diff options
Diffstat (limited to 'vagrant/tests/cFW')
| -rw-r--r-- | vagrant/tests/cFW/README.md | 10 | ||||
| -rw-r--r-- | vagrant/tests/cFW/Vagrantfile | 33 | ||||
| -rw-r--r-- | vagrant/tests/cFW/darkstat/Dockerfile | 14 | ||||
| -rw-r--r-- | vagrant/tests/cFW/docker-compose.yml | 38 | ||||
| -rw-r--r-- | vagrant/tests/cFW/firewall/Dockerfile | 49 | ||||
| -rw-r--r-- | vagrant/tests/cFW/packetgen/Dockerfile | 44 | ||||
| -rwxr-xr-x | vagrant/tests/cFW/postinstall.sh | 83 | ||||
| -rw-r--r-- | vagrant/tests/cFW/sink/Dockerfile | 34 | ||||
| -rw-r--r-- | vagrant/tests/cFW/vpp/80-vpp.conf | 15 | ||||
| -rw-r--r-- | vagrant/tests/cFW/vpp/Dockerfile | 17 |
10 files changed, 0 insertions, 337 deletions
diff --git a/vagrant/tests/cFW/README.md b/vagrant/tests/cFW/README.md deleted file mode 100644 index c6ac9e20..00000000 --- a/vagrant/tests/cFW/README.md +++ /dev/null @@ -1,10 +0,0 @@ -# Cloud-Native Firewall Virtual Network Function - -[CNF][1] version of the ONAP vFirewall use case. - -## License - -Apache-2.0 - -[1]: https://github.com/ligato/cn-infra/blob/master/docs/readmes/cn_virtual_function.md -[2]: https://github.com/electrocucaracha/vFW-demo diff --git a/vagrant/tests/cFW/Vagrantfile b/vagrant/tests/cFW/Vagrantfile deleted file mode 100644 index d02e7d01..00000000 --- a/vagrant/tests/cFW/Vagrantfile +++ /dev/null @@ -1,33 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -Vagrant.configure("2") do |config| - config.vm.box = "elastic/ubuntu-16.04-x86_64" - config.vm.hostname = "demo" - config.vm.provision 'shell', path: 'postinstall.sh' - config.vm.network :private_network, :ip => "192.168.10.5", :type => :static # unprotected_private_net_cidr - config.vm.network :private_network, :ip => "192.168.20.5", :type => :static # protected_private_net_cidr - config.vm.network :private_network, :ip => "10.10.12.5", :type => :static, :netmask => "16" # onap_private_net_cidr - - if ENV['http_proxy'] != nil and ENV['https_proxy'] != nil - if not Vagrant.has_plugin?('vagrant-proxyconf') - system 'vagrant plugin install vagrant-proxyconf' - raise 'vagrant-proxyconf was installed but it requires to execute again' - end - config.proxy.http = ENV['http_proxy'] || ENV['HTTP_PROXY'] || "" - config.proxy.https = ENV['https_proxy'] || ENV['HTTPS_PROXY'] || "" - config.proxy.no_proxy = ENV['NO_PROXY'] || ENV['no_proxy'] || "127.0.0.1,localhost" - config.proxy.enabled = { docker: false } - end - - config.vm.provider 'virtualbox' do |v| - v.customize ["modifyvm", :id, "--memory", 8192] - v.customize ["modifyvm", :id, "--cpus", 2] - end - config.vm.provider 'libvirt' do |v| - v.memory = 8192 - v.cpus = 2 - v.nested = true - v.cpu_mode = 'host-passthrough' - end -end diff --git a/vagrant/tests/cFW/darkstat/Dockerfile b/vagrant/tests/cFW/darkstat/Dockerfile deleted file mode 100644 index d3a46b9c..00000000 --- a/vagrant/tests/cFW/darkstat/Dockerfile +++ /dev/null @@ -1,14 +0,0 @@ -FROM ubuntu:16.04 -MAINTAINER Victor Morales <electrocucaracha@gmail.com> - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY - -RUN apt-get update && apt-get install -y -qq darkstat - -EXPOSE 667 - -CMD ["/usr/sbin/darkstat", "-i", "eth1", "--no-daemon"] diff --git a/vagrant/tests/cFW/docker-compose.yml b/vagrant/tests/cFW/docker-compose.yml deleted file mode 100644 index 6d883fbd..00000000 --- a/vagrant/tests/cFW/docker-compose.yml +++ /dev/null @@ -1,38 +0,0 @@ -version: '3' - -services: - packetgen: - privileged: true - network_mode: "host" - image: electrocucaracha/packetgen - build: - context: ./packetgen - args: - HTTP_PROXY: $HTTP_PROXY - HTTPS_PROXY: $HTTPS_PROXY - firewall: - privileged: true - network_mode: "host" - image: electrocucaracha/firewall - build: - context: ./firewall - args: - HTTP_PROXY: $HTTP_PROXY - HTTPS_PROXY: $HTTPS_PROXY - sink: - privileged: true - network_mode: "host" - image: electrocucaracha/sink - build: - context: ./sink - args: - HTTP_PROXY: $HTTP_PROXY - HTTPS_PROXY: $HTTPS_PROXY - darkstat: - network_mode: "host" - image: electrocucaracha/darkstat - build: - context: ./darkstat - args: - HTTP_PROXY: $HTTP_PROXY - HTTPS_PROXY: $HTTPS_PROXY diff --git a/vagrant/tests/cFW/firewall/Dockerfile b/vagrant/tests/cFW/firewall/Dockerfile deleted file mode 100644 index 7d3e6ede..00000000 --- a/vagrant/tests/cFW/firewall/Dockerfile +++ /dev/null @@ -1,49 +0,0 @@ -FROM electrocucaracha/vpp -MAINTAINER Victor Morales <electrocucaracha@gmail.com> - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY -ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" - -ENV protected_net_cidr "192.168.20.0/24" -ENV fw_ipaddr "192.168.10.100" -ENV sink_ipaddr "192.168.20.250" -ENV demo_artifacts_version "1.3.0" - -RUN apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools \ - bsdmainutils make gcc libcurl4-gnutls-dev - -WORKDIR /opt - -RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_firewall_init.sh" \ - && chmod +x v_firewall_init.sh \ - && sed -i 's|start vpp|/usr/bin/vpp -c /etc/vpp/startup.conf|g' v_firewall_init.sh - -RUN wget "${repo_url}/sample-distribution/${demo_artifacts_version}/sample-distribution-${demo_artifacts_version}-hc.tar.gz" \ - && tar -zmxf sample-distribution-${demo_artifacts_version}-hc.tar.gz \ - && rm sample-distribution-${demo_artifacts_version}-hc.tar.gz \ - && mv sample-distribution-${demo_artifacts_version} honeycomb \ - && sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json - -RUN wget "${repo_url}/ves5/ves/${demo_artifacts_version}/ves-${demo_artifacts_version}-demo.tar.gz" \ - && tar -zmxf ves-${demo_artifacts_version}-demo.tar.gz \ - && rm ves-${demo_artifacts_version}-demo.tar.gz \ - && mv ves-${demo_artifacts_version} VES - -RUN wget "${repo_url}/ves5/ves_vfw_reporting/${demo_artifacts_version}/ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz" \ - && tar -zmxf ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz \ - && rm ves_vfw_reporting-${demo_artifacts_version}-demo.tar.gz \ - && mv ves_vfw_reporting-${demo_artifacts_version} VES/evel/evel-library/code/VESreporting \ - && chmod +x VES/evel/evel-library/code/VESreporting/go-client.sh \ - && cd VES/evel/evel-library/bldjobs/ && make clean && make && cd - - -RUN mkdir -p /opt/config/ \ - && echo $protected_net_cidr > /opt/config/protected_net_cidr.txt \ - && echo $fw_ipaddr > /opt/config/fw_ipaddr.txt \ - && echo $sink_ipaddr > /opt/config/sink_ipaddr.txt \ - && echo $demo_artifacts_version > /opt/config/demo_artifacts_version.txt - -CMD ["./v_firewall_init.sh"] diff --git a/vagrant/tests/cFW/packetgen/Dockerfile b/vagrant/tests/cFW/packetgen/Dockerfile deleted file mode 100644 index cb1da555..00000000 --- a/vagrant/tests/cFW/packetgen/Dockerfile +++ /dev/null @@ -1,44 +0,0 @@ -FROM electrocucaracha/vpp -MAINTAINER Victor Morales <electrocucaracha@gmail.com> - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY -ENV repo_url "https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf" - -ENV protected_net_cidr "192.168.20.0/24" -ENV fw_ipaddr "192.168.10.100" -ENV sink_ipaddr "192.168.20.250" -ENV demo_artifacts_version "1.3.0" - -RUN apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools \ - bsdmainutils - -WORKDIR /opt -EXPOSE 8183 - -RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_packetgen_init.sh" \ - && wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/run_traffic_fw_demo.sh" \ - && chmod +x *.sh \ - && sed -i 's|start vpp|/usr/bin/vpp -c /etc/vpp/startup.conf|g;s|/opt/honeycomb/sample-distribution-\$VERSION/honeycomb|/opt/honeycomb/honeycomb|g' v_packetgen_init.sh - -RUN wget "${repo_url}/sample-distribution/${demo_artifacts_version}/sample-distribution-${demo_artifacts_version}-hc.tar.gz" \ - && tar -zmxf sample-distribution-${demo_artifacts_version}-hc.tar.gz \ - && rm sample-distribution-${demo_artifacts_version}-hc.tar.gz \ - && mv sample-distribution-${demo_artifacts_version} honeycomb \ - && sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json - -RUN wget "${repo_url}/vfw/vfw_pg_streams/${demo_artifacts_version}/vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz" \ - && tar -zmxf vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz \ - && rm vfw_pg_streams-${demo_artifacts_version}-demo.tar.gz \ - && mv vfw_pg_streams-${demo_artifacts_version} pg_streams - -RUN mkdir -p /opt/config/ \ - && echo $protected_net_cidr > /opt/config/protected_net_cidr.txt \ - && echo $fw_ipaddr > /opt/config/fw_ipaddr.txt \ - && echo $sink_ipaddr > /opt/config/sink_ipaddr.txt \ - && echo $demo_artifacts_version > /opt/config/demo_artifacts_version.txt - -CMD ["./v_packetgen_init.sh"] diff --git a/vagrant/tests/cFW/postinstall.sh b/vagrant/tests/cFW/postinstall.sh deleted file mode 100755 index 5a1d5043..00000000 --- a/vagrant/tests/cFW/postinstall.sh +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2018 -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -set -o nounset -set -o pipefail -set -o xtrace - -# install_docker() - Download and install docker-engine -function install_docker { - local max_concurrent_downloads=${1:-3} - - if $(docker version &>/dev/null); then - return - fi - apt-get install -y software-properties-common linux-image-extra-$(uname -r) linux-image-extra-virtual apt-transport-https ca-certificates curl - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - - add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" - apt-get update - apt-get install -y docker-ce - - mkdir -p /etc/systemd/system/docker.service.d - if [ $http_proxy ]; then - cat <<EOL > /etc/systemd/system/docker.service.d/http-proxy.conf -[Service] -Environment="HTTP_PROXY=$http_proxy" -EOL - fi - if [ $https_proxy ]; then - cat <<EOL > /etc/systemd/system/docker.service.d/https-proxy.conf -[Service] -Environment="HTTPS_PROXY=$https_proxy" -EOL - fi - if [ $no_proxy ]; then - cat <<EOL > /etc/systemd/system/docker.service.d/no-proxy.conf -[Service] -Environment="NO_PROXY=$no_proxy" -EOL - fi - systemctl daemon-reload - echo "DOCKER_OPTS=\"-H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock --max-concurrent-downloads $max_concurrent_downloads \"" >> /etc/default/docker - usermod -aG docker $USER - - systemctl restart docker - sleep 10 -} - -# install_docker_compose() - Installs docker compose python module -function install_docker_compose { - if ! which pip; then - curl -sL https://bootstrap.pypa.io/get-pip.py | python - fi - pip install --upgrade pip - pip install docker-compose -} - -echo 'vm.nr_hugepages = 1024' >> /etc/sysctl.conf -sysctl -p - -install_docker -install_docker_compose - -cd /vagrant -# build vpp docker image -BUILD_ARGS="--no-cache" -if [ $HTTP_PROXY ]; then - BUILD_ARGS+=" --build-arg HTTP_PROXY=${HTTP_PROXY}" -fi -if [ $HTTPS_PROXY ]; then - BUILD_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" -fi -pushd vpp -docker build ${BUILD_ARGS} -t electrocucaracha/vpp:latest . -popd - -docker-compose up -d diff --git a/vagrant/tests/cFW/sink/Dockerfile b/vagrant/tests/cFW/sink/Dockerfile deleted file mode 100644 index 6b43ba61..00000000 --- a/vagrant/tests/cFW/sink/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -FROM ubuntu:16.04 -MAINTAINER Victor Morales <electrocucaracha@gmail.com> - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY - -ENV protected_net_cidr "192.168.20.0/24" -ENV fw_ipaddr "192.168.10.100" -ENV sink_ipaddr "192.168.20.250" -ENV demo_artifacts_version "1.3.0" -ENV protected_net_gw "192.168.20.100" -ENV unprotected_net "192.168.10.0/24" - -RUN apt-get update && apt-get install -y -qq wget net-tools - -WORKDIR /opt - -RUN wget "https://git.onap.org/demo/plain/vnfs/vFW/scripts/v_sink_init.sh" \ - && chmod +x v_sink_init.sh - -RUN mkdir -p config/ \ - && echo $protected_net_cidr > config/protected_net_cidr.txt \ - && echo $fw_ipaddr > config/fw_ipaddr.txt \ - && echo $sink_ipaddr > config/sink_ipaddr.txt \ - && echo $demo_artifacts_version > config/demo_artifacts_version.txt \ - && echo $protected_net_gw > config/protected_net_gw.txt \ - && echo $unprotected_net > config/unprotected_net.txt - -# NOTE: this script executes $ route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.20.100 -# which results in this error if doesn't have all nics required -> SIOCADDRT: File exists -CMD ["./v_sink_init.sh"] diff --git a/vagrant/tests/cFW/vpp/80-vpp.conf b/vagrant/tests/cFW/vpp/80-vpp.conf deleted file mode 100644 index 8fdf184c..00000000 --- a/vagrant/tests/cFW/vpp/80-vpp.conf +++ /dev/null @@ -1,15 +0,0 @@ -# Number of 2MB hugepages desired -vm.nr_hugepages=1024 - -# Must be greater than or equal to (2 * vm.nr_hugepages). -vm.max_map_count=3096 - -# All groups allowed to access hugepages -vm.hugetlb_shm_group=0 - -# Shared Memory Max must be greator or equal to the total size of hugepages. -# For 2MB pages, TotalHugepageSize = vm.nr_hugepages * 2 * 1024 * 1024 -# If the existing kernel.shmmax setting (cat /sys/proc/kernel/shmmax) -# is greater than the calculated TotalHugepageSize then set this parameter -# to current shmmax value. -kernel.shmmax=2147483648 diff --git a/vagrant/tests/cFW/vpp/Dockerfile b/vagrant/tests/cFW/vpp/Dockerfile deleted file mode 100644 index 63b08b01..00000000 --- a/vagrant/tests/cFW/vpp/Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -FROM ubuntu:16.04 -MAINTAINER Victor Morales <electrocucaracha@gmail.com> - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY - -RUN apt-get update && apt-get install -y -qq apt-transport-https \ - && echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io.stable.1609.ubuntu.xenial.main/ ./" | tee -a /etc/apt/sources.list.d/99fd.io.list \ - && apt-get update \ - && apt-get install -y -qq vpp vpp-lib vpp-plugins - -COPY 80-vpp.conf /etc/sysctl.d/80-vpp.conf - -CMD ["/usr/bin/vpp", "-c", "/etc/vpp/startup.conf"] |