2 # SPDX-license-identifier: Apache-2.0
3 ##############################################################################
5 # All rights reserved. This program and the accompanying materials
6 # are made available under the terms of the Apache License, Version 2.0
7 # which accompanies this distribution, and is available at
8 # http://www.apache.org/licenses/LICENSE-2.0
9 ##############################################################################
15 packetgen_deployment_name=packetgen
16 sink_deployment_name=sink
17 firewall_deployment_name=firewall
18 image_name=virtlet.cloud/ubuntu/16.04
19 multus_deployment_name=multus-deployment
20 virtlet_image=virtlet.cloud/fedora
21 virtlet_deployment_name=virtlet-deployment
22 plugin_deployment_name=plugin-deployment
23 plugin_service_name=plugin-service
24 ovn4nfv_deployment_name=ovn4nfv-deployment
25 onap_private_net=onap-private-net
26 unprotected_private_net=unprotected-private-net
27 protected_private_net=protected-private-net
28 ovn_multus_network_name=ovn-networkobj
29 rbd_metadata=rbd_metatada.json
30 rbd_content_tarball=vault-consul-dev.tar
31 rbp_metadata=rbp_metatada.json
32 rbp_instance=rbp_instance.json
33 rbp_content_tarball=profile.tar
36 demo_artifacts_version=1.5.0
37 vfw_private_ip_0='192.168.10.3'
38 vfw_private_ip_1='192.168.20.2'
39 vfw_private_ip_2='10.10.100.3'
40 vpg_private_ip_0='192.168.10.2'
41 vpg_private_ip_1='10.0.100.2'
42 vsn_private_ip_0='192.168.20.3'
43 vsn_private_ip_1='10.10.100.4'
44 dcae_collector_ip='10.0.4.1'
45 dcae_collector_port='8081'
46 protected_net_gw='192.168.20.100'
47 protected_net_cidr='192.168.20.0/24'
48 protected_private_net_cidr='192.168.10.0/24'
49 onap_private_net_cidr='10.10.0.0/16'
50 sink_ipaddr='192.168.20.250'
52 # populate_CSAR_containers_vFW() - This function creates the content of CSAR file
53 # required for vFirewal using only containers
54 function populate_CSAR_containers_vFW {
58 pushd ${CSAR_DIR}/${csar_id}
60 cat << META > metadata.yaml
63 - $unprotected_private_net.yaml
64 - $protected_private_net.yaml
65 - $onap_private_net.yaml
67 - $packetgen_deployment_name.yaml
68 - $firewall_deployment_name.yaml
69 - $sink_deployment_name.yaml
72 cat << NET > $unprotected_private_net.yaml
73 apiVersion: "k8s.cni.cncf.io/v1"
74 kind: NetworkAttachmentDefinition
76 name: $unprotected_private_net
79 "name": "unprotected",
83 "subnet": "$protected_private_net_cidr"
88 cat << NET > $protected_private_net.yaml
89 apiVersion: "k8s.cni.cncf.io/v1"
90 kind: NetworkAttachmentDefinition
92 name: $protected_private_net
99 "subnet": "$protected_net_cidr"
104 cat << NET > $onap_private_net.yaml
105 apiVersion: "k8s.cni.cncf.io/v1"
106 kind: NetworkAttachmentDefinition
108 name: $onap_private_net
114 "type": "host-local",
115 "subnet": "$onap_private_net_cidr"
120 cat << DEPLOYMENT > $packetgen_deployment_name.yaml
124 name: $packetgen_deployment_name
137 k8s.v1.cni.cncf.io/networks: '[
138 { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
139 { "name": "$onap_private_net", "interfaceRequest": "eth2" }
143 - name: $packetgen_deployment_name
144 image: electrocucaracha/packetgen
145 imagePullPolicy: IfNotPresent
153 cat << DEPLOYMENT > $firewall_deployment_name.yaml
157 name: $firewall_deployment_name
170 k8s.v1.cni.cncf.io/networks: '[
171 { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
172 { "name": "$protected_private_net", "interfaceRequest": "eth2" },
173 { "name": "$onap_private_net", "interfaceRequest": "eth3" }
177 - name: $firewall_deployment_name
178 image: electrocucaracha/firewall
179 imagePullPolicy: IfNotPresent
184 cat << DEPLOYMENT > $sink_deployment_name.yaml
188 name: $sink_deployment_name
203 k8s.v1.cni.cncf.io/networks: '[
204 { "name": "$protected_private_net", "interfaceRequest": "eth1" },
205 { "name": "$onap_private_net", "interfaceRequest": "eth2" }
209 - name: $sink_deployment_name
210 image: electrocucaracha/sink
211 imagePullPolicy: IfNotPresent
217 image: electrocucaracha/darkstat
218 imagePullPolicy: IfNotPresent
227 # populate_CSAR_vms_containers_vFW() - This function creates the content of CSAR file
228 # required for vFirewal using an hybrid combination between virtual machines and
230 function populate_CSAR_vms_containers_vFW {
232 ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
234 _checks_args $csar_id
235 pushd ${CSAR_DIR}/${csar_id}
237 cat << META > metadata.yaml
240 - onap-ovn4nfvk8s-network.yaml
242 - $unprotected_private_net.yaml
243 - $protected_private_net.yaml
244 - $onap_private_net.yaml
246 - $packetgen_deployment_name.yaml
247 - $firewall_deployment_name.yaml
248 - $sink_deployment_name.yaml
253 cat << SERVICE > sink-service.yaml
268 cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
269 apiVersion: "k8s.cni.cncf.io/v1"
270 kind: NetworkAttachmentDefinition
272 name: $ovn_multus_network_name
275 "cniVersion": "0.3.1",
276 "name": "ovn4nfv-k8s-plugin",
277 "type": "ovn4nfvk8s-cni"
281 cat << NET > $unprotected_private_net.yaml
285 name: $unprotected_private_net
288 name: $unprotected_private_net
289 subnet: $protected_private_net_cidr
290 gateway: 192.168.10.1/24
293 cat << NET > $protected_private_net.yaml
297 name: $protected_private_net
300 name: $protected_private_net
301 subnet: $protected_net_cidr
302 gateway: $protected_net_gw/24
305 cat << NET > $onap_private_net.yaml
309 name: $onap_private_net
312 name: $onap_private_net
313 subnet: $onap_private_net_cidr
314 gateway: 10.10.0.1/16
319 - export demo_artifacts_version=$demo_artifacts_version
320 - export vfw_private_ip_0=$vfw_private_ip_0
321 - export vsn_private_ip_0=$vsn_private_ip_0
322 - export protected_net_cidr=$protected_net_cidr
323 - export dcae_collector_ip=$dcae_collector_ip
324 - export dcae_collector_port=$dcae_collector_port
325 - export protected_net_gw=$protected_net_gw
326 - export protected_private_net_cidr=$protected_private_net_cidr
327 - export sink_ipaddr=$sink_ipaddr
329 if [[ -n "${http_proxy+x}" ]]; then
331 http_proxy: $http_proxy"
333 - export http_proxy=$http_proxy"
335 if [[ -n "${https_proxy+x}" ]]; then
337 https_proxy: $https_proxy"
339 - export https_proxy=$https_proxy"
341 if [[ -n "${no_proxy+x}" ]]; then
343 - export no_proxy=$no_proxy"
346 cat << DEPLOYMENT > $packetgen_deployment_name.yaml
350 name: $packetgen_deployment_name
363 VirtletLibvirtCPUSetting: |
365 VirtletCloudInitUserData: |
372 sudo: ALL=(ALL) NOPASSWD:ALL
374 # the password is "admin"
375 passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
381 - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
384 VirtletRootVolumeSize: 5Gi
385 k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
387 { "name": "$unprotected_private_net", "ipAddress": "$vpg_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
388 { "name": "$onap_private_net", "ipAddress": "$vpg_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
390 kubernetes.io/target-runtime: virtlet.cloud
394 requiredDuringSchedulingIgnoredDuringExecution:
402 - name: $packetgen_deployment_name
404 imagePullPolicy: IfNotPresent
408 - containerPort: 8183
414 cat << DEPLOYMENT > $firewall_deployment_name.yaml
418 name: $firewall_deployment_name
431 VirtletLibvirtCPUSetting: |
433 VirtletCloudInitUserData: |
440 sudo: ALL=(ALL) NOPASSWD:ALL
442 # the password is "admin"
443 passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
449 - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
452 VirtletRootVolumeSize: 5Gi
453 k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
455 { "name": "$unprotected_private_net", "ipAddress": "$vfw_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
456 { "name": "$protected_private_net", "ipAddress": "$vfw_private_ip_1", "interface": "eth2", "defaultGateway": "false" },
457 { "name": "$onap_private_net", "ipAddress": "$vfw_private_ip_2", "interface": "eth3" , "defaultGateway": "false"}
459 kubernetes.io/target-runtime: virtlet.cloud
463 requiredDuringSchedulingIgnoredDuringExecution:
471 - name: $firewall_deployment_name
473 imagePullPolicy: IfNotPresent
481 cat << CONFIGMAP > sink_configmap.yaml
487 protected_net_gw: $protected_net_gw
488 protected_private_net_cidr: $protected_private_net_cidr
491 cat << DEPLOYMENT > $sink_deployment_name.yaml
495 name: $sink_deployment_name
510 k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
512 { "name": "$protected_private_net", "ipAddress": "$vsn_private_ip_0", "interface": "eth1", "defaultGateway": "false" },
513 { "name": "$onap_private_net", "ipAddress": "$vsn_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
517 - name: $sink_deployment_name
518 image: rtsood/onap-vfw-demo-sink:0.2.0
522 imagePullPolicy: Always
529 image: electrocucaracha/darkstat
530 imagePullPolicy: IfNotPresent
539 # populate_CSAR_vms_vFW() - This function creates the content of CSAR file
540 # required for vFirewal using only virtual machines
541 function populate_CSAR_vms_vFW {
543 ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
545 _checks_args $csar_id
546 pushd ${CSAR_DIR}/${csar_id}
548 cat << META > metadata.yaml
551 - $unprotected_private_net.yaml
552 - $protected_private_net.yaml
553 - $onap_private_net.yaml
555 - $packetgen_deployment_name.yaml
556 - $firewall_deployment_name.yaml
557 - $sink_deployment_name.yaml
560 cat << NET > $unprotected_private_net.yaml
561 apiVersion: "k8s.cni.cncf.io/v1"
562 kind: NetworkAttachmentDefinition
564 name: $unprotected_private_net
567 "name": "unprotected",
570 "type": "host-local",
571 "subnet": "$protected_private_net_cidr"
576 cat << NET > $protected_private_net.yaml
577 apiVersion: "k8s.cni.cncf.io/v1"
578 kind: NetworkAttachmentDefinition
580 name: $protected_private_net
586 "type": "host-local",
587 "subnet": "$protected_net_cidr"
592 cat << NET > $onap_private_net.yaml
593 apiVersion: "k8s.cni.cncf.io/v1"
594 kind: NetworkAttachmentDefinition
596 name: $onap_private_net
602 "type": "host-local",
603 "subnet": "$onap_private_net_cidr"
610 - export demo_artifacts_version=$demo_artifacts_version
611 - export vfw_private_ip_0=$vfw_private_ip_0
612 - export vsn_private_ip_0=$vsn_private_ip_0
613 - export protected_net_cidr=$protected_net_cidr
614 - export dcae_collector_ip=$dcae_collector_ip
615 - export dcae_collector_port=$dcae_collector_port
616 - export protected_net_gw=$protected_net_gw
617 - export protected_private_net_cidr=$protected_private_net_cidr
619 if [[ -n "${http_proxy+x}" ]]; then
621 http_proxy: $http_proxy"
623 - export http_proxy=$http_proxy"
625 if [[ -n "${https_proxy+x}" ]]; then
627 https_proxy: $https_proxy"
629 - export https_proxy=$https_proxy"
631 if [[ -n "${no_proxy+x}" ]]; then
633 - export no_proxy=$no_proxy"
636 cat << DEPLOYMENT > $packetgen_deployment_name.yaml
640 name: $packetgen_deployment_name
653 VirtletLibvirtCPUSetting: |
655 VirtletCloudInitUserData: |
662 sudo: ALL=(ALL) NOPASSWD:ALL
664 # the password is "admin"
665 passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
671 - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
674 VirtletRootVolumeSize: 5Gi
675 k8s.v1.cni.cncf.io/networks: '[
676 { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
677 { "name": "$onap_private_net", "interfaceRequest": "eth2" }
679 kubernetes.io/target-runtime: virtlet.cloud
683 requiredDuringSchedulingIgnoredDuringExecution:
691 - name: $packetgen_deployment_name
693 imagePullPolicy: IfNotPresent
697 - containerPort: 8183
703 cat << DEPLOYMENT > $firewall_deployment_name.yaml
707 name: $firewall_deployment_name
720 VirtletLibvirtCPUSetting: |
722 VirtletCloudInitUserData: |
729 sudo: ALL=(ALL) NOPASSWD:ALL
731 # the password is "admin"
732 passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
738 - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
741 VirtletRootVolumeSize: 5Gi
742 k8s.v1.cni.cncf.io/networks: '[
743 { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
744 { "name": "$protected_private_net", "interfaceRequest": "eth2" },
745 { "name": "$onap_private_net", "interfaceRequest": "eth3" }
747 kubernetes.io/target-runtime: virtlet.cloud
751 requiredDuringSchedulingIgnoredDuringExecution:
759 - name: $firewall_deployment_name
761 imagePullPolicy: IfNotPresent
769 cat << DEPLOYMENT > $sink_deployment_name.yaml
773 name: $sink_deployment_name
786 VirtletLibvirtCPUSetting: |
788 VirtletCloudInitUserData: |
795 sudo: ALL=(ALL) NOPASSWD:ALL
797 # the password is "admin"
798 passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
804 - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$sink_deployment_name | sudo -E bash
807 VirtletRootVolumeSize: 5Gi
808 k8s.v1.cni.cncf.io/networks: '[
809 { "name": "$protected_private_net", "interfaceRequest": "eth1" },
810 { "name": "$onap_private_net", "interfaceRequest": "eth2" }
812 kubernetes.io/target-runtime: virtlet.cloud
816 requiredDuringSchedulingIgnoredDuringExecution:
824 - name: $sink_deployment_name
826 imagePullPolicy: IfNotPresent
838 # populate_CSAR_multus() - This function creates the content of CSAR file
839 # required for testing Multus feature
840 function populate_CSAR_multus {
843 _checks_args $csar_id
844 pushd ${CSAR_DIR}/${csar_id}
846 cat << META > metadata.yaml
849 - bridge-network.yaml
851 - $multus_deployment_name.yaml
854 cat << NET > bridge-network.yaml
855 apiVersion: "k8s.cni.cncf.io/v1"
856 kind: NetworkAttachmentDefinition
861 "cniVersion": "0.3.0",
865 "type": "host-local",
866 "subnet": "$onap_private_net_cidr"
871 cat << DEPLOYMENT > $multus_deployment_name.yaml
875 name: $multus_deployment_name
888 k8s.v1.cni.cncf.io/networks: '[
889 { "name": "bridge-conf", "interfaceRequest": "eth1" },
890 { "name": "bridge-conf", "interfaceRequest": "eth2" }
894 - name: $multus_deployment_name
903 # populate_CSAR_virtlet() - This function creates the content of CSAR file
904 # required for testing Virtlet feature
905 function populate_CSAR_virtlet {
908 _checks_args $csar_id
909 pushd ${CSAR_DIR}/${csar_id}
911 cat << META > metadata.yaml
914 - $virtlet_deployment_name.yaml
917 cat << DEPLOYMENT > $virtlet_deployment_name.yaml
921 name: $virtlet_deployment_name
934 VirtletLibvirtCPUSetting: |
935 mode: host-passthrough
936 # This tells CRI Proxy that this pod belongs to Virtlet runtime
937 kubernetes.io/target-runtime: virtlet.cloud
938 VirtletCloudInitUserData: |
943 primary-group: testuser
947 # the password is "testuser"
948 passwd: "\$6\$rounds=4096\$wPs4Hz4tfs\$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
949 sudo: ALL=(ALL) NOPASSWD:ALL
955 requiredDuringSchedulingIgnoredDuringExecution:
963 - name: $virtlet_deployment_name
964 # This specifies the image to use.
965 # virtlet.cloud/ prefix is used by CRI proxy, the remaining part
966 # of the image name is prepended with https:// and used to download the image
967 image: $virtlet_image
968 imagePullPolicy: IfNotPresent
969 # tty and stdin required for "kubectl attach -t" to work
974 # This memory limit is applied to the libvirt domain definition
980 # populate_CSAR_plugin()- Creates content used for Plugin functional tests
981 function populate_CSAR_plugin {
984 _checks_args $csar_id
985 pushd ${CSAR_DIR}/${csar_id}
987 cat << META > metadata.yaml
990 - $plugin_deployment_name.yaml
995 cat << DEPLOYMENT > $plugin_deployment_name.yaml
999 name: $plugin_deployment_name
1011 - name: $plugin_deployment_name
1018 cat << SERVICE > service.yaml
1022 name: $plugin_service_name
1033 # populate_CSAR_ovn4nfv() - Create content used for OVN4NFV functional test
1034 function populate_CSAR_ovn4nfv {
1037 _checks_args $csar_id
1038 pushd ${CSAR_DIR}/${csar_id}
1040 cat << META > metadata.yaml
1046 - onap-ovn4nfvk8s-network.yaml
1048 - $ovn4nfv_deployment_name.yaml
1051 cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
1052 apiVersion: "k8s.cni.cncf.io/v1"
1053 kind: NetworkAttachmentDefinition
1055 name: $ovn_multus_network_name
1058 "cniVersion": "0.3.1",
1059 "name": "ovn4nfv-k8s-plugin",
1060 "type": "ovn4nfvk8s-cni"
1064 cat << NETWORK > ovn-port-net.yaml
1069 cnitype : ovn4nfvk8s
1072 subnet: 172.16.33.0/24
1073 gateway: 172.16.33.1/24
1076 cat << NETWORK > ovn-priv-net.yaml
1081 cnitype : ovn4nfvk8s
1084 subnet: 172.16.44.0/24
1085 gateway: 172.16.44.1/24
1088 cat << DEPLOYMENT > $ovn4nfv_deployment_name.yaml
1092 name: $ovn4nfv_deployment_name
1105 k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
1106 ovnNetwork: '[{ "name": "ovn-port-net", "interface": "net0" , "defaultGateway": "false"},
1107 { "name": "ovn-priv-net", "interface": "net1" , "defaultGateway": "false"}]'
1110 - name: $ovn4nfv_deployment_name
1119 # populate_CSAR_rbdefinition() - Function that populates CSAR folder
1120 # for testing resource bundle definition
1121 function populate_CSAR_rbdefinition {
1124 _checks_args $csar_id
1125 pushd ${CSAR_DIR}/${csar_id}
1126 print_msg "Create Helm Chart Archives"
1127 rm -f ${rbd_content_tarball}.gz
1128 rm -f ${rbp_content_tarball}.gz
1129 tar -cf $rbd_content_tarball -C $test_folder/vnfs/testrb/helm vault-consul-dev
1130 tar -cf $rbp_content_tarball -C $test_folder/vnfs/testrb/helm/profile .
1131 gzip $rbp_content_tarball
1132 gzip $rbd_content_tarball