Code Review / multicloud / k8s.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Add sriov-network addon helm chart"
[multicloud/k8s.git] / kud / tests / _common.sh
1 #!/bin/bash
2 # SPDX-license-identifier: Apache-2.0
3 ##############################################################################
4 # Copyright (c) 2018
5 # All rights reserved. This program and the accompanying materials
6 # are made available under the terms of the Apache License, Version 2.0
7 # which accompanies this distribution, and is available at
8 # http://www.apache.org/licenses/LICENSE-2.0
9 ##############################################################################
10
11 set -o errexit
12 set -o nounset
13 set -o pipefail
14
15 packetgen_deployment_name=packetgen
16 sink_deployment_name=sink
17 firewall_deployment_name=firewall
18 image_name=virtlet.cloud/ubuntu/16.04
19 multus_deployment_name=multus-deployment
20 virtlet_image=virtlet.cloud/fedora
21 virtlet_deployment_name=virtlet-deployment
22 plugin_deployment_name=plugin-deployment
23 plugin_service_name=plugin-service
24 ovn4nfv_deployment_name=ovn4nfv-deployment
25 onap_private_net=onap-private-net
26 unprotected_private_net=unprotected-private-net
27 protected_private_net=protected-private-net
28 ovn_multus_network_name=ovn-networkobj
29 rbd_metadata=rbd_metatada.json
30 rbp_metadata=rbp_metatada.json
31 rbp_instance=rbp_instance.json
32
33 # vFirewall vars
34 demo_artifacts_version=1.5.0
35 vfw_private_ip_0='192.168.10.3'
36 vfw_private_ip_1='192.168.20.2'
37 vfw_private_ip_2='10.10.100.3'
38 vpg_private_ip_0='192.168.10.2'
39 vpg_private_ip_1='10.0.100.2'
40 vsn_private_ip_0='192.168.20.3'
41 vsn_private_ip_1='10.10.100.4'
42 dcae_collector_ip='10.0.4.1'
43 dcae_collector_port='8081'
44 protected_net_gw='192.168.20.100'
45 protected_net_cidr='192.168.20.0/24'
46 protected_private_net_cidr='192.168.10.0/24'
47 onap_private_net_cidr='10.10.0.0/16'
48 sink_ipaddr='192.168.20.250'
49 multus_private_net_cidr='10.20.0.0/16'
50
51 # populate_CSAR_containers_vFW() - This function creates the content of CSAR file
52 # required for vFirewal using only containers
53 function populate_CSAR_containers_vFW {
54     local csar_id=$1
55
56     _checks_args $csar_id
57     pushd ${CSAR_DIR}/${csar_id}
58
59     cat << META > metadata.yaml
60 resources:
61   network:
62     - $unprotected_private_net.yaml
63     - $protected_private_net.yaml
64     - $onap_private_net.yaml
65   deployment:
66     - $packetgen_deployment_name.yaml
67     - $firewall_deployment_name.yaml
68     - $sink_deployment_name.yaml
69 META
70
71     cat << NET > $unprotected_private_net.yaml
72 apiVersion: "k8s.cni.cncf.io/v1"
73 kind: NetworkAttachmentDefinition
74 metadata:
75   name: $unprotected_private_net
76 spec:
77   config: '{
78     "name": "unprotected",
79     "type": "bridge",
80     "ipam": {
81         "type": "host-local",
82         "subnet": "$protected_private_net_cidr"
83     }
84 }'
85 NET
86
87     cat << NET > $protected_private_net.yaml
88 apiVersion: "k8s.cni.cncf.io/v1"
89 kind: NetworkAttachmentDefinition
90 metadata:
91   name: $protected_private_net
92 spec:
93   config: '{
94     "name": "protected",
95     "type": "bridge",
96     "ipam": {
97         "type": "host-local",
98         "subnet": "$protected_net_cidr"
99     }
100 }'
101 NET
102
103     cat << NET > $onap_private_net.yaml
104 apiVersion: "k8s.cni.cncf.io/v1"
105 kind: NetworkAttachmentDefinition
106 metadata:
107   name: $onap_private_net
108 spec:
109   config: '{
110     "name": "onap",
111     "type": "bridge",
112     "ipam": {
113         "type": "host-local",
114         "subnet": "$onap_private_net_cidr"
115     }
116 }'
117 NET
118
119     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
120 apiVersion: apps/v1
121 kind: Deployment
122 metadata:
123   name: $packetgen_deployment_name
124   labels:
125     app: vFirewall
126 spec:
127   replicas: 1
128   selector:
129     matchLabels:
130       app: vFirewall
131   template:
132     metadata:
133       labels:
134         app: vFirewall
135       annotations:
136         k8s.v1.cni.cncf.io/networks: '[
137             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
138             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
139         ]'
140     spec:
141       containers:
142       - name: $packetgen_deployment_name
143         image: electrocucaracha/packetgen
144         imagePullPolicy: IfNotPresent
145         tty: true
146         stdin: true
147         resources:
148           limits:
149             memory: 256Mi
150 DEPLOYMENT
151
152     cat << DEPLOYMENT > $firewall_deployment_name.yaml
153 apiVersion: apps/v1
154 kind: Deployment
155 metadata:
156   name: $firewall_deployment_name
157   labels:
158     app: vFirewall
159 spec:
160   replicas: 1
161   selector:
162     matchLabels:
163       app: vFirewall
164   template:
165     metadata:
166       labels:
167         app: vFirewall
168       annotations:
169         k8s.v1.cni.cncf.io/networks: '[
170             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
171             { "name": "$protected_private_net", "interfaceRequest": "eth2" },
172             { "name": "$onap_private_net", "interfaceRequest": "eth3" }
173         ]'
174     spec:
175       containers:
176       - name: $firewall_deployment_name
177         image: electrocucaracha/firewall
178         imagePullPolicy: IfNotPresent
179         tty: true
180         stdin: true
181 DEPLOYMENT
182
183     cat << DEPLOYMENT > $sink_deployment_name.yaml
184 apiVersion: apps/v1
185 kind: Deployment
186 metadata:
187   name: $sink_deployment_name
188   labels:
189     app: vFirewall
190 spec:
191   replicas: 1
192   selector:
193     matchLabels:
194       app: vFirewall
195       context: darkstat
196   template:
197     metadata:
198       labels:
199         app: vFirewall
200         context: darkstat
201       annotations:
202         k8s.v1.cni.cncf.io/networks: '[
203             { "name": "$protected_private_net", "interfaceRequest": "eth1" },
204             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
205         ]'
206     spec:
207       containers:
208       - name: $sink_deployment_name
209         image: electrocucaracha/sink
210         imagePullPolicy: IfNotPresent
211         tty: true
212         stdin: true
213         securityContext:
214           privileged: true
215       - name: darkstat
216         image: electrocucaracha/darkstat
217         imagePullPolicy: IfNotPresent
218         tty: true
219         stdin: true
220         ports:
221           - containerPort: 667
222 DEPLOYMENT
223     popd
224 }
225
226 # populate_CSAR_vms_containers_vFW() - This function creates the content of CSAR file
227 # required for vFirewal using an hybrid combination between virtual machines and
228 # cotainers
229 function populate_CSAR_vms_containers_vFW {
230     local csar_id=$1
231     ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
232
233     _checks_args $csar_id
234     pushd ${CSAR_DIR}/${csar_id}
235
236     cat << META > metadata.yaml
237 resources:
238   network:
239     - onap-ovn4nfvk8s-network.yaml
240   onapNetwork:
241     - $unprotected_private_net.yaml
242     - $protected_private_net.yaml
243     - $onap_private_net.yaml
244   deployment:
245     - $packetgen_deployment_name.yaml
246     - $firewall_deployment_name.yaml
247     - $sink_deployment_name.yaml
248   service:
249     - sink-service.yaml
250 META
251
252     cat << SERVICE > sink-service.yaml
253 apiVersion: v1
254 kind: Service
255 metadata:
256   name: sink-service
257 spec:
258   type: NodePort
259   ports:
260   - port: 667
261     nodePort: 30667
262   selector:
263     app: vFirewall
264     context: darkstat
265 SERVICE
266
267     cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
268 apiVersion: "k8s.cni.cncf.io/v1"
269 kind: NetworkAttachmentDefinition
270 metadata:
271   name: $ovn_multus_network_name
272 spec:
273   config: '{
274       "cniVersion": "0.3.1",
275       "name": "ovn4nfv-k8s-plugin",
276       "type": "ovn4nfvk8s-cni"
277     }'
278 MULTUS_NET
279
280     cat << NET > $unprotected_private_net.yaml
281 apiVersion: k8s.plugin.opnfv.org/v1alpha1
282 kind: Network
283
284 metadata:
285   name: $unprotected_private_net
286 spec:
287   cniType : ovn4nfv
288   ipv4Subnets:
289   - subnet: $protected_private_net_cidr
290     name: subnet1
291     gateway: 192.168.10.1/24
292 NET
293
294     cat << NET > $protected_private_net.yaml
295 apiVersion: k8s.plugin.opnfv.org/v1alpha1
296 kind: Network
297 metadata:
298   name: $protected_private_net
299 spec:
300   cniType : ovn4nfv
301   ipv4Subnets:
302   - subnet: $protected_net_cidr
303     name: subnet1
304     gateway: $protected_net_gw/24
305 NET
306
307     cat << NET > $onap_private_net.yaml
308 apiVersion: k8s.plugin.opnfv.org/v1alpha1
309 kind: Network
310 metadata:
311   name: $onap_private_net
312 spec:
313   cniType : ovn4nfv
314   ipv4Subnets:
315   - subnet: $onap_private_net_cidr
316     name: subnet1
317     gateway: 10.10.0.1/16
318 NET
319
320     proxy="apt:"
321     cloud_init_proxy="
322             - export demo_artifacts_version=$demo_artifacts_version
323             - export vfw_private_ip_0=$vfw_private_ip_0
324             - export vsn_private_ip_0=$vsn_private_ip_0
325             - export protected_net_cidr=$protected_net_cidr
326             - export dcae_collector_ip=$dcae_collector_ip
327             - export dcae_collector_port=$dcae_collector_port
328             - export protected_net_gw=$protected_net_gw
329             - export protected_private_net_cidr=$protected_private_net_cidr
330             - export sink_ipaddr=$sink_ipaddr
331 "
332     if [[ -n "${http_proxy+x}" ]]; then
333         proxy+="
334             http_proxy: $http_proxy"
335         cloud_init_proxy+="
336             - export http_proxy=$http_proxy"
337     fi
338     if [[ -n "${https_proxy+x}" ]]; then
339         proxy+="
340             https_proxy: $https_proxy"
341         cloud_init_proxy+="
342             - export https_proxy=$https_proxy"
343     fi
344     if [[ -n "${no_proxy+x}" ]]; then
345         cloud_init_proxy+="
346             - export no_proxy=$no_proxy"
347     fi
348
349     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
350 apiVersion: apps/v1
351 kind: Deployment
352 metadata:
353   name: $packetgen_deployment_name
354   labels:
355     app: vFirewall
356 spec:
357   replicas: 1
358   selector:
359     matchLabels:
360       app: vFirewall
361   template:
362     metadata:
363       labels:
364         app: vFirewall
365       annotations:
366         VirtletLibvirtCPUSetting: |
367           mode: host-model
368         VirtletCloudInitUserData: |
369           ssh_pwauth: True
370           users:
371           - name: admin
372             gecos: User
373             primary-group: admin
374             groups: users
375             sudo: ALL=(ALL) NOPASSWD:ALL
376             lock_passwd: false
377             # the password is "admin"
378             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
379             ssh_authorized_keys:
380               $ssh_key
381           $proxy
382           runcmd:
383           $cloud_init_proxy
384             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
385         VirtletSSHKeys: |
386           $ssh_key
387         VirtletRootVolumeSize: 5Gi
388         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
389         k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [
390             { "name": "$unprotected_private_net", "ipAddress": "$vpg_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
391             { "name": "$onap_private_net", "ipAddress": "$vpg_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
392         ]}'
393         kubernetes.io/target-runtime: virtlet.cloud
394     spec:
395       affinity:
396         nodeAffinity:
397           requiredDuringSchedulingIgnoredDuringExecution:
398             nodeSelectorTerms:
399             - matchExpressions:
400               - key: extraRuntime
401                 operator: In
402                 values:
403                 - virtlet
404       containers:
405       - name: $packetgen_deployment_name
406         image: $image_name
407         imagePullPolicy: IfNotPresent
408         tty: true
409         stdin: true
410         ports:
411           - containerPort: 8183
412         resources:
413           limits:
414             memory: 4Gi
415 DEPLOYMENT
416
417     cat << DEPLOYMENT > $firewall_deployment_name.yaml
418 apiVersion: apps/v1
419 kind: Deployment
420 metadata:
421   name: $firewall_deployment_name
422   labels:
423     app: vFirewall
424 spec:
425   replicas: 1
426   selector:
427     matchLabels:
428       app: vFirewall
429   template:
430     metadata:
431       labels:
432         app: vFirewall
433       annotations:
434         VirtletLibvirtCPUSetting: |
435           mode: host-model
436         VirtletCloudInitUserData: |
437           ssh_pwauth: True
438           users:
439           - name: admin
440             gecos: User
441             primary-group: admin
442             groups: users
443             sudo: ALL=(ALL) NOPASSWD:ALL
444             lock_passwd: false
445             # the password is "admin"
446             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
447             ssh_authorized_keys:
448               $ssh_key
449           $proxy
450           runcmd:
451             $cloud_init_proxy
452             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
453         VirtletSSHKeys: |
454           $ssh_key
455         VirtletRootVolumeSize: 5Gi
456         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
457         k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [
458             { "name": "$unprotected_private_net", "ipAddress": "$vfw_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
459             { "name": "$protected_private_net", "ipAddress": "$vfw_private_ip_1", "interface": "eth2", "defaultGateway": "false" },
460             { "name": "$onap_private_net", "ipAddress": "$vfw_private_ip_2", "interface": "eth3" , "defaultGateway": "false"}
461         ]}'
462         kubernetes.io/target-runtime: virtlet.cloud
463     spec:
464       affinity:
465         nodeAffinity:
466           requiredDuringSchedulingIgnoredDuringExecution:
467             nodeSelectorTerms:
468             - matchExpressions:
469               - key: extraRuntime
470                 operator: In
471                 values:
472                 - virtlet
473       containers:
474       - name: $firewall_deployment_name
475         image: $image_name
476         imagePullPolicy: IfNotPresent
477         tty: true
478         stdin: true
479         resources:
480           limits:
481             memory: 4Gi
482 DEPLOYMENT
483
484     cat << CONFIGMAP > sink_configmap.yaml
485 apiVersion: v1
486 kind: ConfigMap
487 metadata:
488   name: sink-configmap
489 data:
490   protected_net_gw: $protected_net_gw
491   protected_private_net_cidr: $protected_private_net_cidr
492 CONFIGMAP
493
494     cat << DEPLOYMENT > $sink_deployment_name.yaml
495 apiVersion: apps/v1
496 kind: Deployment
497 metadata:
498   name: $sink_deployment_name
499   labels:
500     app: vFirewall
501 spec:
502   replicas: 1
503   selector:
504     matchLabels:
505       app: vFirewall
506       context: darkstat
507   template:
508     metadata:
509       labels:
510         app: vFirewall
511         context: darkstat
512       annotations:
513         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
514         k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [
515             { "name": "$protected_private_net", "ipAddress": "$vsn_private_ip_0", "interface": "eth1", "defaultGateway": "false" },
516             { "name": "$onap_private_net", "ipAddress": "$vsn_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
517         ]}'
518     spec:
519       containers:
520       - name: $sink_deployment_name
521         image: rtsood/onap-vfw-demo-sink:0.2.0
522         envFrom:
523         - configMapRef:
524             name: sink-configmap
525         imagePullPolicy: Always
526         tty: true
527         stdin: true
528         securityContext:
529           privileged: true
530
531       - name: darkstat
532         image: electrocucaracha/darkstat
533         imagePullPolicy: IfNotPresent
534         tty: true
535         stdin: true
536         ports:
537           - containerPort: 667
538 DEPLOYMENT
539     popd
540 }
541
542 # populate_CSAR_vms_vFW() - This function creates the content of CSAR file
543 # required for vFirewal using only virtual machines
544 function populate_CSAR_vms_vFW {
545     local csar_id=$1
546     ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
547
548     _checks_args $csar_id
549     pushd ${CSAR_DIR}/${csar_id}
550
551     cat << META > metadata.yaml
552 resources:
553   network:
554     - $unprotected_private_net.yaml
555     - $protected_private_net.yaml
556     - $onap_private_net.yaml
557   deployment:
558     - $packetgen_deployment_name.yaml
559     - $firewall_deployment_name.yaml
560     - $sink_deployment_name.yaml
561 META
562
563     cat << NET > $unprotected_private_net.yaml
564 apiVersion: "k8s.cni.cncf.io/v1"
565 kind: NetworkAttachmentDefinition
566 metadata:
567   name: $unprotected_private_net
568 spec:
569   config: '{
570     "name": "unprotected",
571     "type": "bridge",
572     "ipam": {
573         "type": "host-local",
574         "subnet": "$protected_private_net_cidr"
575     }
576 }'
577 NET
578
579     cat << NET > $protected_private_net.yaml
580 apiVersion: "k8s.cni.cncf.io/v1"
581 kind: NetworkAttachmentDefinition
582 metadata:
583   name: $protected_private_net
584 spec:
585   config: '{
586     "name": "protected",
587     "type": "bridge",
588     "ipam": {
589         "type": "host-local",
590         "subnet": "$protected_net_cidr"
591     }
592 }'
593 NET
594
595     cat << NET > $onap_private_net.yaml
596 apiVersion: "k8s.cni.cncf.io/v1"
597 kind: NetworkAttachmentDefinition
598 metadata:
599   name: $onap_private_net
600 spec:
601   config: '{
602     "name": "onap",
603     "type": "bridge",
604     "ipam": {
605         "type": "host-local",
606         "subnet": "$onap_private_net_cidr"
607     }
608 }'
609 NET
610
611     proxy="apt:"
612     cloud_init_proxy="
613             - export demo_artifacts_version=$demo_artifacts_version
614             - export vfw_private_ip_0=$vfw_private_ip_0
615             - export vsn_private_ip_0=$vsn_private_ip_0
616             - export protected_net_cidr=$protected_net_cidr
617             - export dcae_collector_ip=$dcae_collector_ip
618             - export dcae_collector_port=$dcae_collector_port
619             - export protected_net_gw=$protected_net_gw
620             - export protected_private_net_cidr=$protected_private_net_cidr
621 "
622     if [[ -n "${http_proxy+x}" ]]; then
623         proxy+="
624             http_proxy: $http_proxy"
625         cloud_init_proxy+="
626             - export http_proxy=$http_proxy"
627     fi
628     if [[ -n "${https_proxy+x}" ]]; then
629         proxy+="
630             https_proxy: $https_proxy"
631         cloud_init_proxy+="
632             - export https_proxy=$https_proxy"
633     fi
634     if [[ -n "${no_proxy+x}" ]]; then
635         cloud_init_proxy+="
636             - export no_proxy=$no_proxy"
637     fi
638
639     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
640 apiVersion: apps/v1
641 kind: Deployment
642 metadata:
643   name: $packetgen_deployment_name
644   labels:
645     app: vFirewall
646 spec:
647   replicas: 1
648   selector:
649     matchLabels:
650       app: vFirewall
651   template:
652     metadata:
653       labels:
654         app: vFirewall
655       annotations:
656         VirtletLibvirtCPUSetting: |
657           mode: host-model
658         VirtletCloudInitUserData: |
659           ssh_pwauth: True
660           users:
661           - name: admin
662             gecos: User
663             primary-group: admin
664             groups: users
665             sudo: ALL=(ALL) NOPASSWD:ALL
666             lock_passwd: false
667             # the password is "admin"
668             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
669             ssh_authorized_keys:
670               $ssh_key
671           $proxy
672           runcmd:
673           $cloud_init_proxy
674             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
675         VirtletSSHKeys: |
676           $ssh_key
677         VirtletRootVolumeSize: 5Gi
678         k8s.v1.cni.cncf.io/networks: '[
679             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
680             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
681         ]'
682         kubernetes.io/target-runtime: virtlet.cloud
683     spec:
684       affinity:
685         nodeAffinity:
686           requiredDuringSchedulingIgnoredDuringExecution:
687             nodeSelectorTerms:
688             - matchExpressions:
689               - key: extraRuntime
690                 operator: In
691                 values:
692                 - virtlet
693       containers:
694       - name: $packetgen_deployment_name
695         image: $image_name
696         imagePullPolicy: IfNotPresent
697         tty: true
698         stdin: true
699         ports:
700           - containerPort: 8183
701         resources:
702           limits:
703             memory: 4Gi
704 DEPLOYMENT
705
706     cat << DEPLOYMENT > $firewall_deployment_name.yaml
707 apiVersion: apps/v1
708 kind: Deployment
709 metadata:
710   name: $firewall_deployment_name
711   labels:
712     app: vFirewall
713 spec:
714   replicas: 1
715   selector:
716     matchLabels:
717       app: vFirewall
718   template:
719     metadata:
720       labels:
721         app: vFirewall
722       annotations:
723         VirtletLibvirtCPUSetting: |
724           mode: host-model
725         VirtletCloudInitUserData: |
726           ssh_pwauth: True
727           users:
728           - name: admin
729             gecos: User
730             primary-group: admin
731             groups: users
732             sudo: ALL=(ALL) NOPASSWD:ALL
733             lock_passwd: false
734             # the password is "admin"
735             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
736             ssh_authorized_keys:
737               $ssh_key
738           $proxy
739           runcmd:
740             $cloud_init_proxy
741             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
742         VirtletSSHKeys: |
743           $ssh_key
744         VirtletRootVolumeSize: 5Gi
745         k8s.v1.cni.cncf.io/networks: '[
746             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
747             { "name": "$protected_private_net", "interfaceRequest": "eth2" },
748             { "name": "$onap_private_net", "interfaceRequest": "eth3" }
749         ]'
750         kubernetes.io/target-runtime: virtlet.cloud
751     spec:
752       affinity:
753         nodeAffinity:
754           requiredDuringSchedulingIgnoredDuringExecution:
755             nodeSelectorTerms:
756             - matchExpressions:
757               - key: extraRuntime
758                 operator: In
759                 values:
760                 - virtlet
761       containers:
762       - name: $firewall_deployment_name
763         image: $image_name
764         imagePullPolicy: IfNotPresent
765         tty: true
766         stdin: true
767         resources:
768           limits:
769             memory: 4Gi
770 DEPLOYMENT
771
772     cat << DEPLOYMENT > $sink_deployment_name.yaml
773 apiVersion: apps/v1
774 kind: Deployment
775 metadata:
776   name: $sink_deployment_name
777   labels:
778     app: vFirewall
779 spec:
780   replicas: 1
781   selector:
782     matchLabels:
783       app: vFirewall
784   template:
785     metadata:
786       labels:
787         app: vFirewall
788       annotations:
789         VirtletLibvirtCPUSetting: |
790           mode: host-model
791         VirtletCloudInitUserData: |
792           ssh_pwauth: True
793           users:
794           - name: admin
795             gecos: User
796             primary-group: admin
797             groups: users
798             sudo: ALL=(ALL) NOPASSWD:ALL
799             lock_passwd: false
800             # the password is "admin"
801             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
802             ssh_authorized_keys:
803               $ssh_key
804           $proxy
805           runcmd:
806             $cloud_init_proxy
807             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$sink_deployment_name | sudo -E bash
808         VirtletSSHKeys: |
809           $ssh_key
810         VirtletRootVolumeSize: 5Gi
811         k8s.v1.cni.cncf.io/networks: '[
812             { "name": "$protected_private_net", "interfaceRequest": "eth1" },
813             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
814         ]'
815         kubernetes.io/target-runtime: virtlet.cloud
816     spec:
817       affinity:
818         nodeAffinity:
819           requiredDuringSchedulingIgnoredDuringExecution:
820             nodeSelectorTerms:
821             - matchExpressions:
822               - key: extraRuntime
823                 operator: In
824                 values:
825                 - virtlet
826       containers:
827       - name: $sink_deployment_name
828         image: $image_name
829         imagePullPolicy: IfNotPresent
830         tty: true
831         stdin: true
832         ports:
833           - containerPort: 667
834         resources:
835           limits:
836             memory: 4Gi
837 DEPLOYMENT
838     popd
839 }
840
841 # populate_CSAR_multus() - This function creates the content of CSAR file
842 # required for testing Multus feature
843 function populate_CSAR_multus {
844     local csar_id=$1
845
846     _checks_args $csar_id
847     pushd ${CSAR_DIR}/${csar_id}
848
849     cat << META > metadata.yaml
850 resources:
851   network:
852     - bridge-network.yaml
853   deployment:
854     - $multus_deployment_name.yaml
855 META
856
857     cat << NET > bridge-network.yaml
858 apiVersion: "k8s.cni.cncf.io/v1"
859 kind: NetworkAttachmentDefinition
860 metadata:
861   name: bridge-conf
862 spec:
863   config: '{
864     "cniVersion": "0.3.0",
865     "name": "mynet",
866     "type": "bridge",
867     "ipam": {
868         "type": "host-local",
869         "subnet": "$onap_private_net_cidr"
870     }
871 }'
872 NET
873
874     cat << DEPLOYMENT > $multus_deployment_name.yaml
875 apiVersion: apps/v1
876 kind: Deployment
877 metadata:
878   name: $multus_deployment_name
879   labels:
880     app: multus
881 spec:
882   replicas: 1
883   selector:
884     matchLabels:
885       app: multus
886   template:
887     metadata:
888       labels:
889         app: multus
890       annotations:
891         k8s.v1.cni.cncf.io/networks: '[
892           { "name": "bridge-conf", "interfaceRequest": "eth1" },
893           { "name": "bridge-conf", "interfaceRequest": "eth2" }
894         ]'
895     spec:
896       containers:
897       - name: $multus_deployment_name
898         image: "busybox"
899         command: ["top"]
900         stdin: true
901         tty: true
902 DEPLOYMENT
903     popd
904 }
905
906 # populate_CSAR_virtlet() - This function creates the content of CSAR file
907 # required for testing Virtlet feature
908 function populate_CSAR_virtlet {
909     local csar_id=$1
910
911     _checks_args $csar_id
912     pushd ${CSAR_DIR}/${csar_id}
913
914     cat << META > metadata.yaml
915 resources:
916   deployment:
917     - $virtlet_deployment_name.yaml
918 META
919
920     cat << DEPLOYMENT > $virtlet_deployment_name.yaml
921 apiVersion: apps/v1
922 kind: Deployment
923 metadata:
924   name: $virtlet_deployment_name
925   labels:
926     app: virtlet
927 spec:
928   replicas: 1
929   selector:
930     matchLabels:
931       app: virtlet
932   template:
933     metadata:
934       labels:
935         app: virtlet
936       annotations:
937         VirtletLibvirtCPUSetting: |
938           mode: host-passthrough
939         # This tells CRI Proxy that this pod belongs to Virtlet runtime
940         kubernetes.io/target-runtime: virtlet.cloud
941         VirtletCloudInitUserData: |
942           ssh_pwauth: True
943           users:
944           - name: testuser
945             gecos: User
946             primary-group: testuser
947             groups: users
948             lock_passwd: false
949             shell: /bin/bash
950             # the password is "testuser"
951             passwd: "\$6\$rounds=4096\$wPs4Hz4tfs\$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
952             sudo: ALL=(ALL) NOPASSWD:ALL
953           runcmd:
954             - echo hello world
955     spec:
956       affinity:
957         nodeAffinity:
958           requiredDuringSchedulingIgnoredDuringExecution:
959             nodeSelectorTerms:
960             - matchExpressions:
961               - key: extraRuntime
962                 operator: In
963                 values:
964                 - virtlet
965       containers:
966       - name: $virtlet_deployment_name
967         # This specifies the image to use.
968         # virtlet.cloud/ prefix is used by CRI proxy, the remaining part
969         # of the image name is prepended with https:// and used to download the image
970         image: $virtlet_image
971         imagePullPolicy: IfNotPresent
972         # tty and stdin required for "kubectl attach -t" to work
973         tty: true
974         stdin: true
975         resources:
976           limits:
977             # This memory limit is applied to the libvirt domain definition
978             memory: 160Mi
979 DEPLOYMENT
980     popd
981 }
982
983 # populate_CSAR_plugin()- Creates content used for Plugin functional tests
984 function populate_CSAR_plugin {
985     local csar_id=$1
986
987     _checks_args $csar_id
988     pushd ${CSAR_DIR}/${csar_id}
989
990     cat << META > metadata.yaml
991 resources:
992   deployment:
993     - $plugin_deployment_name.yaml
994   service:
995     - service.yaml
996 META
997
998     cat << DEPLOYMENT > $plugin_deployment_name.yaml
999 apiVersion: apps/v1
1000 kind: Deployment
1001 metadata:
1002   name: $plugin_deployment_name
1003 spec:
1004   replicas: 1
1005   selector:
1006     matchLabels:
1007       app: plugin
1008   template:
1009     metadata:
1010       labels:
1011         app: plugin
1012     spec:
1013       containers:
1014       - name: $plugin_deployment_name
1015         image: "busybox"
1016         command: ["top"]
1017         stdin: true
1018         tty: true
1019 DEPLOYMENT
1020
1021     cat << SERVICE > service.yaml
1022 apiVersion: v1
1023 kind: Service
1024 metadata:
1025   name: $plugin_service_name
1026 spec:
1027   ports:
1028   - port: 80
1029     protocol: TCP
1030   selector:
1031     app: sise
1032 SERVICE
1033     popd
1034 }
1035
1036 # populate_CSAR_ovn4nfv() - Create content used for OVN4NFV functional test
1037 function populate_CSAR_ovn4nfv {
1038     local csar_id=$1
1039
1040     _checks_args $csar_id
1041     pushd ${CSAR_DIR}/${csar_id}
1042
1043     cat << META > metadata.yaml
1044 resources:
1045   onap_network:
1046     - ovn-port-net.yaml
1047     - ovn-priv-net.yaml
1048   network:
1049     - onap-ovn4nfvk8s-network.yaml
1050   deployment:
1051     - $ovn4nfv_deployment_name.yaml
1052 META
1053
1054     cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
1055 apiVersion: "k8s.cni.cncf.io/v1"
1056 kind: NetworkAttachmentDefinition
1057 metadata:
1058   name: $ovn_multus_network_name
1059 spec:
1060   config: '{
1061       "cniVersion": "0.3.1",
1062       "name": "ovn4nfv-k8s-plugin",
1063       "type": "ovn4nfvk8s-cni"
1064     }'
1065 MULTUS_NET
1066
1067     cat << NETWORK > ovn-port-net.yaml
1068 apiVersion: k8s.plugin.opnfv.org/v1alpha1
1069 kind: Network
1070 metadata:
1071   name: ovn-port-net
1072 spec:
1073   cniType : ovn4nfv
1074   ipv4Subnets:
1075   - subnet: 172.16.33.0/24
1076     name: subnet1
1077     gateway: 172.16.33.1/24
1078 NETWORK
1079
1080     cat << NETWORK > ovn-priv-net.yaml
1081 apiVersion: k8s.plugin.opnfv.org/v1alpha1
1082 kind: Network
1083 metadata:
1084   name: ovn-priv-net
1085 spec:
1086   cniType : ovn4nfv
1087   ipv4Subnets:
1088   - subnet: 172.16.44.0/24
1089     name: subnet1
1090     gateway: 172.16.44.1/24
1091 NETWORK
1092
1093     cat << DEPLOYMENT > $ovn4nfv_deployment_name.yaml
1094 apiVersion: apps/v1
1095 kind: Deployment
1096 metadata:
1097   name: $ovn4nfv_deployment_name
1098   labels:
1099     app: ovn4nfv
1100 spec:
1101   replicas: 1
1102   selector:
1103     matchLabels:
1104       app: ovn4nfv
1105   template:
1106     metadata:
1107       labels:
1108         app: ovn4nfv
1109       annotations:
1110         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
1111         k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "ovn-port-net", "interface": "net2" , "defaultGateway": "false"},
1112                       { "name": "ovn-priv-net", "interface": "net3" , "defaultGateway": "false"}]}'
1113     spec:
1114       containers:
1115       - name: $ovn4nfv_deployment_name
1116         image: "busybox"
1117         command: ["top"]
1118         stdin: true
1119         tty: true
1120 DEPLOYMENT
1121     popd
1122 }
1123
1124 # populate_CSAR_rbdefinition() - Function that populates CSAR folder
1125 # for testing resource bundle definition
1126 function populate_CSAR_rbdefinition {
1127     _checks_args "$1"
1128     pushd "${CSAR_DIR}/$1"
1129     print_msg "Create Helm Chart Archives"
1130     rm -f *.tar.gz
1131     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/testrb/helm/profile .
1132     #Creates vault-consul-dev-0.0.0.tgz
1133     helm package $test_folder/vnfs/testrb/helm/vault-consul-dev --version 0.0.0
1134     popd
1135 }
1136
1137 # populate_CSAR_edgex_rbdefinition() - Function that populates CSAR folder
1138 # for testing resource bundle definition of edgex scenario
1139 function populate_CSAR_edgex_rbdefinition {
1140     _checks_args "$1"
1141     pushd "${CSAR_DIR}/$1"
1142     print_msg "Create Helm Chart Archives"
1143     rm -f *.tar.gz
1144     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/edgex/profile .
1145     tar -czf rb_definition.tar.gz -C $test_folder/vnfs/edgex/helm edgex
1146     popd
1147 }
1148
1149 # populate_CSAR_fw_rbdefinition() - Function that populates CSAR folder
1150 # for testing resource bundle definition of firewall scenario
1151 function populate_CSAR_fw_rbdefinition {
1152     _checks_args "$1"
1153     pushd "${CSAR_DIR}/$1"
1154     print_msg "Create Helm Chart Archives for vFirewall"
1155     rm -f *.tar.gz
1156     # Reuse profile from the edgeX case as it is an empty profile
1157     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/edgex/profile .
1158     tar -czf rb_definition.tar.gz -C $test_folder/../demo firewall
1159     popd
1160 }
1161
1162 # populate_CSAR_eaa_rbdefinition() - Function that populates CSAR folder
1163 # for testing resource bundle definition of openness eaa scenario
1164 function populate_CSAR_eaa_rbdefinition {
1165     _checks_args "$1"
1166     pushd "${CSAR_DIR}/$1"
1167     print_msg "Create Helm Chart Archives for Openness EAA"
1168     rm -f *.tar.gz
1169     tar -czf rb_profile.tar.gz -C $test_folder/openness/eaa/profile .
1170     tar -czf rb_definition.tar.gz -C $test_folder/openness/eaa/helm eaa
1171     popd
1172 }
1173
1174 # populate_CSAR_eaa_sample_app_rbdefinition() - Function that populates CSAR folder
1175 # for testing resource bundle definition of openness sample-app scenario
1176 function populate_CSAR_eaa_sample_app_rbdefinition {
1177     _checks_args "$1"
1178     pushd "${CSAR_DIR}/$1"
1179     print_msg "Create Helm Chart Archives for Openness EAA Sample Apps: producer and consumer"
1180     rm -f *.tar.gz
1181     tar -czf rb_profile.tar.gz -C $test_folder/openness/sample-app/profile .
1182     tar -czf rb_definition.tar.gz -C $test_folder/openness/sample-app/helm sample-app
1183     popd
1184 }
1185
1186 function populate_CSAR_composite_app_helm {
1187     _checks_args "$1"
1188     pushd "${CSAR_DIR}/$1"
1189     print_msg "Create Helm Chart Archives for compositeAppi with collectd and prometheus-grafana helm charts"
1190     rm -f *.tar.gz
1191     tar -czf collectd.tar.gz -C $test_folder/vnfs/comp-app/collection/app1/helm .
1192     tar -czf prometheus-operator.tar.gz -C $test_folder/vnfs/comp-app/collection/app2/helm .
1193     tar -czf collectd_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/app1/profile .
1194     tar -czf prometheus-operator_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/app2/profile .
1195     export prometheus_helm_path="${CSAR_DIR}/$1/prometheus-operator.tar.gz"
1196     export collectd_helm_path="${CSAR_DIR}/$1/collectd.tar.gz"
1197     popd
1198 }
1199
1200
1201 function populate_CSAR_operator_helm {
1202     _checks_args "$1"
1203     pushd "${CSAR_DIR}/$1"
1204     print_msg "Create Helm Chart Archives for operators"
1205     rm -f *.tar.gz
1206     #tar -czf operator.tar.gz -C $test_folder/vnfs/comp-app/collection/operators-latest/helm .
1207     #tar -czf operator_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/operators-latest/profile .
1208     tar -czf operator.tar.gz -C $test_folder/vnfs/comp-app/collection/operators/helm .
1209     tar -czf operator_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/operators/profile .
1210     export operator_helm_path="${CSAR_DIR}/$1/operator.tar.gz"
1211     popd
1212 }
1213
1214
1215 function populate_CSAR_m3db_helm {
1216     _checks_args "$1"
1217     pushd "${CSAR_DIR}/$1"
1218     print_msg "Create Helm Chart Archives for m3db"
1219     rm -f *.tar.gz
1220    #tar -czf m3db.tar.gz -C $test_folder/vnfs/comp-app/collection/app3-latest/helm .
1221    #tar -czf m3db_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/app3-latest/profile .
1222     tar -czf m3db.tar.gz -C $test_folder/vnfs/comp-app/collection/m3db/helm .
1223     tar -czf m3db_profile.tar.gz -C $test_folder/vnfs/comp-app/collection/m3db/profile .
1224     export m3db_helm_path="${CSAR_DIR}/$1/m3db.tar.gz"
1225     popd
1226 }
To contain a POC for Kubernetes plugin