diff options
author | Ruoyu Ying <ruoyu.ying@intel.com> | 2019-12-25 01:33:06 +0800 |
---|---|---|
committer | Ruoyu Ying <ruoyu.ying@intel.com> | 2020-01-08 23:33:56 +0800 |
commit | 4341b41f3f949119b9106a58b243f42b50119b82 (patch) | |
tree | 609897297257881318a0bf79714bbe33959774c7 /kud/tests/vIPSec/README.md | |
parent | 20b0ff063a92e6d4a5ecaf621e527c09ff1e5515 (diff) |
Add execution script for vIPSec in k8s
Add execution scripts for each component in vIPSec to make it work for k8s.
These scripts are going to be used along with the helm chart named 'vipsec'
inside the demo folder.
It aims to construct the vIPSec use case to set up a secure tunnel between
peers and improve its performance along with hardware acceleration
technologies such as SRIOV and QAT.
Issue-ID: MULTICLOUD-969
Change-Id: I261272439b264db4d70cf8d5d2958a891c351b61
Signed-off-by: Ruoyu Ying <ruoyu.ying@intel.com>
Diffstat (limited to 'kud/tests/vIPSec/README.md')
-rw-r--r-- | kud/tests/vIPSec/README.md | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/kud/tests/vIPSec/README.md b/kud/tests/vIPSec/README.md new file mode 100644 index 00000000..3046db7a --- /dev/null +++ b/kud/tests/vIPSec/README.md @@ -0,0 +1,36 @@ +# vIPSec use case in ONAP +This use case is composed of four virtual functions (VFs) including two +IPSec gateways, a packet generator and a traffic sink, each running in +separate Ubuntu Virtual Machines: + + * [Packet generator][1]: Sends packets to the packet sink through the +tunnel constructed thru IPSec. This includes a script that installs the +packet generator based on packetgen[4]. + * [IPsec gateways][2]: Two IPSec gateways constructed the secure tunnel +for traffic transportation. This includes a script to install and configure +the IPSec gateways thru VPP. + * [Traffic sink][3]: Displays the traffic volume that lands at the sink +VM using the link http://192.168.80.250:667 through your browser +and enable automatic page refresh by clicking the "Off" button. You +can see the traffic volume in the charts. + +This set of scripts aims to construct the vIPSec use case in order to set +up a secure tunnel between peers and improve its performance along with +hardware acceleration technologies such as SRIOV and QAT. + +User can apply the helm chart named 'vipsec' inside the k8s/kud/demo folder +to set up the whole use case. A fully-functional Kubernetes cluster, Virtlet +as well as ovn4nfv-k8s[5] plugin need to be pre-installed for the usage. +*[Place needs improvements] After having the virtual machines ready, please +manually change the MAC address inside the ipsec.conf to enable the routing. +And also start up the packetgen to send packet with src and dst defined in +the templates/values.yaml inside the helm chart. Detail instructions will be +put inside the helm chart. + +If you'd like to test the performance with QAT/SRIOV involved, first get +these hardwares pre-configured. Then change the value of 'qat_enabled' and +'sriov_enabled' inside templates/values.yaml of the helm chart accordingly. +User could observe variance in throughput inside the traffic sink. + +[4] https://pktgen-dpdk.readthedocs.io/en/latest/ +[5] https://github.com/opnfv/ovn4nfv-k8s-plugin |