diff options
Diffstat (limited to 'vagrant/tests/vFW')
| -rw-r--r-- | vagrant/tests/vFW/README.md | 50 | ||||
| -rw-r--r-- | vagrant/tests/vFW/Vagrantfile | 66 | ||||
| -rw-r--r-- | vagrant/tests/vFW/diagram.png | bin | 246934 -> 0 bytes | |||
| -rwxr-xr-x | vagrant/tests/vFW/firewall | 96 | ||||
| -rwxr-xr-x | vagrant/tests/vFW/packetgen | 83 | ||||
| -rwxr-xr-x | vagrant/tests/vFW/sink | 48 |
6 files changed, 0 insertions, 343 deletions
diff --git a/vagrant/tests/vFW/README.md b/vagrant/tests/vFW/README.md deleted file mode 100644 index f54a555f..00000000 --- a/vagrant/tests/vFW/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# vFirewall ONAP Use Case - -This use case is composed of three virtual functions (VFs) running in -separate Ubuntu Virtual Machines: - - * [Packet generator][1]: Sends packets to the packet sink through the -firewall. This includes a script that periodically generates different -volumes of traffic. - * [Firewall][2]: Reports the volume of traffic passing though to the -ONAP DCAE collector. - * [Traffic sink][3]: Displays the traffic volume that lands at the sink -VM using the link http://192.168.20.250:667 through your browser -and enable automatic page refresh by clicking the "Off" button. You -can see the traffic volume in the charts. - - - -## Adjust packet generator: - -The packet generator contains 10 streams: fw\_udp1, fw\_udp2, -fw\_udp3, . . . , fw\_udp10. Each stream generates 100 packets every -10 seconds. The */opt/run\_traffic\_fw\_demo.sh* script on the packet -generator VM starts automatically and alternates high traffic (i.e. -10 active streams at the same time) and low traffic (1 active stream) -every 5 minutes. - -To enable a stream, include `{"id":"fw_udp1", "is-enabled":"true"}` -in the *pg-stream* bracket. - -To adjust the traffic volume produced by the packet generator, run the -following command in a shell: - -``` - curl -X PUT \ - -H "Authorization: Basic YWRtaW46YWRtaW4=" \ - -H "Content-Type: application/json" \ - -H "Cache-Control: no-cache" \ - -d '{"pg-streams":{"pg-stream": [{"id":"fw_udp1", "is-enabled":"true"},{"id":"fw_udp2", "is-enabled":"true"},{"id":"fw_udp3", "is-enabled":"true"},{"id":"fw_udp4", "is-enabled":"true"},{"id":"fw_udp5", "is-enabled":"true"}]}}' \ - "http://192.168.10.200:8183/restconf/config/sample-plugin:sample-plugin/pg-streams" -``` - -The command above enables 5 streams. - -## License - -Apache-2.0 - -[1]: packetgen -[2]: firewall -[3]: sink diff --git a/vagrant/tests/vFW/Vagrantfile b/vagrant/tests/vFW/Vagrantfile deleted file mode 100644 index cabe6504..00000000 --- a/vagrant/tests/vFW/Vagrantfile +++ /dev/null @@ -1,66 +0,0 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : - -vars = { - "demo_artifacts_version" => "1.3.0", - 'vfw_private_ip_0' => '192.168.10.100', - 'vfw_private_ip_1' => '192.168.20.100', - 'vfw_private_ip_2' => '10.10.100.2', - 'vpg_private_ip_0' => '192.168.10.200', - 'vpg_private_ip_1' => '10.0.100.3', - 'vsn_private_ip_0' => '192.168.20.250', - 'vsn_private_ip_1' => '10.10.100.4', - 'dcae_collector_ip' => '10.0.4.1', - 'dcae_collector_port' => '8081', - 'protected_net_gw' => '192.168.20.100', - 'protected_net_cidr' => '192.168.20.0/24', - 'protected_private_net_cidr' => '192.168.10.0/24', - 'onap_private_net_cidr' => '10.10.0.0/16' -} - -if ENV['no_proxy'] != nil or ENV['NO_PROXY'] - $no_proxy = ENV['NO_PROXY'] || ENV['no_proxy'] || "127.0.0.1,localhost" - $subnet = "192.168.121" - # NOTE: This range is based on vagrant-libivirt network definition - (1..27).each do |i| - $no_proxy += ",#{$subnet}.#{i}" - end -end - -Vagrant.configure("2") do |config| - config.vm.box = "elastic/ubuntu-16.04-x86_64" - - if ENV['http_proxy'] != nil and ENV['https_proxy'] != nil - if not Vagrant.has_plugin?('vagrant-proxyconf') - system 'vagrant plugin install vagrant-proxyconf' - raise 'vagrant-proxyconf was installed but it requires to execute again' - end - config.proxy.http = ENV['http_proxy'] || ENV['HTTP_PROXY'] || "" - config.proxy.https = ENV['https_proxy'] || ENV['HTTPS_PROXY'] || "" - config.proxy.no_proxy = $no_proxy - end - - config.vm.provider 'libvirt' do |v| - v.cpu_mode = 'host-passthrough' # DPDK requires Supplemental Streaming SIMD Extensions 3 (SSSE3) - end - - config.vm.define :packetgen do |packetgen| - packetgen.vm.hostname = "packetgen" - packetgen.vm.provision 'shell', path: 'packetgen', env: vars - packetgen.vm.network :private_network, :ip => vars['vpg_private_ip_0'], :type => :static, :netmask => "255.255.255.0" # unprotected_private_net_cidr - packetgen.vm.network :private_network, :ip => vars['vpg_private_ip_1'], :type => :static, :netmask => "255.255.0.0" # onap_private_net_cidr - end - config.vm.define :firewall do |firewall| - firewall.vm.hostname = "firewall" - firewall.vm.provision 'shell', path: 'firewall', env: vars - firewall.vm.network :private_network, :ip => vars['vfw_private_ip_0'], :type => :static, :netmask => "255.255.255.0" # unprotected_private_net_cidr - firewall.vm.network :private_network, :ip => vars['vfw_private_ip_1'], :type => :static, :netmask => "255.255.255.0" # protected_private_net_cidr - firewall.vm.network :private_network, :ip => vars['vfw_private_ip_2'], :type => :static, :netmask => "255.255.0.0" # onap_private_net_cidr - end - config.vm.define :sink do |sink| - sink.vm.hostname = "sink" - sink.vm.provision 'shell', path: 'sink', env: vars - sink.vm.network :private_network, :ip => vars['vsn_private_ip_0'], :type => :static, :netmask => "255.255.255.0" # protected_private_net_cidr - sink.vm.network :private_network, :ip => vars['vsn_private_ip_1'], :type => :static, :netmask => "255.255.0.0" # onap_private_net_cidr - end -end diff --git a/vagrant/tests/vFW/diagram.png b/vagrant/tests/vFW/diagram.png Binary files differdeleted file mode 100644 index 4cf95f2f..00000000 --- a/vagrant/tests/vFW/diagram.png +++ /dev/null diff --git a/vagrant/tests/vFW/firewall b/vagrant/tests/vFW/firewall deleted file mode 100755 index 93d4f2a3..00000000 --- a/vagrant/tests/vFW/firewall +++ /dev/null @@ -1,96 +0,0 @@ -#!/bin/bash -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2018 -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -set -o nounset -set -o pipefail -set -o xtrace -set -o errexit - -# install_dependencies() - Install required dependencies -function install_dependencies { - apt-get update - apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools bsdmainutils make gcc libcurl4-gnutls-dev -} - -# install_vpp() - Install VPP -function install_vpp { - local RELEASE=".stable.1609" - - apt-get update - apt-get install -y -qq apt-transport-https - echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io$RELEASE.ubuntu.$(lsb_release -c -s).main/ ./" | tee -a /etc/apt/sources.list.d/99fd.io.list - apt-get update - apt-get install -y -qq vpp vpp-lib vpp-plugins vpp-dpdk-dkms -} - -function _untar_url { - local repo_url="https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf/" - local file_subpath=$1 - - wget -q -O tmp_file.tar.gz "${repo_url}/${file_subpath}" - sha1=$(wget ${repo_url}/${file_subpath}.sha1 -q -O -) - if [[ $(sha1sum tmp_file.tar.gz | awk '{print $1}') != "$sha1" ]]; then - echo "The downloaded file is corrupted" - exit 1 - fi - tar -zmxf tmp_file.tar.gz - rm tmp_file.tar.gz -} - -# install_vfw_scripts() - -function install_vfw_scripts { - local version=$(cat /opt/config/demo_artifacts_version.txt) - local ves_path=VES - local ves_reporting_path="${ves_path}/evel/evel-library" - - pushd /opt - wget -q https://git.onap.org/demo/plain/vnfs/vFW/scripts/{v_firewall_init,vfirewall}.sh - chmod +x *.sh - - _untar_url "sample-distribution/${version}/sample-distribution-${version}-hc.tar.gz" - mkdir -p honeycomb - mv sample-distribution-$version honeycomb - - _untar_url "ves5/ves/${version}/ves-${version}-demo.tar.gz" - mv ves-$version $ves_path - - _untar_url "ves5/ves_vfw_reporting/${version}/ves_vfw_reporting-${version}-demo.tar.gz" - mkdir -p $ves_reporting_path/code - mv ves_vfw_reporting-$version $ves_reporting_path/code/VESreporting - - chmod +x $ves_reporting_path/code/VESreporting/go-client.sh - pushd $ves_reporting_path/bldjobs/ - make clean - make - sleep 1 - popd - - # TODO(electrocucaracha) Fix it in upstream - sed -i 's/start vpp/systemctl start vpp/g' v_firewall_init.sh - mv vfirewall.sh /etc/init.d - update-rc.d vfirewall.sh defaults - systemctl start firewall - popd -} - -mkdir -p /opt/config/ -echo "$protected_net_cidr" > /opt/config/protected_net_cidr.txt -echo "$vfw_private_ip_0" > /opt/config/fw_ipaddr.txt -echo "$vsn_private_ip_0" > /opt/config/sink_ipaddr.txt -echo "$demo_artifacts_version" > /opt/config/demo_artifacts_version.txt -echo "$dcae_collector_ip" > /opt/config/dcae_collector_ip.txt -echo "$dcae_collector_port" > /opt/config/dcae_collector_port.txt - -echo 'vm.nr_hugepages = 1024' >> /etc/sysctl.conf -sysctl -p - -install_dependencies -install_vpp -install_vfw_scripts diff --git a/vagrant/tests/vFW/packetgen b/vagrant/tests/vFW/packetgen deleted file mode 100755 index 51d5c676..00000000 --- a/vagrant/tests/vFW/packetgen +++ /dev/null @@ -1,83 +0,0 @@ -#!/bin/bash -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2018 -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -set -o nounset -set -o pipefail -set -o xtrace -set -o errexit - -# install_dependencies() - Install required dependencies -function install_dependencies { - apt-get update - apt-get install -y -qq wget openjdk-8-jre bridge-utils net-tools bsdmainutils -} - -# install_vpp() - Install VPP -function install_vpp { - local RELEASE=".stable.1609" - - apt-get update - apt-get install -y -qq apt-transport-https - echo "deb [trusted=yes] https://nexus.fd.io/content/repositories/fd.io$RELEASE.ubuntu.$(lsb_release -c -s).main/ ./" | tee -a /etc/apt/sources.list.d/99fd.io.list - apt-get update - apt-get install -y -qq vpp vpp-lib vpp-plugins vpp-dpdk-dkms -} - -function _untar_url { - local repo_url="https://nexus.onap.org/content/repositories/staging/org/onap/demo/vnf/" - local file_subpath=$1 - - wget -q -O tmp_file.tar.gz "${repo_url}/${file_subpath}" - sha1=$(wget ${repo_url}/${file_subpath}.sha1 -q -O -) - if [[ $(sha1sum tmp_file.tar.gz | awk '{print $1}') != "$sha1" ]]; then - echo "The downloaded file is corrupted" - exit 1 - fi - tar -zmxf tmp_file.tar.gz - rm tmp_file.tar.gz -} - -# install_vfw_scripts() - -function install_vfw_scripts { - local version=$(cat /opt/config/demo_artifacts_version.txt) - - pushd /opt - wget -q https://git.onap.org/demo/plain/vnfs/vFW/scripts/{v_packetgen_init,vpacketgen,run_traffic_fw_demo}.sh - chmod +x *.sh - - _untar_url "sample-distribution/${version}/sample-distribution-${version}-hc.tar.gz" - mv sample-distribution-$version honeycomb - - _untar_url "vfw/vfw_pg_streams/$version/vfw_pg_streams-$version-demo.tar.gz" - mv vfw_pg_streams-$version pg_streams - - sed -i 's/"restconf-binding-address": "127.0.0.1",/"restconf-binding-address": "0.0.0.0",/g' /opt/honeycomb/config/honeycomb.json - - # TODO(electrocucaracha) Fix it in upstream - sed -i 's/start vpp/systemctl start vpp/g' v_packetgen_init.sh - sed -i 's|/opt/honeycomb/sample-distribution-\$VERSION/honeycomb|/opt/honeycomb/honeycomb|g' v_packetgen_init.sh - mv vpacketgen.sh /etc/init.d/ - update-rc.d vpacketgen.sh defaults - systemctl start packetgen - popd -} - -mkdir -p /opt/config/ -echo "$protected_net_cidr" > /opt/config/protected_net_cidr.txt -echo "$vfw_private_ip_0" > /opt/config/fw_ipaddr.txt -echo "$vsn_private_ip_0" > /opt/config/sink_ipaddr.txt -echo "$demo_artifacts_version" > /opt/config/demo_artifacts_version.txt - -echo 'vm.nr_hugepages = 1024' >> /etc/sysctl.conf -sysctl -p - -install_dependencies -install_vpp -install_vfw_scripts diff --git a/vagrant/tests/vFW/sink b/vagrant/tests/vFW/sink deleted file mode 100755 index 5604198f..00000000 --- a/vagrant/tests/vFW/sink +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash -# SPDX-license-identifier: Apache-2.0 -############################################################################## -# Copyright (c) 2018 -# All rights reserved. This program and the accompanying materials -# are made available under the terms of the Apache License, Version 2.0 -# which accompanies this distribution, and is available at -# http://www.apache.org/licenses/LICENSE-2.0 -############################################################################## - -set -o nounset -set -o pipefail -set -o xtrace -set -o errexit - -# install_dependencies() - Install required dependencies -function install_dependencies { - apt-get update - apt install -y wget darkstat net-tools - - # Configure and run Darkstat - sed -i "s/START_DARKSTAT=.*/START_DARKSTAT=yes/g;s/INTERFACE=.*/INTERFACE=\"-i eth1\"/g" /etc/darkstat/init.cfg - - systemctl restart darkstat -} - -# install_vfw_scripts() - -function install_vfw_scripts { - pushd /opt - wget -q https://git.onap.org/demo/plain/vnfs/vFW/scripts/{v_sink_init,vsink}.sh - chmod +x *.sh - - mv vsink.sh /etc/init.d - update-rc.d vsink.sh defaults - systemctl start sink - popd -} - -mkdir -p /opt/config/ -echo "$protected_net_cidr" > /opt/config/protected_net_cidr.txt -echo "$vfw_private_ip_0" > /opt/config/fw_ipaddr.txt -echo "$vsn_private_ip_0" > /opt/config/sink_ipaddr.txt -echo "$demo_artifacts_version" > /opt/config/demo_artifacts_version.txt -echo "$protected_net_gw" > /opt/config/protected_net_gw.txt -echo "$protected_private_net_cidr" > /opt/config/unprotected_net.txt - -install_dependencies -install_vfw_scripts |
