aboutsummaryrefslogtreecommitdiffstats
path: root/kud/tests/cFW/firewall
diff options
context:
space:
mode:
Diffstat (limited to 'kud/tests/cFW/firewall')
-rw-r--r--kud/tests/cFW/firewall/Dockerfile48
-rwxr-xr-xkud/tests/cFW/firewall/init.sh43
2 files changed, 66 insertions, 25 deletions
diff --git a/kud/tests/cFW/firewall/Dockerfile b/kud/tests/cFW/firewall/Dockerfile
index 7d3e6ede..086f30ce 100644
--- a/kud/tests/cFW/firewall/Dockerfile
+++ b/kud/tests/cFW/firewall/Dockerfile
@@ -1,32 +1,22 @@
-FROM electrocucaracha/vpp
+FROM ubuntu:18.04 as builder
MAINTAINER Victor Morales <electrocucaracha@gmail.com>
-ARG HTTP_PROXY=${HTTP_PROXY}
-ARG HTTPS_PROXY=${HTTPS_PROXY}
-
-ENV http_proxy $HTTP_PROXY
-ENV https_proxy $HTTPS_PROXY
+ENV demo_artifacts_version "1.6.0"
ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf"
-ENV protected_net_cidr "192.168.20.0/24"
-ENV fw_ipaddr "192.168.10.100"
-ENV sink_ipaddr "192.168.20.250"
-ENV demo_artifacts_version "1.3.0"
-
-RUN apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools \
- bsdmainutils make gcc libcurl4-gnutls-dev
+RUN apt-get update && apt-get install -y -qq --no-install-recommends \
+ wget ca-certificates
WORKDIR /opt
-RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_firewall_init.sh" \
- && chmod +x v_firewall_init.sh \
- && sed -i 's|start vpp|/usr/bin/vpp -c /etc/vpp/startup.conf|g' v_firewall_init.sh
-
RUN wget "${repo_url}/sample-distribution/${demo_artifacts_version}/sample-distribution-${demo_artifacts_version}-hc.tar.gz" \
&& tar -zmxf sample-distribution-${demo_artifacts_version}-hc.tar.gz \
&& rm sample-distribution-${demo_artifacts_version}-hc.tar.gz \
&& mv sample-distribution-${demo_artifacts_version} honeycomb \
- && sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json
+ && sed -i 's/"restconf-binding-address": .*/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/restconf.json
+
+RUN apt-get install -y -qq --no-install-recommends \
+ make gcc libc6-dev libcurl4-gnutls-dev
RUN wget "${repo_url}/ves5/ves/${demo_artifacts_version}/ves-${demo_artifacts_version}-demo.tar.gz" \
&& tar -zmxf ves-${demo_artifacts_version}-demo.tar.gz \
@@ -38,12 +28,20 @@ RUN wget "${repo_url}/ves5/ves_vfw_reporting/${demo_artifacts_version}/ves_vfw_r
&& rm ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz \
&& mv ves_vfw_reporting-${demo_artifacts_version} VES/evel/evel-library/code/VESreporting \
&& chmod +x VES/evel/evel-library/code/VESreporting/go-client.sh \
- && cd VES/evel/evel-library/bldjobs/ && make clean && make && cd -
+ && make -C /opt/VES/evel/evel-library/bldjobs/
+
+FROM vpp
+
+COPY --from=builder /opt/honeycomb /opt/honeycomb
+COPY --from=builder /opt/VES/evel/evel-library/code/VESreporting /opt/VESreporting
+COPY --from=builder /opt/VES/evel/evel-library/libs/x86_64/libevel.so /usr/lib/x86_64-linux-gnu/
+COPY init.sh /opt/init.sh
+
+ENV DCAE_COLLECTOR_IP ""
+ENV DCAE_COLLECTOR_PORT ""
-RUN mkdir -p /opt/config/ \
- && echo $protected_net_cidr > /opt/config/protected_net_cidr.txt \
- && echo $fw_ipaddr > /opt/config/fw_ipaddr.txt \
- && echo $sink_ipaddr > /opt/config/sink_ipaddr.txt \
- && echo $demo_artifacts_version > /opt/config/demo_artifacts_version.txt
+RUN apt-get update && apt-get install -y -qq --no-install-recommends \
+ openjdk-8-jre iproute2 libcurl4-gnutls-dev
-CMD ["./v_firewall_init.sh"]
+ENTRYPOINT ["/bin/bash"]
+CMD ["/opt/init.sh"]
diff --git a/kud/tests/cFW/firewall/init.sh b/kud/tests/cFW/firewall/init.sh
new file mode 100755
index 00000000..71db2e2d
--- /dev/null
+++ b/kud/tests/cFW/firewall/init.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+# SPDX-license-identifier: Apache-2.0
+##############################################################################
+# Copyright (c) 2020
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+##############################################################################
+
+set -o pipefail
+set -o xtrace
+set -o errexit
+set -o nounset
+
+echo 'start... vpp'
+/usr/bin/vpp -c /etc/vpp/startup.conf
+echo 'wait vpp be up ...'
+until vppctl show ver; do
+ sleep 1;
+done
+
+# Configure VPP for vFirewall
+nic_protected=eth1
+nic_unprotected=eth2
+ip_protected_addr=$(ip addr show $nic_protected | grep inet | awk '{print $2}')
+ip_unprotected_addr=$(ip addr show $nic_unprotected | grep inet | awk '{print $2}')
+
+vppctl create host-interface name "$nic_protected"
+vppctl create host-interface name "$nic_unprotected"
+
+vppctl set int ip address "host-$nic_protected" "$ip_protected_addr"
+vppctl set int ip address "host-$nic_unprotected" "$ip_unprotected_addr"
+
+vppctl set int state "host-$nic_protected" up
+vppctl set int state "host-$nic_unprotected" up
+
+# Start HoneyComb
+#/opt/honeycomb/honeycomb &>/dev/null &disown
+/opt/honeycomb/honeycomb
+
+# Start VES client
+#/opt/VESreporting/vpp_measurement_reporter "$DCAE_COLLECTOR_IP" "$DCAE_COLLECTOR_PORT" eth1