Integrate OVN4NFV plugin

This change includes the files to install, configure and test the OVN4NFV plugin. Change-Id: I0c431e475bd391e13680c734cff555e4dfc055ae Signed-off-by: Victor Morales <victor.morales@intel.com> Issue-ID: MULTICLOUD-304
author: Victor Morales <victor.morales@intel.com> 2018-11-27 05:13:11 -0800
committer: Victor Morales <victor.morales@intel.com> 2018-12-07 08:13:42 -0800
commit: aa56022e0fba3c358e46e8671d9a0cd36094ebaa (patch)
tree: 63bbfa3aee4fd7fc5298e1e18810821d8aaeaade /vagrant/tests
parent: 8485e82b9c447024ae0eca1899fde5bffafc9f41 (diff)
4 files changed, 248 insertions, 40 deletions
diff --git a/vagrant/tests/_common.sh b/vagrant/tests/_common.sh
index e5134fd6..620c00af 100755
--- a/vagrant/tests/_common.sh
+++ b/vagrant/tests/_common.sh
@@ -21,9 +21,11 @@ virtlet_image=virtlet.cloud/fedora
 virtlet_deployment_name=virtlet-deployment
 plugin_deployment_name=plugin-deployment
 plugin_service_name=plugin-service
+ovn4nfv_deployment_name=ovn4nfv-deployment
 onap_private_net=onap-private-net
 unprotected_private_net=unprotected-private-net
 protected_private_net=protected-private-net
+ovn_multus_network_name=ovn-networkobj
 
 # vFirewall vars
 demo_artifacts_version=1.3.0
@@ -229,6 +231,8 @@ function populate_CSAR_vms_containers_vFW {
     cat << META > metadata.yaml
 resources:
   network:
+    - onap-ovn4nfvk8s-network.yaml
+  onapNetwork:
     - $unprotected_private_net.yaml
     - $protected_private_net.yaml
     - $onap_private_net.yaml
@@ -255,52 +259,53 @@ spec:
     context: darkstat
 SERVICE
 
-    cat << NET > $unprotected_private_net.yaml
+    cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
 apiVersion: "k8s.cni.cncf.io/v1"
 kind: NetworkAttachmentDefinition
 metadata:
-  name: $unprotected_private_net
+  name: $ovn_multus_network_name
 spec:
   config: '{
-    "name": "unprotected",
-    "type": "bridge",
-    "ipam": {
-        "type": "host-local",
-        "subnet": "$protected_private_net_cidr"
-    }
-}'
+      "cniVersion": "0.3.1",
+      "name": "ovn4nfv-k8s-plugin",
+      "type": "ovn4nfvk8s-cni"
+    }'
+MULTUS_NET
+
+    cat << NET > $unprotected_private_net.yaml
+apiVersion: v1
+kind: onapNetwork
+metadata:
+  name: $unprotected_private_net
+  cnitype : ovn4nfvk8s
+spec:
+  name: $unprotected_private_net
+  subnet: $protected_private_net_cidr
+  gateway: 192.168.10.1/24
 NET
 
     cat << NET > $protected_private_net.yaml
-apiVersion: "k8s.cni.cncf.io/v1"
-kind: NetworkAttachmentDefinition
+apiVersion: v1
+kind: onapNetwork
 metadata:
   name: $protected_private_net
+  cnitype : ovn4nfvk8s
 spec:
-  config: '{
-    "name": "protected",
-    "type": "bridge",
-    "ipam": {
-        "type": "host-local",
-        "subnet": "$protected_net_cidr"
-    }
-}'
+  name: $protected_private_net
+  subnet: $protected_net_cidr
+  gateway: $protected_net_gw/24
 NET
 
     cat << NET > $onap_private_net.yaml
-apiVersion: "k8s.cni.cncf.io/v1"
-kind: NetworkAttachmentDefinition
+apiVersion: v1
+kind: onapNetwork
 metadata:
   name: $onap_private_net
+  cnitype : ovn4nfvk8s
 spec:
-  config: '{
-    "name": "onap",
-    "type": "bridge",
-    "ipam": {
-        "type": "host-local",
-        "subnet": "$onap_private_net_cidr"
-    }
-}'
+  name: $onap_private_net
+  subnet: $onap_private_net_cidr
+  gateway: 10.10.0.1/16
 NET
 
     proxy="apt:"
@@ -370,9 +375,10 @@ spec:
         VirtletSSHKeys: |
           $ssh_key
         VirtletRootVolumeSize: 5Gi
-        k8s.v1.cni.cncf.io/networks: '[
-            { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
-            { "name": "$onap_private_net", "interfaceRequest": "eth2" }
+        k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
+        ovnNetwork: '[
+            { "name": "$unprotected_private_net", "ipAddress": "$vpg_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
+            { "name": "$onap_private_net", "ipAddress": "$vpg_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
         ]'
         kubernetes.io/target-runtime: virtlet.cloud
     spec:
@@ -437,10 +443,11 @@ spec:
         VirtletSSHKeys: |
           $ssh_key
         VirtletRootVolumeSize: 5Gi
-        k8s.v1.cni.cncf.io/networks: '[
-            { "name": "$unprotected_private_net", "interfaceRequest": "eth1" },
-            { "name": "$protected_private_net", "interfaceRequest": "eth2" },
-            { "name": "$onap_private_net", "interfaceRequest": "eth3" }
+        k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
+        ovnNetwork: '[
+            { "name": "$unprotected_private_net", "ipAddress": "$vfw_private_ip_0", "interface": "eth1" , "defaultGateway": "false"},
+            { "name": "$protected_private_net", "ipAddress": "$vfw_private_ip_1", "interface": "eth2", "defaultGateway": "false" },
+            { "name": "$onap_private_net", "ipAddress": "$vfw_private_ip_2", "interface": "eth3" , "defaultGateway": "false"}
         ]'
         kubernetes.io/target-runtime: virtlet.cloud
     spec:
@@ -483,9 +490,10 @@ spec:
         app: vFirewall
         context: darkstat
       annotations:
-        k8s.v1.cni.cncf.io/networks: '[
-            { "name": "$protected_private_net", "interfaceRequest": "eth1" },
-            { "name": "$onap_private_net", "interfaceRequest": "eth2" }
+        k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
+        ovnNetwork: '[
+            { "name": "$protected_private_net", "ipAddress": "$vsn_private_ip_0", "interface": "eth1", "defaultGateway": "false" },
+            { "name": "$onap_private_net", "ipAddress": "$vsn_private_ip_1", "interface": "eth2" , "defaultGateway": "false"}
         ]'
     spec:
       containers:
@@ -1001,3 +1009,88 @@ SERVICE
     popd
 }
 
+# populate_CSAR_ovn4nfv() - Create content used for OVN4NFV functional test
+function populate_CSAR_ovn4nfv {
+    local csar_id=$1
+
+    _checks_args $csar_id
+    pushd ${CSAR_DIR}/${csar_id}
+
+    cat << META > metadata.yaml
+resources:
+  onap_network:
+    - ovn-port-net.yaml
+    - ovn-priv-net.yaml
+  network:
+    - onap-ovn4nfvk8s-network.yaml
+  deployment:
+    - $ovn4nfv_deployment_name.yaml
+META
+
+    cat << MULTUS_NET > onap-ovn4nfvk8s-network.yaml
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: $ovn_multus_network_name
+spec:
+  config: '{
+      "cniVersion": "0.3.1",
+      "name": "ovn4nfv-k8s-plugin",
+      "type": "ovn4nfvk8s-cni"
+    }'
+MULTUS_NET
+
+    cat << NETWORK > ovn-port-net.yaml
+apiVersion: v1
+kind: onapNetwork
+metadata:
+  name: ovn-port-net
+  cnitype : ovn4nfvk8s
+spec:
+  name: ovn-port-net
+  subnet: 172.16.33.0/24
+  gateway: 172.16.33.1/24
+NETWORK
+
+    cat << NETWORK > ovn-priv-net.yaml
+apiVersion: v1
+kind: onapNetwork
+metadata:
+  name: ovn-priv-net
+  cnitype : ovn4nfvk8s
+spec:
+  name: ovn-priv-net
+  subnet: 172.16.44.0/24
+  gateway: 172.16.44.1/24
+NETWORK
+
+    cat << DEPLOYMENT > $ovn4nfv_deployment_name.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: $ovn4nfv_deployment_name
+  labels:
+    app: ovn4nfv
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ovn4nfv
+  template:
+    metadata:
+      labels:
+        app: ovn4nfv
+      annotations:
+        k8s.v1.cni.cncf.io/networks: '[{ "name": "$ovn_multus_network_name"}]'
+        ovnNetwork: '[{ "name": "ovn-port-net", "interface": "net0" , "defaultGateway": "false"},
+                      { "name": "ovn-priv-net", "interface": "net1" , "defaultGateway": "false"}]'
+    spec:
+      containers:
+      - name: $ovn4nfv_deployment_name
+        image: "busybox"
+        command: ["top"]
+        stdin: true
+        tty: true
+DEPLOYMENT
+    popd
+}
diff --git a/vagrant/tests/_functions.sh b/vagrant/tests/_functions.sh
index e3d88eb4..fe69b07b 100755
--- a/vagrant/tests/_functions.sh
+++ b/vagrant/tests/_functions.sh
@@ -12,6 +12,66 @@ set -o errexit
 set -o nounset
 set -o pipefail
 
+function _get_ovn_central_address {
+    ansible_ifconfig=$(ansible ovn-central[0] -i $test_folder/../inventory/hosts.ini -m shell -a "ifconfig eth1 |grep \"inet addr\" |awk '{print \$2}' |awk -F: '{print \$2}'")
+    if [[ $ansible_ifconfig != *CHANGED* ]]; then
+        echo "Fail to get the OVN central IP address from eth1 nic"
+        exit
+    fi
+    echo "$(echo ${ansible_ifconfig#*>>} | tr '\n' ':')6641"
+}
+
+# install_ovn_deps() - Install dependencies required for tests that require OVN
+function install_ovn_deps {
+    if ! $(yq --version &>/dev/null); then
+        sudo -E pip install yq
+    fi
+    if ! $(ovn-nbctl --version &>/dev/null); then
+        source /etc/os-release || source /usr/lib/os-release
+        case ${ID,,} in
+            *suse)
+            ;;
+            ubuntu|debian)
+                sudo apt-get install -y apt-transport-https
+                echo "deb https://packages.wand.net.nz $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/wand.list
+                sudo curl https://packages.wand.net.nz/keyring.gpg -o /etc/apt/trusted.gpg.d/wand.gpg
+                sudo apt-get update
+                sudo apt install -y ovn-common
+            ;;
+            rhel|centos|fedora)
+            ;;
+        esac
+    fi
+}
+
+# init_network() - This function creates the OVN resouces required by the test
+function init_network {
+    local fname=$1
+    local router_name="ovn4nfv-master"
+
+    name=$(cat $fname | yq '.spec.name' | xargs)
+    subnet=$(cat $fname  | yq '.spec.subnet' | xargs)
+    gateway=$(cat $fname  | yq '.spec.gateway' | xargs)
+    ovn_central_address=$(_get_ovn_central_address)
+
+    router_mac=$(printf '00:00:00:%02X:%02X:%02X' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
+    ovn-nbctl --may-exist --db tcp:$ovn_central_address ls-add $name -- set logical_switch $name other-config:subnet=$subnet external-ids:gateway_ip=$gateway
+    ovn-nbctl --may-exist --db tcp:$ovn_central_address lrp-add $router_name rtos-$name $router_mac $gateway
+    ovn-nbctl --may-exist --db tcp:$ovn_central_address lsp-add $name stor-$name -- set logical_switch_port stor-$name type=router options:router-port=rtos-$name addresses=\"$router_mac\"
+}
+
+# cleanup_network() - This function removes the OVN resources created for the test
+function cleanup_network {
+    local fname=$1
+
+    name=$(cat $fname | yq '.spec.name' | xargs)
+    ovn_central_address=$(_get_ovn_central_address)
+
+    for cmd in "ls-del $name" "lrp-del rtos-$name" "lsp-del stor-$name"; do
+        ovn-nbctl --if-exist --db tcp:$ovn_central_address $cmd
+    done
+}
+
 function _checks_args {
     if [[ -z $1 ]]; then
         echo "Missing CSAR ID argument"
diff --git a/vagrant/tests/integration_vcFW.sh b/vagrant/tests/integration_vcFW.sh
index 93e75961..15cffcb8 100755
--- a/vagrant/tests/integration_vcFW.sh
+++ b/vagrant/tests/integration_vcFW.sh
@@ -18,13 +18,19 @@ source _functions.sh
 csar_id=aa443e7e-c8ba-11e8-8877-525400b164ff
 
 # Setup
+install_ovn_deps
 if [[ ! -f $HOME/.ssh/id_rsa.pub ]]; then
     echo -e "\n\n\n" | ssh-keygen -t rsa -N ""
 fi
 populate_CSAR_vms_containers_vFW $csar_id
 
 pushd ${CSAR_DIR}/${csar_id}
-for resource in $unprotected_private_net $protected_private_net $onap_private_net sink-service; do
+for net in $unprotected_private_net $protected_private_net $onap_private_net; do
+    cleanup_network $net.yaml
+    echo "Create OVN Network $net network"
+    init_network $net.yaml
+done
+for resource in onap-ovn4nfvk8s-network sink-service; do
     kubectl apply -f $resource.yaml
 done
 setup $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name
@@ -43,4 +49,7 @@ done
 
 # Teardown
 #teardown $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name
+#for net in $unprotected_private_net $protected_private_net $onap_private_net; do
+#    cleanup_network $net.yaml
+#done
 popd
diff --git a/vagrant/tests/ovn4nfv.sh b/vagrant/tests/ovn4nfv.sh
new file mode 100755
index 00000000..37fddfd8
--- /dev/null
+++ b/vagrant/tests/ovn4nfv.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+##############################################################################
+# Copyright (c) 2018
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+source _common.sh
+source _functions.sh
+
+csar_id=a1c5b53e-d7ab-11e8-85b7-525400e8c29a
+
+# Setup
+install_ovn_deps
+populate_CSAR_ovn4nfv $csar_id
+
+pushd ${CSAR_DIR}/${csar_id}
+for net in ovn-priv-net ovn-port-net; do
+    cleanup_network $net.yaml
+    echo "Create OVN Network $net network"
+    init_network $net.yaml
+done
+kubectl apply -f onap-ovn4nfvk8s-network.yaml
+setup $ovn4nfv_deployment_name
+
+# Test
+deployment_pod=$(kubectl get pods | grep  $ovn4nfv_deployment_name | awk '{print $1}')
+echo "===== $deployment_pod details ====="
+kubectl exec -it $deployment_pod -- ip a
+multus_nic=$(kubectl exec -it $deployment_pod -- ifconfig | grep "net1")
+if [ -z "$multus_nic" ]; then
+    echo "The $deployment_pod pod doesn't contain the net1 nic"
+    exit 1
+fi
+
+# Teardown
+teardown $ovn4nfv_deployment_name
+cleanup_network ovn-priv-net.yaml
+cleanup_network ovn-port-net.yaml
+popd
author	Victor Morales <victor.morales@intel.com>	2018-11-27 05:13:11 -0800
committer	Victor Morales <victor.morales@intel.com>	2018-12-07 08:13:42 -0800
commit	aa56022e0fba3c358e46e8671d9a0cd36094ebaa (patch)
tree	63bbfa3aee4fd7fc5298e1e18810821d8aaeaade /vagrant/tests
parent	8485e82b9c447024ae0eca1899fde5bffafc9f41 (diff)