summaryrefslogtreecommitdiffstats
path: root/kud/tests/sdwan/test.sh
blob: ba4b4173070d3cbc6917a6d6d92d3e102fa1bbd7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
#!/bin/bash
# SPDX-license-identifier: Apache-2.0
##############################################################################
# Copyright (c) 2018
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################

set -o errexit
set -o nounset
set -o pipefail

sdwan_pod_name=sdwan-ovn-pod
ovn_pod_name=ovn-pod
wan_interface=net0

function login {
    login_url=http://$1/cgi-bin/luci/
    echo $(wget -S --spider --post-data "luci_username=root&luci_password=" $login_url 2>&1 | grep sysauth= | sed -r 's/.*sysauth=([^;]+);.*/\1/')
}

function disable_ping {
    command_url=http://$2/cgi-bin/luci/admin/config/command
    command="uci set firewall.@rule[1].target='REJECT';fw3 reload"
    echo $(wget -S --spider --header="Cookie:sysauth=$1" --post-data "command=$command" $command_url 2>&1)
}

function enable_ping {
    command_url=http://$2/cgi-bin/luci/admin/config/command
    command="uci set firewall.@rule[1].target='ACCEPT';fw3 reload"
    echo $(wget -S --spider --header="Cookie:sysauth=$1" --post-data "command=$command" $command_url 2>&1)
}

function wait_for_pod {
    status_phase=""
    while [[ "$status_phase" != "Running" ]]; do
        new_phase="$(kubectl get pods -o wide | grep ^$1 | awk '{print $3}')"
        if [[ "$new_phase" != "$status_phase" ]]; then
            status_phase="$new_phase"
        fi
        if [[ "$new_phase" == "Err"* ]]; then
            exit 1
        fi
        sleep 2
    done
}

function wait_for_pod_namespace {
    status_phase=""
    while [[ "$status_phase" != "Running" ]]; do
        new_phase="$(kubectl get pods -o wide -n $2 | grep ^$1 | awk '{print $3}')"
        if [[ "$new_phase" != "$status_phase" ]]; then
            status_phase="$new_phase"
        fi
        if [[ "$new_phase" == "Err"* ]]; then
            exit 1
        fi
        sleep 2
    done
}

echo "Waiting for pods to be ready ..."
wait_for_pod $ovn_pod_name
wait_for_pod $sdwan_pod_name
echo "* Create pods success"

sdwan_pod_ip=$(kubectl get pods -o wide | grep ^$sdwan_pod_name | awk '{print $6}')
ovn_pod_ip=$(kubectl get pods -o wide | grep ^$ovn_pod_name | awk '{print $6}')
echo "SDWAN pod ip:"$sdwan_pod_ip
echo "OVN pod ip:"$ovn_pod_ip

echo "Login to sdwan ..."
security_token=""
while [[ "$security_token" == "" ]]; do
    echo "Get Security Token ..."
    security_token=$(login $sdwan_pod_ip)
    sleep 2
done
echo "* Security Token: "$security_token

kubectl exec $sdwan_pod_name ifconfig

sdwan_pod_wan_ip=$(kubectl exec $sdwan_pod_name ifconfig $wan_interface  | awk '/inet/{print $2}' | cut -f2 -d ":" | awk 'NR==1 {print $1}')
echo "Verify ping is work through wan interface between $sdwan_pod_name and $ovn_pod_name"
ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip)
if [[ $ping_result == *", 0% packet loss"* ]]; then
    echo "* Ping is work through wan interface"
else
    echo "* Test failed!"
    exit 1
fi

echo "Disable ping rule of wan interface ..."
ret=$(disable_ping $security_token $sdwan_pod_ip)

echo "Verify ping is not work through wan interface after ping rule disabled"
ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip 2>&1 || true)
if [[ $ping_result == *", 100% packet loss"* ]]; then
    echo "* Ping is disabled"
else
    echo "* Test failed!"
    exit 1
fi

echo "Enable ping rule of wan interface ..."
ret=$(enable_ping $security_token $sdwan_pod_ip)

echo "Verify ping is work through wan interface after ping rule enabled"
ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip)
if [[ $ping_result == *", 0% packet loss"* ]]; then
    echo "* Ping is enabled"
else
    echo "* Test failed!"
    exit 1
fi


echo "Test Completed!"