diff options
Diffstat (limited to 'test/security/k8s/tools/casablanca')
4 files changed, 130 insertions, 0 deletions
diff --git a/test/security/k8s/tools/casablanca/get_customization_scripts.sh b/test/security/k8s/tools/casablanca/get_customization_scripts.sh new file mode 100755 index 000000000..028f002fc --- /dev/null +++ b/test/security/k8s/tools/casablanca/get_customization_scripts.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +wget \ + 'https://docs.onap.org/en/casablanca/_downloads/0b365a2342af5abd655f1724b962f5b5/openstack-rancher.sh' \ + 'https://docs.onap.org/en/casablanca/_downloads/b20b581d56982e9f15a72527a358d56b/openstack-k8s-node.sh' diff --git a/test/security/k8s/tools/casablanca/get_ranchercli.sh b/test/security/k8s/tools/casablanca/get_ranchercli.sh new file mode 100755 index 000000000..a5295fb17 --- /dev/null +++ b/test/security/k8s/tools/casablanca/get_ranchercli.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +# Constants +DEFAULT_VERSION='v0.6.12' +DEFAULT_ARCH='amd64' +DEFAULT_SYSTEM='linux' + +# Variables +VERSION="${1:-$DEFAULT_VERSION}" +ARCH="${2:-$DEFAULT_ARCH}" +SYSTEM="${3:-$DEFAULT_SYSTEM}" + +ARCHIVE="rancher-${SYSTEM}-${ARCHITECTURE}-${VERSION}.tar.gz" +DIRECTORY="rancher-${VERSION}" +URL="https://releases.rancher.com/cli/${VERSION}/${ARCHIVE}" + + +# Prerequistes +wget "$URL" +tar xf "$ARCHIVE" + +# Installation +echo '# Privilege elevation needed to move Rancher CLI binary to /usr/local/bin' +sudo mv "${DIRECTORY}/rancher" /usr/local/bin/ + +# Cleanup +rmdir "$DIRECTORY" +rm "$ARCHIVE" diff --git a/test/security/k8s/tools/casablanca/imported/openstack-k8s-node.sh b/test/security/k8s/tools/casablanca/imported/openstack-k8s-node.sh new file mode 100644 index 000000000..b8462aa5e --- /dev/null +++ b/test/security/k8s/tools/casablanca/imported/openstack-k8s-node.sh @@ -0,0 +1,46 @@ +#!/bin/bash + +DOCKER_VERSION=17.03 +KUBECTL_VERSION=1.11.2 +HELM_VERSION=2.9.1 + +# setup root access - default login: oom/oom - comment out to restrict access too ssh key only +sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config +sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config +service sshd restart +echo -e "oom\noom" | passwd root + +apt-get update +curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh +mkdir -p /etc/systemd/system/docker.service.d/ +cat > /etc/systemd/system/docker.service.d/docker.conf << EOF +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 +EOF +systemctl daemon-reload +systemctl restart docker +apt-mark hold docker-ce + +IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +HOSTNAME=`hostname` + +echo "$IP_ADDY $HOSTNAME" >> /etc/hosts + +docker login -u docker -p docker nexus3.onap.org:10001 + +sudo apt-get install make -y + +sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl +sudo chmod +x ./kubectl +sudo mv ./kubectl /usr/local/bin/kubectl +sudo mkdir ~/.kube +wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo mv linux-amd64/helm /usr/local/bin/helm + +# install nfs +sudo apt-get install nfs-common -y + + +exit 0 diff --git a/test/security/k8s/tools/casablanca/imported/openstack-rancher.sh b/test/security/k8s/tools/casablanca/imported/openstack-rancher.sh new file mode 100644 index 000000000..bcf542aed --- /dev/null +++ b/test/security/k8s/tools/casablanca/imported/openstack-rancher.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +DOCKER_VERSION=17.03 +RANCHER_VERSION=1.6.22 +KUBECTL_VERSION=1.11.2 +HELM_VERSION=2.9.1 + +# setup root access - default login: oom/oom - comment out to restrict access too ssh key only +sed -i 's/PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config +sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config +service sshd restart +echo -e "oom\noom" | passwd root + +apt-get update +curl https://releases.rancher.com/install-docker/$DOCKER_VERSION.sh | sh +mkdir -p /etc/systemd/system/docker.service.d/ +cat > /etc/systemd/system/docker.service.d/docker.conf << EOF +[Service] +ExecStart= +ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry=nexus3.onap.org:10001 +EOF +systemctl daemon-reload +systemctl restart docker +apt-mark hold docker-ce + +IP_ADDY=`ip address |grep ens|grep inet|awk '{print $2}'| awk -F / '{print $1}'` +HOSTNAME=`hostname` + +echo "$IP_ADDY $HOSTNAME" >> /etc/hosts + +docker login -u docker -p docker nexus3.onap.org:10001 + +sudo apt-get install make -y + +sudo docker run -d --restart=unless-stopped -p 8080:8080 --name rancher_server rancher/server:v$RANCHER_VERSION +sudo curl -LO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl +sudo chmod +x ./kubectl +sudo mv ./kubectl /usr/local/bin/kubectl +sudo mkdir ~/.kube +wget http://storage.googleapis.com/kubernetes-helm/helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo tar -zxvf helm-v${HELM_VERSION}-linux-amd64.tar.gz +sudo mv linux-amd64/helm /usr/local/bin/helm + +# nfs server +sudo apt-get install nfs-kernel-server -y + +sudo mkdir -p /nfs_share +sudo chown nobody:nogroup /nfs_share/ + + +exit 0 |