diff options
author | Ritu Sood <ritu.sood@intel.com> | 2019-05-17 16:07:45 -0700 |
---|---|---|
committer | Ritu Sood <ritu.sood@intel.com> | 2019-05-22 18:21:20 -0700 |
commit | 352080a39d582a767d5908ab3372ac10d59a2261 (patch) | |
tree | 739d140efbf06396b655efa24ef47618e2463c08 | |
parent | 09433fb59e63a96a1e6d08fdd6061c59b3813e61 (diff) |
vFW usecase update
Update vFw Uses case to use 1.5.0
artifacts. 1.3.1 artifacts were
removed from nexus this week.
Changed sink container to remove IP
addresses that are built in the image and
can't be changed or parametrized. Added
a configmap for sink container
Change-Id: Ib1aae1816de866889e93d61a77832680764acef6
Issue-ID: MULTICLOUD-623
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
-rwxr-xr-x | kud/tests/_common.sh | 22 | ||||
-rw-r--r-- | kud/tests/cFW/sink/Dockerfile | 30 | ||||
-rw-r--r-- | kud/tests/cFW/sink/wrapper_v_sink_init.sh | 10 | ||||
-rwxr-xr-x | kud/tests/integration_vcFW.sh | 2 |
4 files changed, 40 insertions, 24 deletions
diff --git a/kud/tests/_common.sh b/kud/tests/_common.sh index 77818dcf..3120dad7 100755 --- a/kud/tests/_common.sh +++ b/kud/tests/_common.sh @@ -33,7 +33,7 @@ rbp_instance=rbp_instance.json rbp_content_tarball=profile.tar # vFirewall vars -demo_artifacts_version=1.3.1 +demo_artifacts_version=1.5.0 vfw_private_ip_0='192.168.10.3' vfw_private_ip_1='192.168.20.2' vfw_private_ip_2='10.10.100.3' @@ -47,6 +47,7 @@ protected_net_gw='192.168.20.100' protected_net_cidr='192.168.20.0/24' protected_private_net_cidr='192.168.10.0/24' onap_private_net_cidr='10.10.0.0/16' +sink_ipaddr='192.168.20.250' # populate_CSAR_containers_vFW() - This function creates the content of CSAR file # required for vFirewal using only containers @@ -323,6 +324,7 @@ NET - export dcae_collector_port=$dcae_collector_port - export protected_net_gw=$protected_net_gw - export protected_private_net_cidr=$protected_private_net_cidr + - export sink_ipaddr=$sink_ipaddr " if [[ -n "${http_proxy+x}" ]]; then proxy+=" @@ -476,6 +478,16 @@ spec: memory: 4Gi DEPLOYMENT + cat << CONFIGMAP > sink_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: sink-configmap +data: + protected_net_gw: $protected_net_gw + protected_private_net_cidr: $protected_private_net_cidr +CONFIGMAP + cat << DEPLOYMENT > $sink_deployment_name.yaml apiVersion: apps/v1 kind: Deployment @@ -503,12 +515,16 @@ spec: spec: containers: - name: $sink_deployment_name - image: electrocucaracha/sink - imagePullPolicy: IfNotPresent + image: rtsood/onap-vfw-demo-sink:0.2.0 + envFrom: + - configMapRef: + name: sink-configmap + imagePullPolicy: Always tty: true stdin: true securityContext: privileged: true + - name: darkstat image: electrocucaracha/darkstat imagePullPolicy: IfNotPresent diff --git a/kud/tests/cFW/sink/Dockerfile b/kud/tests/cFW/sink/Dockerfile index 6b43ba61..5e3da088 100644 --- a/kud/tests/cFW/sink/Dockerfile +++ b/kud/tests/cFW/sink/Dockerfile @@ -1,5 +1,5 @@ FROM ubuntu:16.04 -MAINTAINER Victor Morales <electrocucaracha@gmail.com> +MAINTAINER Ritu Sood <ritu.sood@intel.com> ARG HTTP_PROXY=${HTTP_PROXY} ARG HTTPS_PROXY=${HTTPS_PROXY} @@ -7,28 +7,18 @@ ARG HTTPS_PROXY=${HTTPS_PROXY} ENV http_proxy $HTTP_PROXY ENV https_proxy $HTTPS_PROXY -ENV protected_net_cidr "192.168.20.0/24" -ENV fw_ipaddr "192.168.10.100" -ENV sink_ipaddr "192.168.20.250" -ENV demo_artifacts_version "1.3.0" -ENV protected_net_gw "192.168.20.100" -ENV unprotected_net "192.168.10.0/24" +ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" +ENV demo_artifacts_version "1.5.0" -RUN apt-get update && apt-get install -y -qq wget net-tools +RUN apt-get update && apt-get install -y -qq wget net-tools unzip WORKDIR /opt -RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_sink_init.sh" \ - && chmod +x v_sink_init.sh +RUN wget "${repo_url}/vfw/vfw-scripts/${demo_artifacts_version}/vfw-scripts-${demo_artifacts_version}.zip" \ + && unzip "vfw-scripts-${demo_artifacts_version}.zip" \ + && chmod +x v_sink_init.sh -RUN mkdir -p config/ \ - && echo $protected_net_cidr > config/protected_net_cidr.txt \ - && echo $fw_ipaddr > config/fw_ipaddr.txt \ - && echo $sink_ipaddr > config/sink_ipaddr.txt \ - && echo $demo_artifacts_version > config/demo_artifacts_version.txt \ - && echo $protected_net_gw > config/protected_net_gw.txt \ - && echo $unprotected_net > config/unprotected_net.txt +COPY wrapper_v_sink_init.sh . +RUN chmod +x wrapper_v_sink_init.sh -# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 -# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists -CMD ["./v_sink_init.sh"] +CMD ["./wrapper_v_sink_init.sh"] diff --git a/kud/tests/cFW/sink/wrapper_v_sink_init.sh b/kud/tests/cFW/sink/wrapper_v_sink_init.sh new file mode 100644 index 00000000..e3a3e35e --- /dev/null +++ b/kud/tests/cFW/sink/wrapper_v_sink_init.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +mkdir -p /opt/config/ +echo "$protected_net_gw" > /opt/config/protected_net_gw.txt +echo "$protected_private_net_cidr" > /opt/config/unprotected_net.txt + +# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 +# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists +./v_sink_init.sh +sleep infinity diff --git a/kud/tests/integration_vcFW.sh b/kud/tests/integration_vcFW.sh index ccda1190..0c6d0689 100755 --- a/kud/tests/integration_vcFW.sh +++ b/kud/tests/integration_vcFW.sh @@ -30,7 +30,7 @@ for net in $unprotected_private_net $protected_private_net $onap_private_net; do echo "Create OVN Network $net network" init_network $net.yaml done -for resource in onap-ovn4nfvk8s-network sink-service; do +for resource in onap-ovn4nfvk8s-network sink-service sink_configmap; do kubectl apply -f $resource.yaml done setup $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name |