diff options
24 files changed, 729 insertions, 64 deletions
diff --git a/deployments/Dockerfile b/deployments/Dockerfile index d22aeb11..961f6766 100644 --- a/deployments/Dockerfile +++ b/deployments/Dockerfile @@ -7,7 +7,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -FROM ubuntu:16.04 +FROM ubuntu:18.04 ARG HTTP_PROXY=${HTTP_PROXY} ARG HTTPS_PROXY=${HTTPS_PROXY} diff --git a/src/k8splugin/Makefile b/src/k8splugin/Makefile index afb83d66..3bc7a0e6 100644 --- a/src/k8splugin/Makefile +++ b/src/k8splugin/Makefile @@ -17,7 +17,7 @@ export GO111MODULE=on all: clean plugins CGO_ENABLED=1 GOOS=linux GOARCH=amd64 - @go build -a -tags netgo -o ./k8plugin ./cmd/main.go + @go build -tags netgo -o ./k8plugin ./cmd/main.go # The following is done this way as each patch on CI runs build and each merge runs deploy. So for build we don't need to build binary and hence # no need to create a static binary with additional flags. However, for generating binary, additional build flags are necessary. This if used with @@ -35,15 +35,15 @@ unit: .PHONY: integration integration: clean - @go build -buildmode=plugin -o ./mock_files/mock_plugins/mockplugin.so ./mock_files/mock_plugins/mockplugin.go - @go build -buildmode=plugin -o ./mock_files/mock_plugins/mocknetworkplugin.so ./mock_files/mock_plugins/mocknetworkplugin.go + @go build -tags 'integration' -buildmode=plugin -o ./mock_files/mock_plugins/mockplugin.so ./mock_files/mock_plugins/mockplugin.go + @go build -tags 'integration' -buildmode=plugin -o ./mock_files/mock_plugins/mocknetworkplugin.so ./mock_files/mock_plugins/mocknetworkplugin.go @go test -v -tags 'integration' ./... format: @go fmt ./... plugins: - @find plugins -maxdepth 1 -type d -not -path plugins -exec sh -c "ls {}/plugin.go | xargs go build -buildmode=plugin -a -tags netgo -o $(basename {}).so" \; + @find plugins -maxdepth 1 -type d -not -path plugins -exec sh -c "ls {}/plugin.go | xargs go build -buildmode=plugin -tags netgo -o $(basename {}).so" \; clean: @find . -name "*so" -delete diff --git a/src/k8splugin/api/handler.go b/src/k8splugin/api/handler.go index a6db3c18..32bfa594 100644 --- a/src/k8splugin/api/handler.go +++ b/src/k8splugin/api/handler.go @@ -27,6 +27,7 @@ import ( helper "k8splugin/internal/app" "k8splugin/internal/db" + "k8splugin/internal/rb" ) //TODO: Separate the http handler code and backend code out @@ -53,7 +54,11 @@ func validateBody(body interface{}) error { werr := pkgerrors.Wrap(errors.New("Invalid/Missing CsarID in POST request"), "CreateVnfRequest bad request") return werr } - if strings.Contains(b.CloudRegionID, "|") || strings.Contains(b.Namespace, "|") { + if b.RBProfileID == "" { + werr := pkgerrors.Wrap(errors.New("Invalid/Missing RB ProfileID in POST request"), "CreateVnfRequest bad request") + return werr + } + if strings.Contains(b.CloudRegionID, "|") { werr := pkgerrors.Wrap(errors.New("Character \"|\" not allowed in CSAR ID"), "CreateVnfRequest bad request") return werr } @@ -104,18 +109,21 @@ func CreateHandler(w http.ResponseWriter, r *http.Request) { }, nil */ - externalVNFID, resourceNameMap, err := helper.CreateVNF(resource.CsarID, resource.CloudRegionID, resource.Namespace, &kubeclient) + externalVNFID, resourceNameMap, err := helper.CreateVNF(resource.CsarID, resource.CloudRegionID, + resource.RBProfileID, &kubeclient) if err != nil { werr := pkgerrors.Wrap(err, "Read Kubernetes Data information error") http.Error(w, werr.Error(), http.StatusInternalServerError) return } + rbProfile, _ := rb.NewProfileClient().Get(resource.RBProfileID) + namespace := rbProfile.Namespace // cloud1-default-uuid - internalVNFID := resource.CloudRegionID + "-" + resource.Namespace + "-" + externalVNFID + internalVNFID := resource.CloudRegionID + "-" + namespace + "-" + externalVNFID // Persist in AAI database. - log.Printf("Cloud Region ID: %s, Namespace: %s, VNF ID: %s ", resource.CloudRegionID, resource.Namespace, externalVNFID) + log.Printf("Cloud Region ID: %s, Namespace: %s, VNF ID: %s ", resource.CloudRegionID, namespace, externalVNFID) // TODO: Uncomment when annotations are done // krd.AddNetworkAnnotationsToPod(kubeData, resource.Networks) @@ -132,7 +140,7 @@ func CreateHandler(w http.ResponseWriter, r *http.Request) { resp := CreateVnfResponse{ VNFID: externalVNFID, CloudRegionID: resource.CloudRegionID, - Namespace: resource.Namespace, + Namespace: namespace, VNFComponents: resourceNameMap, } diff --git a/src/k8splugin/api/handler_test.go b/src/k8splugin/api/handler_test.go index 40d198b7..fccda3f4 100644 --- a/src/k8splugin/api/handler_test.go +++ b/src/k8splugin/api/handler_test.go @@ -98,7 +98,7 @@ func TestCreateHandler(t *testing.T) { label: "Fail to get the VNF client", input: bytes.NewBuffer([]byte(`{ "cloud_region_id": "region1", - "namespace": "test", + "rb_profile_id": "123e4567-e89b-12d3-a456-426655440000", "csar_id": "UUID-1" }`)), expectedCode: http.StatusInternalServerError, @@ -108,7 +108,7 @@ func TestCreateHandler(t *testing.T) { label: "Fail to create the VNF instance", input: bytes.NewBuffer([]byte(`{ "cloud_region_id": "region1", - "namespace": "test", + "rb_profile_id": "123e4567-e89b-12d3-a456-426655440000", "csar_id": "UUID-1" }`)), expectedCode: http.StatusInternalServerError, @@ -120,7 +120,7 @@ func TestCreateHandler(t *testing.T) { label: "Fail to create a VNF DB record", input: bytes.NewBuffer([]byte(`{ "cloud_region_id": "region1", - "namespace": "test", + "rb_profile_id": "123e4567-e89b-12d3-a456-426655440000", "csar_id": "UUID-1" }`)), expectedCode: http.StatusInternalServerError, @@ -135,7 +135,7 @@ func TestCreateHandler(t *testing.T) { label: "Succesful create a VNF", input: bytes.NewBuffer([]byte(`{ "cloud_region_id": "region1", - "namespace": "test", + "rb_profile_id": "123e4567-e89b-12d3-a456-426655440000", "csar_id": "UUID-1" }`)), expectedCode: http.StatusCreated, diff --git a/src/k8splugin/api/model.go b/src/k8splugin/api/model.go index 0e4863c4..164143c2 100644 --- a/src/k8splugin/api/model.go +++ b/src/k8splugin/api/model.go @@ -17,9 +17,9 @@ package api type CreateVnfRequest struct { CloudRegionID string `json:"cloud_region_id"` CsarID string `json:"csar_id"` + RBProfileID string `json:"rb_profile_id"` OOFParams []map[string]interface{} `json:"oof_parameters"` NetworkParams NetworkParameters `json:"network_parameters"` - Namespace string `json:"namespace"` Name string `json:"vnf_instance_name"` Description string `json:"vnf_instance_description"` } @@ -56,7 +56,6 @@ type UpdateVnfRequest struct { CsarID string `json:"csar_id"` OOFParams []map[string]interface{} `json:"oof_parameters"` NetworkParams NetworkParameters `json:"network_parameters"` - Namespace string `json:"namespace"` Name string `json:"vnf_instance_name"` Description string `json:"vnf_instance_description"` } diff --git a/src/k8splugin/internal/app/vnfhelper.go b/src/k8splugin/internal/app/vnfhelper.go index 3deb9f21..f7c4596d 100644 --- a/src/k8splugin/internal/app/vnfhelper.go +++ b/src/k8splugin/internal/app/vnfhelper.go @@ -19,6 +19,7 @@ import ( "log" "math/rand" "os" + "strings" "k8s.io/client-go/kubernetes" @@ -26,6 +27,7 @@ import ( yaml "gopkg.in/yaml.v2" utils "k8splugin/internal" + "k8splugin/internal/rb" ) func generateExternalVNFID() string { @@ -71,40 +73,46 @@ func ensuresNamespace(namespace string, kubeclient kubernetes.Interface) error { } // CreateVNF reads the CSAR files from the files system and creates them one by one -var CreateVNF = func(csarID string, cloudRegionID string, namespace string, kubeclient *kubernetes.Clientset) (string, map[string][]string, error) { - if err := ensuresNamespace(namespace, kubeclient); err != nil { - return "", nil, pkgerrors.Wrap(err, "Error while ensuring namespace: "+namespace) +var CreateVNF = func(csarID string, cloudRegionID string, rbProfileID string, kubeclient *kubernetes.Clientset) (string, map[string][]string, error) { + + overrideValues := []string{} + rbProfileClient := rb.NewProfileClient() + rbProfile, err := rbProfileClient.Get(rbProfileID) + if err != nil { + return "", nil, pkgerrors.Wrap(err, "Error getting profile info") } - externalVNFID := generateExternalVNFID() - internalVNFID := cloudRegionID + "-" + namespace + "-" + externalVNFID - csarDirPath := os.Getenv("CSAR_DIR") + "/" + csarID - metadataYAMLPath := csarDirPath + "/metadata.yaml" + //Make sure that the namespace exists before trying to create any resources + if err := ensuresNamespace(rbProfile.Namespace, kubeclient); err != nil { + return "", nil, pkgerrors.Wrap(err, "Error while ensuring namespace: "+rbProfile.Namespace) + } + externalVNFID := generateExternalVNFID() + internalVNFID := cloudRegionID + "-" + rbProfile.Namespace + "-" + externalVNFID - log.Println("Reading " + metadataYAMLPath + " file") - metadataFile, err := ReadMetadataFile(metadataYAMLPath) + metaMap, err := rb.NewProfileClient().Resolve(rbProfileID, overrideValues) if err != nil { - return "", nil, pkgerrors.Wrap(err, "Error while reading Metadata File: "+metadataYAMLPath) + return "", nil, pkgerrors.Wrap(err, "Error resolving helm charts") } - var path string resourceYAMLNameMap := make(map[string][]string) - // Iterates over the resources defined in the metadata file to create kubernetes resources - log.Println(string(len(metadataFile.ResourceTypePathMap)) + " resource(s) type(s) to be processed") - for resource, fileNames := range metadataFile.ResourceTypePathMap { + // Iterates over the resources defined in the metadata map to create kubernetes resources + log.Printf("%d resource(s) type(s) to be processed", len(metaMap)) + for res, filePaths := range metaMap { + //Convert resource to lower case as the map index is lowercase + resource := strings.ToLower(res) log.Println("Processing items of " + string(resource) + " resource") var resourcesCreated []string - for _, filename := range fileNames { - path = csarDirPath + "/" + filename + for _, filepath := range filePaths { - if _, err := os.Stat(path); os.IsNotExist(err) { - return "", nil, pkgerrors.New("File " + path + "does not exists") + if _, err := os.Stat(filepath); os.IsNotExist(err) { + return "", nil, pkgerrors.New("File " + filepath + "does not exists") } - log.Println("Processing file: " + path) + log.Println("Processing file: " + filepath) + //Populate the namespace from profile instead of instance body genericKubeData := &utils.ResourceData{ - YamlFilePath: path, - Namespace: namespace, + YamlFilePath: filepath, + Namespace: rbProfile.Namespace, VnfId: internalVNFID, } diff --git a/src/k8splugin/internal/app/vnfhelper_test.go b/src/k8splugin/internal/app/vnfhelper_test.go index 81bea627..0bd21f72 100644 --- a/src/k8splugin/internal/app/vnfhelper_test.go +++ b/src/k8splugin/internal/app/vnfhelper_test.go @@ -22,12 +22,12 @@ import ( "plugin" "testing" + pkgerrors "github.com/pkg/errors" yaml "gopkg.in/yaml.v2" "k8s.io/client-go/kubernetes" - pkgerrors "github.com/pkg/errors" - utils "k8splugin/internal" + "k8splugin/internal/db" ) func LoadMockPlugins(krdLoadedPlugins *map[string]*plugin.Plugin) error { @@ -82,7 +82,116 @@ func TestCreateVNF(t *testing.T) { kubeclient := kubernetes.Clientset{} t.Run("Successfully create VNF", func(t *testing.T) { - externaluuid, data, err := CreateVNF("uuid", "cloudregion1", "test", &kubeclient) + db.DBconn = &db.MockDB{ + Items: map[string]map[string][]byte{ + "123e4567-e89b-12d3-a456-426655440000": { + "metadata": []byte( + "{\"name\":\"testresourcebundle\"," + + "\"namespace\":\"default\"," + + "\"uuid\":\"123e4567-e89b-12d3-a456-426655440000\"," + + "\"rbdid\":\"abcde123-e89b-8888-a456-986655447236\"," + + "\"kubernetesversion\":\"1.12.3\"}"), + // base64 encoding of vagrant/tests/vnfs/testrb/helm/profile + "content": []byte("H4sICLmjT1wAA3Byb2ZpbGUudGFyAO1Y32/bNhD2s/6Kg/KyYZZsy" + + "78K78lLMsxY5gRxmqIYhoKWaJsYJWokZdfo+r/vSFmunCZNBtQJ1vF7sXX36e54vDN5T" + + "knGFlTpcEtS3jgO2ohBr2c/EXc/29Gg1+h0e1F32Ol1B1Gj3Ymifr8B7SPFc4BCaSIBG" + + "lII/SXeY/r/KIIg8NZUKiayEaw7nt7mdOQBrAkvqBqBL1ArWULflRJbJz4SYpEt2FJSJ" + + "QoZ21cAAlgwTnOiVyPQWFQLwVuqmCdMthKac7FNaVZWmqWjkRWRuuSvScF1gFZVwYOEr" + + "luapjknaOazd186Z98S7tver+3j0f5v1/q/18f+7w56bdf/zwFF5ZqV/WtbH6YioVdCa" + + "hRkJEVBVSFBvUNRmyNpesgwors0lmkqM8KNzRG8iqLIWN45GUGv57l+fkFUP9PH9GF6f" + + "IgH+kP9b76b/o+GUb9r5J1O1I0a0D9mUBX+5/1/55g+io9/sf+DnuF1sA4Gbv+fA1++p" + + "n0dH4+c/92oPaztv+n/fn84dOf/c+AETkW+lWy50hC1O69gguc1R6HEw5xoHAuaKIq9E" + + "+8ELvCikCmaQJElVIJeURjnJMaPnaYJt+UoAVHYhu8Mwd+p/O9/RAtbUUBKtnj+aygUR" + + "RNM2ZkB6PuY5hpvCzhY4L2fkSymsGF6Zd3sjIRo4u3OhJhrgmyC/ByfFnUeEG0DLrHSO" + + "h+1WpvNJiQ23FDIZYuXVNW6mJyeT2fnAYZsX3qdcaoUSPpXwSQudr4FkmNEMZljnJxsQ" + + "EggOPmgTgsT8UYyzbJlE5RY6A2RFK0kTGnJ5oU+SFcVH666TsCEkQz88QwmMx9+Gs8ms" + + "ybaeDO5+eXy9Q28GV9fj6c3k/MZXF7D6eX0bHIzuZzi088wnr6FXyfTsyZQTBa6oe9za" + + "eLHIJlJJE1M1maUHgSwEGVAKqcxW7AY15UtC7KksDS3uQyXAzmVKVNmOxWGl6AVzlKmb" + + "VGozxcVeh7J2W01S2LOVAsHyj9ZlozgbP+74qVUk4RoMtrfMD98wCzGvEiwXHD3U5GFi" + + "4Jzo/QhhI8fd0yFu3c/fa/d8zmZU67KsRRDefCt/Qu7YdQSw1PzNTS3W1QGnyRVef+N5" + + "YHDKZao/4MP/ju/siEpp0SVQYbX5UNlxxJwizCFyzuMWXkLNySzIyZs4wBrTpXE23I62" + + "wlPRZHp0qJCC7EWslxpSnS8uqgt/YmLr2btnZXaDhnwA4NPzueT8lEt126AyExPY44rS" + + "YA1bJPl15JgRaEdM9CKv/f1YDHdE5e1cYVFdiUwoduDJC+5mBMe5nstbndCF9Zfxakpa" + + "1aNP2LK/Xffhuc3fTNfUYlfzH8a/h97qhmVaikNPi2+nItq8exGtLA+SdW9rgUvUvqbq" + + "YkDi6mRXNk/V1pUxy0uYsI1S+meU+XsPo2kJLnMOKZGy4J6Xt3XgZuHTayEKv3XZLjy+" + + "yJ66WPQwcHBwcHBwcHBwcHBwcHBwcHhm8Q/mTHqWgAoAAA="), + }, + "abcde123-e89b-8888-a456-986655447236": { + "metadata": []byte( + "{\"name\":\"testresourcebundle\"," + + "\"chart-name\":\"vault-consul-dev\"," + + "\"description\":\"testresourcebundle\"," + + "\"uuid\":\"abcde123-e89b-8888-a456-986655447236\"," + + "\"service-type\":\"firewall\"}"), + // base64 encoding of vagrant/tests/vnfs/testrb/helm/vault-consul-dev + "content": []byte("H4sICEetS1wAA3ZhdWx0LWNvbnN1bC1kZXYudGFyAO0c7XLbNjK/+R" + + "QYujdJehatb+V4czPnOmnPk9bO2Gk7nbaTgUhIxpgiGAK0o3P9QPca92S3C5AU9GXZiax" + + "c7rA/LJEAFovdxX4AK1/RIlGNSKSySBoxuzp4sn1oAgx6Pf0JsPipv7c63XZ70O61W4Mn" + + "zVZ7MGg9Ib1HoGUJCqloTsiTXAh1V79N7V8oXC3K/+iC5iqY0kmytTlQwP1ud538W51Wf" + + "0H+3QF8kObWKLgD/s/lv0eORDbN+fhCkXaz9YIcp4ol8DLPRE4VF+k+vIq8PW+PfM8jlk" + + "oWkyKNWU7UBSOHGY3go2zZJz+xXMIY0g6a5Bl28Msm//lfAcNUFGRCpyQVihSSAQouyYg" + + "njLAPEcsU4SmJxCRLOE0jRq65utDTlEgCQPFLiUIMFYXeFPpn8DSy+xGqNMEGLpTKwoOD" + + "6+vrgGpyA5GPDxLTVR58f3z06uT8VQNI1oN+TBMmJcnZ+4LnsNjhlNAMKIroEOhM6DURO" + + "aHjnEGbEkjxdc4VT8f7RIqRuqY5Aywxlyrnw0LNsauiD1ZtdwCG0ZT4h+fk+Nwn3xyeH5" + + "/vA46fj9/+4/THt+Tnw7Ozw5O3x6/OyekZOTo9eXn89vj0BJ6+JYcnv5DXxycv9wkDZsE" + + "07EOWI/1AJEdGshi5ds7YHAEjYQiSGYv4iEewrnRc0DEjY3HF8hSWQzKWT7hEcUogLwYs" + + "CZ9wpZVCLi8q8Dya8VIBQnLV8mImo5xnSj9ru4IMS2iRRhfkJzQ8iJcY44OMBPtDJiJmX" + + "konDFAs2CbAn9X4m8Ffgp53VT2C9EB+n3s3fXmwZP+vaFIwuVUHsMH+d1vd3oL977X6TW" + + "f/dwHO/jv7vzX7v/epAHN8l4ghTdApjPi4MCoIjmGEdkoGW5hirCcIPQJaGLM3Ildvcjb" + + "iH0LSabbhbYYqLBUDBQzJzS2sqpK/JoVPgEue/os4jOUMq88WuKE+vNZmtfRgYTNooXPK" + + "iiR5IwDRNCSHyTWdSsQ9SugY9YilWr9iNizGY2R/Y25aWWSwIVWtlp7u+EoPikMyoolk2" + + "xHAoTXr40nBYLY46OFWlSwH7QuJygumXyRi/C5hVww4fHzy7enqTjFV9F3M4dXTA4PtAF" + + "891Y3INWmwl6aAvOg1m9YLGZJGy6uFZuZQYP2MhBFsGhFoHOMmC4G+iCYXQqrQQgqTUnV" + + "RSt8sQysUEF32UFG2AtnTX8Pw9/BFu9l8WjeqRMLSJIrZXrF5824C81+W79HoGAGRtJgM" + + "YXOCUeQpuDfQZOnlTIv1SBQpKCasF7X/nCUsgqUaRaejEU+5mlZqn+ViyBZ0IKM5xGYK9" + + "oiX8CtYk9TMxXGcJi9ZQqfnDIbEsJ5W02wnLuL5d3skZUCTpPkUVb9cDakQlhNfXzDQe6" + + "bQtpJhzuhlJniqpEago0XcKrBOKcjrF2BRBZPpU9wi6NLBwaTwLQPJAVpcBfoLlsNoVu0" + + "awzfAHPOPWYhnm4olvKBPIikm7IxFCeWTauefMaQDWmmELPgBpIAvafwzeBF2CqigTfJ/" + + "wtv2dxy+T1Bib7RCHcQgbpajcjfSkawaz4uhaZcTaW8Az8Otwg1xapoBypPS5KH1W4qxP" + + "bNbTlY1AOPBLdAEB8MOamtlrwxoSLpdzwMx5SUX2bxd+txBjoO1sBT/KwZRA1UQGG1tjo" + + "ef/3UH/YE7/9sF3CH/GDyGmE5Y+qnHgZvyv2Z7MC9/sC6dvsv/dgF7Lv9z+d9jnP8Bz+T" + + "BVcu75CnEAS9rW+JB9EgxOgnrGOTmBrgYJUUM6gLSn4g0GEGuhI0+CcjtbdlTgvRWd69b" + + "6/4JHbKkjPuBlLWj6gEQ5OMJpe4YmEsQDISgsTF7U6n3HwTDaZiP+H/2if/Or3DkEFBTa" + + "YgMzsxDhUd3ABEBC8cLPc5NnIadUCJIdhmvS9PxJ3MqZwfxBqOsIniNfUJVdPG9tfR7Lr" + + "4y+iUWS0I6e5lDeG9+3osf1XLLLMvE6PVcDZNuh8S3mKBfBdpxARa/nmutMq2gS+N4YyX" + + "kFn5zQBDM0nUQd5VZVX2sRgsrzkdR3X/1NXn+vm+SVfiCztX/fZYh2mkpLrRevAmoLXrK" + + "ID6wQ3B7VpNm/IA6MYfRThyYig50rqr4hNV9Kp6tasGs6DRNplWWtFEg5TH+AyXSGFJIa" + + "cC67Ewyhk6QCMyTqntIxqwCvYjFngVxzWX/OxGIPdUKcldhwHMKPb31rjqrWCDoc4clDn" + + "YEd8T/ld355KugDfF/u99avP8ZdNz9/27Axf8u/n+s+38T+pex7f3i/tLmPHrov5Rf/Le" + + "F/+a4dkUUiA0GWx2oNGb8XOxdnedW89/c8BFh71dj9avTYZ80yv7ZQ4LR2XHwcsw2f9dm" + + "xW1+p9lG/q2YoxozI75BQLJsM3XswzJ1YObHTD0outYTpnE1Wy6UiEQSkrdHb5ZSr3smR" + + "XdqyGew/0v+X2+DLR7+Pvmo8982dHfnvzuAdfI32rsdNXi4/Hu9rpP/TmCD/LdSDbwh/m" + + "+1+93F+L876Ln4fxdgx////hemAANyOIlFJPfJNyyBTICmELa5+N/F/59Y/6sNSn3SLDU" + + "JOljSCgNsFJp+Y3/KCmBjhVyV7+PBBvu/lWrgjec/gyX7P+i2nP3fBTj77+z/F1P/S4w5" + + "glmpIhGwbAisTPWZihYUluqCyspiaKzYdsuF9/A3LCmwCKQOcxdpgXtBV+Vm5lQjr5rh+" + + "YqlyjTiUkB9ysJFrdPG1dXFmSQvUs1ybASF0pLBM4HLF5Kgh1S6bnFVvbIphsQ7MzyTEp" + + "IrkXMmzQWyeZyGJGUfCtkJREozVP6whWG3GVtXP4LnZdGlR2ZvziwMQkyAGLv12FwE1s8" + + "NPT40LlqjToSpZNYXbR6pnm20pqAxYAmVikdBJGbdSvxDRsEdoY3Ab2Ev6FXozarxvg/4" + + "jBd+eCa2osYa+1YKpK/g9JUXQYMOuzDXZzhTWMeI5VjJGesBsOvr6k5VXbPpnysBedpky" + + "YVacXN1vr5YU6P92GpvQubrvfUV4Dbs/wb/v5VqwIfn/4Net+Py/13AveX/rj5oD1T2sG" + + "BwU/7f73cW6v/anb7L/3cCNzcHX3suCHRB4LaCwK8Pbm89T6sVIWdMiuTKzFrbDx0/ATP" + + "1bz+oSfgD8vaCzX6/UneVxQhCHfz9gayRVHKuB0JbGQwi2TmPY5YSPrJ+ZPKMjQO93Do0" + + "fA44C4krRFQjkSTiGp90hBl6+latuiJKZXlrRcJqBns5JvgzC8cbI1gFBESrLijNvVXZx" + + "1Qt2VdABt3SrI0SL4Pgo7HtW6L72/9ZPPlQB7DB/nc6ve6i/e93Xf3HTsDZf2f/d2f/a9" + + "NtDoMX8tZpAEPQD2gjrMmzCp/LPsg2nXiDSEoruo+23AisXH9tpScM7FnK5aQaFsyb9rI" + + "6wUJv2/jKSi/SqUnDkwbdIOcwznqdVmgsjGY+nUeuRY6KgHwvW4YUUsy13mU2buZewPXd" + + "QY1V25DlPFUj4v9J+neNqPBi7YU1erHy1lrCevbWuHRZhe3WVirNEnMki3KG/0fkkqXr1" + + "WVp3iPcxKUKhHOHI9hicndoy0P915R7UCmvRQ7JdvWtLLHnSUgYfpBnQl9u0OT5PeQTGN" + + "LtKOArbCXh35aKRmyplqUjun+Ey4D+d69z1l9TCf3rYpu/+wZJoFtmHWkBRhY6zjQiRKU" + + "wfZEl5deKFeQPMux3WRrNcFRDb36D0b/5IXziQNz28GRe7v/mVxjsd5qb9gskp36+vfVL" + + "Tq0nx6zULKMm7VEDp/8RuH/8V5eKPTD733z/01zO/6G/i/92AS7+c/HfbuO/MuN/KkllU" + + "bzSj1de6pqDyg3ZLMk3Y59ZDh5f1PEJxDuSqecYDhyCqcdhqFditFxRqmkox0kM4Rbiwb" + + "mOq0LBsgN5xllgiHuuqasCAL3sVx8yWhJS9dcIddhYnlusjRjmSqCtWEFjsHy5XaW8ki3" + + "Lpw0Gx8q1/oFXCuAz+x39lU/O9ckL8Rv+oh/93CbLwRbhYef/H+H8n2z2/612e8H/w5P7" + + "/287Aef/nf9/PP9vOcIF97/e/y06vnv7uwe4sJpAyJfBugFR1Sz4w6ApeV/QBDgCUrFv5" + + "bUFxFgFp6EoM6pwNlyQhIAloqjOUgCBr4shMJBhnaPx/JwlMXAwZ4Z/Rm205j8D3UIGvQ" + + "RZQl9kOgrk+XoOzX68tJ3wYJb0N/RJ0NzPUr5y4YEDBw4cOHDgwIEDBw4cOHDgwIEDBw4" + + "cOHDgwIEDB18K/AcxEDJDAHgAAA=="), + }, + }, + } + externaluuid, data, err := CreateVNF("uuid", "cloudregion1", + "123e4567-e89b-12d3-a456-426655440000", &kubeclient) if err != nil { t.Fatalf("TestCreateVNF returned an error (%s)", err) } diff --git a/src/k8splugin/internal/db/testing.go b/src/k8splugin/internal/db/testing.go index 003399af..a6c940ef 100644 --- a/src/k8splugin/internal/db/testing.go +++ b/src/k8splugin/internal/db/testing.go @@ -1,4 +1,4 @@ -// +build unit +// +build unit integration /* Copyright 2018 Intel Corporation. diff --git a/src/k8splugin/internal/rb/profile.go b/src/k8splugin/internal/rb/profile.go index d78e32e4..086c3486 100644 --- a/src/k8splugin/internal/rb/profile.go +++ b/src/k8splugin/internal/rb/profile.go @@ -21,9 +21,12 @@ import ( "encoding/base64" "k8splugin/internal/db" "log" + "path/filepath" uuid "github.com/hashicorp/go-uuid" pkgerrors "github.com/pkg/errors" + + "k8splugin/internal/helm" ) // Profile contains the parameters needed for resource bundle (rb) profiles @@ -216,3 +219,74 @@ func (v *ProfileClient) Download(id string) ([]byte, error) { } return nil, pkgerrors.New("Error downloading Profile content") } + +//Resolve returns the path where the helm chart merged with +//configuration overrides resides. +func (v *ProfileClient) Resolve(id string, values []string) (map[string][]string, error) { + + var retMap map[string][]string + + //Download and process the profile first + //If everything seems okay, then download the definition + prData, err := v.Download(id) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Downloading Profile") + } + + prPath, err := ExtractTarBall(bytes.NewBuffer(prData)) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Extracting Profile Content") + } + + prYamlClient, err := ProcessProfileYaml(prPath, v.manifestName) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Processing Profile Manifest") + } + + //Get the definition ID and download its contents + profile, err := v.Get(id) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Getting Profile") + } + + definitionClient := NewDefinitionClient() + + definition, err := definitionClient.Get(profile.RBDID) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Getting Definition Metadata") + } + + defData, err := definitionClient.Download(profile.RBDID) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Downloading Definition") + } + + chartBasePath, err := ExtractTarBall(bytes.NewBuffer(defData)) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Extracting Definition Charts") + } + + //Copy the profile configresources to the chart locations + //Corresponds to the following from the profile yaml + // configresource: + // - filepath: config.yaml + // chartpath: chart/config/resources/config.yaml + err = prYamlClient.CopyConfigurationOverrides(chartBasePath) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Copying configresources to chart") + } + + helmClient := helm.NewTemplateClient(profile.KubernetesVersion, + profile.Namespace, + profile.Name) + + chartPath := filepath.Join(chartBasePath, definition.ChartName) + retMap, err = helmClient.GenerateKubernetesArtifacts(chartPath, + []string{prYamlClient.GetValues()}, + values) + if err != nil { + return retMap, pkgerrors.Wrap(err, "Generate final k8s yaml") + } + + return retMap, nil +} diff --git a/src/k8splugin/internal/rb/profile_test.go b/src/k8splugin/internal/rb/profile_test.go index d97969de..df0db18a 100644 --- a/src/k8splugin/internal/rb/profile_test.go +++ b/src/k8splugin/internal/rb/profile_test.go @@ -523,3 +523,144 @@ func TestDownloadProfile(t *testing.T) { }) } } + +func TestResolveProfile(t *testing.T) { + testCases := []struct { + label string + inp string + expected map[string][]string + expectedError string + mockdb *db.MockDB + }{ + { + label: "Resolve Resource Bundle Profile", + inp: "123e4567-e89b-12d3-a456-426655440000", + expected: map[string][]string{}, + mockdb: &db.MockDB{ + Items: map[string]map[string][]byte{ + "123e4567-e89b-12d3-a456-426655440000": { + "metadata": []byte( + "{\"name\":\"testresourcebundle\"," + + "\"namespace\":\"default\"," + + "\"uuid\":\"123e4567-e89b-12d3-a456-426655440000\"," + + "\"rbdid\":\"abcde123-e89b-8888-a456-986655447236\"," + + "\"kubernetesversion\":\"1.12.3\"}"), + // base64 encoding of vagrant/tests/vnfs/testrb/helm/profile + "content": []byte("H4sICLmjT1wAA3Byb2ZpbGUudGFyAO1Y32/bNhD2s/6Kg/KyYZZsy" + + "78K78lLMsxY5gRxmqIYhoKWaJsYJWokZdfo+r/vSFmunCZNBtQJ1vF7sXX36e54vDN5T" + + "knGFlTpcEtS3jgO2ohBr2c/EXc/29Gg1+h0e1F32Ol1B1Gj3Ymifr8B7SPFc4BCaSIBG" + + "lII/SXeY/r/KIIg8NZUKiayEaw7nt7mdOQBrAkvqBqBL1ArWULflRJbJz4SYpEt2FJSJ" + + "QoZ21cAAlgwTnOiVyPQWFQLwVuqmCdMthKac7FNaVZWmqWjkRWRuuSvScF1gFZVwYOEr" + + "luapjknaOazd186Z98S7tver+3j0f5v1/q/18f+7w56bdf/zwFF5ZqV/WtbH6YioVdCa" + + "hRkJEVBVSFBvUNRmyNpesgwors0lmkqM8KNzRG8iqLIWN45GUGv57l+fkFUP9PH9GF6f" + + "IgH+kP9b76b/o+GUb9r5J1O1I0a0D9mUBX+5/1/55g+io9/sf+DnuF1sA4Gbv+fA1++p" + + "n0dH4+c/92oPaztv+n/fn84dOf/c+AETkW+lWy50hC1O69gguc1R6HEw5xoHAuaKIq9E" + + "+8ELvCikCmaQJElVIJeURjnJMaPnaYJt+UoAVHYhu8Mwd+p/O9/RAtbUUBKtnj+aygUR" + + "RNM2ZkB6PuY5hpvCzhY4L2fkSymsGF6Zd3sjIRo4u3OhJhrgmyC/ByfFnUeEG0DLrHSO" + + "h+1WpvNJiQ23FDIZYuXVNW6mJyeT2fnAYZsX3qdcaoUSPpXwSQudr4FkmNEMZljnJxsQ" + + "EggOPmgTgsT8UYyzbJlE5RY6A2RFK0kTGnJ5oU+SFcVH666TsCEkQz88QwmMx9+Gs8ms" + + "ybaeDO5+eXy9Q28GV9fj6c3k/MZXF7D6eX0bHIzuZzi088wnr6FXyfTsyZQTBa6oe9za" + + "eLHIJlJJE1M1maUHgSwEGVAKqcxW7AY15UtC7KksDS3uQyXAzmVKVNmOxWGl6AVzlKmb" + + "VGozxcVeh7J2W01S2LOVAsHyj9ZlozgbP+74qVUk4RoMtrfMD98wCzGvEiwXHD3U5GFi" + + "4Jzo/QhhI8fd0yFu3c/fa/d8zmZU67KsRRDefCt/Qu7YdQSw1PzNTS3W1QGnyRVef+N5" + + "YHDKZao/4MP/ju/siEpp0SVQYbX5UNlxxJwizCFyzuMWXkLNySzIyZs4wBrTpXE23I62" + + "wlPRZHp0qJCC7EWslxpSnS8uqgt/YmLr2btnZXaDhnwA4NPzueT8lEt126AyExPY44rS" + + "YA1bJPl15JgRaEdM9CKv/f1YDHdE5e1cYVFdiUwoduDJC+5mBMe5nstbndCF9Zfxakpa" + + "1aNP2LK/Xffhuc3fTNfUYlfzH8a/h97qhmVaikNPi2+nItq8exGtLA+SdW9rgUvUvqbq" + + "YkDi6mRXNk/V1pUxy0uYsI1S+meU+XsPo2kJLnMOKZGy4J6Xt3XgZuHTayEKv3XZLjy+" + + "yJ66WPQwcHBwcHBwcHBwcHBwcHBwcHhm8Q/mTHqWgAoAAA="), + }, + "abcde123-e89b-8888-a456-986655447236": { + "metadata": []byte( + "{\"name\":\"testresourcebundle\"," + + "\"chart-name\":\"vault-consul-dev\"," + + "\"description\":\"testresourcebundle\"," + + "\"uuid\":\"abcde123-e89b-8888-a456-986655447236\"," + + "\"service-type\":\"firewall\"}"), + // base64 encoding of vagrant/tests/vnfs/testrb/helm/vault-consul-dev + "content": []byte("H4sICEetS1wAA3ZhdWx0LWNvbnN1bC1kZXYudGFyAO0c7XLbNjK/+R" + + "QYujdJehatb+V4czPnOmnPk9bO2Gk7nbaTgUhIxpgiGAK0o3P9QPca92S3C5AU9GXZiax" + + "c7rA/LJEAFovdxX4AK1/RIlGNSKSySBoxuzp4sn1oAgx6Pf0JsPipv7c63XZ70O61W4Mn" + + "zVZ7MGg9Ib1HoGUJCqloTsiTXAh1V79N7V8oXC3K/+iC5iqY0kmytTlQwP1ud538W51Wf" + + "0H+3QF8kObWKLgD/s/lv0eORDbN+fhCkXaz9YIcp4ol8DLPRE4VF+k+vIq8PW+PfM8jlk" + + "oWkyKNWU7UBSOHGY3go2zZJz+xXMIY0g6a5Bl28Msm//lfAcNUFGRCpyQVihSSAQouyYg" + + "njLAPEcsU4SmJxCRLOE0jRq65utDTlEgCQPFLiUIMFYXeFPpn8DSy+xGqNMEGLpTKwoOD" + + "6+vrgGpyA5GPDxLTVR58f3z06uT8VQNI1oN+TBMmJcnZ+4LnsNjhlNAMKIroEOhM6DURO" + + "aHjnEGbEkjxdc4VT8f7RIqRuqY5Aywxlyrnw0LNsauiD1ZtdwCG0ZT4h+fk+Nwn3xyeH5" + + "/vA46fj9/+4/THt+Tnw7Ozw5O3x6/OyekZOTo9eXn89vj0BJ6+JYcnv5DXxycv9wkDZsE" + + "07EOWI/1AJEdGshi5ds7YHAEjYQiSGYv4iEewrnRc0DEjY3HF8hSWQzKWT7hEcUogLwYs" + + "CZ9wpZVCLi8q8Dya8VIBQnLV8mImo5xnSj9ru4IMS2iRRhfkJzQ8iJcY44OMBPtDJiJmX" + + "konDFAs2CbAn9X4m8Ffgp53VT2C9EB+n3s3fXmwZP+vaFIwuVUHsMH+d1vd3oL977X6TW" + + "f/dwHO/jv7vzX7v/epAHN8l4ghTdApjPi4MCoIjmGEdkoGW5hirCcIPQJaGLM3Ildvcjb" + + "iH0LSabbhbYYqLBUDBQzJzS2sqpK/JoVPgEue/os4jOUMq88WuKE+vNZmtfRgYTNooXPK" + + "iiR5IwDRNCSHyTWdSsQ9SugY9YilWr9iNizGY2R/Y25aWWSwIVWtlp7u+EoPikMyoolk2" + + "xHAoTXr40nBYLY46OFWlSwH7QuJygumXyRi/C5hVww4fHzy7enqTjFV9F3M4dXTA4PtAF" + + "891Y3INWmwl6aAvOg1m9YLGZJGy6uFZuZQYP2MhBFsGhFoHOMmC4G+iCYXQqrQQgqTUnV" + + "RSt8sQysUEF32UFG2AtnTX8Pw9/BFu9l8WjeqRMLSJIrZXrF5824C81+W79HoGAGRtJgM" + + "YXOCUeQpuDfQZOnlTIv1SBQpKCasF7X/nCUsgqUaRaejEU+5mlZqn+ViyBZ0IKM5xGYK9" + + "oiX8CtYk9TMxXGcJi9ZQqfnDIbEsJ5W02wnLuL5d3skZUCTpPkUVb9cDakQlhNfXzDQe6" + + "bQtpJhzuhlJniqpEago0XcKrBOKcjrF2BRBZPpU9wi6NLBwaTwLQPJAVpcBfoLlsNoVu0" + + "awzfAHPOPWYhnm4olvKBPIikm7IxFCeWTauefMaQDWmmELPgBpIAvafwzeBF2CqigTfJ/" + + "wtv2dxy+T1Bib7RCHcQgbpajcjfSkawaz4uhaZcTaW8Az8Otwg1xapoBypPS5KH1W4qxP" + + "bNbTlY1AOPBLdAEB8MOamtlrwxoSLpdzwMx5SUX2bxd+txBjoO1sBT/KwZRA1UQGG1tjo" + + "ef/3UH/YE7/9sF3CH/GDyGmE5Y+qnHgZvyv2Z7MC9/sC6dvsv/dgF7Lv9z+d9jnP8Bz+T" + + "BVcu75CnEAS9rW+JB9EgxOgnrGOTmBrgYJUUM6gLSn4g0GEGuhI0+CcjtbdlTgvRWd69b" + + "6/4JHbKkjPuBlLWj6gEQ5OMJpe4YmEsQDISgsTF7U6n3HwTDaZiP+H/2if/Or3DkEFBTa" + + "YgMzsxDhUd3ABEBC8cLPc5NnIadUCJIdhmvS9PxJ3MqZwfxBqOsIniNfUJVdPG9tfR7Lr" + + "4y+iUWS0I6e5lDeG9+3osf1XLLLMvE6PVcDZNuh8S3mKBfBdpxARa/nmutMq2gS+N4YyX" + + "kFn5zQBDM0nUQd5VZVX2sRgsrzkdR3X/1NXn+vm+SVfiCztX/fZYh2mkpLrRevAmoLXrK" + + "ID6wQ3B7VpNm/IA6MYfRThyYig50rqr4hNV9Kp6tasGs6DRNplWWtFEg5TH+AyXSGFJIa" + + "cC67Ewyhk6QCMyTqntIxqwCvYjFngVxzWX/OxGIPdUKcldhwHMKPb31rjqrWCDoc4clDn" + + "YEd8T/ld355KugDfF/u99avP8ZdNz9/27Axf8u/n+s+38T+pex7f3i/tLmPHrov5Rf/Le" + + "F/+a4dkUUiA0GWx2oNGb8XOxdnedW89/c8BFh71dj9avTYZ80yv7ZQ4LR2XHwcsw2f9dm" + + "xW1+p9lG/q2YoxozI75BQLJsM3XswzJ1YObHTD0outYTpnE1Wy6UiEQSkrdHb5ZSr3smR" + + "XdqyGew/0v+X2+DLR7+Pvmo8982dHfnvzuAdfI32rsdNXi4/Hu9rpP/TmCD/LdSDbwh/m" + + "+1+93F+L876Ln4fxdgx////hemAANyOIlFJPfJNyyBTICmELa5+N/F/59Y/6sNSn3SLDU" + + "JOljSCgNsFJp+Y3/KCmBjhVyV7+PBBvu/lWrgjec/gyX7P+i2nP3fBTj77+z/F1P/S4w5" + + "glmpIhGwbAisTPWZihYUluqCyspiaKzYdsuF9/A3LCmwCKQOcxdpgXtBV+Vm5lQjr5rh+" + + "YqlyjTiUkB9ysJFrdPG1dXFmSQvUs1ybASF0pLBM4HLF5Kgh1S6bnFVvbIphsQ7MzyTEp" + + "IrkXMmzQWyeZyGJGUfCtkJREozVP6whWG3GVtXP4LnZdGlR2ZvziwMQkyAGLv12FwE1s8" + + "NPT40LlqjToSpZNYXbR6pnm20pqAxYAmVikdBJGbdSvxDRsEdoY3Ab2Ev6FXozarxvg/4" + + "jBd+eCa2osYa+1YKpK/g9JUXQYMOuzDXZzhTWMeI5VjJGesBsOvr6k5VXbPpnysBedpky" + + "YVacXN1vr5YU6P92GpvQubrvfUV4Dbs/wb/v5VqwIfn/4Net+Py/13AveX/rj5oD1T2sG" + + "BwU/7f73cW6v/anb7L/3cCNzcHX3suCHRB4LaCwK8Pbm89T6sVIWdMiuTKzFrbDx0/ATP" + + "1bz+oSfgD8vaCzX6/UneVxQhCHfz9gayRVHKuB0JbGQwi2TmPY5YSPrJ+ZPKMjQO93Do0" + + "fA44C4krRFQjkSTiGp90hBl6+latuiJKZXlrRcJqBns5JvgzC8cbI1gFBESrLijNvVXZx" + + "1Qt2VdABt3SrI0SL4Pgo7HtW6L72/9ZPPlQB7DB/nc6ve6i/e93Xf3HTsDZf2f/d2f/a9" + + "NtDoMX8tZpAEPQD2gjrMmzCp/LPsg2nXiDSEoruo+23AisXH9tpScM7FnK5aQaFsyb9rI" + + "6wUJv2/jKSi/SqUnDkwbdIOcwznqdVmgsjGY+nUeuRY6KgHwvW4YUUsy13mU2buZewPXd" + + "QY1V25DlPFUj4v9J+neNqPBi7YU1erHy1lrCevbWuHRZhe3WVirNEnMki3KG/0fkkqXr1" + + "WVp3iPcxKUKhHOHI9hicndoy0P915R7UCmvRQ7JdvWtLLHnSUgYfpBnQl9u0OT5PeQTGN" + + "LtKOArbCXh35aKRmyplqUjun+Ey4D+d69z1l9TCf3rYpu/+wZJoFtmHWkBRhY6zjQiRKU" + + "wfZEl5deKFeQPMux3WRrNcFRDb36D0b/5IXziQNz28GRe7v/mVxjsd5qb9gskp36+vfVL" + + "Tq0nx6zULKMm7VEDp/8RuH/8V5eKPTD733z/01zO/6G/i/92AS7+c/HfbuO/MuN/KkllU" + + "bzSj1de6pqDyg3ZLMk3Y59ZDh5f1PEJxDuSqecYDhyCqcdhqFditFxRqmkox0kM4Rbiwb" + + "mOq0LBsgN5xllgiHuuqasCAL3sVx8yWhJS9dcIddhYnlusjRjmSqCtWEFjsHy5XaW8ki3" + + "Lpw0Gx8q1/oFXCuAz+x39lU/O9ckL8Rv+oh/93CbLwRbhYef/H+H8n2z2/612e8H/w5P7" + + "/287Aef/nf9/PP9vOcIF97/e/y06vnv7uwe4sJpAyJfBugFR1Sz4w6ApeV/QBDgCUrFv5" + + "bUFxFgFp6EoM6pwNlyQhIAloqjOUgCBr4shMJBhnaPx/JwlMXAwZ4Z/Rm205j8D3UIGvQ" + + "RZQl9kOgrk+XoOzX68tJ3wYJb0N/RJ0NzPUr5y4YEDBw4cOHDgwIEDBw4cOHDgwIEDBw4" + + "cOHDgwIEDB18K/AcxEDJDAHgAAA=="), + }, + }, + }, + }, + } + + for _, testCase := range testCases { + t.Run(testCase.label, func(t *testing.T) { + db.DBconn = testCase.mockdb + impl := NewProfileClient() + data, err := impl.Resolve(testCase.inp, []string{}) + if err != nil { + if testCase.expectedError == "" { + t.Errorf("Resolve returned an unexpected error %s", err) + } + if strings.Contains(err.Error(), testCase.expectedError) == false { + t.Errorf("Resolve returned an unexpected error %s", err) + } + } + t.Log(data) + }) + } +} diff --git a/vagrant/installer.sh b/vagrant/installer.sh index cf1eb357..6f0c3052 100755 --- a/vagrant/installer.sh +++ b/vagrant/installer.sh @@ -55,7 +55,7 @@ function _install_docker { if $(docker version &>/dev/null); then return fi - sudo apt-get install -y software-properties-common linux-image-extra-$(uname -r) linux-image-extra-virtual apt-transport-https ca-certificates curl + sudo apt-get install -y apt-transport-https ca-certificates curl curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" sudo apt-get update diff --git a/vagrant/inventory/group_vars/k8s-cluster.yml b/vagrant/inventory/group_vars/k8s-cluster.yml index 4de3a276..8f719a43 100644 --- a/vagrant/inventory/group_vars/k8s-cluster.yml +++ b/vagrant/inventory/group_vars/k8s-cluster.yml @@ -7,12 +7,6 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## -## For some things, kubelet needs to load kernel modules. For example, dynamic kernel services are needed -## for mounting persistent volumes into containers. These may not be loaded by preinstall kubernetes -## processes. For example, ceph and rbd backed volumes. Set to true to allow kubelet to load kernel -## modules. -kubelet_load_modules: true - # Kubernetes configuration dirs and system namespace. # Those are where all the additional config stuff goes # kubernetes normally puts in /srv/kubernetes. @@ -44,17 +38,12 @@ kube_token_auth: true # Can also be set to 'cloud', which lets the cloud provider setup appropriate routing kube_network_plugin: flannel -# Settings for containerized control plane -kubelet_deployment_type: host - -# NGINX Ingress Controller -ingress_nginx_enabled: true - # Make a copy of kubeconfig on the host that runs Ansible in GITDIR/artifacts kubeconfig_localhost: true # Enable MountPropagation gate feature local_volumes_enabled: true +local_volume_provisioner_enabled: true ## Change this to use another Kubernetes version, e.g. a current beta release kube_version: v1.12.3 diff --git a/vagrant/setup.sh b/vagrant/setup.sh index 0fb1b0d6..9c65ccdb 100755 --- a/vagrant/setup.sh +++ b/vagrant/setup.sh @@ -11,8 +11,8 @@ set -o nounset set -o pipefail -vagrant_version=2.2.3 -if ! $(vagrant version &>/dev/null); then +vagrant_version=2.2.4 +if ! vagrant version &>/dev/null; then enable_vagrant_install=true else if [[ "$vagrant_version" != "$(vagrant version | awk 'NR==1{print $3}')" ]]; then @@ -78,7 +78,7 @@ case ${ID,,} in case $VAGRANT_DEFAULT_PROVIDER in virtualbox) - wget -q http://download.virtualbox.org/virtualbox/rpm/opensuse/$VERSION/virtualbox.repo -P /etc/zypp/repos.d/ + wget -q "http://download.virtualbox.org/virtualbox/rpm/opensuse/$VERSION/virtualbox.repo" -P /etc/zypp/repos.d/ $INSTALLER_CMD --enablerepo=epel dkms wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | rpm --import - packages+=(VirtualBox-5.1) @@ -124,7 +124,7 @@ case ${ID,,} in rhel|centos|fedora) PKG_MANAGER=$(which dnf || which yum) - sudo $PKG_MANAGER updateinfo + sudo "$PKG_MANAGER" updateinfo INSTALLER_CMD="sudo -H -E ${PKG_MANAGER} -q -y install" packages+=(python-devel) @@ -174,7 +174,7 @@ else fi sudo modprobe vhost_net -${INSTALLER_CMD} ${packages[@]} +${INSTALLER_CMD} "${packages[@]}" if ! which pip; then curl -sL https://bootstrap.pypa.io/get-pip.py | sudo python else @@ -184,9 +184,9 @@ sudo -H -E pip install tox if [[ ${http_proxy+x} ]]; then vagrant plugin install vagrant-proxyconf fi -if [ $VAGRANT_DEFAULT_PROVIDER == libvirt ]; then +if [ "$VAGRANT_DEFAULT_PROVIDER" == libvirt ]; then vagrant plugin install vagrant-libvirt - sudo usermod -a -G $libvirt_group $USER # This might require to reload user's group assigments + sudo usermod -a -G $libvirt_group "$USER" # This might require to reload user's group assigments sudo systemctl restart libvirtd # Start statd service to prevent NFS lock errors diff --git a/vagrant/tests/cFW/README.md b/vagrant/tests/cFW/README.md new file mode 100644 index 00000000..c6ac9e20 --- /dev/null +++ b/vagrant/tests/cFW/README.md @@ -0,0 +1,10 @@ +# Cloud-Native Firewall Virtual Network Function + +[CNF][1] version of the ONAP vFirewall use case. + +## License + +Apache-2.0 + +[1]: https://github.com/ligato/cn-infra/blob/master/docs/readmes/cn_virtual_function.md +[2]: https://github.com/electrocucaracha/vFW-demo diff --git a/vagrant/tests/cFW/Vagrantfile b/vagrant/tests/cFW/Vagrantfile new file mode 100644 index 00000000..d02e7d01 --- /dev/null +++ b/vagrant/tests/cFW/Vagrantfile @@ -0,0 +1,33 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + config.vm.box = "elastic/ubuntu-16.04-x86_64" + config.vm.hostname = "demo" + config.vm.provision 'shell', path: 'postinstall.sh' + config.vm.network :private_network, :ip => "192.168.10.5", :type => :static # unprotected_private_net_cidr + config.vm.network :private_network, :ip => "192.168.20.5", :type => :static # protected_private_net_cidr + config.vm.network :private_network, :ip => "10.10.12.5", :type => :static, :netmask => "16" # onap_private_net_cidr + + if ENV['http_proxy'] != nil and ENV['https_proxy'] != nil + if not Vagrant.has_plugin?('vagrant-proxyconf') + system 'vagrant plugin install vagrant-proxyconf' + raise 'vagrant-proxyconf was installed but it requires to execute again' + end + config.proxy.http = ENV['http_proxy'] || ENV['HTTP_PROXY'] || "" + config.proxy.https = ENV['https_proxy'] || ENV['HTTPS_PROXY'] || "" + config.proxy.no_proxy = ENV['NO_PROXY'] || ENV['no_proxy'] || "127.0.0.1,localhost" + config.proxy.enabled = { docker: false } + end + + config.vm.provider 'virtualbox' do |v| + v.customize ["modifyvm", :id, "--memory", 8192] + v.customize ["modifyvm", :id, "--cpus", 2] + end + config.vm.provider 'libvirt' do |v| + v.memory = 8192 + v.cpus = 2 + v.nested = true + v.cpu_mode = 'host-passthrough' + end +end diff --git a/vagrant/tests/cFW/darkstat/Dockerfile b/vagrant/tests/cFW/darkstat/Dockerfile new file mode 100644 index 00000000..d3a46b9c --- /dev/null +++ b/vagrant/tests/cFW/darkstat/Dockerfile @@ -0,0 +1,14 @@ +FROM ubuntu:16.04 +MAINTAINER Victor Morales <electrocucaracha@gmail.com> + +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY + +RUN apt-get update && apt-get install -y -qq darkstat + +EXPOSE 667 + +CMD ["/usr/sbin/darkstat", "-i", "eth1", "--no-daemon"] diff --git a/vagrant/tests/cFW/docker-compose.yml b/vagrant/tests/cFW/docker-compose.yml new file mode 100644 index 00000000..6d883fbd --- /dev/null +++ b/vagrant/tests/cFW/docker-compose.yml @@ -0,0 +1,38 @@ +version: '3' + +services: + packetgen: + privileged: true + network_mode: "host" + image: electrocucaracha/packetgen + build: + context: ./packetgen + args: + HTTP_PROXY: $HTTP_PROXY + HTTPS_PROXY: $HTTPS_PROXY + firewall: + privileged: true + network_mode: "host" + image: electrocucaracha/firewall + build: + context: ./firewall + args: + HTTP_PROXY: $HTTP_PROXY + HTTPS_PROXY: $HTTPS_PROXY + sink: + privileged: true + network_mode: "host" + image: electrocucaracha/sink + build: + context: ./sink + args: + HTTP_PROXY: $HTTP_PROXY + HTTPS_PROXY: $HTTPS_PROXY + darkstat: + network_mode: "host" + image: electrocucaracha/darkstat + build: + context: ./darkstat + args: + HTTP_PROXY: $HTTP_PROXY + HTTPS_PROXY: $HTTPS_PROXY diff --git a/vagrant/tests/cFW/firewall/Dockerfile b/vagrant/tests/cFW/firewall/Dockerfile new file mode 100644 index 00000000..7d3e6ede --- /dev/null +++ b/vagrant/tests/cFW/firewall/Dockerfile @@ -0,0 +1,49 @@ +FROM electrocucaracha/vpp +MAINTAINER Victor Morales <electrocucaracha@gmail.com> + +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY +ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" + +ENV protected_net_cidr "192.168.20.0/24" +ENV fw_ipaddr "192.168.10.100" +ENV sink_ipaddr "192.168.20.250" +ENV demo_artifacts_version "1.3.0" + +RUN apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools \ + bsdmainutils make gcc libcurl4-gnutls-dev + +WORKDIR /opt + +RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_firewall_init.sh" \ + && chmod +x v_firewall_init.sh \ + && sed -i 's|start vpp|/usr/bin/vpp -c /etc/vpp/startup.conf|g' v_firewall_init.sh + +RUN wget "${repo_url}/sample-distribution/${demo_artifacts_version}/sample-distribution-${demo_artifacts_version}-hc.tar.gz" \ + && tar -zmxf sample-distribution-${demo_artifacts_version}-hc.tar.gz \ + && rm sample-distribution-${demo_artifacts_version}-hc.tar.gz \ + && mv sample-distribution-${demo_artifacts_version} honeycomb \ + && sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json + +RUN wget "${repo_url}/ves5/ves/${demo_artifacts_version}/ves-${demo_artifacts_version}-demo.tar.gz" \ + && tar -zmxf ves-${demo_artifacts_version}-demo.tar.gz \ + && rm ves-${demo_artifacts_version}-demo.tar.gz \ + && mv ves-${demo_artifacts_version} VES + +RUN wget "${repo_url}/ves5/ves_vfw_reporting/${demo_artifacts_version}/ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz" \ + && tar -zmxf ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz \ + && rm ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz \ + && mv ves_vfw_reporting-${demo_artifacts_version} VES/evel/evel-library/code/VESreporting \ + && chmod +x VES/evel/evel-library/code/VESreporting/go-client.sh \ + && cd VES/evel/evel-library/bldjobs/ && make clean && make && cd - + +RUN mkdir -p /opt/config/ \ + && echo $protected_net_cidr > /opt/config/protected_net_cidr.txt \ + && echo $fw_ipaddr > /opt/config/fw_ipaddr.txt \ + && echo $sink_ipaddr > /opt/config/sink_ipaddr.txt \ + && echo $demo_artifacts_version > /opt/config/demo_artifacts_version.txt + +CMD ["./v_firewall_init.sh"] diff --git a/vagrant/tests/cFW/packetgen/Dockerfile b/vagrant/tests/cFW/packetgen/Dockerfile new file mode 100644 index 00000000..cb1da555 --- /dev/null +++ b/vagrant/tests/cFW/packetgen/Dockerfile @@ -0,0 +1,44 @@ +FROM electrocucaracha/vpp +MAINTAINER Victor Morales <electrocucaracha@gmail.com> + +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY +ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" + +ENV protected_net_cidr "192.168.20.0/24" +ENV fw_ipaddr "192.168.10.100" +ENV sink_ipaddr "192.168.20.250" +ENV demo_artifacts_version "1.3.0" + +RUN apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools \ + bsdmainutils + +WORKDIR /opt +EXPOSE 8183 + +RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_packetgen_init.sh" \ + && wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/run_traffic_fw_demo.sh" \ + && chmod +x *.sh \ + && sed -i 's|start vpp|/usr/bin/vpp -c /etc/vpp/startup.conf|g;s|/opt/honeycomb/sample-distribution-\$VERSION/honeycomb|/opt/honeycomb/honeycomb|g' v_packetgen_init.sh + +RUN wget "${repo_url}/sample-distribution/${demo_artifacts_version}/sample-distribution-${demo_artifacts_version}-hc.tar.gz" \ + && tar -zmxf sample-distribution-${demo_artifacts_version}-hc.tar.gz \ + && rm sample-distribution-${demo_artifacts_version}-hc.tar.gz \ + && mv sample-distribution-${demo_artifacts_version} honeycomb \ + && sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json + +RUN wget "${repo_url}/vfw/vfw_pg_streams/${demo_artifacts_version}/vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz" \ + && tar -zmxf vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz \ + && rm vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz \ + && mv vfw_pg_streams-${demo_artifacts_version} pg_streams + +RUN mkdir -p /opt/config/ \ + && echo $protected_net_cidr > /opt/config/protected_net_cidr.txt \ + && echo $fw_ipaddr > /opt/config/fw_ipaddr.txt \ + && echo $sink_ipaddr > /opt/config/sink_ipaddr.txt \ + && echo $demo_artifacts_version > /opt/config/demo_artifacts_version.txt + +CMD ["./v_packetgen_init.sh"] diff --git a/vagrant/tests/cFW/postinstall.sh b/vagrant/tests/cFW/postinstall.sh new file mode 100755 index 00000000..5a1d5043 --- /dev/null +++ b/vagrant/tests/cFW/postinstall.sh @@ -0,0 +1,83 @@ +#!/bin/bash +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +set -o nounset +set -o pipefail +set -o xtrace + +# install_docker() - Download and install docker-engine +function install_docker { + local max_concurrent_downloads=${1:-3} + + if $(docker version &>/dev/null); then + return + fi + apt-get install -y software-properties-common linux-image-extra-$(uname -r) linux-image-extra-virtual apt-transport-https ca-certificates curl + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - + add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" + apt-get update + apt-get install -y docker-ce + + mkdir -p /etc/systemd/system/docker.service.d + if [ $http_proxy ]; then + cat <<EOL > /etc/systemd/system/docker.service.d/http-proxy.conf +[Service] +Environment="HTTP_PROXY=$http_proxy" +EOL + fi + if [ $https_proxy ]; then + cat <<EOL > /etc/systemd/system/docker.service.d/https-proxy.conf +[Service] +Environment="HTTPS_PROXY=$https_proxy" +EOL + fi + if [ $no_proxy ]; then + cat <<EOL > /etc/systemd/system/docker.service.d/no-proxy.conf +[Service] +Environment="NO_PROXY=$no_proxy" +EOL + fi + systemctl daemon-reload + echo "DOCKER_OPTS=\"-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --max-concurrent-downloads $max_concurrent_downloads \"" >> /etc/default/docker + usermod -aG docker $USER + + systemctl restart docker + sleep 10 +} + +# install_docker_compose() - Installs docker compose python module +function install_docker_compose { + if ! which pip; then + curl -sL https://bootstrap.pypa.io/get-pip.py | python + fi + pip install --upgrade pip + pip install docker-compose +} + +echo 'vm.nr_hugepages = 1024' >> /etc/sysctl.conf +sysctl -p + +install_docker +install_docker_compose + +cd /vagrant +# build vpp docker image +BUILD_ARGS="--no-cache" +if [ $HTTP_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTP_PROXY=${HTTP_PROXY}" +fi +if [ $HTTPS_PROXY ]; then + BUILD_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" +fi +pushd vpp +docker build ${BUILD_ARGS} -t electrocucaracha/vpp:latest . +popd + +docker-compose up -d diff --git a/vagrant/tests/cFW/sink/Dockerfile b/vagrant/tests/cFW/sink/Dockerfile new file mode 100644 index 00000000..6b43ba61 --- /dev/null +++ b/vagrant/tests/cFW/sink/Dockerfile @@ -0,0 +1,34 @@ +FROM ubuntu:16.04 +MAINTAINER Victor Morales <electrocucaracha@gmail.com> + +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY + +ENV protected_net_cidr "192.168.20.0/24" +ENV fw_ipaddr "192.168.10.100" +ENV sink_ipaddr "192.168.20.250" +ENV demo_artifacts_version "1.3.0" +ENV protected_net_gw "192.168.20.100" +ENV unprotected_net "192.168.10.0/24" + +RUN apt-get update && apt-get install -y -qq wget net-tools + +WORKDIR /opt + +RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_sink_init.sh" \ + && chmod +x v_sink_init.sh + +RUN mkdir -p config/ \ + && echo $protected_net_cidr > config/protected_net_cidr.txt \ + && echo $fw_ipaddr > config/fw_ipaddr.txt \ + && echo $sink_ipaddr > config/sink_ipaddr.txt \ + && echo $demo_artifacts_version > config/demo_artifacts_version.txt \ + && echo $protected_net_gw > config/protected_net_gw.txt \ + && echo $unprotected_net > config/unprotected_net.txt + +# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 +# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists +CMD ["./v_sink_init.sh"] diff --git a/vagrant/tests/cFW/vpp/80-vpp.conf b/vagrant/tests/cFW/vpp/80-vpp.conf new file mode 100644 index 00000000..8fdf184c --- /dev/null +++ b/vagrant/tests/cFW/vpp/80-vpp.conf @@ -0,0 +1,15 @@ +# Number of 2MB hugepages desired +vm.nr_hugepages=1024 + +# Must be greater than or equal to (2 * vm.nr_hugepages). +vm.max_map_count=3096 + +# All groups allowed to access hugepages +vm.hugetlb_shm_group=0 + +# Shared Memory Max must be greator or equal to the total size of hugepages. +# For 2MB pages, TotalHugepageSize = vm.nr_hugepages * 2 * 1024 * 1024 +# If the existing kernel.shmmax setting (cat /sys/proc/kernel/shmmax) +# is greater than the calculated TotalHugepageSize then set this parameter +# to current shmmax value. +kernel.shmmax=2147483648 diff --git a/vagrant/tests/cFW/vpp/Dockerfile b/vagrant/tests/cFW/vpp/Dockerfile new file mode 100644 index 00000000..63b08b01 --- /dev/null +++ b/vagrant/tests/cFW/vpp/Dockerfile @@ -0,0 +1,17 @@ +FROM ubuntu:16.04 +MAINTAINER Victor Morales <electrocucaracha@gmail.com> + +ARG HTTP_PROXY=${HTTP_PROXY} +ARG HTTPS_PROXY=${HTTPS_PROXY} + +ENV http_proxy $HTTP_PROXY +ENV https_proxy $HTTPS_PROXY + +RUN apt-get update && apt-get install -y -qq apt-transport-https \ + && echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io.stable.1609.ubuntu.xenial.main/ ./" | tee -a /etc/apt/sources.list.d/99fd.io.list \ + && apt-get update \ + && apt-get install -y -qq vpp vpp-lib vpp-plugins + +COPY 80-vpp.conf /etc/sysctl.d/80-vpp.conf + +CMD ["/usr/bin/vpp", "-c", "/etc/vpp/startup.conf"] diff --git a/vagrant/tests/plugin.sh b/vagrant/tests/plugin.sh index 2ed37b18..b36e75f5 100755 --- a/vagrant/tests/plugin.sh +++ b/vagrant/tests/plugin.sh @@ -114,7 +114,7 @@ print_msg "Instantiate Profile" payload_raw=" { \"cloud_region_id\": \"$cloud_region_id\", - \"namespace\": \"$namespace\", + \"rb_profile_id\":\"$profile_id\", \"csar_id\": \"$csar_id\" } " @@ -122,8 +122,8 @@ payload=$(echo $payload_raw | tr '\n' ' ') vnf_id=$(curl -s -d "$payload" "${base_url}/v1/vnf_instances/" | jq -r '.vnf_id') print_msg "Validating Kubernetes" -kubectl get --no-headers=true --namespace=${namespace} deployment ${cloud_region_id}-${namespace}-${vnf_id}-${plugin_deployment_name} -kubectl get --no-headers=true --namespace=${namespace} service ${cloud_region_id}-${namespace}-${vnf_id}-${plugin_service_name} +kubectl get --no-headers=true --namespace=${namespace} deployment ${cloud_region_id}-${namespace}-${vnf_id}-test-rbprofile-vault-consul-dev +kubectl get --no-headers=true --namespace=${namespace} service ${cloud_region_id}-${namespace}-${vnf_id}-override-vault-consul echo "VNF Instance created succesfully with id: $vnf_id" print_msg "Listing VNF Instances" |