From 574785c07010a494fbd1456d11e7c0449ad43c38 Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Tue, 28 Aug 2018 15:09:02 -0700 Subject: Add KRD source code This changes includes the source code created for the Kubernetes Reference Deployment(KRD) which helps to provide an automated mechanism to install and configure Kubernetes services required for the MultiCloud/K8s plugin. Change-Id: Ica49566fcd531e25846ed3e5062de2f92ec56f6c Signed-off-by: Victor Morales Issue-ID: MULTICLOUD-301 --- vagrant/tests/integration_cFW.sh | 194 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 194 insertions(+) create mode 100755 vagrant/tests/integration_cFW.sh (limited to 'vagrant/tests/integration_cFW.sh') diff --git a/vagrant/tests/integration_cFW.sh b/vagrant/tests/integration_cFW.sh new file mode 100755 index 00000000..e4b305f4 --- /dev/null +++ b/vagrant/tests/integration_cFW.sh @@ -0,0 +1,194 @@ +#!/bin/bash +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2018 +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +set -o errexit +set -o nounset +set -o pipefail + +rm -f $HOME/*.yaml +packetgen_deployment_name=packetgen +sink_deployment_name=sink +firewall_deployment_name=firewall + +cat << NET > $HOME/unprotected-private-net-cidr-network.yaml +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: unprotected-private-net-cidr +spec: + config: '{ + "name": "unprotected", + "type": "bridge", + "ipam": { + "type": "host-local", + "subnet": "192.168.10.0/24" + } +}' +NET + +cat << NET > $HOME/protected-private-net-cidr-network.yaml +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: protected-private-net-cidr +spec: + config: '{ + "name": "protected", + "type": "bridge", + "ipam": { + "type": "host-local", + "subnet": "192.168.20.0/24" + } +}' +NET + +cat << NET > $HOME/onap-private-net-cidr-network.yaml +apiVersion: "kubernetes.cni.cncf.io/v1" +kind: Network +metadata: + name: onap-private-net-cidr +spec: + config: '{ + "name": "onap", + "type": "bridge", + "ipam": { + "type": "host-local", + "subnet": "10.10.0.0/16" + } +}' +NET + +cat << DEPLOYMENT > $HOME/$packetgen_deployment_name.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: $packetgen_deployment_name + labels: + app: vFirewall +spec: + replicas: 1 + selector: + matchLabels: + app: vFirewall + template: + metadata: + labels: + app: vFirewall + annotations: + kubernetes.v1.cni.cncf.io/networks: '[ + { "name": "unprotected-private-net-cidr", "interfaceRequest": "eth1" }, + { "name": "onap-private-net-cidr", "interfaceRequest": "eth2" } + ]' + spec: + containers: + - name: $packetgen_deployment_name + image: electrocucaracha/packetgen + imagePullPolicy: IfNotPresent + tty: true + stdin: true + resources: + limits: + memory: 256Mi +DEPLOYMENT + +cat << DEPLOYMENT > $HOME/$firewall_deployment_name.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: $firewall_deployment_name + labels: + app: vFirewall +spec: + replicas: 1 + selector: + matchLabels: + app: vFirewall + template: + metadata: + labels: + app: vFirewall + annotations: + kubernetes.v1.cni.cncf.io/networks: '[ + { "name": "unprotected-private-net-cidr", "interfaceRequest": "eth1" }, + { "name": "protected-private-net-cidr", "interfaceRequest": "eth2" }, + { "name": "onap-private-net-cidr", "interfaceRequest": "eth3" } + ]' + spec: + containers: + - name: $firewall_deployment_name + image: electrocucaracha/firewall + imagePullPolicy: IfNotPresent + tty: true + stdin: true + resources: + limits: + memory: 160Mi +DEPLOYMENT + +cat << DEPLOYMENT > $HOME/$sink_deployment_name.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: $sink_deployment_name + labels: + app: vFirewall +spec: + replicas: 1 + selector: + matchLabels: + app: vFirewall + template: + metadata: + labels: + app: vFirewall + annotations: + kubernetes.v1.cni.cncf.io/networks: '[ + { "name": "protected-private-net-cidr", "interfaceRequest": "eth1" }, + { "name": "onap-private-net-cidr", "interfaceRequest": "eth2" } + ]' + spec: + containers: + - name: $sink_deployment_name + image: electrocucaracha/sink + imagePullPolicy: IfNotPresent + tty: true + stdin: true + resources: + limits: + memory: 160Mi +DEPLOYMENT + +if $(kubectl version &>/dev/null); then + kubectl apply -f $HOME/unprotected-private-net-cidr-network.yaml + kubectl apply -f $HOME/protected-private-net-cidr-network.yaml + kubectl apply -f $HOME/onap-private-net-cidr-network.yaml + + for deployment_name in $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name; do + kubectl delete deployment $deployment_name --ignore-not-found=true --now + while kubectl get deployment $deployment_name &>/dev/null; do + sleep 5 + done + kubectl create -f $HOME/$deployment_name.yaml + done + + for deployment_name in $packetgen_deployment_name $firewall_deployment_name $sink_deployment_name; do + status_phase="" + while [[ $status_phase != "Running" ]]; do + new_phase=$(kubectl get pods | grep $deployment_name | awk '{print $3}') + if [[ $new_phase != $status_phase ]]; then + echo "$(date +%H:%M:%S) - $deployment_name : $new_phase" + status_phase=$new_phase + fi + if [[ $new_phase == "Err"* ]]; then + exit 1 + fi + done + done +fi -- cgit 1.2.3-korg