Code Review / multicloud / k8s.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "Update committers info"
[multicloud/k8s.git] / kud / tests / _common.sh
1 #!/bin/bash
2 # SPDX-license-identifier: Apache-2.0
3 ##############################################################################
4 # Copyright (c) 2018
5 # All rights reserved. This program and the accompanying materials
6 # are made available under the terms of the Apache License, Version 2.0
7 # which accompanies this distribution, and is available at
8 # http://www.apache.org/licenses/LICENSE-2.0
9 ##############################################################################
10
11 set -o errexit
12 set -o nounset
13 set -o pipefail
14
15 packetgen_deployment_name=packetgen
16 sink_deployment_name=sink
17 firewall_deployment_name=firewall
18 image_name=virtlet.cloud/ubuntu/16.04
19 multus_deployment_name=multus-deployment
20 virtlet_image=virtlet.cloud/fedora
21 virtlet_deployment_name=virtlet-deployment
22 plugin_deployment_name=plugin-deployment
23 plugin_service_name=plugin-service
24 ovn4nfv_deployment_name=ovn4nfv-deployment
25 onap_private_net=onap-private-net
26 unprotected_private_net=unprotected-private-net
27 protected_private_net=protected-private-net
28 ovn_multus_network_name=ovn-networkobj
29 rbd_metadata=rbd_metatada.json
30 rbp_metadata=rbp_metatada.json
31 rbp_instance=rbp_instance.json
32
33 # vFirewall vars
34 demo_artifacts_version=1.5.0
35 vfw_private_ip_0='192.168.10.3'
36 vfw_private_ip_1='192.168.20.2'
37 vfw_private_ip_2='10.10.100.3'
38 vpg_private_ip_0='192.168.10.2'
39 vpg_private_ip_1='10.0.100.2'
40 vsn_private_ip_0='192.168.20.3'
41 vsn_private_ip_1='10.10.100.4'
42 dcae_collector_ip='10.0.4.1'
43 dcae_collector_port='8081'
44 protected_net_gw='192.168.20.100'
45 protected_net_cidr='192.168.20.0/24'
46 protected_private_net_cidr='192.168.10.0/24'
47 onap_private_net_cidr='10.10.0.0/16'
48 sink_ipaddr='192.168.20.250'
49
50 # populate_CSAR_containers_vFW() - This function creates the content of CSAR file
51 # required for vFirewal using only containers
52 function populate_CSAR_containers_vFW {
53     local csar_id=$1
54
55     _checks_args $csar_id
56     pushd ${CSAR_DIR}/${csar_id}
57
58     cat << META > metadata.yaml
59 resources:
60   network:
61     - $unprotected_private_net.yaml
62     - $protected_private_net.yaml
63     - $onap_private_net.yaml
64   deployment:
65     - $packetgen_deployment_name.yaml
66     - $firewall_deployment_name.yaml
67     - $sink_deployment_name.yaml
68 META
69
70     cat << NET > $unprotected_private_net.yaml
71 apiVersion: "k8s.cni.cncf.io/v1"
72 kind: NetworkAttachmentDefinition
73 metadata:
74   name: $unprotected_private_net
75 spec:
76   config: '{
77     "name": "unprotected",
78     "type": "bridge",
79     "ipam": {
80         "type": "host-local",
81         "subnet": "$protected_private_net_cidr"
82     }
83 }'
84 NET
85
86     cat << NET > $protected_private_net.yaml
87 apiVersion: "k8s.cni.cncf.io/v1"
88 kind: NetworkAttachmentDefinition
89 metadata:
90   name: $protected_private_net
91 spec:
92   config: '{
93     "name": "protected",
94     "type": "bridge",
95     "ipam": {
96         "type": "host-local",
97         "subnet": "$protected_net_cidr"
98     }
99 }'
100 NET
101
102     cat << NET > $onap_private_net.yaml
103 apiVersion: "k8s.cni.cncf.io/v1"
104 kind: NetworkAttachmentDefinition
105 metadata:
106   name: $onap_private_net
107 spec:
108   config: '{
109     "name": "onap",
110     "type": "bridge",
111     "ipam": {
112         "type": "host-local",
113         "subnet": "$onap_private_net_cidr"
114     }
115 }'
116 NET
117
118     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
119 apiVersion: apps/v1
120 kind: Deployment
121 metadata:
122   name: $packetgen_deployment_name
123   labels:
124     app: vFirewall
125 spec:
126   replicas: 1
127   selector:
128     matchLabels:
129       app: vFirewall
130   template:
131     metadata:
132       labels:
133         app: vFirewall
134       annotations:
135         k8s.v1.cni.cncf.io/networks: '[
136             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
137             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
138         ]'
139     spec:
140       containers:
141       - name: $packetgen_deployment_name
142         image: electrocucaracha/packetgen
143         imagePullPolicy: IfNotPresent
144         tty: true
145         stdin: true
146         resources:
147           limits:
148             memory: 256Mi
149 DEPLOYMENT
150
151     cat << DEPLOYMENT > $firewall_deployment_name.yaml
152 apiVersion: apps/v1
153 kind: Deployment
154 metadata:
155   name: $firewall_deployment_name
156   labels:
157     app: vFirewall
158 spec:
159   replicas: 1
160   selector:
161     matchLabels:
162       app: vFirewall
163   template:
164     metadata:
165       labels:
166         app: vFirewall
167       annotations:
168         k8s.v1.cni.cncf.io/networks: '[
169             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
170             { "name": "$protected_private_net", "interfaceRequest": "eth2" },
171             { "name": "$onap_private_net", "interfaceRequest": "eth3" }
172         ]'
173     spec:
174       containers:
175       - name: $firewall_deployment_name
176         image: electrocucaracha/firewall
177         imagePullPolicy: IfNotPresent
178         tty: true
179         stdin: true
180 DEPLOYMENT
181
182     cat << DEPLOYMENT > $sink_deployment_name.yaml
183 apiVersion: apps/v1
184 kind: Deployment
185 metadata:
186   name: $sink_deployment_name
187   labels:
188     app: vFirewall
189 spec:
190   replicas: 1
191   selector:
192     matchLabels:
193       app: vFirewall
194       context: darkstat
195   template:
196     metadata:
197       labels:
198         app: vFirewall
199         context: darkstat
200       annotations:
201         k8s.v1.cni.cncf.io/networks: '[
202             { "name": "$protected_private_net", "interfaceRequest": "eth1" },
203             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
204         ]'
205     spec:
206       containers:
207       - name: $sink_deployment_name
208         image: electrocucaracha/sink
209         imagePullPolicy: IfNotPresent
210         tty: true
211         stdin: true
212         securityContext:
213           privileged: true
214       - name: darkstat
215         image: electrocucaracha/darkstat
216         imagePullPolicy: IfNotPresent
217         tty: true
218         stdin: true
219         ports:
220           - containerPort: 667
221 DEPLOYMENT
222     popd
223 }
224
225 # populate_CSAR_vms_containers_vFW() - This function creates the content of CSAR file
226 # required for vFirewal using an hybrid combination between virtual machines and
227 # cotainers
228 function populate_CSAR_vms_containers_vFW {
229     local csar_id=$1
230     ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
231
232     _checks_args $csar_id
233     pushd ${CSAR_DIR}/${csar_id}
234
235     cat << META > metadata.yaml
236 resources:
237   network:
238     - onap-ovn4nfvk8s-network.yaml
239   onapNetwork:
240     - $unprotected_private_net.yaml
241     - $protected_private_net.yaml
242     - $onap_private_net.yaml
243   deployment:
244     - $packetgen_deployment_name.yaml
245     - $firewall_deployment_name.yaml
246     - $sink_deployment_name.yaml
247   service:
248     - sink-service.yaml
249 META
250
251     cat << SERVICE > sink-service.yaml
252 apiVersion: v1
253 kind: Service
254 metadata:
255   name: sink-service
256 spec:
257   type: NodePort
258   ports:
259   - port: 667
260     nodePort: 30667
261   selector:
262     app: vFirewall
263     context: darkstat
264 SERVICE
265
266     cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
267 apiVersion: "k8s.cni.cncf.io/v1"
268 kind: NetworkAttachmentDefinition
269 metadata:
270   name: $ovn_multus_network_name
271 spec:
272   config: '{
273       "cniVersion": "0.3.1",
274       "name": "ovn4nfv-k8s-plugin",
275       "type": "ovn4nfvk8s-cni"
276     }'
277 MULTUS_NET
278
279     cat << NET > $unprotected_private_net.yaml
280 apiVersion: v1
281 kind: onapNetwork
282 metadata:
283   name: $unprotected_private_net
284   cnitype : ovn4nfvk8s
285 spec:
286   name: $unprotected_private_net
287   subnet: $protected_private_net_cidr
288   gateway: 192.168.10.1/24
289 NET
290
291     cat << NET > $protected_private_net.yaml
292 apiVersion: v1
293 kind: onapNetwork
294 metadata:
295   name: $protected_private_net
296   cnitype : ovn4nfvk8s
297 spec:
298   name: $protected_private_net
299   subnet: $protected_net_cidr
300   gateway: $protected_net_gw/24
301 NET
302
303     cat << NET > $onap_private_net.yaml
304 apiVersion: v1
305 kind: onapNetwork
306 metadata:
307   name: $onap_private_net
308   cnitype : ovn4nfvk8s
309 spec:
310   name: $onap_private_net
311   subnet: $onap_private_net_cidr
312   gateway: 10.10.0.1/16
313 NET
314
315     proxy="apt:"
316     cloud_init_proxy="
317             - export demo_artifacts_version=$demo_artifacts_version
318             - export vfw_private_ip_0=$vfw_private_ip_0
319             - export vsn_private_ip_0=$vsn_private_ip_0
320             - export protected_net_cidr=$protected_net_cidr
321             - export dcae_collector_ip=$dcae_collector_ip
322             - export dcae_collector_port=$dcae_collector_port
323             - export protected_net_gw=$protected_net_gw
324             - export protected_private_net_cidr=$protected_private_net_cidr
325             - export sink_ipaddr=$sink_ipaddr
326 "
327     if [[ -n "${http_proxy+x}" ]]; then
328         proxy+="
329             http_proxy: $http_proxy"
330         cloud_init_proxy+="
331             - export http_proxy=$http_proxy"
332     fi
333     if [[ -n "${https_proxy+x}" ]]; then
334         proxy+="
335             https_proxy: $https_proxy"
336         cloud_init_proxy+="
337             - export https_proxy=$https_proxy"
338     fi
339     if [[ -n "${no_proxy+x}" ]]; then
340         cloud_init_proxy+="
341             - export no_proxy=$no_proxy"
342     fi
343
344     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
345 apiVersion: apps/v1
346 kind: Deployment
347 metadata:
348   name: $packetgen_deployment_name
349   labels:
350     app: vFirewall
351 spec:
352   replicas: 1
353   selector:
354     matchLabels:
355       app: vFirewall
356   template:
357     metadata:
358       labels:
359         app: vFirewall
360       annotations:
361         VirtletLibvirtCPUSetting: |
362           mode: host-model
363         VirtletCloudInitUserData: |
364           ssh_pwauth: True
365           users:
366           - name: admin
367             gecos: User
368             primary-group: admin
369             groups: users
370             sudo: ALL=(ALL) NOPASSWD:ALL
371             lock_passwd: false
372             # the password is "admin"
373             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
374             ssh_authorized_keys:
375               $ssh_key
376           $proxy
377           runcmd:
378           $cloud_init_proxy
379             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
380         VirtletSSHKeys: |
381           $ssh_key
382         VirtletRootVolumeSize: 5Gi
383         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
384         ovnNetwork: '[
385             { "name": "$unprotected_private_net", "ipAddress": "$vpg_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
386             { "name": "$onap_private_net", "ipAddress": "$vpg_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
387         ]'
388         kubernetes.io/target-runtime: virtlet.cloud
389     spec:
390       affinity:
391         nodeAffinity:
392           requiredDuringSchedulingIgnoredDuringExecution:
393             nodeSelectorTerms:
394             - matchExpressions:
395               - key: extraRuntime
396                 operator: In
397                 values:
398                 - virtlet
399       containers:
400       - name: $packetgen_deployment_name
401         image: $image_name
402         imagePullPolicy: IfNotPresent
403         tty: true
404         stdin: true
405         ports:
406           - containerPort: 8183
407         resources:
408           limits:
409             memory: 4Gi
410 DEPLOYMENT
411
412     cat << DEPLOYMENT > $firewall_deployment_name.yaml
413 apiVersion: apps/v1
414 kind: Deployment
415 metadata:
416   name: $firewall_deployment_name
417   labels:
418     app: vFirewall
419 spec:
420   replicas: 1
421   selector:
422     matchLabels:
423       app: vFirewall
424   template:
425     metadata:
426       labels:
427         app: vFirewall
428       annotations:
429         VirtletLibvirtCPUSetting: |
430           mode: host-model
431         VirtletCloudInitUserData: |
432           ssh_pwauth: True
433           users:
434           - name: admin
435             gecos: User
436             primary-group: admin
437             groups: users
438             sudo: ALL=(ALL) NOPASSWD:ALL
439             lock_passwd: false
440             # the password is "admin"
441             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
442             ssh_authorized_keys:
443               $ssh_key
444           $proxy
445           runcmd:
446             $cloud_init_proxy
447             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
448         VirtletSSHKeys: |
449           $ssh_key
450         VirtletRootVolumeSize: 5Gi
451         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
452         ovnNetwork: '[
453             { "name": "$unprotected_private_net", "ipAddress": "$vfw_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
454             { "name": "$protected_private_net", "ipAddress": "$vfw_private_ip_1", "interface": "eth2", "defaultGateway": "false" },
455             { "name": "$onap_private_net", "ipAddress": "$vfw_private_ip_2", "interface": "eth3" , "defaultGateway": "false"}
456         ]'
457         kubernetes.io/target-runtime: virtlet.cloud
458     spec:
459       affinity:
460         nodeAffinity:
461           requiredDuringSchedulingIgnoredDuringExecution:
462             nodeSelectorTerms:
463             - matchExpressions:
464               - key: extraRuntime
465                 operator: In
466                 values:
467                 - virtlet
468       containers:
469       - name: $firewall_deployment_name
470         image: $image_name
471         imagePullPolicy: IfNotPresent
472         tty: true
473         stdin: true
474         resources:
475           limits:
476             memory: 4Gi
477 DEPLOYMENT
478
479     cat << CONFIGMAP > sink_configmap.yaml
480 apiVersion: v1
481 kind: ConfigMap
482 metadata:
483   name: sink-configmap
484 data:
485   protected_net_gw: $protected_net_gw
486   protected_private_net_cidr: $protected_private_net_cidr
487 CONFIGMAP
488
489     cat << DEPLOYMENT > $sink_deployment_name.yaml
490 apiVersion: apps/v1
491 kind: Deployment
492 metadata:
493   name: $sink_deployment_name
494   labels:
495     app: vFirewall
496 spec:
497   replicas: 1
498   selector:
499     matchLabels:
500       app: vFirewall
501       context: darkstat
502   template:
503     metadata:
504       labels:
505         app: vFirewall
506         context: darkstat
507       annotations:
508         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
509         ovnNetwork: '[
510             { "name": "$protected_private_net", "ipAddress": "$vsn_private_ip_0", "interface": "eth1", "defaultGateway": "false" },
511             { "name": "$onap_private_net", "ipAddress": "$vsn_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
512         ]'
513     spec:
514       containers:
515       - name: $sink_deployment_name
516         image: rtsood/onap-vfw-demo-sink:0.2.0
517         envFrom:
518         - configMapRef:
519             name: sink-configmap
520         imagePullPolicy: Always
521         tty: true
522         stdin: true
523         securityContext:
524           privileged: true
525
526       - name: darkstat
527         image: electrocucaracha/darkstat
528         imagePullPolicy: IfNotPresent
529         tty: true
530         stdin: true
531         ports:
532           - containerPort: 667
533 DEPLOYMENT
534     popd
535 }
536
537 # populate_CSAR_vms_vFW() - This function creates the content of CSAR file
538 # required for vFirewal using only virtual machines
539 function populate_CSAR_vms_vFW {
540     local csar_id=$1
541     ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
542
543     _checks_args $csar_id
544     pushd ${CSAR_DIR}/${csar_id}
545
546     cat << META > metadata.yaml
547 resources:
548   network:
549     - $unprotected_private_net.yaml
550     - $protected_private_net.yaml
551     - $onap_private_net.yaml
552   deployment:
553     - $packetgen_deployment_name.yaml
554     - $firewall_deployment_name.yaml
555     - $sink_deployment_name.yaml
556 META
557
558     cat << NET > $unprotected_private_net.yaml
559 apiVersion: "k8s.cni.cncf.io/v1"
560 kind: NetworkAttachmentDefinition
561 metadata:
562   name: $unprotected_private_net
563 spec:
564   config: '{
565     "name": "unprotected",
566     "type": "bridge",
567     "ipam": {
568         "type": "host-local",
569         "subnet": "$protected_private_net_cidr"
570     }
571 }'
572 NET
573
574     cat << NET > $protected_private_net.yaml
575 apiVersion: "k8s.cni.cncf.io/v1"
576 kind: NetworkAttachmentDefinition
577 metadata:
578   name: $protected_private_net
579 spec:
580   config: '{
581     "name": "protected",
582     "type": "bridge",
583     "ipam": {
584         "type": "host-local",
585         "subnet": "$protected_net_cidr"
586     }
587 }'
588 NET
589
590     cat << NET > $onap_private_net.yaml
591 apiVersion: "k8s.cni.cncf.io/v1"
592 kind: NetworkAttachmentDefinition
593 metadata:
594   name: $onap_private_net
595 spec:
596   config: '{
597     "name": "onap",
598     "type": "bridge",
599     "ipam": {
600         "type": "host-local",
601         "subnet": "$onap_private_net_cidr"
602     }
603 }'
604 NET
605
606     proxy="apt:"
607     cloud_init_proxy="
608             - export demo_artifacts_version=$demo_artifacts_version
609             - export vfw_private_ip_0=$vfw_private_ip_0
610             - export vsn_private_ip_0=$vsn_private_ip_0
611             - export protected_net_cidr=$protected_net_cidr
612             - export dcae_collector_ip=$dcae_collector_ip
613             - export dcae_collector_port=$dcae_collector_port
614             - export protected_net_gw=$protected_net_gw
615             - export protected_private_net_cidr=$protected_private_net_cidr
616 "
617     if [[ -n "${http_proxy+x}" ]]; then
618         proxy+="
619             http_proxy: $http_proxy"
620         cloud_init_proxy+="
621             - export http_proxy=$http_proxy"
622     fi
623     if [[ -n "${https_proxy+x}" ]]; then
624         proxy+="
625             https_proxy: $https_proxy"
626         cloud_init_proxy+="
627             - export https_proxy=$https_proxy"
628     fi
629     if [[ -n "${no_proxy+x}" ]]; then
630         cloud_init_proxy+="
631             - export no_proxy=$no_proxy"
632     fi
633
634     cat << DEPLOYMENT > $packetgen_deployment_name.yaml
635 apiVersion: apps/v1
636 kind: Deployment
637 metadata:
638   name: $packetgen_deployment_name
639   labels:
640     app: vFirewall
641 spec:
642   replicas: 1
643   selector:
644     matchLabels:
645       app: vFirewall
646   template:
647     metadata:
648       labels:
649         app: vFirewall
650       annotations:
651         VirtletLibvirtCPUSetting: |
652           mode: host-model
653         VirtletCloudInitUserData: |
654           ssh_pwauth: True
655           users:
656           - name: admin
657             gecos: User
658             primary-group: admin
659             groups: users
660             sudo: ALL=(ALL) NOPASSWD:ALL
661             lock_passwd: false
662             # the password is "admin"
663             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
664             ssh_authorized_keys:
665               $ssh_key
666           $proxy
667           runcmd:
668           $cloud_init_proxy
669             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$packetgen_deployment_name | sudo -E bash
670         VirtletSSHKeys: |
671           $ssh_key
672         VirtletRootVolumeSize: 5Gi
673         k8s.v1.cni.cncf.io/networks: '[
674             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
675             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
676         ]'
677         kubernetes.io/target-runtime: virtlet.cloud
678     spec:
679       affinity:
680         nodeAffinity:
681           requiredDuringSchedulingIgnoredDuringExecution:
682             nodeSelectorTerms:
683             - matchExpressions:
684               - key: extraRuntime
685                 operator: In
686                 values:
687                 - virtlet
688       containers:
689       - name: $packetgen_deployment_name
690         image: $image_name
691         imagePullPolicy: IfNotPresent
692         tty: true
693         stdin: true
694         ports:
695           - containerPort: 8183
696         resources:
697           limits:
698             memory: 4Gi
699 DEPLOYMENT
700
701     cat << DEPLOYMENT > $firewall_deployment_name.yaml
702 apiVersion: apps/v1
703 kind: Deployment
704 metadata:
705   name: $firewall_deployment_name
706   labels:
707     app: vFirewall
708 spec:
709   replicas: 1
710   selector:
711     matchLabels:
712       app: vFirewall
713   template:
714     metadata:
715       labels:
716         app: vFirewall
717       annotations:
718         VirtletLibvirtCPUSetting: |
719           mode: host-model
720         VirtletCloudInitUserData: |
721           ssh_pwauth: True
722           users:
723           - name: admin
724             gecos: User
725             primary-group: admin
726             groups: users
727             sudo: ALL=(ALL) NOPASSWD:ALL
728             lock_passwd: false
729             # the password is "admin"
730             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
731             ssh_authorized_keys:
732               $ssh_key
733           $proxy
734           runcmd:
735             $cloud_init_proxy
736             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$firewall_deployment_name | sudo -E bash
737         VirtletSSHKeys: |
738           $ssh_key
739         VirtletRootVolumeSize: 5Gi
740         k8s.v1.cni.cncf.io/networks: '[
741             { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
742             { "name": "$protected_private_net", "interfaceRequest": "eth2" },
743             { "name": "$onap_private_net", "interfaceRequest": "eth3" }
744         ]'
745         kubernetes.io/target-runtime: virtlet.cloud
746     spec:
747       affinity:
748         nodeAffinity:
749           requiredDuringSchedulingIgnoredDuringExecution:
750             nodeSelectorTerms:
751             - matchExpressions:
752               - key: extraRuntime
753                 operator: In
754                 values:
755                 - virtlet
756       containers:
757       - name: $firewall_deployment_name
758         image: $image_name
759         imagePullPolicy: IfNotPresent
760         tty: true
761         stdin: true
762         resources:
763           limits:
764             memory: 4Gi
765 DEPLOYMENT
766
767     cat << DEPLOYMENT > $sink_deployment_name.yaml
768 apiVersion: apps/v1
769 kind: Deployment
770 metadata:
771   name: $sink_deployment_name
772   labels:
773     app: vFirewall
774 spec:
775   replicas: 1
776   selector:
777     matchLabels:
778       app: vFirewall
779   template:
780     metadata:
781       labels:
782         app: vFirewall
783       annotations:
784         VirtletLibvirtCPUSetting: |
785           mode: host-model
786         VirtletCloudInitUserData: |
787           ssh_pwauth: True
788           users:
789           - name: admin
790             gecos: User
791             primary-group: admin
792             groups: users
793             sudo: ALL=(ALL) NOPASSWD:ALL
794             lock_passwd: false
795             # the password is "admin"
796             passwd: "\$6\$rounds=4096\$QA5OCKHTE41\$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
797             ssh_authorized_keys:
798               $ssh_key
799           $proxy
800           runcmd:
801             $cloud_init_proxy
802             - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/$sink_deployment_name | sudo -E bash
803         VirtletSSHKeys: |
804           $ssh_key
805         VirtletRootVolumeSize: 5Gi
806         k8s.v1.cni.cncf.io/networks: '[
807             { "name": "$protected_private_net", "interfaceRequest": "eth1" },
808             { "name": "$onap_private_net", "interfaceRequest": "eth2" }
809         ]'
810         kubernetes.io/target-runtime: virtlet.cloud
811     spec:
812       affinity:
813         nodeAffinity:
814           requiredDuringSchedulingIgnoredDuringExecution:
815             nodeSelectorTerms:
816             - matchExpressions:
817               - key: extraRuntime
818                 operator: In
819                 values:
820                 - virtlet
821       containers:
822       - name: $sink_deployment_name
823         image: $image_name
824         imagePullPolicy: IfNotPresent
825         tty: true
826         stdin: true
827         ports:
828           - containerPort: 667
829         resources:
830           limits:
831             memory: 4Gi
832 DEPLOYMENT
833     popd
834 }
835
836 # populate_CSAR_multus() - This function creates the content of CSAR file
837 # required for testing Multus feature
838 function populate_CSAR_multus {
839     local csar_id=$1
840
841     _checks_args $csar_id
842     pushd ${CSAR_DIR}/${csar_id}
843
844     cat << META > metadata.yaml
845 resources:
846   network:
847     - bridge-network.yaml
848   deployment:
849     - $multus_deployment_name.yaml
850 META
851
852     cat << NET > bridge-network.yaml
853 apiVersion: "k8s.cni.cncf.io/v1"
854 kind: NetworkAttachmentDefinition
855 metadata:
856   name: bridge-conf
857 spec:
858   config: '{
859     "cniVersion": "0.3.0",
860     "name": "mynet",
861     "type": "bridge",
862     "ipam": {
863         "type": "host-local",
864         "subnet": "$onap_private_net_cidr"
865     }
866 }'
867 NET
868
869     cat << DEPLOYMENT > $multus_deployment_name.yaml
870 apiVersion: apps/v1
871 kind: Deployment
872 metadata:
873   name: $multus_deployment_name
874   labels:
875     app: multus
876 spec:
877   replicas: 1
878   selector:
879     matchLabels:
880       app: multus
881   template:
882     metadata:
883       labels:
884         app: multus
885       annotations:
886         k8s.v1.cni.cncf.io/networks: '[
887           { "name": "bridge-conf", "interfaceRequest": "eth1" },
888           { "name": "bridge-conf", "interfaceRequest": "eth2" }
889         ]'
890     spec:
891       containers:
892       - name: $multus_deployment_name
893         image: "busybox"
894         command: ["top"]
895         stdin: true
896         tty: true
897 DEPLOYMENT
898     popd
899 }
900
901 # populate_CSAR_virtlet() - This function creates the content of CSAR file
902 # required for testing Virtlet feature
903 function populate_CSAR_virtlet {
904     local csar_id=$1
905
906     _checks_args $csar_id
907     pushd ${CSAR_DIR}/${csar_id}
908
909     cat << META > metadata.yaml
910 resources:
911   deployment:
912     - $virtlet_deployment_name.yaml
913 META
914
915     cat << DEPLOYMENT > $virtlet_deployment_name.yaml
916 apiVersion: apps/v1
917 kind: Deployment
918 metadata:
919   name: $virtlet_deployment_name
920   labels:
921     app: virtlet
922 spec:
923   replicas: 1
924   selector:
925     matchLabels:
926       app: virtlet
927   template:
928     metadata:
929       labels:
930         app: virtlet
931       annotations:
932         VirtletLibvirtCPUSetting: |
933           mode: host-passthrough
934         # This tells CRI Proxy that this pod belongs to Virtlet runtime
935         kubernetes.io/target-runtime: virtlet.cloud
936         VirtletCloudInitUserData: |
937           ssh_pwauth: True
938           users:
939           - name: testuser
940             gecos: User
941             primary-group: testuser
942             groups: users
943             lock_passwd: false
944             shell: /bin/bash
945             # the password is "testuser"
946             passwd: "\$6\$rounds=4096\$wPs4Hz4tfs\$a8ssMnlvH.3GX88yxXKF2cKMlVULsnydoOKgkuStTErTq2dzKZiIx9R/pPWWh5JLxzoZEx7lsSX5T2jW5WISi1"
947             sudo: ALL=(ALL) NOPASSWD:ALL
948           runcmd:
949             - echo hello world
950     spec:
951       affinity:
952         nodeAffinity:
953           requiredDuringSchedulingIgnoredDuringExecution:
954             nodeSelectorTerms:
955             - matchExpressions:
956               - key: extraRuntime
957                 operator: In
958                 values:
959                 - virtlet
960       containers:
961       - name: $virtlet_deployment_name
962         # This specifies the image to use.
963         # virtlet.cloud/ prefix is used by CRI proxy, the remaining part
964         # of the image name is prepended with https:// and used to download the image
965         image: $virtlet_image
966         imagePullPolicy: IfNotPresent
967         # tty and stdin required for "kubectl attach -t" to work
968         tty: true
969         stdin: true
970         resources:
971           limits:
972             # This memory limit is applied to the libvirt domain definition
973             memory: 160Mi
974 DEPLOYMENT
975     popd
976 }
977
978 # populate_CSAR_plugin()- Creates content used for Plugin functional tests
979 function populate_CSAR_plugin {
980     local csar_id=$1
981
982     _checks_args $csar_id
983     pushd ${CSAR_DIR}/${csar_id}
984
985     cat << META > metadata.yaml
986 resources:
987   deployment:
988     - $plugin_deployment_name.yaml
989   service:
990     - service.yaml
991 META
992
993     cat << DEPLOYMENT > $plugin_deployment_name.yaml
994 apiVersion: apps/v1
995 kind: Deployment
996 metadata:
997   name: $plugin_deployment_name
998 spec:
999   replicas: 1
1000   selector:
1001     matchLabels:
1002       app: plugin
1003   template:
1004     metadata:
1005       labels:
1006         app: plugin
1007     spec:
1008       containers:
1009       - name: $plugin_deployment_name
1010         image: "busybox"
1011         command: ["top"]
1012         stdin: true
1013         tty: true
1014 DEPLOYMENT
1015
1016     cat << SERVICE > service.yaml
1017 apiVersion: v1
1018 kind: Service
1019 metadata:
1020   name: $plugin_service_name
1021 spec:
1022   ports:
1023   - port: 80
1024     protocol: TCP
1025   selector:
1026     app: sise
1027 SERVICE
1028     popd
1029 }
1030
1031 # populate_CSAR_ovn4nfv() - Create content used for OVN4NFV functional test
1032 function populate_CSAR_ovn4nfv {
1033     local csar_id=$1
1034
1035     _checks_args $csar_id
1036     pushd ${CSAR_DIR}/${csar_id}
1037
1038     cat << META > metadata.yaml
1039 resources:
1040   onap_network:
1041     - ovn-port-net.yaml
1042     - ovn-priv-net.yaml
1043   network:
1044     - onap-ovn4nfvk8s-network.yaml
1045   deployment:
1046     - $ovn4nfv_deployment_name.yaml
1047 META
1048
1049     cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
1050 apiVersion: "k8s.cni.cncf.io/v1"
1051 kind: NetworkAttachmentDefinition
1052 metadata:
1053   name: $ovn_multus_network_name
1054 spec:
1055   config: '{
1056       "cniVersion": "0.3.1",
1057       "name": "ovn4nfv-k8s-plugin",
1058       "type": "ovn4nfvk8s-cni"
1059     }'
1060 MULTUS_NET
1061
1062     cat << NETWORK > ovn-port-net.yaml
1063 apiVersion: v1
1064 kind: onapNetwork
1065 metadata:
1066   name: ovn-port-net
1067   cnitype : ovn4nfvk8s
1068 spec:
1069   name: ovn-port-net
1070   subnet: 172.16.33.0/24
1071   gateway: 172.16.33.1/24
1072 NETWORK
1073
1074     cat << NETWORK > ovn-priv-net.yaml
1075 apiVersion: v1
1076 kind: onapNetwork
1077 metadata:
1078   name: ovn-priv-net
1079   cnitype : ovn4nfvk8s
1080 spec:
1081   name: ovn-priv-net
1082   subnet: 172.16.44.0/24
1083   gateway: 172.16.44.1/24
1084 NETWORK
1085
1086     cat << DEPLOYMENT > $ovn4nfv_deployment_name.yaml
1087 apiVersion: apps/v1
1088 kind: Deployment
1089 metadata:
1090   name: $ovn4nfv_deployment_name
1091   labels:
1092     app: ovn4nfv
1093 spec:
1094   replicas: 1
1095   selector:
1096     matchLabels:
1097       app: ovn4nfv
1098   template:
1099     metadata:
1100       labels:
1101         app: ovn4nfv
1102       annotations:
1103         k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
1104         ovnNetwork: '[{ "name": "ovn-port-net", "interface": "net0" , "defaultGateway": "false"},
1105                       { "name": "ovn-priv-net", "interface": "net1" , "defaultGateway": "false"}]'
1106     spec:
1107       containers:
1108       - name: $ovn4nfv_deployment_name
1109         image: "busybox"
1110         command: ["top"]
1111         stdin: true
1112         tty: true
1113 DEPLOYMENT
1114     popd
1115 }
1116
1117 # populate_CSAR_rbdefinition() - Function that populates CSAR folder
1118 # for testing resource bundle definition
1119 function populate_CSAR_rbdefinition {
1120     _checks_args "$1"
1121     pushd "${CSAR_DIR}/$1"
1122     print_msg "Create Helm Chart Archives"
1123     rm -f *.tar.gz
1124     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/testrb/helm/profile .
1125     #Creates vault-consul-dev-0.0.0.tgz
1126     helm package $test_folder/vnfs/testrb/helm/vault-consul-dev --version 0.0.0
1127     popd
1128 }
1129
1130 # populate_CSAR_edgex_rbdefinition() - Function that populates CSAR folder
1131 # for testing resource bundle definition of edgex scenario
1132 function populate_CSAR_edgex_rbdefinition {
1133     _checks_args "$1"
1134     pushd "${CSAR_DIR}/$1"
1135     print_msg "Create Helm Chart Archives"
1136     rm -f *.tar.gz
1137     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/edgex/profile .
1138     tar -czf rb_definition.tar.gz -C $test_folder/vnfs/edgex/helm edgex
1139     popd
1140 }
1141
1142 # populate_CSAR_fw_rbdefinition() - Function that populates CSAR folder
1143 # for testing resource bundle definition of firewall scenario
1144 function populate_CSAR_fw_rbdefinition {
1145     _checks_args "$1"
1146     pushd "${CSAR_DIR}/$1"
1147     print_msg "Create Helm Chart Archives for vFirewall"
1148     rm -f *.tar.gz
1149     # Reuse profile from the edgeX case as it is an empty profile
1150     tar -czf rb_profile.tar.gz -C $test_folder/vnfs/edgex/profile .
1151     tar -czf rb_definition.tar.gz -C $test_folder/../demo firewall
1152     popd
1153 }
1154
To contain a POC for Kubernetes plugin