summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rwxr-xr-xkud/tests/plugin_fw_v2.sh1045
-rw-r--r--kud/tests/plugin_fw_v2.yaml411
3 files changed, 507 insertions, 951 deletions
diff --git a/.gitignore b/.gitignore
index 0abc24af..d59bc24e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,6 +25,8 @@ src/k8splugin/csar/mock_plugins/*.so
src/k8splugin/plugins/**/*.so
# Tests
+kud/tests/plugin_fw_v2_config.yaml
+kud/tests/plugin_fw_v2_values.yaml
*.test
*.out
diff --git a/kud/tests/plugin_fw_v2.sh b/kud/tests/plugin_fw_v2.sh
index ed4a5ad7..d6254ac3 100755
--- a/kud/tests/plugin_fw_v2.sh
+++ b/kud/tests/plugin_fw_v2.sh
@@ -16,7 +16,8 @@ source _common_test.sh
source _functions.sh
source _functions.sh
-kubeconfig_path="$HOME/.kube/config"
+# TODO KUBECONFIG may be a list of paths
+kubeconfig_path="${KUBECONFIG:-$HOME/.kube/config}"
clusters="${KUD_PLUGIN_FW_CLUSTERS:-$(cat <<EOF
[
@@ -55,16 +56,8 @@ while [[ $# -gt 0 ]]; do
case $arg in
"--external" )
- master_ip=$(kubectl cluster-info | grep "Kubernetes master" | \
+ service_host=$(kubectl cluster-info | grep "Kubernetes master" | \
awk -F ":" '{print $2}' | awk -F "//" '{print $2}')
- base_url_clm=${base_url_clm:-"http://$master_ip:30461/v2"}
- base_url_ncm=${base_url_ncm:-"http://$master_ip:30431/v2"}
- base_url_orchestrator=${base_url_orchestrator:-"http://$master_ip:30415/v2"}
- base_url_ovnaction=${base_url_ovnaction:-"http://$master_ip:30471/v2"}
- rsync_service_port=30441
- rsync_service_host="$master_ip"
- ovnaction_service_port=30473
- ovnaction_service_host="$master_ip"
shift
;;
* )
@@ -75,25 +68,11 @@ while [[ $# -gt 0 ]]; do
done
set -- "${ARGS[@]}" # restore positional parameters
-base_url_clm=${base_url_clm:-"http://localhost:9061/v2"}
-base_url_ncm=${base_url_ncm:-"http://localhost:9031/v2"}
-base_url_orchestrator=${base_url_orchestrator:-"http://localhost:9015/v2"}
-base_url_ovnaction=${base_url_ovnaction:-"http://localhost:9053/v2"}
-rsync_service_port=${rsync_service_port:-9041}
-rsync_service_host=${rsync_service_host:-"localhost"}
-ovnaction_service_port=${ovnaction_service_port:-9053}
-ovnaction_service_host=${ovnaction_service_host:-"localhost"}
+service_host=${service_host:-"localhost"}
CSAR_DIR="/opt/csar"
csar_id="4bf66240-a0be-4ce2-aebd-a01df7725f16"
-packetgen_helm_path="$CSAR_DIR/$csar_id/packetgen.tar.gz"
-packetgen_profile_targz="$CSAR_DIR/$csar_id/profile.tar.gz"
-firewall_helm_path="$CSAR_DIR/$csar_id/firewall.tar.gz"
-firewall_profile_targz="$CSAR_DIR/$csar_id/profile.tar.gz"
-sink_helm_path="$CSAR_DIR/$csar_id/sink.tar.gz"
-sink_profile_targz="$CSAR_DIR/$csar_id/profile.tar.gz"
-
demo_folder=$test_folder/../demo
function populate_CSAR_compositevfw_helm {
@@ -108,966 +87,133 @@ function populate_CSAR_compositevfw_helm {
popd
}
+project="testvfw"
+composite_app="compositevfw"
+version="v1"
+deployment_intent_group="vfw_deployment_intent_group"
+
function setup {
install_deps
populate_CSAR_compositevfw_helm "$csar_id"
-}
-
-clusterprovidername="vfw-cluster-provider"
-clusterproviderdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$clusterprovidername",
- "description": "description of $clusterprovidername",
- "userData1": "$clusterprovidername user data 1",
- "userData2": "$clusterprovidername user data 2"
- }
-}
-EOF
-)"
-
-labelname="LabelA"
-labeldata="$(cat<<EOF
-{"label-name": "$labelname"}
-EOF
-)"
-
-# add the rsync controller entry
-rsynccontrollername="rsync"
-rsynccontrollerdata="$(cat<<EOF
-{
- "metadata": {
- "name": "rsync",
- "description": "description of $rsynccontrollername controller",
- "userData1": "user data 1 for $rsynccontrollername",
- "userData2": "user data 2 for $rsynccontrollername"
- },
- "spec": {
- "host": "${rsync_service_host}",
- "port": ${rsync_service_port}
- }
-}
-EOF
-)"
-
-# add the ovn action controller entry
-ovnactioncontrollername="ovnaction"
-ovnactioncontrollerdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$ovnactioncontrollername",
- "description": "description of $ovnactioncontrollername controller",
- "userData1": "user data 2 for $ovnactioncontrollername",
- "userData2": "user data 2 for $ovnactioncontrollername"
- },
- "spec": {
- "host": "${ovnaction_service_host}",
- "type": "action",
- "priority": 1,
- "port": ${ovnaction_service_port}
- }
-}
-EOF
-)"
-
-# define networks and providernetworks intents to ncm for the clusters
-# define emco-private-net and unprotexted-private-net as provider networks
-
-emcoprovidernetworkname="emco-private-net"
-emcoprovidernetworkdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$emcoprovidernetworkname",
- "description": "description of $emcoprovidernetworkname",
- "userData1": "user data 1 for $emcoprovidernetworkname",
- "userData2": "user data 2 for $emcoprovidernetworkname"
- },
- "spec": {
- "cniType": "ovn4nfv",
- "ipv4Subnets": [
- {
- "subnet": "10.10.20.0/24",
- "name": "subnet1",
- "gateway": "10.10.20.1/24"
- }
- ],
- "providerNetType": "VLAN",
- "vlan": {
- "vlanId": "102",
- "providerInterfaceName": "eth1",
- "logicalInterfaceName": "eth1.102",
- "vlanNodeSelector": "specific",
- "nodeLabelList": [
- "kubernetes.io/hostname=localhost"
- ]
- }
- }
-}
-EOF
-)"
-
-unprotectedprovidernetworkname="unprotected-private-net"
-unprotectedprovidernetworkdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$unprotectedprovidernetworkname",
- "description": "description of $unprotectedprovidernetworkname",
- "userData1": "user data 2 for $unprotectedprovidernetworkname",
- "userData2": "user data 2 for $unprotectedprovidernetworkname"
- },
- "spec": {
- "cniType": "ovn4nfv",
- "ipv4Subnets": [
- {
- "subnet": "192.168.10.0/24",
- "name": "subnet1",
- "gateway": "192.168.10.1/24"
- }
- ],
- "providerNetType": "VLAN",
- "vlan": {
- "vlanId": "100",
- "providerInterfaceName": "eth1",
- "logicalInterfaceName": "eth1.100",
- "vlanNodeSelector": "specific",
- "nodeLabelList": [
- "kubernetes.io/hostname=localhost"
- ]
- }
- }
-}
-EOF
-)"
-
-protectednetworkname="protected-private-net"
-protectednetworkdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$protectednetworkname",
- "description": "description of $protectednetworkname",
- "userData1": "user data 1 for $protectednetworkname",
- "userData2": "user data 1 for $protectednetworkname"
- },
- "spec": {
- "cniType": "ovn4nfv",
- "ipv4Subnets": [
- {
- "subnet": "192.168.20.0/24",
- "name": "subnet1",
- "gateway": "192.168.20.100/32"
- }
- ]
- }
-}
-EOF
-)"
-
-# define a project
-projectname="testvfw"
-projectdata="$(cat<<EOF
-{
- "metadata": {
- "name": "$projectname",
- "description": "description of $projectname controller",
- "userData1": "$projectname user data 1",
- "userData2": "$projectname user data 2"
- }
-}
-EOF
-)"
-
-# define a composite application
-vfw_compositeapp_name="compositevfw"
-vfw_compositeapp_version="v1"
-vfw_compositeapp_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${vfw_compositeapp_name}",
- "description": "description of ${vfw_compositeapp_name}",
- "userData1": "user data 1 for ${vfw_compositeapp_name}",
- "userData2": "user data 2 for ${vfw_compositeapp_name}"
- },
- "spec":{
- "version":"${vfw_compositeapp_version}"
- }
-}
-EOF
-)"
-
-# define app entries for the composite application
-# includes the multipart tgz of the helm chart for vfw
-# BEGIN: Create entries for app1&app2 in the database
-packetgen_app_name="packetgen"
-packetgen_helm_chart=${packetgen_helm_path}
-packetgen_app_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${packetgen_app_name}",
- "description": "description for app ${packetgen_app_name}",
- "userData1": "user data 2 for ${packetgen_app_name}",
- "userData2": "user data 2 for ${packetgen_app_name}"
- }
-}
-EOF
-)"
-
-firewall_app_name="firewall"
-firewall_helm_chart=${firewall_helm_path}
-firewall_app_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${firewall_app_name}",
- "description": "description for app ${firewall_app_name}",
- "userData1": "user data 2 for ${firewall_app_name}",
- "userData2": "user data 2 for ${firewall_app_name}"
- }
-}
-EOF
-)"
-
-sink_app_name="sink"
-sink_helm_chart=${sink_helm_path}
-sink_app_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${sink_app_name}",
- "description": "description for app ${sink_app_name}",
- "userData1": "user data 2 for ${sink_app_name}",
- "userData2": "user data 2 for ${sink_app_name}"
- }
-}
-EOF
-)"
-
-# Add the composite profile
-vfw_composite_profile_name="vfw_composite-profile"
-vfw_composite_profile_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${vfw_composite_profile_name}",
- "description":"description of ${vfw_composite_profile_name}",
- "userData1":"user data 1 for ${vfw_composite_profile_name}",
- "userData2":"user data 2 for ${vfw_composite_profile_name}"
- }
-}
-EOF
-)"
-
-# define the packetgen profile data
-packetgen_profile_name="packetgen-profile"
-packetgen_profile_file=${packetgen_profile_targz}
-packetgen_profile_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${packetgen_profile_name}",
- "description":"description of ${packetgen_profile_name}",
- "userData1":"user data 1 for ${packetgen_profile_name}",
- "userData2":"user data 2 for ${packetgen_profile_name}"
- },
- "spec":{
- "app-name": "${packetgen_app_name}"
- }
-}
-EOF
-)"
-
-# define the firewall profile data
-firewall_profile_name="firewall-profile"
-firewall_profile_file=${firewall_profile_targz}
-firewall_profile_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${firewall_profile_name}",
- "description":"description of ${firewall_profile_name}",
- "userData1":"user data 1 for ${firewall_profile_name}",
- "userData2":"user data 2 for ${firewall_profile_name}"
- },
- "spec":{
- "app-name": "${firewall_app_name}"
- }
-}
-EOF
-)"
-
-# define the sink profile data
-sink_profile_name="sink-profile"
-sink_profile_file=${sink_profile_targz}
-sink_profile_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${sink_profile_name}",
- "description":"description of ${sink_profile_name}",
- "userData1":"user data 1 for ${sink_profile_name}",
- "userData2":"user data 2 for ${sink_profile_name}"
- },
- "spec":{
- "app-name": "${sink_app_name}"
- }
-}
-EOF
-)"
-
-# define the generic placement intent
-generic_placement_intent_name="generic-placement-intent"
-generic_placement_intent_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${generic_placement_intent_name}",
- "description":"${generic_placement_intent_name}",
- "userData1":"${generic_placement_intent_name}",
- "userData2":"${generic_placement_intent_name}"
- }
-}
-EOF
-)"
-
-# define app placement intent for packetgen
-packetgen_placement_intent_name="packetgen-placement-intent"
-packetgen_placement_intent_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${packetgen_placement_intent_name}",
- "description":"description of ${packetgen_placement_intent_name}",
- "userData1":"user data 1 for ${packetgen_placement_intent_name}",
- "userData2":"user data 2 for ${packetgen_placement_intent_name}"
- },
- "spec":{
- "app-name":"${packetgen_app_name}",
- "intent":{
- "allOf":[
- { "provider-name":"${clusterprovidername}",
- "cluster-label-name":"${labelname}"
- }
- ]
- }
- }
-}
-EOF
-)"
-
-# define app placement intent for firewall
-firewall_placement_intent_name="firewall-placement-intent"
-firewall_placement_intent_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${firewall_placement_intent_name}",
- "description":"description of ${firewall_placement_intent_name}",
- "userData1":"user data 1 for ${firewall_placement_intent_name}",
- "userData2":"user data 2 for ${firewall_placement_intent_name}"
- },
- "spec":{
- "app-name":"${firewall_app_name}",
- "intent":{
- "allOf":[
- { "provider-name":"${clusterprovidername}",
- "cluster-label-name":"${labelname}"
- }
- ]
- }
- }
-}
-EOF
-)"
-
-# define app placement intent for sink
-sink_placement_intent_name="sink-placement-intent"
-sink_placement_intent_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${sink_placement_intent_name}",
- "description":"description of ${sink_placement_intent_name}",
- "userData1":"user data 1 for ${sink_placement_intent_name}",
- "userData2":"user data 2 for ${sink_placement_intent_name}"
- },
- "spec":{
- "app-name":"${sink_app_name}",
- "intent":{
- "allOf":[
- { "provider-name":"${clusterprovidername}",
- "cluster-label-name":"${labelname}"
- }
- ]
- }
- }
-}
-EOF
-)"
-
-# define a deployment intent group
-release="fw0"
-deployment_intent_group_name="vfw_deployment_intent_group"
-deployment_intent_group_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${deployment_intent_group_name}",
- "description":"descriptiont of ${deployment_intent_group_name}",
- "userData1":"user data 1 for ${deployment_intent_group_name}",
- "userData2":"user data 2 for ${deployment_intent_group_name}"
- },
- "spec":{
- "profile":"${vfw_composite_profile_name}",
- "version":"${release}",
- "logical-cloud":"unused_logical_cloud",
- "override-values":[
- {
- "app-name":"${packetgen_app_name}",
- "values": {
- ".Values.service.ports.nodePort":"30888"
- }
- },
- {
- "app-name":"${firewall_app_name}",
- "values": {
- ".Values.global.dcaeCollectorIp":"1.2.3.4",
- ".Values.global.dcaeCollectorPort":"8888"
- }
- },
- {
- "app-name":"${sink_app_name}",
- "values": {
- ".Values.service.ports.nodePort":"30677"
- }
- }
- ]
- }
-}
-EOF
-)"
-
-# define the network-control-intent for the vfw composite app
-vfw_ovnaction_intent_name="vfw_ovnaction_intent"
-vfw_ovnaction_intent_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${vfw_ovnaction_intent_name}",
- "description":"descriptionf of ${vfw_ovnaction_intent_name}",
- "userData1":"user data 1 for ${vfw_ovnaction_intent_name}",
- "userData2":"user data 2 for ${vfw_ovnaction_intent_name}"
- }
-}
-EOF
-)"
-
-# define the network workload intent for packetgen app
-packetgen_workload_intent_name="packetgen_workload_intent"
-packetgen_workload_intent_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${packetgen_workload_intent_name}",
- "description": "description of ${packetgen_workload_intent_name}",
- "userData1": "useer data 2 for ${packetgen_workload_intent_name}",
- "userData2": "useer data 2 for ${packetgen_workload_intent_name}"
- },
- "spec": {
- "application-name": "${packetgen_app_name}",
- "workload-resource": "${release}-${packetgen_app_name}",
- "type": "Deployment"
- }
-}
-EOF
-)"
-
-# define the network workload intent for firewall app
-firewall_workload_intent_name="firewall_workload_intent"
-firewall_workload_intent_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${firewall_workload_intent_name}",
- "description": "description of ${firewall_workload_intent_name}",
- "userData1": "useer data 2 for ${firewall_workload_intent_name}",
- "userData2": "useer data 2 for ${firewall_workload_intent_name}"
- },
- "spec": {
- "application-name": "${firewall_app_name}",
- "workload-resource": "${release}-${firewall_app_name}",
- "type": "Deployment"
- }
-}
-EOF
-)"
-
-# define the network workload intent for sink app
-sink_workload_intent_name="sink_workload_intent"
-sink_workload_intent_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${sink_workload_intent_name}",
- "description": "description of ${sink_workload_intent_name}",
- "userData1": "useer data 2 for ${sink_workload_intent_name}",
- "userData2": "useer data 2 for ${sink_workload_intent_name}"
- },
- "spec": {
- "application-name": "${sink_app_name}",
- "workload-resource": "${release}-${sink_app_name}",
- "type": "Deployment"
- }
-}
-EOF
-)"
-
-# define the network interface intents for the packetgen workload intent
-packetgen_unprotected_interface_name="packetgen_unprotected_if"
-packetgen_unprotected_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${packetgen_unprotected_interface_name}",
- "description": "description of ${packetgen_unprotected_interface_name}",
- "userData1": "useer data 2 for ${packetgen_unprotected_interface_name}",
- "userData2": "useer data 2 for ${packetgen_unprotected_interface_name}"
- },
- "spec": {
- "interface": "eth1",
- "name": "${unprotectedprovidernetworkname}",
- "defaultGateway": "false",
- "ipAddress": "192.168.10.2"
- }
-}
-EOF
-)"
-
-packetgen_emco_interface_name="packetgen_emco_if"
-packetgen_emco_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${packetgen_emco_interface_name}",
- "description": "description of ${packetgen_emco_interface_name}",
- "userData1": "useer data 2 for ${packetgen_emco_interface_name}",
- "userData2": "useer data 2 for ${packetgen_emco_interface_name}"
- },
- "spec": {
- "interface": "eth2",
- "name": "${emcoprovidernetworkname}",
- "defaultGateway": "false",
- "ipAddress": "10.10.20.2"
- }
-}
-EOF
-)"
-
-# define the network interface intents for the firewall workload intent
-firewall_unprotected_interface_name="firewall_unprotected_if"
-firewall_unprotected_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${firewall_unprotected_interface_name}",
- "description": "description of ${firewall_unprotected_interface_name}",
- "userData1": "useer data 2 for ${firewall_unprotected_interface_name}",
- "userData2": "useer data 2 for ${firewall_unprotected_interface_name}"
- },
- "spec": {
- "interface": "eth1",
- "name": "${unprotectedprovidernetworkname}",
- "defaultGateway": "false",
- "ipAddress": "192.168.10.3"
- }
-}
-EOF
-)"
-
-firewall_protected_interface_name="firewall_protected_if"
-firewall_protected_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${firewall_protected_interface_name}",
- "description": "description of ${firewall_protected_interface_name}",
- "userData1": "useer data 2 for ${firewall_protected_interface_name}",
- "userData2": "useer data 2 for ${firewall_protected_interface_name}"
- },
- "spec": {
- "interface": "eth2",
- "name": "${protectednetworkname}",
- "defaultGateway": "false",
- "ipAddress": "192.168.20.2"
- }
-}
-EOF
-)"
-
-firewall_emco_interface_name="firewall_emco_if"
-firewall_emco_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${firewall_emco_interface_name}",
- "description": "description of ${firewall_emco_interface_name}",
- "userData1": "useer data 2 for ${firewall_emco_interface_name}",
- "userData2": "useer data 2 for ${firewall_emco_interface_name}"
- },
- "spec": {
- "interface": "eth3",
- "name": "${emcoprovidernetworkname}",
- "defaultGateway": "false",
- "ipAddress": "10.10.20.3"
- }
-}
-EOF
-)"
-
-# define the network interface intents for the sink workload intent
-sink_protected_interface_name="sink_protected_if"
-sink_protected_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${sink_protected_interface_name}",
- "description": "description of ${sink_protected_interface_name}",
- "userData1": "useer data 2 for ${sink_protected_interface_name}",
- "userData2": "useer data 2 for ${sink_protected_interface_name}"
- },
- "spec": {
- "interface": "eth1",
- "name": "${protectednetworkname}",
- "defaultGateway": "false",
- "ipAddress": "192.168.20.3"
- }
-}
-EOF
-)"
-
-sink_emco_interface_name="sink_emco_if"
-sink_emco_interface_data="$(cat <<EOF
-{
- "metadata": {
- "name": "${sink_emco_interface_name}",
- "description": "description of ${sink_emco_interface_name}",
- "userData1": "useer data 2 for ${sink_emco_interface_name}",
- "userData2": "useer data 2 for ${sink_emco_interface_name}"
- },
- "spec": {
- "interface": "eth2",
- "name": "${emcoprovidernetworkname}",
- "defaultGateway": "false",
- "ipAddress": "10.10.20.4"
- }
-}
-EOF
-)"
-
-# define the intents to be used by the group
-deployment_intents_in_group_name="vfw_deploy_intents"
-deployment_intents_in_group_data="$(cat <<EOF
-{
- "metadata":{
- "name":"${deployment_intents_in_group_name}",
- "description":"descriptionf of ${deployment_intents_in_group_name}",
- "userData1":"user data 1 for ${deployment_intents_in_group_name}",
- "userData2":"user data 2 for ${deployment_intents_in_group_name}"
- },
- "spec":{
- "intent":{
- "genericPlacementIntent":"${generic_placement_intent_name}",
- "ovnaction" : "${vfw_ovnaction_intent_name}"
- }
- }
-}
-EOF
-)"
-
-function createOvnactionData {
- call_api -d "${vfw_ovnaction_intent_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent"
-
- call_api -d "${packetgen_workload_intent_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents"
- call_api -d "${firewall_workload_intent_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents"
- call_api -d "${sink_workload_intent_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents"
-
- call_api -d "${packetgen_emco_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces"
- call_api -d "${packetgen_unprotected_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces"
-
- call_api -d "${firewall_emco_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces"
- call_api -d "${firewall_unprotected_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces"
- call_api -d "${firewall_protected_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces"
-
- call_api -d "${sink_emco_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces"
- call_api -d "${sink_protected_interface_data}" \
- "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces"
-}
-
-function createOrchData {
- print_msg "Creating controller entries"
- call_api -d "${rsynccontrollerdata}" "${base_url_orchestrator}/controllers"
- call_api -d "${ovnactioncontrollerdata}" "${base_url_orchestrator}/controllers"
-
- print_msg "Creating project entry"
- call_api -d "${projectdata}" "${base_url_orchestrator}/projects"
-
- print_msg "Creating vfw composite app entry"
- call_api -d "${vfw_compositeapp_data}" "${base_url_orchestrator}/projects/${projectname}/composite-apps"
-
- print_msg "Adding vfw apps to the composite app"
- call_api -F "metadata=${packetgen_app_data}" \
- -F "file=@${packetgen_helm_chart}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps"
- call_api -F "metadata=${firewall_app_data}" \
- -F "file=@${firewall_helm_chart}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps"
- call_api -F "metadata=${sink_app_data}" \
- -F "file=@${sink_helm_chart}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps"
-
- print_msg "Creating vfw composite profile entry"
- call_api -d "${vfw_composite_profile_data}" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles"
-
- print_msg "Adding vfw app profiles to the composite profile"
- call_api -F "metadata=${packetgen_profile_data}" \
- -F "file=@${packetgen_profile_file}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles"
- call_api -F "metadata=${firewall_profile_data}" \
- -F "file=@${firewall_profile_file}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles"
- call_api -F "metadata=${sink_profile_data}" \
- -F "file=@${sink_profile_file}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles"
-
- print_msg "Create the deployment intent group"
- call_api -d "${deployment_intent_group_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups"
- call_api -d "${deployment_intents_in_group_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/intents"
-
- createOvnactionData
-
- print_msg "Create the generic placement intent"
- call_api -d "${generic_placement_intent_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents"
-
- print_msg "Add the vfw app placement intents to the generic placement intent"
- call_api -d "${packetgen_placement_intent_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents"
- call_api -d "${firewall_placement_intent_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents"
- call_api -d "${sink_placement_intent_data}" \
- "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents"
-}
-
-function createNcmData {
- print_msg "Creating cluster provider ${clusterprovidername}"
- call_api -d "${clusterproviderdata}" "${base_url_clm}/cluster-providers"
-
- for name in $(cluster_names); do
- metadata=$(cluster_metadata "$name")
- file=$(cluster_file "$name")
- print_msg "Creating cluster ${name}"
- call_api -H "Content-Type: multipart/form-data" -F "metadata=$metadata" -F "file=@$file" "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters"
- call_api -d "${labeldata}" "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters/${name}/labels"
-
- print_msg "Creating provider network and network intents for ${name}"
- call_api -d "${emcoprovidernetworkdata}" "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks"
- call_api -d "${unprotectedprovidernetworkdata}" "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks"
- call_api -d "${protectednetworkdata}" "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/networks"
+ cat <<EOF >plugin_fw_v2_config.yaml
+orchestrator:
+ host: ${service_host}
+ port: 30415
+clm:
+ host: ${service_host}
+ port: 30461
+ncm:
+ host: ${service_host}
+ port: 30431
+ovnaction:
+ host: ${service_host}
+ port: 30471
+dcm:
+ host: ${service_host}
+ port: 30477
+gac:
+ host: ${service_host}
+ port: 30491
+dtc:
+ host: ${service_host}
+ port: 30481
+EOF
+ cat <<EOF >plugin_fw_v2_values.yaml
+ClusterProvider: vfw-cluster-provider
+ClusterLabel: LabelA
+Clusters:
+EOF
+ echo $clusters | jq -r '.[] | "- Name: \(.metadata.name)\n KubeConfig: \(.file)"' >>plugin_fw_v2_values.yaml
+ cat <<EOF >>plugin_fw_v2_values.yaml
+EmcoProviderNetwork: emco-private-net
+UnprotectedProviderNetwork: unprotected-private-net
+ProtectedNetwork: protected-private-net
+Project: ${project}
+LogicalCloud: lcadmin
+CompositeApp: ${composite_app}
+Version: ${version}
+PackagesPath: ${CSAR_DIR}/${csar_id}
+CompositeProfile: vfw_composite-profile
+DeploymentIntentGroup: ${deployment_intent_group}
+Release: fw0
+DeploymentIntentsInGroup: vfw_deploy_intents
+GenericPlacementIntent: generic-placement-intent
+OvnActionIntent: vfw_ovnaction_intent
+EOF
+}
+
+function call_emcoctl {
+ rc=$1
+ shift
+ # retry due to known issue with emcoctl and instantiating/terminating multiple resources
+ try=0
+ until [[ $(emcoctl $@ | awk '/Response Code:/ {code=$3} END{print code}') =~ $rc ]]; do
+ if [[ $try -lt 10 ]]; then
+ sleep 1s
+ else
+ return 1
+ fi
+ try=$((try + 1))
done
+ return 0
}
function createData {
- setup
- createNcmData
- createOrchData # this will call createOvnactionData
-}
-
-function getOvnactionData {
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}"
-
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}"
-
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces/${packetgen_emco_interface_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces/${packetgen_unprotected_interface_name}"
-
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_emco_interface_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_unprotected_interface_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_protected_interface_name}"
-
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces/${sink_emco_interface_name}"
- call_api_nox "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces/${sink_protected_interface_name}"
-}
-
-function getOrchData {
- call_api_nox "${base_url_orchestrator}/controllers/${rsynccontrollername}"
- call_api_nox "${base_url_orchestrator}/controllers/${ovnactioncontrollername}"
-
- call_api_nox "${base_url_orchestrator}/projects/${projectname}"
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}"
-
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${packetgen_app_name}"
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${firewall_app_name}"
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${sink_app_name}"
-
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}"
-
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${packetgen_profile_name}"
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${firewall_profile_name}"
- call_api_nox -H "Accept: application/json" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${sink_profile_name}"
-
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}"
-
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${packetgen_placement_intent_name}"
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${firewall_placement_intent_name}"
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${sink_placement_intent_name}"
-
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}"
- call_api_nox "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/intents/${deployment_intents_in_group_name}"
-}
-
-function getNcmData {
- call_api_nox "${base_url_clm}/cluster-providers/${clusterprovidername}"
- call_api_nox "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters?label=${labelname}"
-
- for name in $(cluster_names); do
- call_api_nox -H "Accept: application/json" "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters/${name}"
- call_api_nox "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters/${name}/labels/${labelname}"
- call_api_nox "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks/${emcoprovidernetworkname}"
- call_api_nox "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks/${unprotectedprovidernetworkname}"
- call_api_nox "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/networks/${protectednetworkname}"
- done
+ call_emcoctl 2.. --config plugin_fw_v2_config.yaml apply -f plugin_fw_v2.yaml -v plugin_fw_v2_values.yaml
}
function getData {
- getNcmData
- getOrchData
- getOvnactionData
-}
-
-function deleteOvnactionData {
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces/${sink_protected_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}/interfaces/${sink_emco_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_protected_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_unprotected_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}/interfaces/${firewall_emco_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces/${packetgen_unprotected_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}/interfaces/${packetgen_emco_interface_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${sink_workload_intent_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${firewall_workload_intent_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}/workload-intents/${packetgen_workload_intent_name}"
- delete_resource "${base_url_ovnaction}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/network-controller-intent/${vfw_ovnaction_intent_name}"
-}
-
-function deleteOrchData {
- delete_resource "${base_url_orchestrator}/controllers/${rsynccontrollername}"
- delete_resource "${base_url_orchestrator}/controllers/${ovnactioncontrollername}"
-
- deleteOvnactionData
-
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${sink_placement_intent_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${firewall_placement_intent_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}/app-intents/${packetgen_placement_intent_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/generic-placement-intents/${generic_placement_intent_name}"
-
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/intents/${deployment_intents_in_group_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}"
-
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${sink_profile_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${firewall_profile_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}/profiles/${packetgen_profile_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/composite-profiles/${vfw_composite_profile_name}"
-
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${sink_app_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${firewall_app_name}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/apps/${packetgen_app_name}"
-
- delete_resource "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}"
- delete_resource "${base_url_orchestrator}/projects/${projectname}"
-}
-
-function deleteNcmData {
- for name in $(cluster_names); do
- delete_resource "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/networks/${protectednetworkname}"
- delete_resource "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks/${unprotectedprovidernetworkname}"
- delete_resource "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/provider-networks/${emcoprovidernetworkname}"
- delete_resource "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters/${name}/labels/${labelname}"
- delete_resource "${base_url_clm}/cluster-providers/${clusterprovidername}/clusters/${name}"
- done
-
- delete_resource "${base_url_clm}/cluster-providers/${clusterprovidername}"
+ emcoctl --config plugin_fw_v2_config.yaml get -f plugin_fw_v2.yaml -v plugin_fw_v2_values.yaml
}
function deleteData {
- deleteNcmData
- deleteOrchData
-}
-
-# apply the network and providernetwork to an appcontext and instantiate with rsync
-function applyNcmData {
- for name in $(cluster_names); do
- call_api -d "{ }" "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/apply"
- done
-}
-
-# deletes the network resources from the clusters and the associated appcontext entries
-function terminateNcmData {
- for name in $(cluster_names); do
- call_api -d "{ }" "${base_url_ncm}/cluster-providers/${clusterprovidername}/clusters/${name}/terminate"
- done
-}
-
-# terminates the vfw resources
-function terminateOrchData {
- call_api -d "{ }" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/terminate"
-}
-
-# terminates the vfw and ncm resources
-function terminateVfw {
- terminateOrchData
- terminateNcmData
-}
-
-function instantiateVfw {
- call_api -d "{ }" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/approve"
- call_api -d "{ }" "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/instantiate"
+ call_emcoctl 4.. --config plugin_fw_v2_config.yaml delete -f plugin_fw_v2.yaml -v plugin_fw_v2_values.yaml
}
function statusVfw {
- call_api "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/status"
+ emcoctl --config plugin_fw_v2_config.yaml get projects/${project}/composite-apps/${composite_app}/${version}/deployment-intent-groups/${deployment_intent_group}/status
}
function waitForVfw {
- wait_for_deployment_status "${base_url_orchestrator}/projects/${projectname}/composite-apps/${vfw_compositeapp_name}/${vfw_compositeapp_version}/deployment-intent-groups/${deployment_intent_group_name}/status" $1
+ for try in {0..59}; do
+ sleep 1
+ new_phase="$(emcoctl --config plugin_fw_v2_config.yaml get projects/${project}/composite-apps/${composite_app}/${version}/deployment-intent-groups/${deployment_intent_group}/status | awk '/Response: / {print $2}' | jq -r .status)"
+ echo "$(date +%H:%M:%S) - Filter=[$*] : $new_phase"
+ if [[ "$new_phase" == "$1" ]]; then
+ return 0
+ fi
+ done
}
function usage {
- echo "Usage: $0 create|get|delete|apply|terminate|instantiate"
+ echo "Usage: $0 setup|create|get|destroy|status"
+ echo " setup - creates the emcoctl files and packages needed for vfw"
echo " create - creates all ncm, ovnaction, clm resources needed for vfw"
echo " get - queries all resources in ncm, ovnaction, clm resources created for vfw"
- echo " delete - deletes all resources in ncm, ovnaction, clm resources created for vfw"
- echo " apply - applys the network intents - e.g. networks created in ncm"
- echo " instantiate - approves and instantiates the composite app via the generic deployment intent"
+ echo " destroy - deletes all resources in ncm, ovnaction, clm resources created for vfw"
echo " status - get status of deployed resources"
- echo " terminate - remove the vFW composite app resources and network resources create by 'instantiate' and 'apply'"
echo ""
echo " a reasonable test sequence:"
- echo " 1. create"
- echo " 2. apply"
- echo " 3. instantiate"
- echo " 4. status"
- echo " 5. terminate"
- echo " 6. destroy"
+ echo " 1. setup"
+ echo " 2. create"
+ echo " 3. destroy"
exit
}
if [[ "$#" -gt 0 ]] ; then
case "$1" in
+ "setup" ) setup ;;
"create" ) createData ;;
"get" ) getData ;;
- "apply" ) applyNcmData ;;
- "instantiate" ) instantiateVfw ;;
"status" ) statusVfw ;;
"wait" ) waitForVfw "Instantiated" ;;
- "terminate" ) terminateVfw ;;
"delete" ) deleteData ;;
*) usage ;;
esac
else
+ setup
createData
- applyNcmData
- instantiateVfw
print_msg "[BEGIN] Basic checks for instantiated resource"
print_msg "Wait for deployment to be instantiated"
@@ -1075,16 +221,14 @@ else
for name in $(cluster_names); do
print_msg "Check that networks were created on cluster $name"
file=$(cluster_file "$name")
- KUBECONFIG=$file kubectl get network protected-private-net
- KUBECONFIG=$file kubectl get providernetwork emco-private-net
- KUBECONFIG=$file kubectl get providernetwork unprotected-private-net
+ KUBECONFIG=$file kubectl get network protected-private-net -o name
+ KUBECONFIG=$file kubectl get providernetwork emco-private-net -o name
+ KUBECONFIG=$file kubectl get providernetwork unprotected-private-net -o name
done
for name in $(cluster_names); do
print_msg "Wait for all pods to start on cluster $name"
file=$(cluster_file "$name")
- KUBECONFIG=$file wait_for_pod -l app=sink
- KUBECONFIG=$file wait_for_pod -l app=firewall
- KUBECONFIG=$file wait_for_pod -l app=packetgen
+ KUBECONFIG=$file kubectl wait pod -l release=fw0 --for=condition=Ready
done
# TODO: Provide some health check to verify vFW work
print_msg "Not waiting for vFW to fully install as no further checks are implemented in testcase"
@@ -1092,7 +236,6 @@ else
#sleep 8m
print_msg "[END] Basic checks for instantiated resource"
- terminateVfw
- waitForVfw "Terminated"
+ print_msg "Delete deployment"
deleteData
fi
diff --git a/kud/tests/plugin_fw_v2.yaml b/kud/tests/plugin_fw_v2.yaml
new file mode 100644
index 00000000..be436106
--- /dev/null
+++ b/kud/tests/plugin_fw_v2.yaml
@@ -0,0 +1,411 @@
+# SPDX-License-Identifier: Apache-2.0
+# Copyright (c) 2020 Intel Corporation
+
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers
+metadata:
+ name: {{.ClusterProvider}}
+
+{{- range $index, $cluster := .Clusters }}
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters
+metadata:
+ name: {{$cluster.Name}}
+file:
+ {{$cluster.KubeConfig}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters/{{$cluster.Name}}/labels
+label-name: {{$.ClusterLabel}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters/{{$cluster.Name}}/provider-networks
+metadata:
+ name: {{$.EmcoProviderNetwork}}
+spec:
+ cniType: ovn4nfv
+ ipv4Subnets:
+ - subnet: 10.10.20.0/24
+ name: subnet1
+ gateway: 10.10.20.1/24
+ providerNetType: VLAN
+ vlan:
+ vlanId: "102"
+ providerInterfaceName: eth1
+ logicalInterfaceName: eth1.102
+ vlanNodeSelector: specific
+ nodeLabelList:
+ - kubernetes.io/hostname=localhost
+
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters/{{$cluster.Name}}/provider-networks
+metadata:
+ name: {{$.UnprotectedProviderNetwork}}
+spec:
+ cniType: ovn4nfv
+ ipv4Subnets:
+ - subnet: 192.168.10.0/24
+ name: subnet1
+ gateway: 192.168.10.1/24
+ providerNetType: VLAN
+ vlan:
+ vlanId: "100"
+ providerInterfaceName: eth1
+ logicalInterfaceName: eth1.100
+ vlanNodeSelector: specific
+ nodeLabelList:
+ - kubernetes.io/hostname=localhost
+
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters/{{$cluster.Name}}/networks
+metadata:
+ name: {{$.ProtectedNetwork}}
+spec:
+ cniType: ovn4nfv
+ ipv4Subnets:
+ - subnet: 192.168.20.0/24
+ name: subnet1
+ gateway: 192.168.20.100/32
+{{- end }}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects
+metadata:
+ name: {{.Project}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/logical-clouds
+metadata:
+ name: {{.LogicalCloud}}
+spec:
+ level: "0"
+
+{{- range $index, $cluster := .Clusters }}
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{$.Project}}/logical-clouds/{{$.LogicalCloud}}/cluster-references
+metadata:
+ name: {{$cluster.Name}}
+spec:
+ cluster-provider: {{$.ClusterProvider}}
+ cluster-name: {{$cluster.Name}}
+ loadbalancer-ip: "0.0.0.0"
+{{- end }}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps
+metadata:
+ name: {{.CompositeApp}}
+spec:
+ version: {{.Version}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/apps
+metadata:
+ name: packetgen
+file:
+ {{.PackagesPath}}/packetgen.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/apps
+metadata:
+ name: firewall
+file:
+ {{.PackagesPath}}/firewall.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/apps
+metadata:
+ name: sink
+file:
+ {{.PackagesPath}}/sink.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/composite-profiles
+metadata:
+ name: {{.CompositeProfile}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/composite-profiles/{{.CompositeProfile}}/profiles
+metadata :
+ name: packetgen-profile
+spec:
+ app-name: packetgen
+file:
+ {{.PackagesPath}}/profile.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/composite-profiles/{{.CompositeProfile}}/profiles
+metadata :
+ name: firewall-profile
+spec:
+ app-name: firewall
+file:
+ {{.PackagesPath}}/profile.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/composite-profiles/{{.CompositeProfile}}/profiles
+metadata :
+ name: sink-profile
+spec:
+ app-name: sink
+file:
+ {{.PackagesPath}}/profile.tar.gz
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups
+metadata:
+ name: {{.DeploymentIntentGroup}}
+spec:
+ profile: {{.CompositeProfile}}
+ version: {{.Release}}
+ logical-cloud: {{.LogicalCloud}}
+ override-values:
+ - app-name: packetgen
+ values:
+ ".Values.service.ports.nodePort": '30888'
+ - app-name: firewall
+ values:
+ ".Values.global.dcaeCollectorIp": 1.2.3.4
+ ".Values.global.dcaeCollectorPort": '8888'
+ - app-name: sink
+ values:
+ ".Values.service.ports.nodePort": '30677'
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/intents
+metadata:
+ name: {{.DeploymentIntentsInGroup}}
+spec:
+ intent:
+ genericPlacementIntent: {{.GenericPlacementIntent}}
+ ovnaction: {{.OvnActionIntent}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent
+metadata:
+ name: {{.OvnActionIntent}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents
+metadata:
+ name: packetgen_workload_intent
+spec:
+ application-name: packetgen
+ workload-resource: {{.Release}}-packetgen
+ type: Deployment
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents
+metadata:
+ name: firewall_workload_intent
+spec:
+ application-name: firewall
+ workload-resource: {{.Release}}-firewall
+ type: Deployment
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents
+metadata:
+ name: sink_workload_intent
+spec:
+ application-name: sink
+ workload-resource: {{.Release}}-sink
+ type: Deployment
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/packetgen_workload_intent/interfaces
+metadata:
+ name: packetgen_unprotected_if
+spec:
+ interface: eth1
+ name: {{.UnprotectedProviderNetwork}}
+ defaultGateway: "false"
+ ipAddress: 192.168.10.2
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/packetgen_workload_intent/interfaces
+metadata:
+ name: packetgen_emco_if
+spec:
+ interface: eth2
+ name: {{.EmcoProviderNetwork}}
+ defaultGateway: "false"
+ ipAddress: 10.10.20.2
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/firewall_workload_intent/interfaces
+metadata:
+ name: firewall_unprotected_if
+spec:
+ interface: eth1
+ name: {{.UnprotectedProviderNetwork}}
+ defaultGateway: "false"
+ ipAddress: 192.168.10.3
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/firewall_workload_intent/interfaces
+metadata:
+ name: firewall_protected_if
+spec:
+ interface: eth2
+ name: {{.ProtectedNetwork}}
+ defaultGateway: "false"
+ ipAddress: 192.168.20.2
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/firewall_workload_intent/interfaces
+metadata:
+ name: firewall_emco_if
+spec:
+ interface: eth3
+ name: {{.EmcoProviderNetwork}}
+ defaultGateway: "false"
+ ipAddress: 10.10.20.3
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/sink_workload_intent/interfaces
+metadata:
+ name: sink_protected_if
+spec:
+ interface: eth1
+ name: {{.ProtectedNetwork}}
+ defaultGateway: "false"
+ ipAddress: 192.168.20.3
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/network-controller-intent/{{.OvnActionIntent}}/workload-intents/sink_workload_intent/interfaces
+metadata:
+ name: sink_emco_if
+spec:
+ interface: eth2
+ name: {{.EmcoProviderNetwork}}
+ defaultGateway: "false"
+ ipAddress: 10.10.20.4
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/generic-placement-intents
+metadata:
+ name: {{.GenericPlacementIntent}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/generic-placement-intents/{{.GenericPlacementIntent}}/app-intents
+metadata:
+ name: packetgen-placement-intent
+spec:
+ app-name: packetgen
+ intent:
+ allOf:
+ - provider-name: {{.ClusterProvider}}
+ cluster-label-name: {{.ClusterLabel}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/generic-placement-intents/{{.GenericPlacementIntent}}/app-intents
+metadata:
+ name: firewall-placement-intent
+spec:
+ app-name: firewall
+ intent:
+ allOf:
+ - provider-name: {{.ClusterProvider}}
+ cluster-label-name: {{.ClusterLabel}}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/generic-placement-intents/{{.GenericPlacementIntent}}/app-intents
+metadata:
+ name: sink-placement-intent
+spec:
+ app-name: sink
+ intent:
+ allOf:
+ - provider-name: {{.ClusterProvider}}
+ cluster-label-name: {{.ClusterLabel}}
+
+{{- range $index, $cluster := .Clusters }}
+---
+version: emco/v2
+resourceContext:
+ anchor: cluster-providers/{{$.ClusterProvider}}/clusters/{{$cluster.Name}}/apply
+{{- end }}
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/logical-clouds/{{.LogicalCloud}}/instantiate
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/approve
+
+---
+version: emco/v2
+resourceContext:
+ anchor: projects/{{.Project}}/composite-apps/{{.CompositeApp}}/{{.Version}}/deployment-intent-groups/{{.DeploymentIntentGroup}}/instantiate