From f2fe996e63e406973de99fc558b297757d325546 Mon Sep 17 00:00:00 2001 From: Todd Malsbary Date: Thu, 22 Jul 2021 14:12:00 -0700 Subject: Replace virtlet with kubevirt in plugin_fw_v2 Issue-ID: MULTICLOUD-1324 Signed-off-by: Todd Malsbary Change-Id: Ifd8ae34b8f04da52acc4c3a6a8259d1bcd05616c --- .../firewall/templates/deployment.yaml | 135 +++++++++++++-------- kud/demo/composite-firewall/firewall/values.yaml | 11 +- .../packetgen/templates/deployment.yaml | 123 ++++++++++++------- kud/demo/composite-firewall/packetgen/values.yaml | 11 +- kud/demo/composite-firewall/sink/values.yaml | 4 +- kud/hosting_providers/containerized/installer.sh | 3 + kud/tests/_functions.sh | 4 + kud/tests/plugin_fw_v2.sh | 18 ++- kud/tests/plugin_fw_v2.yaml | 19 +-- 9 files changed, 196 insertions(+), 132 deletions(-) diff --git a/kud/demo/composite-firewall/firewall/templates/deployment.yaml b/kud/demo/composite-firewall/firewall/templates/deployment.yaml index 632a50bf..560f66de 100644 --- a/kud/demo/composite-firewall/firewall/templates/deployment.yaml +++ b/kud/demo/composite-firewall/firewall/templates/deployment.yaml @@ -1,5 +1,5 @@ -apiVersion: apps/v1 -kind: Deployment +apiVersion: kubevirt.io/v1alpha3 +kind: VirtualMachine metadata: name: {{ include "firewall.fullname" . }} labels: @@ -7,57 +7,96 @@ metadata: app: {{ include "firewall.name" . }} chart: {{ .Chart.Name }} spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "firewall.name" . }} - release: {{ .Release.Name }} + running: true template: metadata: labels: app: {{ include "firewall.name" . }} release: {{ .Release.Name }} - annotations: - VirtletLibvirtCPUSetting: | - mode: host-model - VirtletCloudInitUserData: | - ssh_pwauth: True - users: - - name: admin - gecos: User - primary-group: admin - groups: users - sudo: ALL=(ALL) NOPASSWD:ALL - lock_passwd: false - passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/" - runcmd: - - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }} - - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }} - - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }} - - export protected_net_cidr={{ .Values.global.protectedNetCidr }} - - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }} - - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }} - - export protected_net_gw={{ .Values.global.protectedNetGw }} - - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }} - - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/firewall | sudo -E bash - VirtletRootVolumeSize: 5Gi - kubernetes.io/target-runtime: virtlet.cloud spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: extraRuntime - operator: In - values: - - virtlet - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - tty: true - stdin: true + domain: + cpu: + model: host-model + devices: + disks: + - name: containerdisk + disk: + bus: virtio + - name: cloudinitdisk + disk: + bus: virtio + interfaces: + - name: default + bridge: {} + - name: unprotected + macAddress: 52:57:2b:7b:e4:27 + bridge: {} + - name: protected + macAddress: fa:d1:3a:a1:5c:67 + bridge: {} + - name: emco + macAddress: 86:31:ea:6a:ce:75 + bridge: {} resources: - limits: + requests: memory: {{ .Values.resources.memory }} + networks: + - name: default + pod: {} + - name: unprotected + multus: + networkName: {{ .Values.global.unprotectedNetworkName }} + - name: protected + multus: + networkName: {{ .Values.global.protectedNetworkName }} + - name: emco + multus: + networkName: {{ .Values.global.emcoPrivateNetworkName }} + volumes: + - name: cloudinitdisk + cloudInitNoCloud: + networkData: | + version: 2 + ethernets: + enp1s0: + dhcp4: true + eth1: + match: + macaddress: "52:57:2b:7b:e4:27" + set-name: eth1 + dhcp4: true + eth2: + match: + macaddress: "fa:d1:3a:a1:5c:67" + set-name: eth2 + dhcp4: true + eth3: + match: + macaddress: "86:31:ea:6a:ce:75" + set-name: eth3 + dhcp4: true + userData: | + #cloud-config + ssh_pwauth: True + users: + - name: admin + gecos: User + primary-group: admin + groups: users + sudo: ALL=(ALL) NOPASSWD:ALL + lock_passwd: false + passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/" + runcmd: + - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }} + - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }} + - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }} + - export protected_net_cidr={{ .Values.global.protectedNetCidr }} + - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }} + - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }} + - export protected_net_gw={{ .Values.global.protectedNetGw }} + - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }} + - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/firewall | sudo -E bash + - name: containerdisk + containerDisk: + image: integratedcloudnative/ubuntu:16.04 + imagePullPolicy: IfNotPresent diff --git a/kud/demo/composite-firewall/firewall/values.yaml b/kud/demo/composite-firewall/firewall/values.yaml index 09098564..813174a2 100644 --- a/kud/demo/composite-firewall/firewall/values.yaml +++ b/kud/demo/composite-firewall/firewall/values.yaml @@ -2,13 +2,6 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -replicaCount: 1 - -image: - repository: virtlet.cloud/ubuntu/16.04 - tag: latest - pullPolicy: IfNotPresent - nameOverride: "" fullnameOverride: "" @@ -35,8 +28,8 @@ global: vfwPrivateIp2: 10.10.20.3 #Packetgen container - vpgPrivateIp0: 192.168.10.200 - vpgPrivateIp1: 10.10.20.200 + vpgPrivateIp0: 192.168.10.2 + vpgPrivateIp1: 10.10.20.2 #Sink container vsnPrivateIp0: 192.168.20.3 diff --git a/kud/demo/composite-firewall/packetgen/templates/deployment.yaml b/kud/demo/composite-firewall/packetgen/templates/deployment.yaml index 827d2838..a46d22ee 100644 --- a/kud/demo/composite-firewall/packetgen/templates/deployment.yaml +++ b/kud/demo/composite-firewall/packetgen/templates/deployment.yaml @@ -1,5 +1,5 @@ -apiVersion: apps/v1 -kind: Deployment +apiVersion: kubevirt.io/v1alpha3 +kind: VirtualMachine metadata: name: {{ include "packetgen.fullname" . }} labels: @@ -7,11 +7,7 @@ metadata: app: {{ include "packetgen.name" . }} chart: {{ .Chart.Name }} spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "packetgen.name" .}} - release: {{ .Release.Name }} + running: true template: metadata: labels: @@ -20,46 +16,79 @@ spec: annotations: app: {{ include "packetgen.name" . }} release: {{ .Release.Name }} - VirtletLibvirtCPUSetting: | - mode: host-model - VirtletCloudInitUserData: | - ssh_pwauth: True - users: - - name: admin - gecos: User - primary-group: admin - groups: users - sudo: ALL=(ALL) NOPASSWD:ALL - lock_passwd: false - passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/" - runcmd: - - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }} - - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }} - - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }} - - export protected_net_cidr={{ .Values.global.protectedNetCidr }} - - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }} - - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }} - - export protected_net_gw={{ .Values.global.protectedNetGw }} - - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }} - - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/packetgen | sudo -E bash - VirtletRootVolumeSize: 5Gi - kubernetes.io/target-runtime: virtlet.cloud spec: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: extraRuntime - operator: In - values: - - virtlet - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - tty: true - stdin: true + domain: + cpu: + model: host-model + devices: + disks: + - name: containerdisk + disk: + bus: virtio + - name: cloudinitdisk + disk: + bus: virtio + interfaces: + - name: default + bridge: {} + - name: unprotected + macAddress: ee:f0:75:e0:b6:26 + bridge: {} + - name: emco + macAddress: 0a:c0:37:55:f5:ab + bridge: {} resources: - limits: + requests: memory: {{ .Values.resources.limits.memory }} + networks: + - name: default + pod: {} + - name: unprotected + multus: + networkName: {{ .Values.global.unprotectedNetworkName }} + - name: emco + multus: + networkName: {{ .Values.global.emcoPrivateNetworkName }} + volumes: + - name: cloudinitdisk + cloudInitNoCloud: + networkData: | + version: 2 + ethernets: + enp1s0: + dhcp4: true + eth1: + match: + macaddress: "ee:f0:75:e0:b6:26" + set-name: eth1 + dhcp4: true + eth2: + match: + macaddress: "0a:c0:37:55:f5:ab" + set-name: eth2 + dhcp4: true + userData: | + #cloud-config + ssh_pwauth: True + users: + - name: admin + gecos: User + primary-group: admin + groups: users + sudo: ALL=(ALL) NOPASSWD:ALL + lock_passwd: false + passwd: "$6$rounds=4096$QA5OCKHTE41$jRACivoPMJcOjLRgxl3t.AMfU7LhCFwOWv2z66CQX.TSxBy50JoYtycJXSPr2JceG.8Tq/82QN9QYt3euYEZW/" + runcmd: + - export demo_artifacts_version={{ .Values.global.demoArtifactsVersion }} + - export vfw_private_ip_0={{ .Values.global.vfwPrivateIp0 }} + - export vsn_private_ip_0={{ .Values.global.vsnPrivateIp0 }} + - export protected_net_cidr={{ .Values.global.protectedNetCidr }} + - export dcae_collector_ip={{ .Values.global.dcaeCollectorIp }} + - export dcae_collector_port={{ .Values.global.dcaeCollectorPort }} + - export protected_net_gw={{ .Values.global.protectedNetGw }} + - export protected_private_net_cidr={{ .Values.global.protectedPrivateNetCidr }} + - wget -O - https://git.onap.org/multicloud/k8s/plain/kud/tests/vFW/packetgen | sudo -E bash + - name: containerdisk + containerDisk: + image: integratedcloudnative/ubuntu:16.04 + imagePullPolicy: IfNotPresent diff --git a/kud/demo/composite-firewall/packetgen/values.yaml b/kud/demo/composite-firewall/packetgen/values.yaml index f8cac9d5..89bd049b 100644 --- a/kud/demo/composite-firewall/packetgen/values.yaml +++ b/kud/demo/composite-firewall/packetgen/values.yaml @@ -2,13 +2,6 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -replicaCount: 1 - -image: - repository: virtlet.cloud/ubuntu/16.04 - tag: latest - pullPolicy: IfNotPresent - nameOverride: "" fullnameOverride: "" @@ -43,8 +36,8 @@ global: vfwPrivateIp2: 10.10.20.3 #Packetgen container - vpgPrivateIp0: 192.168.10.200 - vpgPrivateIp1: 10.10.20.200 + vpgPrivateIp0: 192.168.10.2 + vpgPrivateIp1: 10.10.20.2 #Sink container vsnPrivateIp0: 192.168.20.3 diff --git a/kud/demo/composite-firewall/sink/values.yaml b/kud/demo/composite-firewall/sink/values.yaml index b7ba1913..8d80b81f 100644 --- a/kud/demo/composite-firewall/sink/values.yaml +++ b/kud/demo/composite-firewall/sink/values.yaml @@ -47,8 +47,8 @@ global: vfwPrivateIp2: 10.10.20.3 #Packetgen container - vpgPrivateIp0: 192.168.10.200 - vpgPrivateIp1: 10.10.20.200 + vpgPrivateIp0: 192.168.10.2 + vpgPrivateIp1: 10.10.20.2 #Sink container vsnPrivateIp0: 192.168.20.3 diff --git a/kud/hosting_providers/containerized/installer.sh b/kud/hosting_providers/containerized/installer.sh index cdb43dd5..18ebfff3 100755 --- a/kud/hosting_providers/containerized/installer.sh +++ b/kud/hosting_providers/containerized/installer.sh @@ -239,6 +239,9 @@ function install_host_artifacts { for test in _common _common_test _functions topology-manager-sriov kubevirt multus ovn4nfv nfd sriov-network qat cmk; do cp ${kud_tests}/${test}.sh ${host_addons_dir}/tests done + cp ${kud_tests}/plugin_fw_v2.sh ${host_addons_dir}/tests + cp ${kud_tests}/plugin_fw_v2.yaml ${host_addons_dir}/tests + cp -r ${kud_tests}/../demo/composite-firewall ${host_addons_dir}/tests mkdir -p ${host_artifacts_dir} cp -rf ${kud_inventory_folder}/artifacts/* ${host_artifacts_dir} diff --git a/kud/tests/_functions.sh b/kud/tests/_functions.sh index 1a803173..ec415409 100755 --- a/kud/tests/_functions.sh +++ b/kud/tests/_functions.sh @@ -14,7 +14,11 @@ set -o pipefail FUNCTIONS_DIR="$(readlink -f "$(dirname "${BASH_SOURCE[0]}")")" +# Do not overwrite any user modifications to PATH when sourcing +# /etc/environment +USER_PATH=$PATH source /etc/environment +PATH=$USER_PATH:$PATH source $FUNCTIONS_DIR/_common_test.sh function print_msg { diff --git a/kud/tests/plugin_fw_v2.sh b/kud/tests/plugin_fw_v2.sh index d6254ac3..abab9004 100755 --- a/kud/tests/plugin_fw_v2.sh +++ b/kud/tests/plugin_fw_v2.sh @@ -14,10 +14,10 @@ set -o pipefail source _common_test.sh source _functions.sh -source _functions.sh # TODO KUBECONFIG may be a list of paths -kubeconfig_path="${KUBECONFIG:-$HOME/.kube/config}" +KUBECONFIG_PATH="${KUBECONFIG:-$HOME/.kube/config}" +DEMO_FOLDER="${DEMO_FOLDER:-$test_folder/../demo}" clusters="${KUD_PLUGIN_FW_CLUSTERS:-$(cat <