diff options
author | Blackwell, Ian (ib733q) <ib733q@att.com> | 2018-09-20 15:56:25 +0100 |
---|---|---|
committer | iblackwe <IanB@amdocs.com> | 2018-09-20 16:26:14 +0100 |
commit | 98b93b77f43c2bd09b89b6bcc9102bb6e8e1d7af (patch) | |
tree | 405bc2149b68b85ccd72017ccd27837ed37b9189 | |
parent | 85f33095c117ba5b361749746d564e6308a33f14 (diff) |
Initial drop of tproxy-config init container
The tproxy-config init container sets up a pod's internal
network routing such that any traffic outbound from
the primary service is routed through the forward
proxy.
Change-Id: Ieca438fbed07db5fe7bce6162811634237c61b2a
Issue-ID: AAI-1664
Signed-off-by: Blackwell, Ian (ib733q) <ib733q@att.com>
-rw-r--r-- | sidecar/tproxy-config/License.txt | 17 | ||||
-rw-r--r-- | sidecar/tproxy-config/pom.xml | 134 | ||||
-rw-r--r-- | sidecar/tproxy-config/src/main/bin/start.sh | 29 | ||||
-rw-r--r-- | sidecar/tproxy-config/src/main/docker/.maven-dockerignore | 1 | ||||
-rw-r--r-- | sidecar/tproxy-config/src/main/docker/Dockerfile | 6 |
5 files changed, 187 insertions, 0 deletions
diff --git a/sidecar/tproxy-config/License.txt b/sidecar/tproxy-config/License.txt new file mode 100644 index 0000000..05117f8 --- /dev/null +++ b/sidecar/tproxy-config/License.txt @@ -0,0 +1,17 @@ +============LICENSE_START======================================================= +org.onap.aaf +================================================================================ +Copyright © 2018 European Software Marketing Ltd. +================================================================================ +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +============LICENSE_END=========================================================
\ No newline at end of file diff --git a/sidecar/tproxy-config/pom.xml b/sidecar/tproxy-config/pom.xml new file mode 100644 index 0000000..8ddf186 --- /dev/null +++ b/sidecar/tproxy-config/pom.xml @@ -0,0 +1,134 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + + ============LICENSE_START======================================================= + org.onap.aaf + ================================================================================ + Copyright © 2018 European Software Marketing Ltd. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + +--> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + + <parent> + <groupId>org.onap.aaf.cadi</groupId> + <artifactId>sidecar</artifactId> + <version>1.0.0-SNAPSHOT</version> + <relativePath /> + </parent> + + <artifactId>tproxy-config</artifactId> + <version>1.0.0-SNAPSHOT</version> + <packaging>jar</packaging> + + <name>aaf-tproxy-config</name> + <description>ONAP AAF InitContainer For Pluggable Security</description> + + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> + <version.io.fabric8.fabric8-maven-plugin>3.5.32</version.io.fabric8.fabric8-maven-plugin> + <docker.location>${basedir}/target</docker.location> + <skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo> + </properties> + + <build> + <plugins> + <plugin> + <groupId>com.mycila</groupId> + <artifactId>license-maven-plugin</artifactId> + <version>3.0</version> + <configuration> + <header>License.txt</header> + <includes> + <include>src/main/bin/**</include> + <include>src/docker/bin/**</include> + <include>pom.xml</include> + </includes> + <skipExistingHeaders>true</skipExistingHeaders> + </configuration> + <executions> + <execution> + <goals> + <!-- Set goal from "check" to "format" to auto update license headers --> + <goal>check</goal> + </goals> + <phase>validate</phase> + </execution> + </executions> + </plugin> + + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-resources-plugin</artifactId> + <version>3.0.2</version> + <executions> + <execution> + <id>copy-docker-file</id> + <phase>package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>target</outputDirectory> + <overwrite>true</overwrite> + <resources> + <resource> + <directory>${basedir}/src/main/docker</directory> + <filtering>true</filtering> + </resource> + <resource> + <directory>${basedir}/src/main/bin/</directory> + <filtering>true</filtering> + </resource> + </resources> + </configuration> + </execution> + </executions> + </plugin> + <plugin> + <groupId>com.spotify</groupId> + <artifactId>docker-maven-plugin</artifactId> + <version>0.4.11</version> + <dependencies> + <dependency> + <groupId>com.github.jnr</groupId> + <artifactId>jnr-unixsocket</artifactId> + <version>0.13</version> + </dependency> + </dependencies> + <configuration> + <verbose>true</verbose> + <serverId>docker-hub</serverId> + <imageName>${docker.push.registry}/onap/${project.artifactId}</imageName> + <dockerDirectory>${docker.location}</dockerDirectory> + <imageTags> + <imageTag>latest</imageTag> + </imageTags> + <forceTags>true</forceTags> + </configuration> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-deploy-plugin</artifactId> + <configuration> + <skip>true</skip> + </configuration> + </plugin> + </plugins> + </build> +</project> diff --git a/sidecar/tproxy-config/src/main/bin/start.sh b/sidecar/tproxy-config/src/main/bin/start.sh new file mode 100644 index 0000000..cbb003d --- /dev/null +++ b/sidecar/tproxy-config/src/main/bin/start.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +# ============LICENSE_START======================================================= +# org.onap.aai +# ================================================================================ +# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. +# Copyright © 2017-2018 European Software Marketing Ltd. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +set -x +set -eo pipefail + +#iptables -t nat -A PREROUTING -p tcp -j REDIRECT --to-port 9080 +iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner '!' --uid-owner 1001 +#iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner '!' --uid-owner 100 +#iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to-port 9999 -m owner --uid-owner 0 +iptables -t nat --list diff --git a/sidecar/tproxy-config/src/main/docker/.maven-dockerignore b/sidecar/tproxy-config/src/main/docker/.maven-dockerignore new file mode 100644 index 0000000..f50f00a --- /dev/null +++ b/sidecar/tproxy-config/src/main/docker/.maven-dockerignore @@ -0,0 +1 @@ +docker/** diff --git a/sidecar/tproxy-config/src/main/docker/Dockerfile b/sidecar/tproxy-config/src/main/docker/Dockerfile new file mode 100644 index 0000000..b95cf74 --- /dev/null +++ b/sidecar/tproxy-config/src/main/docker/Dockerfile @@ -0,0 +1,6 @@ +FROM alpine:3.6 +RUN apk add --update iptables curl bash +COPY start.sh /start.sh +RUN chmod 755 /start.sh +#CMD start.sh +ENTRYPOINT ["/start.sh"] |