summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBin Yang <bin.yang@windriver.com>2019-05-23 06:15:38 +0000
committerGerrit Code Review <gerrit@onap.org>2019-05-23 06:15:38 +0000
commit3eeb40cfe56366ca72e811bdfb6f2faf127f8a2f (patch)
tree117e0f312d5341692776f8255510fb7c4cd667df
parent352080a39d582a767d5908ab3372ac10d59a2261 (diff)
parent69fe1e369c4afa19552179fe297778a6ca32e48d (diff)
Merge "Adding helm charts for vFirewall."
-rw-r--r--kud/demo/firewall/.helmignore22
-rw-r--r--kud/demo/firewall/Chart.yaml5
-rw-r--r--kud/demo/firewall/charts/packetgen/.helmignore22
-rw-r--r--kud/demo/firewall/charts/packetgen/Chart.yaml5
-rw-r--r--kud/demo/firewall/charts/packetgen/templates/_helpers.tpl32
-rw-r--r--kud/demo/firewall/charts/packetgen/templates/deployment.yaml70
-rw-r--r--kud/demo/firewall/charts/packetgen/values.yaml17
-rw-r--r--kud/demo/firewall/charts/sink/.helmignore22
-rw-r--r--kud/demo/firewall/charts/sink/Chart.yaml5
-rw-r--r--kud/demo/firewall/charts/sink/templates/_helpers.tpl32
-rw-r--r--kud/demo/firewall/charts/sink/templates/deployment.yaml41
-rw-r--r--kud/demo/firewall/charts/sink/templates/service.yaml16
-rw-r--r--kud/demo/firewall/charts/sink/values.yaml29
-rw-r--r--kud/demo/firewall/templates/_helpers.tpl32
-rw-r--r--kud/demo/firewall/templates/deployment.yaml69
-rw-r--r--kud/demo/firewall/templates/onap-private-net.yaml9
-rw-r--r--kud/demo/firewall/templates/protected-private-net.yaml9
-rw-r--r--kud/demo/firewall/templates/unprotected-private-net.yaml9
-rw-r--r--kud/demo/firewall/values.yaml41
19 files changed, 487 insertions, 0 deletions
diff --git a/kud/demo/firewall/.helmignore b/kud/demo/firewall/.helmignore
new file mode 100644
index 00000000..50af0317
--- /dev/null
+++ b/kud/demo/firewall/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kud/demo/firewall/Chart.yaml b/kud/demo/firewall/Chart.yaml
new file mode 100644
index 00000000..18201ddd
--- /dev/null
+++ b/kud/demo/firewall/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart to deploy Firewall app for vFirewall
+name: firewall
+version: 0.1.0
diff --git a/kud/demo/firewall/charts/packetgen/.helmignore b/kud/demo/firewall/charts/packetgen/.helmignore
new file mode 100644
index 00000000..50af0317
--- /dev/null
+++ b/kud/demo/firewall/charts/packetgen/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kud/demo/firewall/charts/packetgen/Chart.yaml b/kud/demo/firewall/charts/packetgen/Chart.yaml
new file mode 100644
index 00000000..d21cadec
--- /dev/null
+++ b/kud/demo/firewall/charts/packetgen/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart to deploy packet generator for vFirewall
+name: packetgen
+version: 0.1.0
diff --git a/kud/demo/firewall/charts/packetgen/templates/_helpers.tpl b/kud/demo/firewall/charts/packetgen/templates/_helpers.tpl
new file mode 100644
index 00000000..322b7c68
--- /dev/null
+++ b/kud/demo/firewall/charts/packetgen/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "packetgen.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "packetgen.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "packetgen.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kud/demo/firewall/charts/packetgen/templates/deployment.yaml b/kud/demo/firewall/charts/packetgen/templates/deployment.yaml
new file mode 100644
index 00000000..a3aa165f
--- /dev/null
+++ b/kud/demo/firewall/charts/packetgen/templates/deployment.yaml
@@ -0,0 +1,70 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "packetgen.fullname" . }}
+ labels:
+ release: {{ .Release.Name }}
+ app: {{ include "packetgen.name" . }}
+ chart: {{ .Chart.Name }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "packetgen.name" .}}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "packetgen.name" .}}
+ release: {{ .Release.Name }}
+ annotations:
+ app: {{ include "packetgen.name" . }}
+ release: {{ .Release.Name }}
+ VirtletLibvirtCPUSetting: |
+ mode: host-model
+ VirtletCloudInitUserData: |
+ ssh_pwauth: True
+ users:
+ - name: admin
+ gecos: User
+ primary-group: admin
+ groups: users
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ lock_passwd: false
+ passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
+ runcmd:
+ - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }}
+ - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }}
+ - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }}
+ - export protected_net_cidr={{ .Values.global.protectedNetCidr }}
+ - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }}
+ - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }}
+ - export protected_net_gw={{ .Values.global.protectedNetGw }}
+ - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }}
+ - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/packetgen | sudo -E bash
+ VirtletRootVolumeSize: 5Gi
+ k8s.v1.cni.cncf.io/networks: '[{"name": {{ .Values.global.ovnMultusNetworkName | quote }}}]'
+ ovnNetwork: '[
+ { "name": {{ .Values.global.unprotectedNetworkName | quote }}, "ipAddress": {{ .Values.global.vpgPrivateIp0 | quote }}, "interface": "eth1" , "defaultGateway": "false"},
+ { "name": {{ .Values.global.onapPrivateNetworkName | quote }}, "ipAddress": {{ .Values.global.vpgPrivateIp1 | quote }}, "interface": "eth2" , "defaultGateway": "false"}
+ ]'
+ kubernetes.io/target-runtime: virtlet.cloud
+ spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ memory: {{ .Values.resources.limits.memory }}
diff --git a/kud/demo/firewall/charts/packetgen/values.yaml b/kud/demo/firewall/charts/packetgen/values.yaml
new file mode 100644
index 00000000..d79e5485
--- /dev/null
+++ b/kud/demo/firewall/charts/packetgen/values.yaml
@@ -0,0 +1,17 @@
+# Default values for packetgen.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: virtlet.cloud/ubuntu/16.04
+ tag: latest
+ pullPolicy: Always
+
+nameOverride: ""
+fullnameOverride: ""
+
+resources:
+ limits:
+ memory: 4Gi
diff --git a/kud/demo/firewall/charts/sink/.helmignore b/kud/demo/firewall/charts/sink/.helmignore
new file mode 100644
index 00000000..50af0317
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kud/demo/firewall/charts/sink/Chart.yaml b/kud/demo/firewall/charts/sink/Chart.yaml
new file mode 100644
index 00000000..f83182e5
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart to deploy sink for vFirewall
+name: sink
+version: 0.1.0
diff --git a/kud/demo/firewall/charts/sink/templates/_helpers.tpl b/kud/demo/firewall/charts/sink/templates/_helpers.tpl
new file mode 100644
index 00000000..7d82d08d
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "sink.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "sink.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "sink.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kud/demo/firewall/charts/sink/templates/deployment.yaml b/kud/demo/firewall/charts/sink/templates/deployment.yaml
new file mode 100644
index 00000000..f5ccdae9
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/templates/deployment.yaml
@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "sink.fullname" . }}
+ labels:
+ release: {{ .Release.Name }}
+ app: {{ include "sink.name" . }}
+ chart: {{ .Chart.Name }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "sink.name" . }}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "sink.name" . }}
+ release: {{ .Release.Name }}
+ annotations:
+ k8s.v1.cni.cncf.io/networks: '[{"name": {{ .Values.global.ovnMultusNetworkName | quote }}}]'
+ ovnNetwork: '[
+ { "name": {{ .Values.global.protectedNetworkName | quote }}, "ipAddress": {{ .Values.global.vsnPrivateIp0 | quote }}, "interface": "eth1", "defaultGateway": "false" },
+ { "name": {{ .Values.global.onapPrivateNetworkName | quote }}, "ipAddress": {{ .Values.global.vsnPrivateIp1 | quote }}, "interface": "eth2" , "defaultGateway": "false"}
+ ]'
+ spec:
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ tty: true
+ stdin: true
+ securityContext:
+ privileged: true
+ - name: darkstat
+ image: "{{ .Values.image.repo }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ tty: true
+ stdin: true
+ ports:
+ - containerPort: {{ .Values.service.ports.port }}
diff --git a/kud/demo/firewall/charts/sink/templates/service.yaml b/kud/demo/firewall/charts/sink/templates/service.yaml
new file mode 100644
index 00000000..99da7de7
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: sink-service
+ labels:
+ app: {{ include "sink.name" . }}
+ release: {{ .Release.Name }}
+ chart: {{ .Chart.Name }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.ports.port }}
+ nodePort: {{ .Values.service.ports.nodePort }}
+ selector:
+ app: {{ include "sink.name" . }}
+ release: {{ .Release.Name }}
diff --git a/kud/demo/firewall/charts/sink/values.yaml b/kud/demo/firewall/charts/sink/values.yaml
new file mode 100644
index 00000000..1ac6f08d
--- /dev/null
+++ b/kud/demo/firewall/charts/sink/values.yaml
@@ -0,0 +1,29 @@
+# Default values for sink.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: akhilak/sink
+ tag: latest
+ pullPolicy: IfNotPresent
+ repo: akhilak/darkstat
+ tag: latest
+ pullPolicy: IfNotPresent
+
+nameOverride: ""
+fullnameOverride: ""
+
+service:
+#serivce port value for sink service
+ type: NodePort
+ ports:
+ port: 667
+ nodePort: 30667
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
diff --git a/kud/demo/firewall/templates/_helpers.tpl b/kud/demo/firewall/templates/_helpers.tpl
new file mode 100644
index 00000000..7593e779
--- /dev/null
+++ b/kud/demo/firewall/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "firewall.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "firewall.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "firewall.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kud/demo/firewall/templates/deployment.yaml b/kud/demo/firewall/templates/deployment.yaml
new file mode 100644
index 00000000..41362a75
--- /dev/null
+++ b/kud/demo/firewall/templates/deployment.yaml
@@ -0,0 +1,69 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "firewall.fullname" . }}
+ labels:
+ release: {{ .Release.Name }}
+ app: {{ include "firewall.name" . }}
+ chart: {{ .Chart.Name }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app: {{ include "firewall.name" . }}
+ release: {{ .Release.Name }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "firewall.name" . }}
+ release: {{ .Release.Name }}
+ annotations:
+ VirtletLibvirtCPUSetting: |
+ mode: host-model
+ VirtletCloudInitUserData: |
+ ssh_pwauth: True
+ users:
+ - name: admin
+ gecos: User
+ primary-group: admin
+ groups: users
+ sudo: ALL=(ALL) NOPASSWD:ALL
+ lock_passwd: false
+ passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
+ runcmd:
+ - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }}
+ - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }}
+ - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }}
+ - export protected_net_cidr={{ .Values.global.protectedNetCidr }}
+ - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }}
+ - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }}
+ - export protected_net_gw={{ .Values.global.protectedNetGw }}
+ - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }}
+ - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/firewall | sudo -E bash
+ VirtletRootVolumeSize: 5Gi
+ k8s.v1.cni.cncf.io/networks: '[{"name": {{ .Values.global.ovnMultusNetworkName | quote }}}]'
+ ovnNetwork: '[
+ { "name": {{ .Values.global.unprotectedNetworkName | quote }}, "ipAddress": {{ .Values.global.vfwPrivateIp0 | quote }}, "interface": "eth1" , "defaultGateway": "false"},
+ { "name": {{ .Values.global.protectedNetworkName | quote }}, "ipAddress": {{ .Values.global.vfwPrivateIp1 | quote }}, "interface": "eth2", "defaultGateway": "false" },
+ { "name": {{ .Values.global.onapPrivateNetworkName | quote }}, "ipAddress": {{ .Values.global.vfwPrivateIp2 | quote }}, "interface": "eth3" , "defaultGateway": "false"}
+ ]'
+ kubernetes.io/target-runtime: virtlet.cloud
+ spec:
+ affinity:
+ nodeAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ nodeSelectorTerms:
+ - matchExpressions:
+ - key: extraRuntime
+ operator: In
+ values:
+ - virtlet
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ tty: true
+ stdin: true
+ resources:
+ limits:
+ memory: {{ .Values.resources.memory }}
diff --git a/kud/demo/firewall/templates/onap-private-net.yaml b/kud/demo/firewall/templates/onap-private-net.yaml
new file mode 100644
index 00000000..5b7e9ee7
--- /dev/null
+++ b/kud/demo/firewall/templates/onap-private-net.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Network
+metadata:
+ name: {{ .Values.global.onapPrivateNetworkName }}
+spec:
+ cnitype : ovn4nfvk8s
+ name: {{ .Values.global.onapPrivateNetworkName }}
+ subnet: {{ .Values.global.onapPrivateNetCidr }}
+ gateway: {{ .Values.global.protectedPrivateGateway }}
diff --git a/kud/demo/firewall/templates/protected-private-net.yaml b/kud/demo/firewall/templates/protected-private-net.yaml
new file mode 100644
index 00000000..43cb9233
--- /dev/null
+++ b/kud/demo/firewall/templates/protected-private-net.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Network
+metadata:
+ name: {{ .Values.global.protectedNetworkName }}
+spec:
+ cnitype : ovn4nfvk8s
+ name: {{ .Values.global.protectedNetworkName }}
+ subnet: {{ .Values.global.protectedNetCidr }}
+ gateway: {{ .Values.global.protectedNetGw }}/{{ .Values.global.gatewayVariable }}
diff --git a/kud/demo/firewall/templates/unprotected-private-net.yaml b/kud/demo/firewall/templates/unprotected-private-net.yaml
new file mode 100644
index 00000000..8f45eded
--- /dev/null
+++ b/kud/demo/firewall/templates/unprotected-private-net.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Network
+metadata:
+ name: {{ .Values.global.unprotectedNetworkName }}
+spec:
+ cnitype : ovn4nfvk8s
+ name: {{ .Values.global.unprotectedNetworkName }}
+ subnet: {{ .Values.global.protectedNetCidr }}
+ gateway: 192.168.10.1/24
diff --git a/kud/demo/firewall/values.yaml b/kud/demo/firewall/values.yaml
new file mode 100644
index 00000000..7935828f
--- /dev/null
+++ b/kud/demo/firewall/values.yaml
@@ -0,0 +1,41 @@
+# Default values for firewall.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: virtlet.cloud/ubuntu/16.04
+ tag: latest
+ pullPolicy: Always
+
+nameOverride: ""
+fullnameOverride: ""
+
+resources:
+ memory: 4Gi
+
+#global vars for parent and subcharts.
+global:
+ demoArtifactsVersion: 1.5.0
+ vfwPrivateIp0: 192.168.10.3
+ vfwPrivateIp1: 192.168.20.2
+ vfwPrivateIp2: 10.10.100.3
+ vpgPrivateIp0: 192.168.10.2
+ vpgPrivateIp1: 10.0.100.2
+ vsnPrivateIp0: 192.168.20.3
+ vsnPrivateIp1: 10.10.100.4
+ dcaeCollectorIp: 10.0.4.1
+ dcaeCollectorPort: 8081
+ protectedNetGw: 192.168.20.100
+ protectedNetCidr: 192.168.20.0/24
+ protectedPrivateNetCidr: 192.168.10.0/24
+ onapPrivateNetCidr: 10.10.0.0/16
+ protectedNetGw: 192.168.20.100
+ protectedNetworkName: protected-private-net
+ unprotectedNetworkName: unprotected-private-net
+ ovnMultusNetworkName: ovn-networkobj
+ onapPrivateNetworkName: onap-private-net
+ protectedPrivateGateway: 10.10.0.1/16
+ gatewayVariable: 24
+