diff options
| author |   Dan Timoney <dtimoney@att.com> | 2021-02-25 09:36:40 -0500 |
|---|---|---|
| committer | Dan Timoney <dtimoney@att.com> | 2021-03-03 17:17:22 -0500 |
| commit | af0838981ce48bb1d004edd2a16a5eb22df0da74 (patch) | |
| tree | 7079c2ceccb9e4b6c90c733c5081c293bc449bc2 /plans | |
| parent | 553be2c5e16d18f86d9babe2b7f863d99be4c3dc (diff) | |
Update SDNC CSIT for Honolulu changes
Added env settings needed to start up SDNC container, and updated
URL used to retrieve list of APIs (which changes in OpenDaylight Aluminum).
Removed unneeded code to start up cert service (since those certs
are not needed for NETCONF/TLS ... the certs we need are for
the NETCONF device itself). Commented out tests of TLS connection
for now - simulator we had been using no longer exists (docker
is no longer in nexus3.onap.org) and connection to new simulator
is not yet working. Will restore those tests in a separate commit
after debugging with new netconf simulator.
Change-Id: I096694a3c70c92c951b7e50f73418ecb8c99d575
Issue-ID: SDNC-1473
Signed-off-by: Dan Timoney <dtimoney@att.com>
Diffstat (limited to 'plans')
| -rwxr-xr-x | plans/sdnc/healthcheck/setup.sh | 33 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env | 36 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh | 115 | ||||
| -rw-r--r-- | plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh | 7 |
4 files changed, 126 insertions, 65 deletions
diff --git a/plans/sdnc/healthcheck/setup.sh b/plans/sdnc/healthcheck/setup.sh index 99753dfb..2934cd58 100755 --- a/plans/sdnc/healthcheck/setup.sh +++ b/plans/sdnc/healthcheck/setup.sh @@ -26,6 +26,39 @@ export DMAAP_TOPIC=AUTO export DOCKER_IMAGE_VERSION=2.1-STAGING-latest export CCSDK_DOCKER_IMAGE_VERSION=1.1-STAGING-latest +# Set credentials +export MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-mySecretPassword} +export MYSQL_USER=${MYSQL_USER:-sdnc} +export MYSQL_PASSWORD=${MYSQL_PASSWORD:-test123} +export MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb} +export ODL_USER=${ODL_USER:-admin} +export ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} +export ODL_ADMIN_USER=${ODL_ADMIN_USER:-${ODL_USER}} +export ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-${ODL_PASSWORD}} +export DMAAP_USER=${DMAAP_USER:-admin} +export DMAAP_PASSWORD=${DMAAP_PASSWORD:-admin} +export DMAAP_AUTHKEY=${DMAAP_AUTHKEY:-""} +export AAI_TRUSTSTORE_PASSWORD=${AAI_TRUSTSTORE_PASSWORD:-changeit} +export AAI_CLIENT_NAME=${AAI_CLIENT_NAME:-sdnc@sdnc.onap.org} +export AAI_CLIENT_PASSWORD=${AAI_CLIENT_PASSWORD:-demo123456!} +export ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTURE_PASSWORD:-changeit} +export HONEYCOMB_USER=${HONEYCOMB_USER:-admin} +export HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin} +export TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit} +export KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin} +export NENG_USER=${NENG_USER:-ccsdkapps} +export NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps} +export SO_USER=${SO_USER:-sdncaBpmn} +export SO_PASSWORD=${SO_PASSWORD:-password1$} +export CDS_USER=${CDS_USER:-ccsdkapps} +export CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps} +export ANSIBLE_USER=${ANSIBLE_USER:-sdnc} +export ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc} +export SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey} +export ASDC_USER=${ASDC_USER:-sdnc} +export ASDC_PASSWORD=${ASDC_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} + + export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1) if [ "$MTU" == "" ]; then diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env b/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env index 45a0a204..d10b9b1c 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/sdnc-csit.env @@ -2,7 +2,7 @@ GERRIT_BRANCH=master NEXUS_USERNAME=docker NEXUS_PASSWD=docker SDNC_CONTAINER_NAME=sdnc -SDNC_IMAGE_TAG=1.8.3-STAGING-latest +SDNC_IMAGE_TAG=2.1-STAGING-latest NEXUS_DOCKER_REPO=nexus3.onap.org:10001 CLIENT_CONTAINER_NAME=CertServiceClient SDNC_CERT_PATH=${SCRIPTS}/sdnc/sdnc/certs @@ -13,4 +13,36 @@ AAF_CERTSERVICE_SCRIPTS_PATH=${SCRIPTS}/sdnc/certservice/scripts TEMP_DIR_PATH=${WORKSPACE}/tests/sdnc/sdnc_netconf_tls_post_deploy/tmp NETCONF_CONFIG_PATH=${SCRIPTS}/sdnc/netconf-pnp-simulator/netconf-config AAF_INITIAL_CERTS=${WORKSPACE}/plans/sdnc/sdnc_netconf_tls_post_deploy/certs -AAF_CERTSERVICE_CONFIG_PATH=${SCRIPTS}/sdnc/certservice/config/cmpServers.json
\ No newline at end of file +AAF_CERTSERVICE_CONFIG_PATH=${SCRIPTS}/sdnc/certservice/config/cmpServers.json + +# Set vars with default credentials +export MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-mySecretPassword} +export MYSQL_USER=${MYSQL_USER:-sdnc} +export MYSQL_PASSWORD=${MYSQL_PASSWORD:-test123} +export MYSQL_DATABASE=${MYSQL_DATABASE:-sdncdb} +export ODL_USER=${ODL_USER:-admin} +export ODL_PASSWORD=${ODL_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} +export ODL_ADMIN_USER=${ODL_ADMIN_USER:-${ODL_USER}} +export ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-${ODL_PASSWORD}} +export DMAAP_USER=${DMAAP_USER:-admin} +export DMAAP_PASSWORD=${DMAAP_PASSWORD:-admin} +export DMAAP_AUTHKEY=${DMAAP_AUTHKEY:-""} +export AAI_TRUSTSTORE_PASSWORD=${AAI_TRUSTSTORE_PASSWORD:-changeit} +export AAI_CLIENT_NAME=${AAI_CLIENT_NAME:-sdnc@sdnc.onap.org} +export AAI_CLIENT_PASSWORD=${AAI_CLIENT_PASSWORD:-demo123456!} +export ANSIBLE_TRUSTSTORE_PASSWORD=${ANSIBLE_TRUSTSTURE_PASSWORD:-changeit} +export HONEYCOMB_USER=${HONEYCOMB_USER:-admin} +export HONEYCOMB_PASSWORD=${HONEYCOMB_PASSWORD:-admin} +export TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD:-changeit} +export KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD:-adminadmin} +export NENG_USER=${NENG_USER:-ccsdkapps} +export NENG_PASSWORD=${NENG_PASSWORD:-ccsdkapps} +export SO_USER=${SO_USER:-sdncaBpmn} +export SO_PASSWORD=${SO_PASSWORD:-password1$} +export CDS_USER=${CDS_USER:-ccsdkapps} +export CDS_PASSWORD=${CDS_PASSWORD:-ccsdkapps} +export ANSIBLE_USER=${ANSIBLE_USER:-sdnc} +export ANSIBLE_PASSWORD=${ANSIBLE_PASSWORD:-sdnc} +export SQL_CRYPTKEY=${SQL_CRYPTKEY:-fakECryptKey} +export ASDC_USER=${ASDC_USER:-sdnc} +export ASDC_PASSWORD=${ASDC_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh b/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh index a2020aee..1cb65071 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/setup.sh @@ -29,9 +29,6 @@ chmod +x "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/libraries/config # Export temp directory export TEMP_DIR_PATH=${TEMP_DIR_PATH} -# Create temp directory to bind with docker containers -mkdir -m 755 -p "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs -mkdir -m 755 -p "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1) @@ -59,55 +56,57 @@ pip install pyjks # Disable Proxy - for local run unset http_proxy https_proxy -# Export AAF Certservice config path -export AAF_INITIAL_CERTS -export EJBCA_CERTPROFILE_PATH -export AAF_CERTSERVICE_CONFIG_PATH -export AAF_CERTSERVICE_SCRIPTS_PATH -export CERT_PROFILE=${EJBCA_CERTPROFILE_PATH} -export SCRIPTS_PATH=${AAF_CERTSERVICE_SCRIPTS_PATH} -export CONFIGURATION_PATH=${AAF_CERTSERVICE_CONFIG_PATH} - -# Generate Keystores, Truststores, Certificates and Keys -make all -C ./certs/ - -cp "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/root.crt "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/root.crt -openssl pkcs12 -in "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' >"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer.crt -openssl pkcs12 -in "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' >"${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs/certServiceServer.key - -echo "Generated KeyStores, Server Certificate and Key" - -# Start EJBCA, AAF-CertService Containers with docker-compose and configuration from docker-compose.yml -docker-compose -f "${SCRIPTS}"/sdnc/certservice/docker-compose.yml up -d - -# Check if AAF-Certservice Service is healthy and ready -AAFCERT_IP='none' -for i in {1..9}; do - AAFCERT_IP=$(get-instance-ip.sh aaf-cert-service) - RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | - python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]') - if [[ "${RESP_CODE}" == "UP" ]]; then - echo "AAF Cert Service is Ready." - export AAFCERT_IP=${AAFCERT_IP} - docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh - break - fi - echo "Waiting for AAF Cert Service to Start Up..." - sleep 2m -done +###################### Netconf Simulator Setup ###################### -if [[ "${AAFCERT_IP}" == "none" || "${AAFCERT_IP}" == '' || "${RESP_CODE}" != "UP" ]]; then - echo "AAF CertService not started Could cause problems for testing activities...!" +# Get integration/simulators +if [ -d ${SCRIPTS}/sdnc/pnf-simulator ] +then + rm -rf ${SCRIPTS}/sdnc/pnf-simulator fi +mkdir ${SCRIPTS}/sdnc/pnf-simulator +git clone "https://gerrit.onap.org/r/integration/simulators/pnf-simulator" ${SCRIPTS}/sdnc/pnf-simulator + +# Fix docker-compose to add nexus repo for onap dockers +mv ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml.orig +cat ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml.orig | sed -e "s/image: onap/image: nexus3.onap.org:10001\/onap/" > ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml + +# Remove carriage returns (if any) from netopeer start script +mv ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh.orig +cat ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh.orig | sed -e "s/\r$//g" > ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh +chmod 755 ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/netconf/initialize_netopeer.sh + + +# Start Netconf Simulator Container with docker-compose and configuration from docker-compose.yml +docker-compose -f "${SCRIPTS}"/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml up -d + +# Add test user in netopeer container +sleep 60 +docker exec netconfsimulator_netopeer_1 useradd --system test + ############################## SDNC Setup ############################## +# Copy client certs from netconf simulator to SDNC certs directory +mkdir /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/client.crt /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/client.key /tmp/keys0 +cp ${SCRIPTS}/sdnc/pnf-simulator/netconfsimulator/tls/ca.crt /tmp/keys0/trustedCertificates.crt +cwd=$(pwd) +cd /tmp +zip -r $SDNC_CERT_PATH/keys0.zip keys0 +rm -rf /tmp/keys0 + # Export Mariadb, SDNC tmp, cert directory path export SDNC_CERT_PATH=${SDNC_CERT_PATH} docker pull "${NEXUS_DOCKER_REPO}"/onap/sdnc-image:"${SDNC_IMAGE_TAG}" docker tag "${NEXUS_DOCKER_REPO}"/onap/sdnc-image:"${SDNC_IMAGE_TAG}" onap/sdnc-image:latest +# Fix permissions on certs directory to guarantee directory is read/ +# writable and that files are readable +chmod ugo+rwx ${SCRIPTS}/sdnc/sdnc/certs +chmod ugo+r ${SCRIPTS}/sdnc/sdnc/certs/* + # Start Mariadb, SDNC Containers with docker-compose and configuration from docker-compose.yml docker-compose -f "${SCRIPTS}"/sdnc/sdnc/docker-compose.yml up -d @@ -128,30 +127,30 @@ if [[ "${SDNC_IP}" == 'none' || "${SDNC_IP}" == '' || "${RESP_CODE}" != '200' ]] fi # Check if SDNC-ODL Karaf Session started -for i in {1..15}; do - EXEC_RESP=$(docker exec -it sdnc /opt/opendaylight/current/bin/client system:start-level) - if grep -q 'Level 100' <<<"${EXEC_RESP}"; then - echo "SDNC-ODL Karaf Session Started." - break +TIME_OUT=300 +INTERVAL=10 +TIME=0 +while [ "$TIME" -lt "$TIME_OUT" ]; do + + docker exec sdnc cat /opt/opendaylight/data/log/karaf.log | grep 'warp coils' + + if [ $? == 0 ] ; then + echo SDNC karaf started in $TIME seconds + break; fi - echo "Waiting for SDNC-ODL Karaf Session to Start Up..." - sleep 2m + + echo Sleep: $INTERVAL seconds before testing if SDNC is up. Total wait time up now is: $TIME seconds. Timeout is: $TIME_OUT seconds + sleep $INTERVAL + TIME=$(($TIME+$INTERVAL)) done -if ! grep -q 'Level 100' <<<"${EXEC_RESP}"; then - echo "SDNC-ODL Karaf Session not Started, Could cause problems for testing activities...!" +if [ "$TIME" -ge "$TIME_OUT" ]; then + echo TIME OUT: karaf session not started in $TIME_OUT seconds, setup failed + exit 1; fi -echo "Sleeping 5 minutes" -sleep 5m - -###################### Netconf-PNP-Simulator Setup ###################### -# Export netconf-pnp simulator conf path -export NETCONF_CONFIG_PATH=${NETCONF_CONFIG_PATH} -# Start Netconf-Pnp-Simulator Container with docker-compose and configuration from docker-compose.yml -docker-compose -f "${SCRIPTS}"/sdnc/netconf-pnp-simulator/docker-compose.yml up -d # Update default Networking bridge IP in mount.json file sed -i "s/pnfaddr/${LOCAL_IP}/g" "${REQUEST_DATA_PATH}"/mount.xml diff --git a/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh b/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh index b780ed49..bbf4d075 100644 --- a/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh +++ b/plans/sdnc/sdnc_netconf_tls_post_deploy/teardown.sh @@ -15,11 +15,8 @@ # limitations under the License. # -docker-compose -f "${SCRIPTS}"/sdnc/certservice/docker-compose.yml down -v + docker-compose -f "${SCRIPTS}"/sdnc/sdnc/docker-compose.yml down -v -docker-compose -f "${SCRIPTS}"/sdnc/netconf-pnp-simulator/docker-compose.yml down -v +docker-compose -f "${SCRIPTS}"/sdnc/pnf-simulator/netconfsimulator/docker-compose.yml down -v -make clear -C "${WORKSPACE}"/plans/sdnc/sdnc_netconf_tls_post_deploy/certs -rm -rf "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/certs -rm -rf "${WORKSPACE}"/tests/sdnc/sdnc_netconf_tls_post_deploy/cert-data
\ No newline at end of file |