3 To accommodate the git repo access issue, the cgts-client and distributed client are
4 cloned into temp before docker building
9 git clone --depth 1 --branch master https://opendev.org/starlingx/config.git
10 git clone --depth 1 --branch master https://opendev.org/starlingx/distcloud-client.git
22 source ./admin_openrc.sh
23 export |grep OS_AUTH_URL
24 export |grep OS_USERNAME
25 export |grep OS_PASSWORD
27 docker-compose run --rm --no-deps --entrypoint=pytest api /tests/unit /tests/integration
30 ## Running the tests with a O-Cloud
32 Prerequisite: in case of testing against real ocloud, download openrc file from ocloud dashboard, e.g.
36 docker-compose run --rm --no-deps --entrypoint=pytest api /tests/unit /tests/integration-ocloud
38 docker-compose run --rm --no-deps --entrypoint=pytest api /tests/integration-ocloud --log-level=DEBUG --log-file=/test
42 ## Tear down containers
45 docker-compose down --remove-orphans
48 ## Test with local virtualenv
51 python3.8 -m venv .venv && source .venv/bin/activate
52 pip install -r requirements.txt -c constraints.txt
53 pip install -r requirements-test.txt
55 # pip install -e o2dms -e o2common
57 pytest tests/integration
62 Test O2DMS with docker-compose
63 ==============================
65 ## setup account over INF and get token
69 NAMESPACE="kube-system"
71 cat <<EOF > admin-login.yaml
76 namespace: kube-system
78 apiVersion: rbac.authorization.k8s.io/v1
79 kind: ClusterRoleBinding
83 apiGroup: rbac.authorization.k8s.io
87 - kind: ServiceAccount
89 namespace: kube-system
91 kubectl apply -f admin-login.yaml
92 TOKEN_DATA=$(kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep ${USER} | awk '{print $1}') | grep "token:" | awk '{print $2}')
96 ## setup remote cli to access kubenetes cluster over INF
99 sudo apt-get install -y apt-transport-https
100 echo "deb http://mirrors.ustc.edu.cn/kubernetes/apt kubernetes-xenial main" | \
101 sudo tee -a /etc/apt/sources.list.d/kubernetes.list
103 sudo apt-get install -y kubectl
105 source <(kubectl completion bash) # setup autocomplete in bash into the current shell, bash-completion package should be installed first.
106 echo "source <(kubectl completion bash)" >> ~/.bashrc # add autocomplete permanently to your bash shell.
108 https://get.helm.sh/helm-v3.5.3-linux-amd64.tar.gz
109 tar xvf helm-v3.5.3-linux-amd64.tar.gz
110 sudo cp linux-amd64/helm /usr/local/bin
112 source <(helm completion bash)
113 echo "source <(helm completion bash)" >> ~/.bashrc
117 TOKEN_DATA=<TOKEN_DATA from INF>
121 kubectl config set-cluster inf-cluster --server=https://${OAM_IP}:6443 --insecure-skip-tls-verify
122 kubectl config set-credentials ${USER} --token=$TOKEN_DATA
123 kubectl config set-context ${USER}@inf-cluster --cluster=inf-cluster --user ${USER} --namespace=${NAMESPACE}
124 kubectl config use-context ${USER}@inf-cluster
131 ## setup local repo: o2imsrepo
134 helm repo add chartmuseum https://chartmuseum.github.io/charts
136 helm pull chartmuseum/chartmuseum # download chartmuseum-3.4.0.tgz to local
137 tar zxvf chartmuseum-3.4.0.tgz
139 export NODE_IP=<INF OAM IP>
141 cat <<EOF>chartmuseum-override.yaml
150 helm install chartmuseumrepo chartmuseum/chartmuseum -f chartmuseum-override.yaml
154 helm repo add o2imsrepo http://${NODE_IP}:30330
157 helm repo add bitnami https://charts.bitnami.com/bitnami
160 helm pull bitnami/mysql
161 helm push mysql-8.8.16.tgz o2imsrepo
164 helm install my-release o2imsrepo/mysql
172 ## Verify CFW over INF: Test with cnf firewall-host-netdevice
174 ## Setup host netdevice over INF
177 ssh sysadmin@<inf oam IP>
178 sudo ip link add name veth11 type veth peer name veth12
179 sudo ip link add name veth21 type veth peer name veth22
180 sudo ip link |grep veth
185 ## verify CNF over INF
187 git clone https://github.com/biny993/firewall-host-netdevice.git
189 cat <<EOF> cfw-hostdev-override.yaml
194 pullPolicy: IfNotPresent
201 #global vars for parent and subcharts.
204 unprotectedNetPortVpg: veth11
205 unprotectedNetPortVfw: veth12
206 unprotectedNetCidr: 10.10.1.0/24
207 unprotectedNetGwIp: 10.10.1.1
209 protectedNetPortVfw: veth21
210 protectedNetPortVsn: veth22
211 protectedNetCidr: 10.10.2.0/24
212 protectedNetGwIp: 10.10.2.1
214 vfwPrivateIp0: 10.10.1.1
215 vfwPrivateIp1: 10.10.2.1
217 vpgPrivateIp0: 10.10.1.2
219 vsnPrivateIp0: 10.10.2.2
223 helm install cfw1 firewall-host-netdevice -f cfw-hostdev-override.yaml
228 ## push repo to o2imsrepo
231 tar -zcvf firewall-host-netdevice-1.0.0.tgz firewall-host-netdevice/
232 helm push firewall-host-netdevice-1.0.0.tgz o2imsrepo
234 helm search repo firewall
236 helm install cfw1 o2imsrepo/firewall-host-netdevice -f cfw-hostdev-override.yaml
241 ## build docker image for o2 services
248 ## bootstrap o2 service with docker-compose
251 mkdir -p temp/kubeconfig/
252 cp <your .kube/config> temp/kubeconfig/
254 source ./admin_openrc.sh
255 export K8S_KUBECONFIG=/etc/kubeconfig/config
257 docker logs -f o2_redis_pubsub_1
261 ## simiulate SMO to deploy CFW
265 curl --location --request GET 'http://localhost:5005/o2ims_infrastructureInventory/v1/deploymentManagers'
266 export dmsId=<DMS ID>
267 curl --location --request POST 'http://localhost:5005/o2dms/v1/${dmsId}/O2dms_DeploymentLifecycle/NfDeploymentDescriptor' \
268 --header 'Content-Type: application/json' \
271 "description": "demo nf deployment descriptor",
272 "artifactRepoUrl": "http://128.224.115.15:30330",
273 "artifactName": "firewall-host-netdevice",
275 "{\n \"image\": {\n \"repository\": \"ubuntu\",\n \"tag\": 18.04,\n \"pullPolicy\": \"IfNotPresent\"\n },\n \"resources\": {\n \"cpu\": 2,\n \"memory\": \"2Gi\",\n \"hugepage\": \"256Mi\",\n \"unprotectedNetPortVpg\": \"veth11\",\n \"unprotectedNetPortVfw\": \"veth12\",\n \"unprotectedNetCidr\": \"10.10.1.0/24\",\n \"unprotectedNetGwIp\": \"10.10.1.1\",\n \"protectedNetPortVfw\": \"veth21\",\n \"protectedNetPortVsn\": \"veth22\",\n \"protectedNetCidr\": \"10.10.2.0/24\",\n \"protectedNetGwIp\": \"10.10.2.1\",\n \"vfwPrivateIp0\": \"10.10.1.1\",\n \"vfwPrivateIp1\": \"10.10.2.1\",\n \"vpgPrivateIp0\": \"10.10.1.2\",\n \"vsnPrivateIp0\": \"10.10.2.2\"\n }\n}",
276 "outputParams": "{\"output1\": 100}"
279 curl --location --request GET 'http://localhost:5005/o2dms/v1/${dmsId}/O2dms_DeploymentLifecycle/NfDeploymentDescriptor'
281 curl --location --request POST 'http://localhost:5005/o2dms/v1/${dmsId}/O2dms_DeploymentLifecycle/NfDeployment' \
282 --header 'Content-Type: application/json' \
285 "description": "demo nf deployment",
286 "descriptorId": "<NfDeploymentDescriptorId>",
287 "parentDeploymentId": ""
290 curl --location --request GET 'http://localhost:5005/o2dms/v1/${dmsId}/O2dms_DeploymentLifecycle/NfDeployment'
292 export NfDeploymentId=<NfDeployment Id>
299 docker logs -f o2_redis_pubsub_1
301 kubectl logs -f cfw100-sink-host-netdevice-59bf6fbd4b-845p4
304 ## watch traffic stats
306 open browswer with url: http://<NODE_IP>:30667
312 curl --location --request DELETE 'http://localhost:5005/o2dms/v1/${dmsId}/O2dms_DeploymentLifecycle/NfDeployment/${NfDeploymentId}'