Add composite vFW demo

Add demonstration files and test scripts to show the vFW use case as a composite application using network intents and ovnaction intents to deploy to multiple clusters. Issue-ID: MULTICLOUD-1095 Signed-off-by: Eric Multanen <eric.w.multanen@intel.com> Change-Id: I74b837f9f97747f1eefffbcd105a6630a7b3a374
author: Eric Multanen <eric.w.multanen@intel.com> 2020-06-23 12:39:26 -0700
committer: Eric Multanen <eric.w.multanen@intel.com> 2020-06-29 11:01:23 -0700
commit: 6e1234913019ef0dd03f8c9d1547fbe22058af6a (patch)
tree: 57907a9b1215e5d5d478460acd60ebdb7490a82b /kud/demo/composite-firewall/firewall
parent: 7165b8294a820e00335067439086e792581e71a4 (diff)
5 files changed, 172 insertions, 0 deletions
diff --git a/kud/demo/composite-firewall/firewall/.helmignore b/kud/demo/composite-firewall/firewall/.helmignore
new file mode 100644
index 00000000..50af0317
--- /dev/null
+++ b/kud/demo/composite-firewall/firewall/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/kud/demo/composite-firewall/firewall/Chart.yaml b/kud/demo/composite-firewall/firewall/Chart.yaml
new file mode 100644
index 00000000..18201ddd
--- /dev/null
+++ b/kud/demo/composite-firewall/firewall/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart to deploy Firewall app for vFirewall
+name: firewall
+version: 0.1.0
diff --git a/kud/demo/composite-firewall/firewall/templates/_helpers.tpl b/kud/demo/composite-firewall/firewall/templates/_helpers.tpl
new file mode 100644
index 00000000..7593e779
--- /dev/null
+++ b/kud/demo/composite-firewall/firewall/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "firewall.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "firewall.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "firewall.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kud/demo/composite-firewall/firewall/templates/deployment.yaml b/kud/demo/composite-firewall/firewall/templates/deployment.yaml
new file mode 100644
index 00000000..632a50bf
--- /dev/null
+++ b/kud/demo/composite-firewall/firewall/templates/deployment.yaml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "firewall.fullname" . }}
+  labels:
+    release: {{ .Release.Name }}
+    app: {{ include "firewall.name" . }}
+    chart: {{ .Chart.Name }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "firewall.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "firewall.name" . }}
+        release: {{ .Release.Name }}
+      annotations:
+        VirtletLibvirtCPUSetting: |
+          mode: host-model
+        VirtletCloudInitUserData: |
+          ssh_pwauth: True
+          users:
+          - name: admin
+            gecos: User
+            primary-group: admin
+            groups: users
+            sudo: ALL=(ALL) NOPASSWD:ALL
+            lock_passwd: false
+            passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/"
+          runcmd:
+            - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }}
+            - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }}
+            - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }}
+            - export protected_net_cidr={{ .Values.global.protectedNetCidr }}
+            - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }}
+            - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }}
+            - export protected_net_gw={{ .Values.global.protectedNetGw }}
+            - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }}
+            - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/firewall | sudo -E bash
+        VirtletRootVolumeSize: 5Gi
+        kubernetes.io/target-runtime: virtlet.cloud
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: extraRuntime
+                operator: In
+                values:
+                - virtlet
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        tty: true
+        stdin: true
+        resources:
+          limits:
+            memory: {{ .Values.resources.memory }}
diff --git a/kud/demo/composite-firewall/firewall/values.yaml b/kud/demo/composite-firewall/firewall/values.yaml
new file mode 100644
index 00000000..3a6c8983
--- /dev/null
+++ b/kud/demo/composite-firewall/firewall/values.yaml
@@ -0,0 +1,50 @@
+# Default values for firewall.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: virtlet.cloud/ubuntu/16.04
+  tag: latest
+  pullPolicy: IfNotPresent
+
+nameOverride: ""
+fullnameOverride: ""
+
+resources:
+  memory: 4Gi
+
+#global vars for parent and subcharts.
+global:
+
+  #Networks
+  unprotectedNetworkName: unprotected-private-net
+  protectedPrivateNetCidr: 192.168.10.0/24
+
+  emcoPrivateNetworkName: emco-private-net
+
+  protectedNetworkName: protected-private-net
+  protectedNetCidr: 192.168.20.0/24
+  protectedNetGwIp: 192.168.20.100
+  protectedNetGw: 192.168.20.100/24
+
+  #vFirewall container
+  vfwPrivateIp0: 192.168.10.3
+  vfwPrivateIp1: 192.168.20.2
+  vfwPrivateIp2: 10.10.20.3
+
+  #Packetgen container
+  vpgPrivateIp0: 192.168.10.200
+  vpgPrivateIp1: 10.10.20.200
+
+  #Sink container
+  vsnPrivateIp0: 192.168.20.3
+  vsnPrivateIp1: 10.10.20.4
+
+  #########
+  ovnMultusNetworkName: ovn-networkobj
+  demoArtifactsVersion: 1.5.0
+  dcaeCollectorIp: 10.0.4.1
+  dcaeCollectorPort: 8081
+
author	Eric Multanen <eric.w.multanen@intel.com>	2020-06-23 12:39:26 -0700
committer	Eric Multanen <eric.w.multanen@intel.com>	2020-06-29 11:01:23 -0700
commit	6e1234913019ef0dd03f8c9d1547fbe22058af6a (patch)
tree	57907a9b1215e5d5d478460acd60ebdb7490a82b /kud/demo/composite-firewall/firewall
parent	7165b8294a820e00335067439086e792581e71a4 (diff)