From f667e12f3e030d3f71ca06a5d6c7320be4c44ea3 Mon Sep 17 00:00:00 2001 From: Johnson Li Date: Wed, 13 Sep 2017 15:14:36 +0800 Subject: Add patch for BRG and scripts to set the NAT rule Add Framework codes for the vCPE VNFs Issue-ID: INT-80 Change-Id: I312aef9631636f0e2273f482f5db44ca93a55983 Signed-off-by: Johnson Li Signed-off-by: root --- vnfs/vCPE/scripts/v_bng_install.sh | 273 ++++++++++++++++++++++++++++++++++++- 1 file changed, 272 insertions(+), 1 deletion(-) (limited to 'vnfs/vCPE/scripts/v_bng_install.sh') diff --git a/vnfs/vCPE/scripts/v_bng_install.sh b/vnfs/vCPE/scripts/v_bng_install.sh index 8f035b44..02025b2e 100644 --- a/vnfs/vCPE/scripts/v_bng_install.sh +++ b/vnfs/vCPE/scripts/v_bng_install.sh @@ -4,6 +4,9 @@ REPO_URL_BLOB=$(cat /opt/config/repo_url_blob.txt) REPO_URL_ARTIFACTS=$(cat /opt/config/repo_url_artifacts.txt) DEMO_ARTIFACTS_VERSION=$(cat /opt/config/demo_artifacts_version.txt) INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt) +VPP_SOURCE_REPO_URL=$(cat /opt/config/vpp_source_repo_url.txt) +VPP_SOURCE_REPO_BRANCH=$(cat /opt/config/vpp_source_repo_branch.txt) +VPP_PATCH_URL=$(cat /opt/config/vpp_patch_url.txt) CLOUD_ENV=$(cat /opt/config/cloud_env.txt) # Convert Network CIDR to Netmask @@ -74,6 +77,274 @@ apt-get update apt-get install --allow-unauthenticated -y wget openjdk-8-jdk apt-transport-https ca-certificates g++ libcurl4-gnutls-dev sleep 1 +# Install the tools required for download codes +apt-get install -y expect git patch + +#Download and build the VPP codes +cd /opt +git clone ${VPP_SOURCE_REPO_URL} -b ${VPP_SOURCE_REPO_BRANCH} vpp +wget -O Vpp-Integrate-FreeRADIUS-Client-for-vBNG.patch ${VPP_PATCH_URL} + +cd vpp +patch -p1 < Vpp-Integrate-FreeRADIUS-Client-for-vBNG.patch +expect -c " + set timeout 60; + spawn make install-dep; + expect { + \"Do you want to continue?*\" {send \"Y\r\"; interact} + } +" + +cd build-root +./bootstrap.sh +make V=0 PLATFORM=vpp TAG=vpp install-deb + +# Install the FreeRADIUS client since we need the lib +cd /opt +git clone https://github.com/FreeRADIUS/freeradius-client.git +cd freeradius-client +./configure +make && make install +cd /usr/local/lib && ln -s -f libfreeradius-client.so.2.0.0 libfreeradiusclient.so +ldconfig + +# Install the VPP package +cd /opt/vpp/build-root +dpkg -i *.deb +systemctl stop vpp + +# Auto-start configuration for the VPP +cat > /etc/vpp/startup.conf << EOF + +unix { + nodaemon + log /tmp/vpp.log + full-coredump + cli-listen localhost:5002 + startup-config /etc/vpp/setup.gate +} + +api-trace { + on +} + +api-segment { + gid vpp +} + +cpu { + ## In the VPP there is one main thread and optionally the user can create worker(s) + ## The main thread and worker thread(s) can be pinned to CPU core(s) manually or automatically + + ## Manual pinning of thread(s) to CPU core(s) + + ## Set logical CPU core where main thread runs + # main-core 1 + + ## Set logical CPU core(s) where worker threads are running + # corelist-workers 2-3,18-19 + + ## Automatic pinning of thread(s) to CPU core(s) + + ## Sets number of CPU core(s) to be skipped (1 ... N-1) + ## Skipped CPU core(s) are not used for pinning main thread and working thread(s). + ## The main thread is automatically pinned to the first available CPU core and worker(s) + ## are pinned to next free CPU core(s) after core assigned to main thread + # skip-cores 4 + + ## Specify a number of workers to be created + ## Workers are pinned to N consecutive CPU cores while skipping "skip-cores" CPU core(s) + ## and main thread's CPU core + # workers 2 + + ## Set scheduling policy and priority of main and worker threads + + ## Scheduling policy options are: other (SCHED_OTHER), batch (SCHED_BATCH) + ## idle (SCHED_IDLE), fifo (SCHED_FIFO), rr (SCHED_RR) + # scheduler-policy fifo + + ## Scheduling priority is used only for "real-time policies (fifo and rr), + ## and has to be in the range of priorities supported for a particular policy + # scheduler-priority 50 +} + +# dpdk { + ## Change default settings for all intefaces + # dev default { + ## Number of receive queues, enables RSS + ## Default is 1 + # num-rx-queues 3 + + ## Number of transmit queues, Default is equal + ## to number of worker threads or 1 if no workers treads + # num-tx-queues 3 + + ## Number of descriptors in transmit and receive rings + ## increasing or reducing number can impact performance + ## Default is 1024 for both rx and tx + # num-rx-desc 512 + # num-tx-desc 512 + + ## VLAN strip offload mode for interface + ## Default is off + # vlan-strip-offload on + # } + + ## Whitelist specific interface by specifying PCI address + # dev 0000:02:00.0 + + ## Whitelist specific interface by specifying PCI address and in + ## addition specify custom parameters for this interface + # dev 0000:02:00.1 { + # num-rx-queues 2 + # } + + ## Change UIO driver used by VPP, Options are: igb_uio, vfio-pci + ## and uio_pci_generic (default) + # uio-driver vfio-pci + + ## Disable mutli-segment buffers, improves performance but + ## disables Jumbo MTU support + # no-multi-seg + + ## Increase number of buffers allocated, needed only in scenarios with + ## large number of interfaces and worker threads. Value is per CPU socket. + ## Default is 16384 + # num-mbufs 128000 + + ## Change hugepages allocation per-socket, needed only if there is need for + ## larger number of mbufs. Default is 256M on each detected CPU socket + # socket-mem 2048,2048 +# } + +EOF + +cat > /etc/vpp/setup.gate << EOF +set int state GigabitEthernet0/8/0 up +set interface ip address GigabitEthernet0/8/0 10.4.0.4/24 + +set int state GigabitEthernet0/9/0 up +set interface ip address GigabitEthernet0/9/0 10.4.0.3/24 + +set vbng dhcp4 remote 10.4.0.1 local 10.4.0.3 +set vbng aaa config /etc/vpp/vbng-aaa.cfg nas-port 5060 +EOF + +cat > /etc/vpp/vbng-aaa.cfg << EOF +# General settings + +# specify which authentication comes first respectively which +# authentication is used. possible values are: "radius" and "local". +# if you specify "radius,local" then the RADIUS server is asked +# first then the local one. if only one keyword is specified only +# this server is asked. +auth_order radius,local + +# maximum login tries a user has +login_tries 2 + +# timeout for all login tries +# if this time is exceeded the user is kicked out +login_timeout 5 + +# name of the nologin file which when it exists disables logins. +# it may be extended by the ttyname which will result in +# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable +# logins on /dev/ttyS2) +nologin /etc/nologin + +# name of the issue file. it's only display when no username is passed +# on the radlogin command line +issue /usr/local/etc/radiusclient/issue + +# RADIUS settings + +# RADIUS server to use for authentication requests. this config +# item can appear more then one time. if multiple servers are +# defined they are tried in a round robin fashion if one +# server is not answering. +# optionally you can specify a the port number on which is remote +# RADIUS listens separated by a colon from the hostname. if +# no port is specified /etc/services is consulted of the radius +# service. if this fails also a compiled in default is used. +#authserver 10.4.0.2 +authserver localhost + +# RADIUS server to use for accouting requests. All that I +# said for authserver applies, too. +# +#acctserver 10.4.0.2 +acctserver localhost + +# file holding shared secrets used for the communication +# between the RADIUS client and server +servers /usr/local/etc/radiusclient/servers + +# dictionary of allowed attributes and values +# just like in the normal RADIUS distributions +dictionary /usr/local/etc/radiusclient/dictionary + +# program to call for a RADIUS authenticated login +login_radius /usr/local/sbin/login.radius + +# file which holds sequence number for communication with the +# RADIUS server +seqfile /var/run/radius.seq + +# file which specifies mapping between ttyname and NAS-Port attribute +mapfile /usr/local/etc/radiusclient/port-id-map + +# default authentication realm to append to all usernames if no +# realm was explicitly specified by the user +# the radiusd directly form Livingston doesnt use any realms, so leave +# it blank then +default_realm + +# time to wait for a reply from the RADIUS server +radius_timeout 10 + +# resend request this many times before trying the next server +radius_retries 3 + +# The length of time in seconds that we skip a nonresponsive RADIUS +# server for transaction requests. Server(s) being in the "dead" state +# are tried only after all other non-dead servers have been tried and +# failed or timeouted. The deadtime interval starts when the server +# does not respond to an authentication/accounting request transmissions. +# When the interval expires, the "dead" server would be re-tried again, +# and if it's still down then it will be considered "dead" for another +# such interval and so on. This option is no-op if there is only one +# server in the list. Set to 0 in order to disable the feature. +radius_deadtime 0 + +# local address from which radius packets have to be sent +bindaddr * + +# LOCAL settings + +# program to execute for local login +# it must support the -f flag for preauthenticated login +login_local /bin/login +EOF + +cat >> /usr/local/etc/radiusclient/dictionary << EOF + +# +# DHCP Proxy/Relay attributes +# +ATTRIBUTE DHCP-Agent-Circuit-Id 82.1 integer +ATTRIBUTE DHCP-Agent-Remote-Id 82.2 string +ATTRIBUTE DHCP-Relay-Circuit-Id 82.1 integer +ATTRIBUTE DHCP-Relay-Remote-Id 82.2 string + +EOF + +cat >> /usr/local/etc/radiusclient/servers << EOF +10.4.0.2 testing123 +localhost/localhost testing123 + +EOF + # Download DHCP config files cd /opt wget $REPO_URL_BLOB/org.onap.demo/vnfs/vcpe/$INSTALL_SCRIPT_VERSION/v_bng_init.sh @@ -95,4 +366,4 @@ then reboot fi -./v_bng_init.sh \ No newline at end of file +./v_bng_init.sh -- cgit 1.2.3-korg