.onosproject.router" : {
+            "router" : {
+                "controlPlaneConnectPoint" : "of:0000cc37ab6182d2/31",
+                "ospfEnabled" : "true",
+                "pimEnabled" : "true",
+                "interfaces" : [ "internet-router" ]
+            }
+        }
+    }
+}
diff --git a/cord-pod-ansible/cord-pod-playbook.yaml b/cord-pod-ansible/cord-pod-playbook.yaml
new file mode 100644
index 0000000..c8512c4
--- /dev/null
+++ b/cord-pod-ansible/cord-pod-playbook.yaml
@@ -0,0 +1,45 @@
+---
+
+- name: Include vars
+  hosts: head
+  tasks:
+    - include_vars: vars/cord-pod_defaults.yml
+
+- name: Prerequisites
+  hosts: head
+  sudo: yes
+  roles:
+    - prereqs
+
+- name: Local Environment
+  hosts: head
+  roles:
+    - local_environment
+
+- name: Download images
+  hosts: head
+  roles:
+    - download_images
+
+- name: Build Config
+  hosts: head
+  roles:
+    - buildconfig
+
+- name: Bootstrap
+  hosts: head
+  roles:
+    - bootstrap
+
+- name: Onboarding
+  hosts: head
+  roles:
+    - onboarding
+
+- name: Configuration
+  hosts: head
+  roles:
+    - config
+  tags:
+    - config
+
diff --git a/cord-pod-ansible/cord-pod-rm-playbook.yaml b/cord-pod-ansible/cord-pod-rm-playbook.yaml
new file mode 100644
index 0000000..74b514a
--- /dev/null
+++ b/cord-pod-ansible/cord-pod-rm-playbook.yaml
@@ -0,0 +1,11 @@
+---
+
+- name: Include vars
+  hosts: head
+  tasks:
+    - include_vars: vars/cord-pod_defaults.yml
+
+- name: rm
+  hosts: head
+  roles:
+    - rm
\ No newline at end of file
diff --git a/cord-pod-ansible/cord-pod-stop-playbook.yaml b/cord-pod-ansible/cord-pod-stop-playbook.yaml
new file mode 100644
index 0000000..6e93c50
--- /dev/null
+++ b/cord-pod-ansible/cord-pod-stop-playbook.yaml
@@ -0,0 +1,12 @@
+---
+
+- name: Include vars
+  hosts: head
+  tasks:
+    - include_vars: vars/cord-pod_defaults.yml
+
+- name: Stop
+  hosts: head
+  roles:
+    - stop
+
diff --git a/cord-pod-ansible/cord-services.yaml b/cord-pod-ansible/cord-services.yaml
new file mode 100644
index 0000000..66b69ff
--- /dev/null
+++ b/cord-pod-ansible/cord-services.yaml
@@ -0,0 +1,172 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Just enough Tosca to get the vSG slice running on the CORD POD
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+    # CORD Services
+    service#vtr:
+      type: tosca.nodes.Service
+      properties:
+          view_url: /admin/vtr/vtrservice/$id$/
+          kind: vTR
+          replaces: service_vtr
+
+    service#volt:
+      type: tosca.nodes.VOLTService
+      requirements:
+          - vsg_tenant:
+              node: service#vsg
+              relationship: tosca.relationships.TenantOfService
+      properties:
+          view_url: /admin/volt/voltservice/$id$/
+          kind: vOLT
+          replaces: service_volt
+          public_key: { get_artifact: [ SELF, pubkey, LOCAL_FILE] }
+          private_key_fn: /opt/xos/services/volt/keys/volt_rsa
+      artifacts:
+          pubkey: /opt/xos/services/volt/keys/volt_rsa.pub
+
+    addresses_vsg:
+      type: tosca.nodes.AddressPool
+      properties:
+          addresses: 10.168.0.0/24
+          gateway_ip: 10.168.0.1
+          gateway_mac: 02:42:0a:a8:00:01
+
+    addresses_exampleservice-public:
+      type: tosca.nodes.AddressPool
+      properties:
+          addresses: 10.168.1.0/24
+          gateway_ip: 10.168.1.1
+          gateway_mac: 02:42:0a:a8:00:01
+
+    service#vsg:
+      type: tosca.nodes.VSGService
+      requirements:
+          - vrouter_tenant:
+              node: service#vrouter
+              relationship: tosca.relationships.TenantOfService
+      properties:
+          view_url: /admin/vsg/vsgservice/$id$/
+          backend_network_label: hpc_client
+          public_key: { get_artifact: [ SELF, pubkey, LOCAL_FILE] }
+          private_key_fn: /opt/xos/services/vsg/keys/vsg_rsa
+#          node_label: label_vsg
+          replaces: service_vsg
+      artifacts:
+          pubkey: /opt/xos/services/vsg/keys/vsg_rsa.pub
+
+    service#vrouter:
+      type: tosca.nodes.VRouterService
+      properties:
+          view_url: /admin/vrouter/vrouterservice/$id$/
+          replaces: service_vrouter
+      requirements:
+          - addresses_vsg:
+              node: addresses_vsg
+              relationship: tosca.relationships.ProvidesAddresses
+          - addresses_service1:
+              node: addresses_exampleservice-public
+              relationship: tosca.relationships.ProvidesAddresses
+
+
+    service#ONOS_CORD:
+      type: tosca.nodes.ONOSService
+      properties:
+          no-delete: true
+          no-create: true
+          no-update: true
+
+    service#ONOS_Fabric:
+      type: tosca.nodes.ONOSService
+      properties:
+          no-delete: true
+          no-create: true
+          no-update: true
+
+    # The vOLT ONOS app is not yet fully integrated
+    #vOLT_ONOS_app:
+    #  type: tosca.nodes.ONOSvOLTApp
+    #  requirements:
+    #      - onos_tenant:
+    #          node: service#ONOS_CORD
+    #          relationship: tosca.relationships.TenantOfService
+    #      - volt_service:
+    #          node: service#volt
+    #          relationship: tosca.relationships.UsedByService
+    #  properties:
+    #      install_dependencies: onos-ext-notifier-1.0-SNAPSHOT.oar, onos-ext-volt-event-publisher-1.0-SNAPSHOT.oar
+    #      dependencies: org.onosproject.openflow-base, org.onosproject.olt, org.ciena.onos.ext_notifier, org.ciena.onos.volt_event_publisher
+    #      autogenerate: volt-network-cfg
+
+    vRouter_ONOS_app:
+      type: tosca.nodes.ONOSvRouterApp
+      requirements:
+          - onos_tenant:
+              node: service#ONOS_Fabric
+              relationship: tosca.relationships.TenantOfService
+          - vrouter_service:
+              node: service#vrouter
+              relationship: tosca.relationships.UsedByService
+      properties:
+          dependencies: org.onosproject.vrouter
+          autogenerate: vrouter-network-cfg
+
+    Private:
+      type: tosca.nodes.NetworkTemplate
+
+    management:
+      type: tosca.nodes.network.Network.XOS
+      properties:
+          no-create: true
+          no-delete: true
+          no-update: true
+
+    image#vsg-1.0:
+      type: tosca.nodes.Image
+
+    mysite:
+      type: tosca.nodes.Site
+
+    label_vsg:
+      type: tosca.nodes.NodeLabel
+
+    # Networks required by the CORD setup
+    mysite_vsg-access:
+      type: tosca.nodes.network.Network
+      properties:
+          ip_version: 4
+      requirements:
+          - network_template:
+              node: Private
+              relationship: tosca.relationships.UsesNetworkTemplate
+          - owner:
+              node: mysite_vsg
+              relationship: tosca.relationships.MemberOfSlice
+          - connection:
+              node: mysite_vsg
+              relationship: tosca.relationships.ConnectsToSlice
+
+    # CORD Slices
+    mysite_vsg:
+      description: vSG Controller Slice
+      type: tosca.nodes.Slice
+      properties:
+          network: noauto
+      requirements:
+          - vsg_service:
+              node: service#vsg
+              relationship: tosca.relationships.MemberOfService
+          - site:
+              node: mysite
+              relationship: tosca.relationships.MemberOfSite
+          - management:
+              node: management
+              relationship: tosca.relationships.ConnectsToNetwork
+          - image:
+              node: image#vsg-1.0
+              relationship: tosca.relationships.DefaultImage
diff --git a/cord-pod-ansible/cord-test-subscriber.yaml b/cord-pod-ansible/cord-test-subscriber.yaml
new file mode 100644
index 0000000..29a5d87
--- /dev/null
+++ b/cord-pod-ansible/cord-test-subscriber.yaml
@@ -0,0 +1,117 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Just enough Tosca to get the vSG slice running on the CORD POD
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+
+    service#volt:
+      type: tosca.nodes.VOLTService
+      properties:
+          no-delete: true
+          no-create: true
+          no-update: true
+
+    mysite:
+      type: tosca.nodes.Site
+      properties:
+          no-delete: true
+          no-create: true
+          no-update: true
+
+    # CORD Slices
+    mysite_vsg:
+      type: tosca.nodes.Slice
+      properties:
+          no-delete: true
+          no-create: true
+          no-update: true
+
+    # Let's add a user who can be administrator of the household
+    johndoe@myhouse.com:
+      type: tosca.nodes.User
+      properties:
+          password: letmein
+          firstname: john
+          lastname: doe
+      requirements:
+          - site:
+              node: mysite
+              relationship: tosca.relationships.MemberOfSite
+          - dependency:
+                node: mysite_vsg
+                relationship: tosca.relationships.DependsOn
+
+    # A subscriber
+    My House:
+       type: tosca.nodes.CORDSubscriber
+       properties:
+           service_specific_id: 123
+           firewall_enable: false
+           cdn_enable: false
+           url_filter_enable: false
+           url_filter_level: R
+       requirements:
+          - house_admin:
+              node: johndoe@myhouse.com
+              relationship: tosca.relationships.AdminPrivilege
+
+    Mom's PC:
+       type: tosca.nodes.CORDUser
+       properties:
+           mac: 01:02:03:04:05:06
+           level: PG_13
+       requirements:
+           - household:
+               node: My House
+               relationship: tosca.relationships.SubscriberDevice
+
+    Dad's PC:
+       type: tosca.nodes.CORDUser
+       properties:
+           mac: 90:E2:BA:82:F9:75
+           level: PG_13
+       requirements:
+           - household:
+               node: My House
+               relationship: tosca.relationships.SubscriberDevice
+
+    Jack's Laptop:
+       type: tosca.nodes.CORDUser
+       properties:
+           mac: 68:5B:35:9D:91:D5
+           level: PG_13
+       requirements:
+           - household:
+               node: My House
+               relationship: tosca.relationships.SubscriberDevice
+
+    Jill's Laptop:
+       type: tosca.nodes.CORDUser
+       properties:
+           mac: 34:36:3B:C9:B6:A6
+           level: PG_13
+       requirements:
+           - household:
+               node: My House
+               relationship: tosca.relationships.SubscriberDevice
+
+    My Volt:
+        type: tosca.nodes.VOLTTenant
+        properties:
+            service_specific_id: 123
+            s_tag: 222
+            c_tag: 111
+        requirements:
+            - provider_service:
+                node: service#volt
+                relationship: tosca.relationships.MemberOfService
+            - subscriber:
+                node: My House
+                relationship: tosca.relationships.BelongsToSubscriber
+            - dependency:
+                node: mysite_vsg
+                relationship: tosca.relationships.DependsOn
diff --git a/cord-pod-ansible/cord-volt-devices.yaml b/cord-pod-ansible/cord-volt-devices.yaml
new file mode 100644
index 0000000..8b41623
--- /dev/null
+++ b/cord-pod-ansible/cord-volt-devices.yaml
@@ -0,0 +1,47 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Just enough Tosca to get the vSG slice running on the CORD POD
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+    service#volt:
+      type: tosca.nodes.VOLTService
+      properties:
+          no-create: True
+          no-delete: True
+          no-update: True
+
+    voltdev-1:
+      type: tosca.nodes.VOLTDevice
+      properties:
+            driver: pmc-olt
+            openflow_id: of:1000000000000001
+            access_devices: >
+              2 222,
+              3 223,
+              4 224
+      requirements:
+          - volt_service:
+              node: service#volt
+              relationship: tosca.relationships.MemberOfService
+          - access_agent:
+              node: agent-1
+              relationship: tosca.relationships.UsesAgent
+
+    agent-1:
+      type: tosca.nodes.AccessAgent
+      properties:
+          mac: AA:BB:CC:DD:EE:FF
+          port_mappings: >
+            of:0000000000000002/2 DE:AD:BE:EF:BA:11,
+            of:0000000000000002/3 BE:EF:DE:AD:BE:EF
+      requirements:
+          - volt_service:
+              node: service#volt
+              relationship: tosca.relationships.MemberOfService
+
+
+
diff --git a/cord-pod-ansible/docker-compose-bootstrap.yml b/cord-pod-ansible/docker-compose-bootstrap.yml
new file mode 100644
index 0000000..a3522c9
--- /dev/null
+++ b/cord-pod-ansible/docker-compose-bootstrap.yml
@@ -0,0 +1,61 @@
+xos_db:
+    image: xosproject/xos-postgres
+    expose:
+        - "5432"
+
+xos_synchronizer_onboarding:
+    image: xosproject/xos-synchronizer-onboarding
+    command: bash -c "cd /opt/xos/synchronizers/onboarding; ./run.sh"
+    #command: sleep 86400
+    labels:
+        org.xosproject.kind: synchronizer
+        org.xosproject.target: onboarding
+    links:
+        - xos_db
+    volumes:
+        - /var/run/docker.sock:/var/run/docker.sock
+        - ./key_import:/opt/xos/key_import:ro
+        - ./onboarding-docker-compose:/opt/xos/synchronizers/onboarding/docker-compose
+        - ../../xos_services:/opt/xos_services
+    log_driver: "json-file"
+    log_opt:
+            max-size: "100k"
+            max-file: "5"
+
+xos_synchronizer_openstack:
+    command: bash -c "sleep 120; python /opt/xos/synchronizers/openstack/xos-synchronizer.py"
+    image: xosproject/xos-synchronizer-openstack
+    labels:
+        org.xosproject.kind: synchronizer
+        org.xosproject.target: openstack
+    links:
+        - xos_db
+    volumes:
+        - ../common/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
+        - ./xos_cord_config:/opt/xos/xos_configuration/xos_cord_config:ro
+        - .:/root/setup:ro
+        - ./files/xos_vtn_config:/opt/xos/xos_configuration/xos_vtn_config:ro
+        - ./images:/opt/xos/images:ro
+    log_driver: "json-file"
+    log_opt:
+            max-size: "100k"
+            max-file: "5"
+
+xos_bootstrap_ui:
+    command: python /opt/xos/manage.py runserver 0.0.0.0:81 --insecure --makemigrations
+    environment:
+        - CONFIG_DIR
+    image: xosproject/xos
+    links:
+        - xos_db
+    ports:
+        - "81:81"
+    volumes:
+        - ../common/xos_common_config:/opt/xos/xos_configuration/xos_common_config:ro
+        - ./xos_cord_config:/opt/xos/xos_configuration/xos_cord_config:ro
+        - ./files/xos_vtn_config:/opt/xos/xos_configuration/xos_vtn_config:ro
+        - ../../xos_services:/opt/xos_services
+    log_driver: "json-file"
+    log_opt:
+            max-size: "100k"
+            max-file: "5"
diff --git a/cord-pod-ansible/files/exampleservice_config b/cord-pod-ansible/files/exampleservice_config
new file mode 100644
index 0000000..823e31d
--- /dev/null
+++ b/cord-pod-ansible/files/exampleservice_config
@@ -0,0 +1,29 @@
+# Required by XOS
+[db]
+name=xos
+user=postgres
+password=password
+host=localhost
+port=5432
+
+# Required by XOS
+[api]
+nova_enabled=True
+
+# Sets options for the synchronizer
+[observer]
+name=exampleservice
+dependency_graph=/opt/xos/synchronizers/exampleservice/model-deps
+steps_dir=/opt/xos/synchronizers/exampleservice/steps
+sys_dir=/opt/xos/synchronizers/exampleservice/sys
+logfile=/var/log/xos_backend.log
+pretend=False
+backoff_disabled=True
+save_ansible_output=True
+proxy_ssh=True
+proxy_ssh_key=/root/setup/node_key
+proxy_ssh_user=root
+
+[networking]
+use_vtn=True
+
diff --git a/cord-pod-ansible/files/monitoring_synchronizer_config b/cord-pod-ansible/files/monitoring_synchronizer_config
new file mode 100644
index 0000000..1ee96f0
--- /dev/null
+++ b/cord-pod-ansible/files/monitoring_synchronizer_config
@@ -0,0 +1,43 @@
+
+[plc]
+name=plc
+deployment=VICCI
+
+[db]
+name=xos
+user=postgres
+password=password
+host=localhost
+port=5432
+
+[api]
+host=128.112.171.237
+port=8000
+ssl_key=None
+ssl_cert=None
+ca_ssl_cert=None
+ratelimit_enabled=0
+omf_enabled=0
+mail_support_address=support@localhost
+nova_enabled=True
+
+[observer]
+name=monitoring_service
+dependency_graph=/opt/xos/synchronizers/monitoring/model-deps
+steps_dir=/opt/xos/synchronizers/monitoring/steps
+sys_dir=/opt/xos/synchronizers/monitoring/sys
+deleters_dir=/opt/xos/synchronizers/monitoring/deleters
+log_file=console
+driver=None
+pretend=False
+backoff_disabled=True
+save_ansible_output=True
+full_setup=True
+# For CORD_POD config, set proxy_ssh to True even on cloudlab
+proxy_ssh=True
+proxy_ssh_key=/root/setup/node_key
+proxy_ssh_user=root
+
+[feefie]
+client_id='vicci_dev_central'
+user_id='pl'
diff --git a/cord-pod-ansible/files/vcpe_synchronizer_config b/cord-pod-ansible/files/vcpe_synchronizer_config
new file mode 100644
index 0000000..9da6ede
--- /dev/null
+++ b/cord-pod-ansible/files/vcpe_synchronizer_config
@@ -0,0 +1,47 @@
+
+[plc]
+name=plc
+deployment=VICCI
+
+[db]
+name=xos
+user=postgres
+password=password
+host=localhost
+port=5432
+
+[api]
+host=128.112.171.237
+port=8000
+ssl_key=None
+ssl_cert=None
+ca_ssl_cert=None
+ratelimit_enabled=0
+omf_enabled=0
+mail_support_address=support@localhost
+nova_enabled=True
+
+[observer]
+name=vcpe
+dependency_graph=/opt/xos/synchronizers/vsg/model-deps
+steps_dir=/opt/xos/synchronizers/vsg/steps
+sys_dir=/opt/xos/synchronizers/vsg/sys
+deleters_dir=/opt/xos/synchronizers/vsg/deleters
+log_file=console
+#/var/log/hpc.log
+driver=None
+pretend=False
+backoff_disabled=True
+save_ansible_output=True
+# set proxy_ssh to false on cloudlab
+full_setup=True
+proxy_ssh=True
+proxy_ssh_key=/root/setup/node_key
+proxy_ssh_user=root
+
+[networking]
+use_vtn=True
+
+[feefie]
+client_id='vicci_dev_central'
+user_id='pl'
diff --git a/cord-pod-ansible/files/vtr_synchronizer_config b/cord-pod-ansible/files/vtr_synchronizer_config
new file mode 100644
index 0000000..223ab00
--- /dev/null
+++ b/cord-pod-ansible/files/vtr_synchronizer_config
@@ -0,0 +1,47 @@
+
+[plc]
+name=plc
+deployment=VICCI
+
+[db]
+name=xos
+user=postgres
+password=password
+host=localhost
+port=5432
+
+[api]
+host=128.112.171.237
+port=8000
+ssl_key=None
+ssl_cert=None
+ca_ssl_cert=None
+ratelimit_enabled=0
+omf_enabled=0
+mail_support_address=support@localhost
+nova_enabled=True
+
+[observer]
+name=vtr
+dependency_graph=/opt/xos/synchronizers/vtr/model-deps
+steps_dir=/opt/xos/synchronizers/vtr/steps
+sys_dir=/opt/xos/synchronizers/vtr/sys
+deleters_dir=/opt/xos/synchronizers/vtr/deleters
+log_file=console
+#/var/log/hpc.log
+driver=None
+pretend=False
+backoff_disabled=True
+save_ansible_output=True
+# set proxy_ssh to false on cloudlab
+full_setup=True
+proxy_ssh=True
+proxy_ssh_key=/root/setup/node_key
+proxy_ssh_user=root
+
+[networking]
+use_vtn=True
+
+[feefie]
+client_id='vicci_dev_central'
+user_id='pl'
diff --git a/cord-pod-ansible/files/xos_vtn_config b/cord-pod-ansible/files/xos_vtn_config
new file mode 100644
index 0000000..5dfd459
--- /dev/null
+++ b/cord-pod-ansible/files/xos_vtn_config
@@ -0,0 +1,2 @@
+[networking]
+use_vtn=True
diff --git a/cord-pod-ansible/inventory/local b/cord-pod-ansible/inventory/local
new file mode 100644
index 0000000..bd066a0
--- /dev/null
+++ b/cord-pod-ansible/inventory/local
@@ -0,0 +1,2 @@
+[head]
+localhost connection=local
diff --git a/cord-pod-ansible/library/xostosca.py b/cord-pod-ansible/library/xostosca.py
new file mode 100644
index 0000000..87e6f81
--- /dev/null
+++ b/cord-pod-ansible/library/xostosca.py
@@ -0,0 +1,41 @@
+#!/usr/bin/python
+
+import json
+import os
+import requests
+import sys
+import traceback
+
+from ansible.module_utils.basic import AnsibleModule
+
+def main():
+    module = AnsibleModule(
+        argument_spec = dict(
+            recipe    = dict(required=True, type='str'),
+            username  = dict(required=True, type='str'),
+            password  = dict(required=True, type='str'),
+            hostname  = dict(default="127.0.0.1", type="str"),
+            port      = dict(default=80, type="int")
+        )
+    )
+
+    xos_auth=(module.params['username'], module.params['password'])
+
+    url = "http://%s:%d/api/utility/tosca/run/" % (module.params['hostname'], module.params['port'])
+    
+    r = requests.post(url, data={"recipe": module.params['recipe']}, auth=xos_auth)
+    if (r.status_code != 200):
+        try:
+            error_text=r.json()["error_text"]
+        except:
+            error_text="error while formatting the error: " + traceback.format_exc()
+        module.fail_json(msg=error_text, rc=r.status_code)
+
+    result = r.json()
+    if "log_msgs" in result:
+        module.exit_json(changed=True, msg="\n".join(result["log_msgs"])+"\n")
+    else:
+        module.exit_json(changed=True, msg="success")
+
+if __name__ == '__main__':
+    main()
diff --git a/cord-pod-ansible/local-containers-playbook.yaml b/cord-pod-ansible/local-containers-playbook.yaml
new file mode 100644
index 0000000..83a46e5
--- /dev/null
+++ b/cord-pod-ansible/local-containers-playbook.yaml
@@ -0,0 +1,23 @@
+---
+
+- name: Include vars
+  hosts: head
+  tasks:
+    - include_vars: vars/cord-pod_defaults.yml
+
+- name: Prerequisites
+  hosts: head
+  sudo: yes
+  roles:
+    - prereqs
+
+- name: Local Environment
+  hosts: head
+  roles:
+    - local_environment
+
+- name: Local containers
+  hosts: head
+  roles:
+    - local_containers
+
diff --git a/cord-pod-ansible/mgmt-net.yaml b/cord-pod-ansible/mgmt-net.yaml
new file mode 100644
index 0000000..2bd0173
--- /dev/null
+++ b/cord-pod-ansible/mgmt-net.yaml
@@ -0,0 +1,40 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Set up management network for CORD POD
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+
+    management_template:
+      type: tosca.nodes.NetworkTemplate
+      properties:
+          visibility: private
+          translation: none
+
+    management:
+      type: tosca.nodes.network.Network
+      properties:
+          ip_version: 4
+          cidr: 172.27.0.0/24
+      requirements:
+          - network_template:
+              node: management_template
+              relationship: tosca.relationships.UsesNetworkTemplate
+          - owner:
+              node: mysite_management
+              relationship: tosca.relationships.MemberOfSlice
+
+    mysite:
+      type: tosca.nodes.Site
+
+    mysite_management:
+      description: This slice exists solely to own the management network
+      type: tosca.nodes.Slice
+      properties:
+          network: noauto
+      requirements:
+          - site:
+              node: mysite
+              relationship: tosca.relationships.MemberOfSite
diff --git a/cord-pod-ansible/roles/bootstrap/defaults/main.yml b/cord-pod-ansible/roles/bootstrap/defaults/main.yml
new file mode 100644
index 0000000..c466b16
--- /dev/null
+++ b/cord-pod-ansible/roles/bootstrap/defaults/main.yml
@@ -0,0 +1,7 @@
+fixtures_yml: "{{ config_dir }}/../common/fixtures.yaml"
+
+mydeployment_yml: "{{ config_dir }}/../common/mydeployment.yaml"
+
+bootstrap_yml: "{{ config_dir }}/docker-compose-bootstrap.yml"
+
+xos_tosca_yml: "{{ config_dir }}/xos.yaml"
diff --git a/cord-pod-ansible/roles/bootstrap/tasks/main.yml b/cord-pod-ansible/roles/bootstrap/tasks/main.yml
new file mode 100644
index 0000000..b1a2e03
--- /dev/null
+++ b/cord-pod-ansible/roles/bootstrap/tasks/main.yml
@@ -0,0 +1,32 @@
+---
+
+- name: remove old docker-compose-bootstrap file
+  file:
+      path=onboarding-docker-compose/docker-compose.yml
+      state=absent
+
+- name: run docker-compose to start bootstrapping
+  shell: CONFIG_DIR={{ config_dir }} docker-compose -p {{ bootstrap_project }} -f {{ bootstrap_yml }} up -d
+    chdir={{ config_dir }}
+  sudo: true
+
+- name: wait for XOS bootstrap_ui to come online
+  uri:
+      url: "http://0.0.0.0:{{ bootstrap_port }}/"
+  register: result
+  retries: 120
+  delay: 1
+  until: result['status']|default(0)==200
+
+- name: add fixtures
+  shell: docker-compose -p {{ bootstrap_project }} -f {{ bootstrap_yml }} run xos_bootstrap_ui python /opt/xos/tosca/run.py none - < {{ fixtures_yml }}
+
+- name: add mydeployment
+  shell: docker-compose -p {{ bootstrap_project }} -f {{ bootstrap_yml }} run xos_bootstrap_ui python /opt/xos/tosca/run.py none - < {{ mydeployment_yml }}
+
+- name: run tosca recipe xos.yaml
+  xostosca:
+     port={{ bootstrap_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', xos_tosca_yml) }}
diff --git a/cord-pod-ansible/roles/buildconfig/tasks/main.yml b/cord-pod-ansible/roles/buildconfig/tasks/main.yml
new file mode 100644
index 0000000..26907d3
--- /dev/null
+++ b/cord-pod-ansible/roles/buildconfig/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+
+- name: make nodes.yaml
+  shell: export SETUPDIR={{ setup_dir }}; bash {{ config_dir }}/../common/make-nodes-yaml.sh
+
+- name: make images.yaml
+  shell: export SETUPDIR={{ setup_dir }}; bash {{ config_dir }}/../common/make-images-yaml.sh
+
+- name: make vtn-external.yaml
+  shell: export SETUPDIR={{ setup_dir }}; bash {{ config_dir }}/scripts/make-vtn-external-yaml.sh
+
+- name: make fabric.yaml
+  shell: export SETUPDIR={{ setup_dir }}; bash {{ config_dir }}/scripts/make-fabric-yaml.sh
diff --git a/cord-pod-ansible/roles/config/tasks/main.yml b/cord-pod-ansible/roles/config/tasks/main.yml
new file mode 100644
index 0000000..3016471
--- /dev/null
+++ b/cord-pod-ansible/roles/config/tasks/main.yml
@@ -0,0 +1,9 @@
+---
+
+- name: run config recipe {{ item.name }}
+  xostosca:
+     port={{ ui_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', item.yaml) }}
+  with_items: "{{ config_recipes | default([]) }}"
diff --git a/cord-pod-ansible/roles/download_images/defaults/main.yml b/cord-pod-ansible/roles/download_images/defaults/main.yml
new file mode 100644
index 0000000..9f2cbbc
--- /dev/null
+++ b/cord-pod-ansible/roles/download_images/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+image_temp_dir: "{{ config_dir }}/images_staging"
+image_dest_dir: "{{ config_dir }}/images"
diff --git a/cord-pod-ansible/roles/download_images/tasks/main.yml b/cord-pod-ansible/roles/download_images/tasks/main.yml
new file mode 100644
index 0000000..cbc83a8
--- /dev/null
+++ b/cord-pod-ansible/roles/download_images/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+
+- name: check image existence
+  command: "bash -c \"source {{ setup_dir }}/admin-openrc.sh; glance image-show {{ item.name }}\""
+  ignore_errors: yes
+  register: checked_images
+  with_items: "{{ images | default([]) }}"
+
+- name: download images
+  get_url:
+    url={{ item.item.url }}
+    dest={{ image_dest_dir }}/{{ item.item.filename }}
+    tmp_dest={{ image_temp_dir }}
+  when: item.rc != 0
+  with_items: "{{ checked_images.results | default([]) }}"
+
+- name: add images to glance
+  command: "bash -c \"source {{ setup_dir }}/admin-openrc.sh; glance image-create --name {{ item.item.name }} --disk-format qcow2 --file ./images/{{ item.item.filename }} --container-format bare\""

+  when: item.rc != 0

+  with_items: "{{ checked_images.results | default([]) }}"

diff --git a/cord-pod-ansible/roles/local_containers/tasks/main.yml b/cord-pod-ansible/roles/local_containers/tasks/main.yml
new file mode 100644
index 0000000..91ea3c3
--- /dev/null
+++ b/cord-pod-ansible/roles/local_containers/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+
+- name: build local containers
+  shell: make -f {{ config_dir }}/../common/Makefile.containers update_certs xos_base xos_devel synchronizer onboarding_synchronizer
diff --git a/cord-pod-ansible/roles/local_environment/tasks/main.yml b/cord-pod-ansible/roles/local_environment/tasks/main.yml
new file mode 100644
index 0000000..84890ff
--- /dev/null
+++ b/cord-pod-ansible/roles/local_environment/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+- name: create key_import directory
+  file: 
+      name=key_import 
+      state=directory
+
+- name: create onboarding-docker-compose directory
+  file:
+      name=onboarding-docker-compose
+      state=directory
+
+- name: create images directory
+  file:
+      name=images
+      state=directory
+
+- name: create images_staging directory
+  file:
+      name=images_staging
+      state=directory
+
+- name: download xos from repo
+  git:
+     repo={{ xos_repo }}
+     dest={{ xos_core_dir }}
+
+- name: download xos services
+  git:

+     repo="{{ item.repo }}"

+     dest="{{ xos_services_dir }}/{{ item.name }}"

+  with_items:

+     - { name: "exampleservice", repo: "https://gerrit.opencord.org/p/exampleservice.git" }

+     - { name: "olt", repo: "https://gerrit.opencord.org/p/olt.git" }

+     - { name: "vsg", repo: "https://gerrit.opencord.org/p/vsg.git" }

+     - { name: "vtn", repo: "https://gerrit.opencord.org/p/vtn.git" }

+     - { name: "vrouter", repo: "https://gerrit.opencord.org/p/vrouter.git" }

+     - { name: "vtr", repo: "https://gerrit.opencord.org/p/vtr.git" }

+     - { name: "onos-service", repo: "https://gerrit.opencord.org/p/onos-service.git" }

+     - { name: "fabric", repo: "https://gerrit.opencord.org/p/fabric.git" }

+     - { name: "monitoring", repo: "https://gerrit.opencord.org/p/monitoring.git" }
+ 
\ No newline at end of file
diff --git a/cord-pod-ansible/roles/onboarding/defaults/main.yml b/cord-pod-ansible/roles/onboarding/defaults/main.yml
new file mode 100644
index 0000000..e7b4212
--- /dev/null
+++ b/cord-pod-ansible/roles/onboarding/defaults/main.yml
@@ -0,0 +1,6 @@
+---
+
+disable_onboarding_tosca_yml: "{{ config_dir }}/../common/disable-onboarding.yaml"
+enable_onboarding_tosca_yml: "{{ config_dir }}/../common/enable-onboarding.yaml"
+
+# onboard_services: 
diff --git a/cord-pod-ansible/roles/onboarding/tasks/main.yml b/cord-pod-ansible/roles/onboarding/tasks/main.yml
new file mode 100644
index 0000000..592d4b7
--- /dev/null
+++ b/cord-pod-ansible/roles/onboarding/tasks/main.yml
@@ -0,0 +1,77 @@
+---
+
+#- name: disable onboarding
+#  uri:
+#    url="http://127.0.0.1:{{ bootstrap_port }}/utility/tosca/run"
+#    user={{ bootstrap_user }}
+#    password={{ bootstrap_password }}
+#    body= {{ "{" }} 'recipe': {{ lookup('file', disable_tosca_yaml) }} {{ "}" }}
+
+- name: disable onboarding
+  xostosca:
+     port={{ bootstrap_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', disable_onboarding_tosca_yml) }}
+
+- name: install private keys
+  copy:
+     dest="{{ key_import_dir }}/{{ item.name }}"
+     src="{{ item.private_fn }}"
+  with_items: "{{ onboard_keys | default([]) }}"
+
+- name: install public keys
+  copy:
+     dest="{{ key_import_dir }}/{{ item.name }}.pub"
+     src="{{ item.public_fn }}"
+  with_items: "{{ onboard_keys | default([]) }}"
+
+- name: onboard services
+  xostosca:
+     port={{ bootstrap_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', item.yaml) }}
+  with_items: "{{ onboard_services | default([]) }}"
+
+- name: run synchronizers.yml tosca recipe
+  xostosca:
+     port={{ bootstrap_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', synchronizers_yml) }}
+  when: synchronizers_yml is defined
+
+- name: enable onboarding
+  xostosca:
+     port={{ bootstrap_port }}
+     username={{ bootstrap_user }}
+     password={{ bootstrap_password }}
+     recipe={{ lookup('file', enable_onboarding_tosca_yml) }}
+
+- name: wait for onboarding ready for service {{ item.name }}
+  uri:
+      url: "http://0.0.0.0:{{ bootstrap_port }}/api/utility/onboarding/services/{{ item.name }}/ready/"
+      return_content: true
+  register: result
+  retries: 60
+  delay: 5
+  until: result.content=="true"
+  with_items: "{{ onboard_services | default([]) }}"
+
+- name: wait for onboarding ready for xos core
+  uri:
+      url: "http://0.0.0.0:{{ bootstrap_port }}/api/utility/onboarding/xos/ready/"
+      return_content: true
+  register: result
+  retries: 60
+  delay: 5
+  until: result.content=="true"
+
+- name: wait for XOS ui to come online
+  uri:
+      url: "http://0.0.0.0:{{ ui_port }}/"
+  register: result
+  retries: 120
+  delay: 1
+  until: result['status']|default(0)==200
diff --git a/cord-pod-ansible/roles/prereqs/tasks/main.yml b/cord-pod-ansible/roles/prereqs/tasks/main.yml
new file mode 100644
index 0000000..c8a2249
--- /dev/null
+++ b/cord-pod-ansible/roles/prereqs/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+# tasks for prereqs
+
+- name: install httpie
+  apt:
+      pkg=httpie
+
+- name: install curl
+  apt:
+      pkg=curl
+
+- name: is docker installed
+  command: which docker
+  register: docker_installed
+
+- name: install docker
+  command: wget wget -qO- https://get.docker.com/ | sh
+  when: docker_installed.rc != 0
+
+# XXX fixme -- current username is hardcoded to ubuntu
+
+- name: add user to docker group
+  user:
+      name=ubunu
+      groups=docker
diff --git a/cord-pod-ansible/roles/rm/defaults/main.yml b/cord-pod-ansible/roles/rm/defaults/main.yml
new file mode 100644
index 0000000..5ac6217
--- /dev/null
+++ b/cord-pod-ansible/roles/rm/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+bootstrap_yml: "{{ config_dir }}/docker-compose-bootstrap.yml"
+docker_compose_yml: "{{ config_dir }}/onboarding-docker-compose/docker-compose.yml"
diff --git a/cord-pod-ansible/roles/rm/tasks/main.yml b/cord-pod-ansible/roles/rm/tasks/main.yml
new file mode 100644
index 0000000..e18b059
--- /dev/null
+++ b/cord-pod-ansible/roles/rm/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+
+- name: check to see if onboarding yaml is present
+  stat: path=onboarding-docker-compose/docker-compose.yml
+  register: onboarding_compose
+
+- name: stop onboarded containers
+  shell: docker-compose -p {{ docker_project }} -f {{ docker_compose_yml }} rm -f
+  when: onboarding_compose.stat.exists == True
+
+- name: stop bootstrap containers
+  shell: docker-compose -p {{ bootstrap_project }} -f {{ bootstrap_yml }} rm -f
diff --git a/cord-pod-ansible/roles/stop/defaults/main.yml b/cord-pod-ansible/roles/stop/defaults/main.yml
new file mode 100644
index 0000000..5ac6217
--- /dev/null
+++ b/cord-pod-ansible/roles/stop/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+bootstrap_yml: "{{ config_dir }}/docker-compose-bootstrap.yml"
+docker_compose_yml: "{{ config_dir }}/onboarding-docker-compose/docker-compose.yml"
diff --git a/cord-pod-ansible/roles/stop/tasks/main.yml b/cord-pod-ansible/roles/stop/tasks/main.yml
new file mode 100644
index 0000000..89072f6
--- /dev/null
+++ b/cord-pod-ansible/roles/stop/tasks/main.yml
@@ -0,0 +1,12 @@
+---
+
+- name: check to see if onboarding yaml is present
+  stat: path=onboarding-docker-compose/docker-compose.yml
+  register: onboarding_compose
+
+- name: stop onboarded containers
+  shell: docker-compose -p {{ docker_project }} -f {{ docker_compose_yml }} stop
+  when: onboarding_compose.stat.exists == True
+
+- name: stop bootstrap containers
+  shell: docker-compose -p {{ bootstrap_project }} -f {{ bootstrap_yml }} stop
diff --git a/cord-pod-ansible/scripts/make-fabric-yaml.sh b/cord-pod-ansible/scripts/make-fabric-yaml.sh
new file mode 100644
index 0000000..7c4cfd7
--- /dev/null
+++ b/cord-pod-ansible/scripts/make-fabric-yaml.sh
@@ -0,0 +1,74 @@
+FN=$SETUPDIR/fabric.yaml
+
+rm -f $FN
+
+cat >> $FN <<EOF
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+imports:
+   - custom_types/xos.yaml
+
+description: generate fabric configuration
+
+topology_template:
+  node_templates:
+
+    service#ONOS_Fabric:
+      type: tosca.nodes.ONOSService
+      requirements:
+      properties:
+          kind: onos
+          view_url: /admin/onos/onosservice/\$id$/
+          no_container: true
+          rest_hostname: onos-fabric
+          replaces: service_ONOS_Fabric
+          rest_onos/v1/network/configuration/: { get_artifact: [ SELF, fabric_network_cfg_json, LOCAL_FILE ] }
+      artifacts:
+          fabric_network_cfg_json: /root/setup/base-config-2x2
+
+    service#fabric:
+      type: tosca.nodes.FabricService
+      properties:
+          view_url: /admin/fabric/fabricservice/\$id\$/
+          replaces: service_fabric
+
+
+EOF
+
+NODES=$( bash -c "source $SETUPDIR/admin-openrc.sh ; nova host-list" |grep compute|awk '{print $2}' )
+I=0
+for NODE in $NODES; do
+    echo $NODE
+    cat >> $FN <<EOF
+    $NODE:
+      type: tosca.nodes.Node
+
+    # Fabric location field for node $NODE
+    ${NODE}_location_tag:
+      type: tosca.nodes.Tag
+      properties:
+          name: location
+          value: of:0000000000000001/1
+      requirements:
+          - target:
+              node: $NODE
+              relationship: tosca.relationships.TagsObject
+          - service:
+              node: service#ONOS_Fabric
+              relationship: tosca.relationships.MemberOfService
+EOF
+done
+
+cat >> $FN <<EOF
+    Fabric_ONOS_app:
+      type: tosca.nodes.ONOSApp
+      requirements:
+          - onos_tenant:
+              node: service#ONOS_Fabric
+              relationship: tosca.relationships.TenantOfService
+          - fabric_service:
+              node: service#fabric
+              relationship: tosca.relationships.UsedByService
+      properties:
+          dependencies: org.onosproject.drivers, org.onosproject.openflow-base, org.onosproject.netcfghostprovider, org.onosproject.netcfglinksprovider, org.onosproject.segmentrouting, org.onosproject.vrouter, org.onosproject.hostprovider
+EOF
diff --git a/cord-pod-ansible/scripts/make-virtualbng-json.sh b/cord-pod-ansible/scripts/make-virtualbng-json.sh
new file mode 100644
index 0000000..993643c
--- /dev/null
+++ b/cord-pod-ansible/scripts/make-virtualbng-json.sh
@@ -0,0 +1,38 @@
+FN=$SETUPDIR/virtualbng.json
+
+rm -f $FN
+
+cat >> $FN <<EOF
+{
+    "localPublicIpPrefixes" : [
+        "10.254.0.128/25"
+    ],
+    "nextHopIpAddress" : "10.254.0.1",
+    "publicFacingMac" : "00:00:00:00:00:66",
+    "xosIpAddress" : "10.11.10.1",
+    "xosRestPort" : "9999",
+    "hosts" : {
+EOF
+
+NODES=$( sudo bash -c "source $SETUPDIR/admin-openrc.sh ; nova hypervisor-list" |grep -v ID|grep -v +|awk '{print $4}' )
+
+NODECOUNT=0
+for NODE in $NODES; do
+    ((NODECOUNT++))
+done
+
+I=0
+for NODE in $NODES; do
+    echo $NODE
+    ((I++))
+    if [[ "$I" -lt "$NODECOUNT" ]]; then
+        echo "      \"$NODE\" : \"of:0000000000000001/1\"," >> $FN
+    else
+        echo "      \"$NODE\" : \"of:0000000000000001/1\"" >> $FN
+    fi
+done
+
+cat >> $FN <<EOF
+    }
+}
+EOF
diff --git a/cord-pod-ansible/scripts/make-vtn-external-yaml.sh b/cord-pod-ansible/scripts/make-vtn-external-yaml.sh
new file mode 100644
index 0000000..fc05922
--- /dev/null
+++ b/cord-pod-ansible/scripts/make-vtn-external-yaml.sh
@@ -0,0 +1,110 @@
+FN=$SETUPDIR/vtn-external.yaml
+
+rm -f $FN
+
+cat >> $FN <<EOF
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+imports:
+   - custom_types/xos.yaml
+
+description: autogenerated node tags file for VTN configuration
+
+topology_template:
+  node_templates:
+
+    service#ONOS_CORD:
+      type: tosca.nodes.ONOSService
+      requirements:
+      properties:
+          kind: onos
+          view_url: /admin/onos/onosservice/\$id$/
+          no_container: true
+          rest_hostname: onos-cord
+          replaces: service_ONOS_CORD
+
+    service#vtn:
+      type: tosca.nodes.VTNService
+      properties:
+          view_url: /admin/vtn/vtnservice/\$id$/
+          privateGatewayMac: 00:00:00:00:00:01
+          localManagementIp: 172.27.0.1/24
+          ovsdbPort: 6641
+          sshUser: root
+          sshKeyFile: /root/node_key
+          sshPort: 22
+          xosEndpoint: http://xos/
+          xosUser: padmin@vicci.org
+          xosPassword: letmein
+          replaces: service_vtn
+
+EOF
+
+NODES=$( bash -c "source $SETUPDIR/admin-openrc.sh ; nova host-list" |grep compute|awk '{print $2}' )
+I=0
+for NODE in $NODES; do
+    echo $NODE
+    cat >> $FN <<EOF
+    $NODE:
+      type: tosca.nodes.Node
+
+    # VTN bridgeId field for node $NODE
+    ${NODE}_bridgeId_tag:
+      type: tosca.nodes.Tag
+      properties:
+          name: bridgeId
+          value: of:0000000000000001
+      requirements:
+          - target:
+              node: $NODE
+              relationship: tosca.relationships.TagsObject
+          - service:
+              node: service#ONOS_CORD
+              relationship: tosca.relationships.MemberOfService
+
+    # VTN dataPlaneIntf field for node $NODE
+    ${NODE}_dataPlaneIntf_tag:
+      type: tosca.nodes.Tag
+      properties:
+          name: dataPlaneIntf
+          value: fabric
+      requirements:
+          - target:
+              node: $NODE
+              relationship: tosca.relationships.TagsObject
+          - service:
+              node: service#ONOS_CORD
+              relationship: tosca.relationships.MemberOfService
+
+    # VTN dataPlaneIp field for node $NODE
+    ${NODE}_dataPlaneIp_tag:
+      type: tosca.nodes.Tag
+      properties:
+          name: dataPlaneIp
+          value: 10.168.0.253/24
+      requirements:
+          - target:
+              node: $NODE
+              relationship: tosca.relationships.TagsObject
+          - service:
+              node: service#ONOS_CORD
+              relationship: tosca.relationships.MemberOfService
+
+EOF
+done
+
+cat >> $FN <<EOF
+    VTN_ONOS_app:
+      type: tosca.nodes.ONOSVTNApp
+      requirements:
+          - onos_tenant:
+              node: service#ONOS_CORD
+              relationship: tosca.relationships.TenantOfService
+          - vtn_service:
+              node: service#vtn
+              relationship: tosca.relationships.UsedByService
+      properties:
+          install_dependencies: http://mavenrepo:8080/repository/org/opencord/cord-config/1.0-SNAPSHOT/cord-config-1.0-SNAPSHOT.oar,http://mavenrepo:8080/repository/org/opencord/vtn/1.0-SNAPSHOT/vtn-1.0-SNAPSHOT.oar
+          dependencies: org.onosproject.drivers, org.onosproject.drivers.ovsdb, org.onosproject.openflow-base, org.onosproject.ovsdb-base, org.onosproject.dhcp
+          autogenerate: vtn-network-cfg
+EOF
diff --git a/cord-pod-ansible/setup.yaml b/cord-pod-ansible/setup.yaml
new file mode 100644
index 0000000..c13f0eb
--- /dev/null
+++ b/cord-pod-ansible/setup.yaml
@@ -0,0 +1,61 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: >
+    * Adds OpenCloud Sites, Deployments, and Controllers.
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+
+    MyDeployment:
+      type: tosca.nodes.Deployment
+      properties:
+          flavors: m1.large, m1.medium, m1.small
+
+    MyOpenStack:
+      type: tosca.nodes.Controller
+      requirements:
+          - deployment:
+              node: MyDeployment
+              relationship: tosca.relationships.ControllerDeployment
+      properties:
+          backend_type: OpenStack
+          version: Kilo
+          auth_url: { get_script_env: [ SELF, adminrc, OS_AUTH_URL, LOCAL_FILE] }
+          admin_user: { get_script_env: [ SELF, adminrc, OS_USERNAME, LOCAL_FILE] }
+          admin_password: { get_script_env: [ SELF, adminrc, OS_PASSWORD, LOCAL_FILE] }
+          admin_tenant: { get_script_env: [ SELF, adminrc, OS_TENANT_NAME, LOCAL_FILE] }
+          domain: Default
+      artifacts:
+          adminrc: /root/setup/admin-openrc.sh
+
+    mysite:
+      type: tosca.nodes.Site
+      properties:
+          display_name: MySite
+          site_url: http://xosproject.org/
+      requirements:
+          - deployment:
+               node: MyDeployment
+               relationship: tosca.relationships.SiteDeployment
+               requirements:
+                   - controller:
+                       node: MyOpenStack
+                       relationship: tosca.relationships.UsesController
+
+    # This user already exists in XOS with this password
+    # It's an example of how to create new users
+    padmin@vicci.org:
+      type: tosca.nodes.User
+      requirements:
+          - site:
+              node: mysite
+              relationship: tosca.relationships.MemberOfSite
+      properties:
+          is_admin: true
+          is_active: true
+          firstname: XOS
+          lastname: admin
+          password: letmein
diff --git a/cord-pod-ansible/synchronizers.yaml b/cord-pod-ansible/synchronizers.yaml
new file mode 100644
index 0000000..02035e3
--- /dev/null
+++ b/cord-pod-ansible/synchronizers.yaml
@@ -0,0 +1,19 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: This recipe provides additional configuration for the onboarded services.
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+    servicecontroller#vsg:
+      type: tosca.nodes.ServiceController
+      properties:
+        no-create: true
+        synchronizer_config: /root/setup/files/vcpe_synchronizer_config
+    servicecontroller#vtr:
+      type: tosca.nodes.ServiceController
+      properties:
+        no-create: true
+        synchronizer_config: /root/setup/files/vtr_synchronizer_config
diff --git a/cord-pod-ansible/vars/cord-pod_defaults.yml b/cord-pod-ansible/vars/cord-pod_defaults.yml
new file mode 100644
index 0000000..dcba503
--- /dev/null
+++ b/cord-pod-ansible/vars/cord-pod_defaults.yml
@@ -0,0 +1,54 @@
+---
+
+xos_repo: https://gerrit.opencord.org/p/xos.git
+
+setup_dir: "{{ config_dir }}"
+
+key_import_dir: "{{ config_dir }}/key_import"
+
+base_dir: "{{ config_dir }}/../.."
+
+xos_core_dir: "{{ base_dir }}/xos"
+
+xos_services_dir: "{{ base_dir }}/xos_services"
+
+bootstrap_project: "cordpodbs"
+docker_project: "cordpod"
+
+bootstrap_port: 81
+ui_port: 80
+
+bootstrap_user: "padmin@vicci.org"
+bootstrap_password: "letmein"
+
+synchronizers_yml: "{{ config_dir }}/synchronizers.yaml"
+
+onboard_keys:
+  - { name: "vsg_rsa", private_fn: "{{ config_dir }}/id_rsa", public_fn: "{{ config_dir }}/id_rsa.pub" }
+  - { name: "volt_rsa", private_fn: "{{ config_dir }}/id_rsa", public_fn: "{{ config_dir }}/id_rsa.pub" }
+  - { name: "onos_rsa", private_fn: "{{ config_dir }}/id_rsa", public_fn: "{{ config_dir }}/id_rsa.pub" }
+
+onboard_services:
+ - { name: "vrouter", yaml: "{{ xos_services_dir }}/vrouter/xos/vrouter-onboard.yaml" }
+ - { name: "volt", yaml: "{{ xos_services_dir }}/olt/xos/volt-onboard.yaml" }
+ - { name: "vsg", yaml: "{{ xos_services_dir }}/vsg/xos/vsg-onboard.yaml" }
+ - { name: "vtr", yaml: "{{ xos_services_dir }}/vtn/xos/vtn-onboard.yaml" }
+ - { name: "onos", yaml: "{{ xos_services_dir }}/onos-service/xos/onos-onboard.yaml" }
+ - { name: "fabric", yaml: "{{ xos_services_dir }}/fabric/xos/fabric-onboard.yaml" }
+ - { name: "vtr", yaml: "{{ xos_services_dir }}/vtr/xos/vtr-onboard.yaml" }
+
+images:
+ - { name: "vsg-1.0", filename: "vsg-1.0.img", url: "http://www.vicci.org/cord/vsg-1.0.img" }
+
+config_recipes:
+ - { name: "setup", yaml: "{{ setup_dir }}/setup.yaml" }
+ - { name: "nodes", yaml: "{{ setup_dir }}/nodes.yaml" }
+ - { name: "images", yaml: "{{ setup_dir }}/images.yaml" }
+ - { name: "vtn-external", yaml: "{{ setup_dir }}/vtn-external.yaml" }
+ - { name: "fabric", yaml: "{{ setup_dir }}/fabric.yaml" }
+ - { name: "mgmt-net", yaml: "{{ setup_dir }}/mgmt-net.yaml" }
+ - { name: "cord-services", yaml: "{{ setup_dir }}/cord-services.yaml" }
+ - { name: "cord-volt-devices", yaml: "{{ setup_dir }}/cord-volt-devices.yaml" }
+ - { name: "cord-test-subscriber", yaml: "{{ setup_dir }}/cord-test-subscriber.yaml" }
+
+
diff --git a/cord-pod-ansible/xos.yaml b/cord-pod-ansible/xos.yaml
new file mode 100644
index 0000000..91327f2
--- /dev/null
+++ b/cord-pod-ansible/xos.yaml
@@ -0,0 +1,86 @@
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Onboard the exampleservice
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+    xos:
+      type: tosca.nodes.XOS
+      properties:
+        ui_port: 80
+        bootstrap_ui_port: 81
+        docker_project_name: cordpod
+        db_container_name: cordpodbs_xos_db_1
+
+    /opt/xos/xos_configuration/xos_common_config:
+      type: tosca.nodes.XOSVolume
+      properties:
+          host_path: { path_join: [ SELF, CONFIG_DIR, ../common/xos_common_config, ENV_VAR ] }
+          read_only: true
+      requirements:
+          - xos:
+             node: xos
+             relationship: tosca.relationships.UsedByXOS
+
+    /opt/xos/xos_configuration/xos_cord_config:
+      type: tosca.nodes.XOSVolume
+      properties:
+          host_path: { path_join: [ SELF, CONFIG_DIR, xos_cord_config, ENV_VAR ] }
+          read_only: true
+      requirements:
+          - xos:
+             node: xos
+             relationship: tosca.relationships.UsedByXOS
+
+    /opt/xos/xos_configuration/xos_vtn_config:
+      type: tosca.nodes.XOSVolume
+      properties:
+          host_path: { path_join: [ SELF, CONFIG_DIR, files/xos_vtn_config, ENV_VAR ] }
+          read_only: true
+      requirements:
+          - xos:
+              node: xos
+              relationship: tosca.relationships.UsedByXOS
+
+    /root/setup:
+      type: tosca.nodes.XOSVolume
+      properties:
+          host_path: { path_join: [ SELF, CONFIG_DIR, ., ENV_VAR ] }
+          read_only: true
+      requirements:
+          - xos:
+             node: xos
+             relationship: tosca.relationships.UsedByXOS
+
+#    /opt/xos/synchronizers/onos/onos_key.pub:
+#      type: tosca.nodes.XOSVolume
+#      properties:
+#          host_path: { path_join: [ SELF, CONFIG_DIR, id_rsa.pub, ENV_VAR ] }
+#          read_only: true
+#      requirements:
+#          - xos:
+#             node: xos
+#             relationship: tosca.relationships.UsedByXOS
+
+#    /opt/xos/synchronizers/vcpe/vcpe_public_key:
+#      type: tosca.nodes.XOSVolume
+#      properties:
+#          host_path: { path_join: [ SELF, CONFIG_DIR, id_rsa.pub, ENV_VAR ] }
+#          read_only: true
+#      requirements:
+#          - xos:
+#             node: xos
+#             relationship: tosca.relationships.UsedByXOS
+
+#    /opt/xos/synchronizers/monitoring_channel/monitoring_channel_public_key:
+#      type: tosca.nodes.XOSVolume
+#      properties:
+#          host_path: { path_join: [ SELF, CONFIG_DIR, id_rsa.pub, ENV_VAR ] }
+#          read_only: true
+#      requirements:
+#          - xos:
+#             node: xos
+#             relationship: tosca.relationships.UsedByXOS