13 files changed, 208 insertions, 35 deletions

diff --git a/INFO b/INFO
deleted file mode 100644
index 4e147a4..0000000
--- a/INFO
+++ /dev/null
@@ -1,17 +0,0 @@
-Project: Cloud native computing framework for NFV (Clover)
-Project Creation Date: 
-Project Category: 
-Lifecycle State: Incubation
-Primary Contact: Wenjing Chu, wenjing.chu@huawei.com
-Project Lead: Stephen Wong, stephen.wong1@huawei.com
-Jira Project Name: Clover
-Jira Project Prefix: CLOVER 
-Mailing list tag: [clover]
-IRC: Server: 
-Repository: clover
-
-Committers:
-stephen.wong1@huawei.com
-wenjing.chu@huawei.com
-
-Link to TSC approval of the project: 
diff --git a/INFO.yaml b/INFO.yaml
index abe5ba5..12700e1 100644
--- a/INFO.yaml
+++ b/INFO.yaml
@@ -4,6 +4,10 @@ project_creation_date: ''
 project_category: ''
 lifecycle_state: 'Incubation'
 project_lead: &opnfv_clover_ptl
+    name: 'Wenjing Chu'
+    email: 'chu.wenjing@gmail.com'
+    company: 'gmail.com'
+    id: 'wenjing'
 primary_contact: *opnfv_clover_ptl
 issue_tracking:
     type: 'jira'
@@ -29,10 +33,6 @@ repositories:
     - 'clover'
 committers:
     - <<: *opnfv_clover_ptl
-    - name: 'Wenjing Chu'
-      email: 'chu.wenjing@gmail.com'
-      company: 'gmail.com'
-      id: 'wenjing'
     - name: 'Stephen Wong'
       email: 'stephen.kf.wong@gmail.com'
       company: 'gmail.com'
diff --git a/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml
new file mode 100644
index 0000000..445db26
--- /dev/null
+++ b/clover/logging/install/fluentd-daemonset-elasticsearch-rbac.yaml
@@ -0,0 +1,96 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fluentd
+  namespace: kube-system
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: fluentd
+  namespace: kube-system
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: fluentd
+roleRef:
+  kind: ClusterRole
+  name: fluentd
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+  name: fluentd
+  namespace: kube-system
+---
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+  name: fluentd
+  namespace: kube-system
+  labels:
+    k8s-app: fluentd-logging
+    version: v1
+    kubernetes.io/cluster-service: "true"
+spec:
+  template:
+    metadata:
+      labels:
+        k8s-app: fluentd-logging
+        version: v1
+        kubernetes.io/cluster-service: "true"
+    spec:
+      serviceAccount: fluentd
+      serviceAccountName: fluentd
+      tolerations:
+      - key: node-role.kubernetes.io/master
+        effect: NoSchedule
+      containers:
+      - name: fluentd
+        image: fluent/fluentd-kubernetes-daemonset:elasticsearch
+        env:
+          - name:  FLUENT_ELASTICSEARCH_HOST
+            value: "elasticsearch.logging"
+          - name:  FLUENT_ELASTICSEARCH_PORT
+            value: "9200"
+          - name: FLUENT_ELASTICSEARCH_SCHEME
+            value: "http"
+          # X-Pack Authentication
+          # =====================
+          - name: FLUENT_ELASTICSEARCH_USER
+            value: "elastic"
+          - name: FLUENT_ELASTICSEARCH_PASSWORD
+            value: "changeme"
+        resources:
+          limits:
+            memory: 200Mi
+          requests:
+            cpu: 100m
+            memory: 200Mi
+        volumeMounts:
+        - name: varlog
+          mountPath: /var/log
+        - name: varlibdockercontainers
+          mountPath: /var/lib/docker/containers
+          readOnly: true
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: varlog
+        hostPath:
+          path: /var/log
+      - name: varlibdockercontainers
+        hostPath:
+          path: /var/lib/docker/containers
diff --git a/clover/logging/install/proxy-access-control-sidecar.yml b/clover/logging/install/proxy-access-control-sidecar.yml
new file mode 100644
index 0000000..833f9f7
--- /dev/null
+++ b/clover/logging/install/proxy-access-control-sidecar.yml
@@ -0,0 +1,32 @@
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: proxy-access-control
+  labels:
+    app: proxy-access-control
+spec:
+  template:
+    metadata:
+      labels:
+        app: proxy-access-control
+    spec:
+      containers:
+        - name: proxy-access-control
+          image: opnfv/clover-ns-nginx-proxy:latest
+          ports:
+            - containerPort: 50054
+            - containerPort: 9180
+# inject nginx access log streaming
+          volumeMounts:
+            - name: nginxlog
+              mountPath: /var/log/nginx
+        - name: nginx-access-log
+          image: busybox
+          args: [/bin/sh, -c, 'tail -n+1 -f /var/log/nginx/access.log']
+          volumeMounts:
+            - name: nginxlog
+              mountPath: /var/log/nginx
+      volumes:
+        - name: nginxlog
+          emptyDir: {}
diff --git a/clover/test/fraser_a_b_test.py b/clover/test/fraser_a_b_test.py
index cfbc79f..2270e04 100644
--- a/clover/test/fraser_a_b_test.py
+++ b/clover/test/fraser_a_b_test.py
@@ -218,6 +218,8 @@ def main(argv):
     test_id = uuid.uuid4()
     rr.set_route_rules(test_id)
     tracing.setTest(test_id)
+    # wait 1 sec to avoid missing the first test result
+    time.sleep(1)
     try:
         output = subprocess.check_output(cmd, shell=True)
     except subprocess.CalledProcessError, e:
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 2cd6340..5cc7323 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -20,7 +20,7 @@ RUN apt-get update \
     && apt-get install -y git python-setuptools python-pip curl apt-transport-https \
     && apt-get -y autoremove && apt-get clean \
     && pip install --upgrade pip \
-    && python -m pip install grpcio argparse
+    && python -m pip install grpcio argparse protobuf
 
 # Fetch source code
 RUN mkdir -p ${REPOS_DIR}
diff --git a/docs/development/design/logging.rst b/docs/development/design/logging.rst
index 05f3f5b..2c2dfe6 100644
--- a/docs/development/design/logging.rst
+++ b/docs/development/design/logging.rst
@@ -9,7 +9,27 @@ Installation
 Currently, we use the `sample configuration`_ in Istio to install fluentd::
 
     cd clover/logging
-    kubectl apply -f install
+
+First, install logging stack Elasticsearch, Fluentd and Kibana::
+
+    kubectl apply -f install/logging-stack.yaml
+
+Note that, it must be done in separated steps. If you run ``kubectl apply -f
+install`` instead, the mixer adapter may fail to intialize because the target
+service can not be found. You may find an error message from mixer container::
+
+    2018-05-09T02:43:14.435156Z	error	Unable to initialize adapter:
+    snapshot='6', handler='handler.fluentd.istio-system', adapter='fluentd',
+    err='adapter instantiation error: dial tcp: lookup fluentd-es.logging on
+    10.96.0.10:53: no such host'.
+
+Then configure fluentd for istio::
+
+    kubectl apply -f install/fluentd-istio.yaml
+
+Configure fluentd for node level logging::
+
+    kubectl apply -f install/fluentd-daemonset-elasticsearch-rbac.yaml
 
 .. _sample configuration: https://istio.io/docs/tasks/telemetry/fluentd.html
 
@@ -50,14 +70,14 @@ Istio defines when to log by creating a custom resource ``rule``. For example:
     apiVersion: "config.istio.io/v1alpha2"
     kind: rule
     metadata:
-    name: newlogtofluentd
-    namespace: istio-system
+      name: newlogtofluentd
+      namespace: istio-system
     spec:
-    match: "true" # match for all requests
-    actions:
-    - handler: handler.fluentd
-      instances:
-      - newlog.logentry
+      match: "true" # match for all requests
+      actions:
+      - handler: handler.fluentd
+        instances:
+        - newlog.logentry
 
 This rule specifies that all instances of ``newlog.logentry`` that matches the
 expression will be handled by the specified handler ``handler.fluentd``. We
diff --git a/docs/release/configguide/sdc_config_guide.rst b/docs/release/configguide/sdc_config_guide.rst
index be0c86e..b95b6cf 100644
--- a/docs/release/configguide/sdc_config_guide.rst
+++ b/docs/release/configguide/sdc_config_guide.rst
@@ -314,7 +314,7 @@ following command:
     istio-system   jaeger-deployment NodePort  10.105.94.85 <none>        16686:32174/TCP
     istio-system   prometheus        NodePort  10.97.74.230 <none>        9090:32708/TCP
 
-In the example above, the Jaeger tracing web-based UI will be available on port 32171 and
+In the example above, the Jaeger tracing web-based UI will be available on port 32174 and
 the Prometheus monitoring UI on port 32708. In your browser, navigate to the following
 URLs for Jaeger and Prometheus respectively::
 
diff --git a/samples/services/nginx/docker/subservices/lb/Dockerfile b/samples/services/nginx/docker/subservices/lb/Dockerfile
index 125da0b..3b13631 100644
--- a/samples/services/nginx/docker/subservices/lb/Dockerfile
+++ b/samples/services/nginx/docker/subservices/lb/Dockerfile
@@ -20,7 +20,7 @@ RUN \
     python-pip \
 && \
 # Install required python packages
-    python -m pip install grpcio redis jinja2
+    python -m pip install grpcio redis jinja2 protobuf
 
 COPY /process /process
 COPY /grpc /grpc
diff --git a/samples/services/nginx/docker/subservices/proxy/Dockerfile b/samples/services/nginx/docker/subservices/proxy/Dockerfile
index 0f061a5..b063de7 100644
--- a/samples/services/nginx/docker/subservices/proxy/Dockerfile
+++ b/samples/services/nginx/docker/subservices/proxy/Dockerfile
@@ -20,7 +20,7 @@ RUN \
     python-pip \
 && \
 # Install required python packages
-    python -m pip install grpcio redis jinja2
+    python -m pip install grpcio redis jinja2 protobuf
 
 COPY /process /process
 COPY /grpc /grpc
diff --git a/samples/services/nginx/docker/subservices/server/Dockerfile b/samples/services/nginx/docker/subservices/server/Dockerfile
index 8bf9449..434a8d4 100644
--- a/samples/services/nginx/docker/subservices/server/Dockerfile
+++ b/samples/services/nginx/docker/subservices/server/Dockerfile
@@ -20,7 +20,7 @@ RUN \
     python-pip \
 && \
 # Install required python packages
-    python -m pip install grpcio redis jinja2
+    python -m pip install grpcio redis jinja2 protobuf
 
 COPY /process /process
 COPY /grpc /grpc
diff --git a/samples/services/snort_ids/docker/Dockerfile b/samples/services/snort_ids/docker/Dockerfile
index 50686ed..697acb9 100644
--- a/samples/services/snort_ids/docker/Dockerfile
+++ b/samples/services/snort_ids/docker/Dockerfile
@@ -70,7 +70,7 @@ RUN \
     ln -s libdnet.so.1.0.1 libdnet.1 \
 && \
 # Install required python libraries
-    python -m pip install grpcio redis idstools
+    python -m pip install grpcio redis idstools protobuf
 
 COPY /process /process
 COPY /grpc /grpc
diff --git a/xci-k8s-setup.sh b/xci-k8s-setup.sh
new file mode 100755
index 0000000..b08be7a
--- /dev/null
+++ b/xci-k8s-setup.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+set -e
+set -x
+
+CLOVER_DIR=`cd ${BASH_SOURCE[0]%/*}/;pwd`
+export CLOVER_DIR
+
+# Set the variable for deploying k8s
+export XCI_FLAVOR=${XCI_FLAVOR:-mini}
+export INSTALLER_TYPE=${INSTALLER_TYPE:-kubespray}
+export DEPLOY_SCENARIO=${DEPLOY_SCENARIO:-k8-flannel-nofeature}
+
+if [[ $(whoami) == "root" ]]; then
+    echo "ERROR: This script should not be run as root!"
+    exit 1
+fi
+
+WORK_DIR=${CLOVER_DIR}/work
+sudo rm -rf $WORK_DIR
+mkdir $WORK_DIR
+
+# If SSH key doesn't exist generate an SSH key in $HOME/.ssh/
+[[ ! -d "$HOME/.ssh/" ]] && mkdir $HOME/.ssh/
+[[ ! -f "$HOME/.ssh/id_rsa" ]] && ssh-keygen -q -t rsa -f ~/.ssh/id_rsa -N ""
+
+sudo apt-get update
+sudo apt-get install git python-pip -y
+
+git clone https://gerrit.opnfv.org/gerrit/releng-xci $WORK_DIR/releng-xci
+
+cd $WORK_DIR/releng-xci/xci
+
+source xci-deploy.sh
+
+MASTER_IP=$(ssh root@$OPNFV_HOST_IP  "grep -r server ~/.kube/config | awk '{print \$2}' |awk -F '[:/]' '{print \$4}'")
+echo "----------------------------------------"
+echo "Info: You can login the Kubernetes Cluster master host"
+echo "ssh root@$MASTER_IP"
+echo "----------------------------------------"