aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRitu Sood <ritu.sood@intel.com>2019-05-17 16:07:45 -0700
committerRitu Sood <ritu.sood@intel.com>2019-05-22 18:21:20 -0700
commit352080a39d582a767d5908ab3372ac10d59a2261 (patch)
tree739d140efbf06396b655efa24ef47618e2463c08
parent09433fb59e63a96a1e6d08fdd6061c59b3813e61 (diff)
vFW usecase update
Update vFw Uses case to use 1.5.0 artifacts. 1.3.1 artifacts were removed from nexus this week. Changed sink container to remove IP addresses that are built in the image and can't be changed or parametrized. Added a configmap for sink container Change-Id: Ib1aae1816de866889e93d61a77832680764acef6 Issue-ID: MULTICLOUD-623 Signed-off-by: Ritu Sood <ritu.sood@intel.com>
-rwxr-xr-xkud/tests/_common.sh22
-rw-r--r--kud/tests/cFW/sink/Dockerfile30
-rw-r--r--kud/tests/cFW/sink/wrapper_v_sink_init.sh10
-rwxr-xr-xkud/tests/integration_vcFW.sh2
4 files changed, 40 insertions, 24 deletions
diff --git a/kud/tests/_common.sh b/kud/tests/_common.sh
index 77818dcf..3120dad7 100755
--- a/kud/tests/_common.sh
+++ b/kud/tests/_common.sh
@@ -33,7 +33,7 @@ rbp_instance=rbp_instance.json
rbp_content_tarball=profile.tar
# vFirewall vars
-demo_artifacts_version=1.3.1
+demo_artifacts_version=1.5.0
vfw_private_ip_0='192.168.10.3'
vfw_private_ip_1='192.168.20.2'
vfw_private_ip_2='10.10.100.3'
@@ -47,6 +47,7 @@ protected_net_gw='192.168.20.100'
protected_net_cidr='192.168.20.0/24'
protected_private_net_cidr='192.168.10.0/24'
onap_private_net_cidr='10.10.0.0/16'
+sink_ipaddr='192.168.20.250'
# populate_CSAR_containers_vFW() - This function creates the content of CSAR file
# required for vFirewal using only containers
@@ -323,6 +324,7 @@ NET
- export dcae_collector_port=$dcae_collector_port
- export protected_net_gw=$protected_net_gw
- export protected_private_net_cidr=$protected_private_net_cidr
+ - export sink_ipaddr=$sink_ipaddr
"
if [[ -n "${http_proxy+x}" ]]; then
proxy+="
@@ -476,6 +478,16 @@ spec:
memory: 4Gi
DEPLOYMENT
+ cat << CONFIGMAP > sink_configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: sink-configmap
+data:
+ protected_net_gw: $protected_net_gw
+ protected_private_net_cidr: $protected_private_net_cidr
+CONFIGMAP
+
cat << DEPLOYMENT > $sink_deployment_name.yaml
apiVersion: apps/v1
kind: Deployment
@@ -503,12 +515,16 @@ spec:
spec:
containers:
- name: $sink_deployment_name
- image: electrocucaracha/sink
- imagePullPolicy: IfNotPresent
+ image: rtsood/onap-vfw-demo-sink:0.2.0
+ envFrom:
+ - configMapRef:
+ name: sink-configmap
+ imagePullPolicy: Always
tty: true
stdin: true
securityContext:
privileged: true
+
- name: darkstat
image: electrocucaracha/darkstat
imagePullPolicy: IfNotPresent
diff --git a/kud/tests/cFW/sink/Dockerfile b/kud/tests/cFW/sink/Dockerfile
index 6b43ba61..5e3da088 100644
--- a/kud/tests/cFW/sink/Dockerfile
+++ b/kud/tests/cFW/sink/Dockerfile
@@ -1,5 +1,5 @@
FROM ubuntu:16.04
-MAINTAINER Victor Morales <electrocucaracha@gmail.com>
+MAINTAINER Ritu Sood <ritu.sood@intel.com>
ARG HTTP_PROXY=${HTTP_PROXY}
ARG HTTPS_PROXY=${HTTPS_PROXY}
@@ -7,28 +7,18 @@ ARG HTTPS_PROXY=${HTTPS_PROXY}
ENV http_proxy $HTTP_PROXY
ENV https_proxy $HTTPS_PROXY
-ENV protected_net_cidr "192.168.20.0/24"
-ENV fw_ipaddr "192.168.10.100"
-ENV sink_ipaddr "192.168.20.250"
-ENV demo_artifacts_version "1.3.0"
-ENV protected_net_gw "192.168.20.100"
-ENV unprotected_net "192.168.10.0/24"
+ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf"
+ENV demo_artifacts_version "1.5.0"
-RUN apt-get update && apt-get install -y -qq wget net-tools
+RUN apt-get update && apt-get install -y -qq wget net-tools unzip
WORKDIR /opt
-RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_sink_init.sh" \
- && chmod +x v_sink_init.sh
+RUN wget "${repo_url}/vfw/vfw-scripts/${demo_artifacts_version}/vfw-scripts-${demo_artifacts_version}.zip" \
+ && unzip "vfw-scripts-${demo_artifacts_version}.zip" \
+ && chmod +x v_sink_init.sh
-RUN mkdir -p config/ \
- && echo $protected_net_cidr > config/protected_net_cidr.txt \
- && echo $fw_ipaddr > config/fw_ipaddr.txt \
- && echo $sink_ipaddr > config/sink_ipaddr.txt \
- && echo $demo_artifacts_version > config/demo_artifacts_version.txt \
- && echo $protected_net_gw > config/protected_net_gw.txt \
- && echo $unprotected_net > config/unprotected_net.txt
+COPY wrapper_v_sink_init.sh .
+RUN chmod +x wrapper_v_sink_init.sh
-# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100
-# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists
-CMD ["./v_sink_init.sh"]
+CMD ["./wrapper_v_sink_init.sh"]
diff --git a/kud/tests/cFW/sink/wrapper_v_sink_init.sh b/kud/tests/cFW/sink/wrapper_v_sink_init.sh
new file mode 100644
index 00000000..e3a3e35e
--- /dev/null
+++ b/kud/tests/cFW/sink/wrapper_v_sink_init.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+mkdir -p /opt/config/
+echo "$protected_net_gw" > /opt/config/protected_net_gw.txt
+echo "$protected_private_net_cidr" > /opt/config/unprotected_net.txt
+
+# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100
+# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists
+./v_sink_init.sh
+sleep infinity
diff --git a/kud/tests/integration_vcFW.sh b/kud/tests/integration_vcFW.sh
index ccda1190..0c6d0689 100755
--- a/kud/tests/integration_vcFW.sh
+++ b/kud/tests/integration_vcFW.sh
@@ -30,7 +30,7 @@ for net in $unprotected_private_net $protected_private_net $onap_private_net; do
echo "Create OVN Network $net network"
init_network $net.yaml
done
-for resource in onap-ovn4nfvk8s-network sink-service; do
+for resource in onap-ovn4nfvk8s-network sink-service sink_configmap; do
kubectl apply -f $resource.yaml
done
setup $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name