Add KRD source code

This changes includes the source code created for the Kubernetes
Reference Deployment(KRD) which helps to provide an automated
mechanism to install and configure Kubernetes services required for
the MultiCloud/K8s plugin.

Change-Id: Ica49566fcd531e25846ed3e5062de2f92ec56f6c
Signed-off-by: Victor Morales <victor.morales@intel.com>
Issue-ID: MULTICLOUD-301

1 files changed, 295 insertions, 0 deletions

diff --git a/vagrant/tests/integration_vFW.sh b/vagrant/tests/integration_vFW.sh
new file mode 100755
index 00000000..fa48d7c5
--- /dev/null
+++ b/vagrant/tests/integration_vFW.sh
@@ -0,0 +1,295 @@
+#!/bin/bash
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+rm -f $HOME/*.yaml
+packetgen_deployment_name=packetgen
+sink_deployment_name=sink
+firewall_deployment_name=firewall
+image_name=virtlet.cloud/ubuntu/16.04
+
+if [[ ! -f $HOME/.ssh/id_rsa.pub ]]; then
+    echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
+fi
+ssh_key=$(cat $HOME/.ssh/id_rsa.pub)
+
+cat << NET > $HOME/unprotected-private-net-cidr-network.yaml
+apiVersion: "kubernetes.cni.cncf.io/v1"
+kind: Network
+metadata:
+  name: unprotected-private-net-cidr
+spec:
+  config: '{
+    "name": "unprotected",
+    "type": "bridge",
+    "ipam": {
+        "type": "host-local",
+        "subnet": "192.168.10.0/24"
+    }
+}'
+NET
+
+cat << NET > $HOME/protected-private-net-cidr-network.yaml
+apiVersion: "kubernetes.cni.cncf.io/v1"
+kind: Network
+metadata:
+  name: protected-private-net-cidr
+spec:
+  config: '{
+    "name": "protected",
+    "type": "bridge",
+    "ipam": {
+        "type": "host-local",
+        "subnet": "192.168.20.0/24"
+    }
+}'
+NET
+
+cat << NET > $HOME/onap-private-net-cidr-network.yaml
+apiVersion: "kubernetes.cni.cncf.io/v1"
+kind: Network
+metadata:
+  name: onap-private-net-cidr
+spec:
+  config: '{
+    "name": "onap",
+    "type": "bridge",
+    "ipam": {
+        "type": "host-local",
+        "subnet": "10.10.0.0/16"
+    }
+}'
+NET
+
+proxy="#!/bin/bash"
+if [[ -n "${http_proxy+x}" ]]; then
+    proxy+="
+            export http_proxy=$http_proxy
+            echo \"Acquire::http::Proxy \\\"$http_proxy\\\";\" | sudo tee --append /etc/apt/apt.conf.d/01proxy
+"
+fi
+if [[ -n "${https_proxy+x}" ]]; then
+    proxy+="
+            export https_proxy=$https_proxy
+            echo \"Acquire::https::Proxy \\\"$https_proxy\\\";\" | sudo tee --append /etc/apt/apt.conf.d/01proxy
+"
+fi
+if [[ -n "${no_proxy+x}" ]]; then
+    proxy+="
+            export no_proxy=$no_proxy"
+fi
+
+cat << DEPLOYMENT > $HOME/$packetgen_deployment_name.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $packetgen_deployment_name
+  labels:
+    app: vFirewall
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vFirewall
+  template:
+    metadata:
+      labels:
+        app: vFirewall
+      annotations:
+        VirtletCloudInitUserData: |
+          users:
+          - default
+          - name: admin
+            sudo: ALL=(ALL) NOPASSWD:ALL
+            plain_text_passwd: secret
+            groups: sudo
+            ssh_authorized_keys:
+            - $ssh_key
+        VirtletCloudInitUserDataScript: |
+            $proxy
+
+            wget -O - https://raw.githubusercontent.com/electrocucaracha/vFW-demo/master/$packetgen_deployment_name | sudo -E bash
+        kubernetes.v1.cni.cncf.io/networks: '[
+            { "name": "unprotected-private-net-cidr", "interfaceRequest": "eth1" },
+            { "name": "onap-private-net-cidr", "interfaceRequest": "eth2" }
+        ]'
+        kubernetes.io/target-runtime: virtlet.cloud
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: extraRuntime
+                operator: In
+                values:
+                - virtlet
+      containers:
+      - name: $packetgen_deployment_name
+        image: $image_name
+        imagePullPolicy: IfNotPresent
+        tty: true
+        stdin: true
+        resources:
+          limits:
+            memory: 256Mi
+DEPLOYMENT
+
+cat << DEPLOYMENT > $HOME/$firewall_deployment_name.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $firewall_deployment_name
+  labels:
+    app: vFirewall
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vFirewall
+  template:
+    metadata:
+      labels:
+        app: vFirewall
+      annotations:
+        VirtletCloudInitUserData: |
+          users:
+          - default
+          - name: admin
+            sudo: ALL=(ALL) NOPASSWD:ALL
+            plain_text_passwd: secret
+            groups: sudo
+            ssh_authorized_keys:
+            - $ssh_key
+        VirtletCloudInitUserDataScript: |
+            $proxy
+
+            wget -O - https://raw.githubusercontent.com/electrocucaracha/vFW-demo/master/$firewall_deployment_name | sudo -E bash
+        kubernetes.v1.cni.cncf.io/networks: '[
+            { "name": "unprotected-private-net-cidr", "interfaceRequest": "eth1" },
+            { "name": "protected-private-net-cidr", "interfaceRequest": "eth2" },
+            { "name": "onap-private-net-cidr", "interfaceRequest": "eth3" }
+        ]'
+        kubernetes.io/target-runtime: virtlet.cloud
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: extraRuntime
+                operator: In
+                values:
+                - virtlet
+      containers:
+      - name: $firewall_deployment_name
+        image: $image_name
+        imagePullPolicy: IfNotPresent
+        tty: true
+        stdin: true
+        resources:
+          limits:
+            memory: 160Mi
+DEPLOYMENT
+
+cat << DEPLOYMENT > $HOME/$sink_deployment_name.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $sink_deployment_name
+  labels:
+    app: vFirewall
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: vFirewall
+  template:
+    metadata:
+      labels:
+        app: vFirewall
+      annotations:
+        VirtletCloudInitUserData: |
+          users:
+          - default
+          - name: admin
+            sudo: ALL=(ALL) NOPASSWD:ALL
+            plain_text_passwd: secret
+            groups: sudo
+            ssh_authorized_keys:
+            - $ssh_key
+        VirtletCloudInitUserDataScript: |
+            $proxy
+
+            wget -O - https://raw.githubusercontent.com/electrocucaracha/vFW-demo/master/$sink_deployment_name | sudo -E bash
+        kubernetes.v1.cni.cncf.io/networks: '[
+            { "name": "protected-private-net-cidr", "interfaceRequest": "eth1" },
+            { "name": "onap-private-net-cidr", "interfaceRequest": "eth2" }
+        ]'
+        kubernetes.io/target-runtime: virtlet.cloud
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: extraRuntime
+                operator: In
+                values:
+                - virtlet
+      containers:
+      - name: $sink_deployment_name
+        image: $image_name
+        imagePullPolicy: IfNotPresent
+        tty: true
+        stdin: true
+        resources:
+          limits:
+            memory: 160Mi
+DEPLOYMENT
+
+if $(kubectl version &>/dev/null); then
+    kubectl apply -f $HOME/unprotected-private-net-cidr-network.yaml
+    kubectl apply -f $HOME/protected-private-net-cidr-network.yaml
+    kubectl apply -f $HOME/onap-private-net-cidr-network.yaml
+
+    for deployment_name in $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name; do
+        kubectl delete deployment $deployment_name --ignore-not-found=true --now
+        while kubectl get deployment $deployment_name &>/dev/null; do
+            sleep 5
+        done
+        kubectl create -f $HOME/$deployment_name.yaml
+    done
+
+    for deployment_name in $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name; do
+        status_phase=""
+        while [[ $status_phase != "Running" ]]; do
+            new_phase=$(kubectl get pods | grep  $deployment_name | awk '{print $3}')
+            if [[ $new_phase != $status_phase ]]; then
+                echo "$(date +%H:%M:%S) - $deployment_name : $new_phase"
+                status_phase=$new_phase
+            fi
+            if [[ $new_phase == "Err"* ]]; then
+                exit 1
+            fi
+        done
+    done
+    for deployment_name in $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name; do
+        pod_name=$(kubectl get pods | grep  $deployment_name | awk '{print $1}')
+        vm=$(kubectl plugin virt virsh list | grep ".*$deployment_name"  | awk '{print $2}')
+        echo "Pod name: $pod_name Virsh domain: $vm"
+        echo "ssh -i ~/.ssh/id_rsa.pub admin@$(kubectl get pods $pod_name -o jsonpath="{.status.podIP}")"
+        echo "=== Virtlet details ===="
+        echo "$(kubectl plugin virt virsh dumpxml $vm | grep VIRTLET_)\n"
+    done
+fi