diff options
-rwxr-xr-x | kud/tests/_common.sh | 22 | ||||
-rw-r--r-- | kud/tests/cFW/sink/Dockerfile | 30 | ||||
-rw-r--r-- | kud/tests/cFW/sink/wrapper_v_sink_init.sh | 10 | ||||
-rwxr-xr-x | kud/tests/integration_vcFW.sh | 2 |
4 files changed, 40 insertions, 24 deletions
diff --git a/kud/tests/_common.sh b/kud/tests/_common.sh index 77818dcf..3120dad7 100755 --- a/kud/tests/_common.sh +++ b/kud/tests/_common.sh @@ -33,7 +33,7 @@ rbp_instance=rbp_instance.json rbp_content_tarball=profile.tar # vFirewall vars -demo_artifacts_version=1.3.1 +demo_artifacts_version=1.5.0 vfw_private_ip_0='192.168.10.3' vfw_private_ip_1='192.168.20.2' vfw_private_ip_2='10.10.100.3' @@ -47,6 +47,7 @@ protected_net_gw='192.168.20.100' protected_net_cidr='192.168.20.0/24' protected_private_net_cidr='192.168.10.0/24' onap_private_net_cidr='10.10.0.0/16' +sink_ipaddr='192.168.20.250' # populate_CSAR_containers_vFW() - This function creates the content of CSAR file # required for vFirewal using only containers @@ -323,6 +324,7 @@ NET - export dcae_collector_port=$dcae_collector_port - export protected_net_gw=$protected_net_gw - export protected_private_net_cidr=$protected_private_net_cidr + - export sink_ipaddr=$sink_ipaddr " if [[ -n "${http_proxy+x}" ]]; then proxy+=" @@ -476,6 +478,16 @@ spec: memory: 4Gi DEPLOYMENT + cat << CONFIGMAP > sink_configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: sink-configmap +data: + protected_net_gw: $protected_net_gw + protected_private_net_cidr: $protected_private_net_cidr +CONFIGMAP + cat << DEPLOYMENT > $sink_deployment_name.yaml apiVersion: apps/v1 kind: Deployment @@ -503,12 +515,16 @@ spec: spec: containers: - name: $sink_deployment_name - image: electrocucaracha/sink - imagePullPolicy: IfNotPresent + image: rtsood/onap-vfw-demo-sink:0.2.0 + envFrom: + - configMapRef: + name: sink-configmap + imagePullPolicy: Always tty: true stdin: true securityContext: privileged: true + - name: darkstat image: electrocucaracha/darkstat imagePullPolicy: IfNotPresent diff --git a/kud/tests/cFW/sink/Dockerfile b/kud/tests/cFW/sink/Dockerfile index 6b43ba61..5e3da088 100644 --- a/kud/tests/cFW/sink/Dockerfile +++ b/kud/tests/cFW/sink/Dockerfile @@ -1,5 +1,5 @@ FROM ubuntu:16.04 -MAINTAINER Victor Morales <electrocucaracha@gmail.com> +MAINTAINER Ritu Sood <ritu.sood@intel.com> ARG HTTP_PROXY=${HTTP_PROXY} ARG HTTPS_PROXY=${HTTPS_PROXY} @@ -7,28 +7,18 @@ ARG HTTPS_PROXY=${HTTPS_PROXY} ENV http_proxy $HTTP_PROXY ENV https_proxy $HTTPS_PROXY -ENV protected_net_cidr "192.168.20.0/24" -ENV fw_ipaddr "192.168.10.100" -ENV sink_ipaddr "192.168.20.250" -ENV demo_artifacts_version "1.3.0" -ENV protected_net_gw "192.168.20.100" -ENV unprotected_net "192.168.10.0/24" +ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" +ENV demo_artifacts_version "1.5.0" -RUN apt-get update && apt-get install -y -qq wget net-tools +RUN apt-get update && apt-get install -y -qq wget net-tools unzip WORKDIR /opt -RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_sink_init.sh" \ - && chmod +x v_sink_init.sh +RUN wget "${repo_url}/vfw/vfw-scripts/${demo_artifacts_version}/vfw-scripts-${demo_artifacts_version}.zip" \ + && unzip "vfw-scripts-${demo_artifacts_version}.zip" \ + && chmod +x v_sink_init.sh -RUN mkdir -p config/ \ - && echo $protected_net_cidr > config/protected_net_cidr.txt \ - && echo $fw_ipaddr > config/fw_ipaddr.txt \ - && echo $sink_ipaddr > config/sink_ipaddr.txt \ - && echo $demo_artifacts_version > config/demo_artifacts_version.txt \ - && echo $protected_net_gw > config/protected_net_gw.txt \ - && echo $unprotected_net > config/unprotected_net.txt +COPY wrapper_v_sink_init.sh . +RUN chmod +x wrapper_v_sink_init.sh -# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 -# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists -CMD ["./v_sink_init.sh"] +CMD ["./wrapper_v_sink_init.sh"] diff --git a/kud/tests/cFW/sink/wrapper_v_sink_init.sh b/kud/tests/cFW/sink/wrapper_v_sink_init.sh new file mode 100644 index 00000000..e3a3e35e --- /dev/null +++ b/kud/tests/cFW/sink/wrapper_v_sink_init.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +mkdir -p /opt/config/ +echo "$protected_net_gw" > /opt/config/protected_net_gw.txt +echo "$protected_private_net_cidr" > /opt/config/unprotected_net.txt + +# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 +# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists +./v_sink_init.sh +sleep infinity diff --git a/kud/tests/integration_vcFW.sh b/kud/tests/integration_vcFW.sh index ccda1190..0c6d0689 100755 --- a/kud/tests/integration_vcFW.sh +++ b/kud/tests/integration_vcFW.sh @@ -30,7 +30,7 @@ for net in $unprotected_private_net $protected_private_net $onap_private_net; do echo "Create OVN Network $net network" init_network $net.yaml done -for resource in onap-ovn4nfvk8s-network sink-service; do +for resource in onap-ovn4nfvk8s-network sink-service sink_configmap; do kubectl apply -f $resource.yaml done setup $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name |