X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=vnfs%2FvFW%2Fscripts%2Fv_firewall_install.sh;h=956043860aa70385d1e6c425dd3969177b9806c8;hb=0e9bf965dd84e82625fd7e4c7d523200e2784ae9;hp=cfa59a121b6b97e5b50a87a3d8ecc75e02bd19dd;hpb=a4a8036f7481467739926c32567c16af2b1038f5;p=demo.git

diff --git a/vnfs/vFW/scripts/v_firewall_install.sh b/vnfs/vFW/scripts/v_firewall_install.sh
old mode 100644
new mode 100755
index cfa59a12..95604386
--- a/vnfs/vFW/scripts/v_firewall_install.sh
+++ b/vnfs/vFW/scripts/v_firewall_install.sh
@@ -1,36 +1,55 @@
 #!/bin/bash
 
-REPO_URL_BLOB=$(cat /opt/config/repo_url_blob.txt)
-REPO_URL_ARTIFACTS=$(cat /opt/config/repo_url_artifacts.txt)
+NEXUS_ARTIFACT_REPO=$(cat /opt/config/nexus_artifact_repo.txt)
 DEMO_ARTIFACTS_VERSION=$(cat /opt/config/demo_artifacts_version.txt)
+if [[ "$DEMO_ARTIFACTS_VERSION" =~ "SNAPSHOT" ]]; then REPO=snapshots; else REPO=releases; fi
 INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
 CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
 
+# Convert Network CIDR to Netmask
+cdr2mask () {
+	# Number of args to shift, 255..255, first non-255 byte, zeroes
+	set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+	[ $1 -gt 1 ] && shift $1 || shift
+	echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
 # OpenStack network configuration
 if [[ $CLOUD_ENV == "openstack" ]]
 then
 	echo 127.0.0.1 $(hostname) >> /etc/hosts
+
+	# Allow remote login as root
+	mv /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bk
+	cp /home/ubuntu/.ssh/authorized_keys /root/.ssh
+
 	MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
 
-	VFW_PRIVATE_IP_O=$(cat /opt/config/vfw_private_ip_0.txt)
+	IP=$(cat /opt/config/vfw_private_ip_0.txt)
+	BITS=$(cat /opt/config/unprotected_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
 	echo "auto eth1" >> /etc/network/interfaces
 	echo "iface eth1 inet static" >> /etc/network/interfaces
-	echo "    address $VFW_PRIVATE_IP_O" >> /etc/network/interfaces
-	echo "    netmask 255.255.255.0" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
 	echo "    mtu $MTU" >> /etc/network/interfaces
 
-	VFW_PRIVATE_IP_1=$(cat /opt/config/vfw_private_ip_1.txt)
+	IP=$(cat /opt/config/vfw_private_ip_1.txt)
+	BITS=$(cat /opt/config/protected_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
 	echo "auto eth2" >> /etc/network/interfaces
 	echo "iface eth2 inet static" >> /etc/network/interfaces
-	echo "    address $VFW_PRIVATE_IP_1" >> /etc/network/interfaces
-	echo "    netmask 255.255.255.0" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
 	echo "    mtu $MTU" >> /etc/network/interfaces
 
-	VFW_PRIVATE_IP_2=$(cat /opt/config/vfw_private_ip_2.txt)
+	IP=$(cat /opt/config/vfw_private_ip_2.txt)
+	BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+	NETMASK=$(cdr2mask $BITS)
 	echo "auto eth3" >> /etc/network/interfaces
 	echo "iface eth3 inet static" >> /etc/network/interfaces
-	echo "    address $VFW_PRIVATE_IP_2" >> /etc/network/interfaces
-	echo "    netmask 255.255.255.0" >> /etc/network/interfaces
+	echo "    address $IP" >> /etc/network/interfaces
+	echo "    netmask $NETMASK" >> /etc/network/interfaces
 	echo "    mtu $MTU" >> /etc/network/interfaces
 
 	ifup eth1
@@ -39,32 +58,41 @@ then
 fi
 
 # Download required dependencies
-add-apt-repository -y ppa:openjdk-r/ppa
+echo "deb http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
+echo "deb-src http://ppa.launchpad.net/openjdk-r/ppa/ubuntu $(lsb_release -c -s) main" >>  /etc/apt/sources.list.d/java.list
 apt-get update
-apt-get install -y make wget openjdk-8-jdk gcc libcurl4-openssl-dev python-pip bridge-utils apt-transport-https ca-certificates
+apt-get install --allow-unauthenticated -y make wget openjdk-8-jdk gcc libcurl4-openssl-dev python-pip bridge-utils apt-transport-https ca-certificates
 pip install jsonschema
 
+# Install fd.io certificate
+HOST=nexus.fd.io
+PORT=443
+TRUST_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"
+bash -c "echo -n | openssl s_client -showcerts -connect $HOST:$PORT 2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >> $TRUST_CERT_FILE"
+
 # Download artifacts for virtual firewall
 mkdir /opt/honeycomb
 cd /opt
 
-wget $REPO_URL_BLOB/org.openecomp.demo/vnfs/vfw/$INSTALL_SCRIPT_VERSION/v_firewall_init.sh
-wget $REPO_URL_BLOB/org.openecomp.demo/vnfs/vfw/$INSTALL_SCRIPT_VERSION/vfirewall.sh
-wget $REPO_URL_ARTIFACTS/org/openecomp/demo/vnf/sample-distribution/$DEMO_ARTIFACTS_VERSION/sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz
-wget $REPO_URL_ARTIFACTS/org/openecomp/demo/vnf/ves/ves/$DEMO_ARTIFACTS_VERSION/ves-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
-wget $REPO_URL_ARTIFACTS/org/openecomp/demo/vnf/ves/ves_vfw_reporting/$DEMO_ARTIFACTS_VERSION/ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
+unzip -p -j /opt/vfw-scripts-$INSTALL_SCRIPT_VERSION.zip v_firewall_init.sh > /opt/v_firewall_init.sh
+unzip -p -j /opt/vfw-scripts-$INSTALL_SCRIPT_VERSION.zip vfirewall.sh > /opt/vfirewall.sh
+wget -O sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz "${NEXUS_ARTIFACT_REPO}/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf&a=sample-distribution&c=hc&e=tar.gz&v=$DEMO_ARTIFACTS_VERSION"
+wget -O ves-$DEMO_ARTIFACTS_VERSION-demo.tar.gz "${NEXUS_ARTIFACT_REPO}/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.ves5&a=ves&c=demo&e=tar.gz&v=$DEMO_ARTIFACTS_VERSION"
+wget -O ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION-demo.tar.gz "${NEXUS_ARTIFACT_REPO}/service/local/artifact/maven/redirect?r=${REPO}&g=org.onap.demo.vnf.ves5&a=ves_vfw_reporting&c=demo&e=tar.gz&v=$DEMO_ARTIFACTS_VERSION"
 
-tar -zxvf ves-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
+tar -zmxvf ves-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
 mv ves-$DEMO_ARTIFACTS_VERSION VES
-tar -zxvf ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
-mv ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION VESreporting_vFW
-tar -zxvf sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz
+tar -zmxvf ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION-demo.tar.gz
+mv ves_vfw_reporting-$DEMO_ARTIFACTS_VERSION /opt/VES/evel/evel-library/code/VESreporting
+tar -zmxvf sample-distribution-$DEMO_ARTIFACTS_VERSION-hc.tar.gz
+
 mv sample-distribution-$DEMO_ARTIFACTS_VERSION honeycomb
 sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' honeycomb/sample-distribution-$DEMO_ARTIFACTS_VERSION/config/honeycomb.json
-mv VESreporting_vFW /opt/VES/code/evel_training/VESreporting
 rm *.tar.gz
+
 chmod +x v_firewall_init.sh
 chmod +x vfirewall.sh
+chmod +x /opt/VES/evel/evel-library/code/VESreporting/go-client.sh
 
 # Install VPP
 export UBUNTU="trusty"
@@ -76,7 +104,7 @@ apt-get install -y vpp vpp-dpdk-dkms vpp-lib vpp-dbg vpp-plugins vpp-dev
 sleep 1
 
 # Install VES
-cd /opt/VES/bldjobs/
+cd /opt/VES/evel/evel-library/bldjobs/
 make clean
 make
 sleep 1
@@ -85,4 +113,4 @@ sleep 1
 cd /opt
 mv vfirewall.sh /etc/init.d
 update-rc.d vfirewall.sh defaults
-./v_firewall_init.sh
\ No newline at end of file
+./v_firewall_init.sh