#!/bin/bash # Copyright 2016-2017 AT&T Intellectual Property, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # What this is: 3-Node Hello World blueprint deployment test for the OPNFV Models # project, using Tacker as VNFM. # # Status: this is a work in progress, under test. # # Use Case Description: A three-node deployment with two simple python web # servers and a load balancer, connected to two internal networks (private and # admin), and accessible via a floating IP. Based upon the OpenStack Tacker # project's "tosca-vnfd-hello-world" blueprint, as extended for testing of more # Tacker-supported features as of OpenStack Newton. # # Prerequisites: # This test can be run in either an OPNFV environment, or a plain OpenStack # environment (e.g. Devstack). # For Devstack running in a VM on the host, you must first enable the host to # access the VMs running under Devstack: # 1) In devstack VM: # $ sudo iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE # Sub the primary interface of your devstack VM for ens3, as needed. # 2) On the host (e.g linux): # $ sudo route add -net 172.24.0.0/16 gw 192.168.122.112 # Sub your devstack Public network subnet for 172.24.0.0/16, and # your devstack VM IP address on the host for 192.168.122.112 # Also you may need to ensure that nested virtualization is enabled, e.g. in # virt-manager, enable "Copy host CPU confguraton" for the devstack VM. # # For OPNFV-based tests, prerequisites are # 1) models-joid-001 | models-apex-001 (installation of OPNFV system) # The test may work, but has not been tested for other OPNFV installers. # # Test Steps and Assertions: # 1) bash vHello_3Node_Tacker.sh setup [branch] # models-tacker-001 (Tacker installation in a docker container on the jumphost) # models-nova-001 (Keypair creation) # 2) bash vHello_3Node_Tacker.sh start # models-tacker-002 (VNFD creation) # models-tacker-003 (VNF creation) # models-tacker-vnfd-001 (config_drive creation) # models-tacker-vnfd-002 (artifacts creation) # models-tacker-vnfd-003 (user_data creation) # models-vhello-001 (vHello VNF creation) # 3) bash vHello_3Node_Tacker.sh stop # models-tacker-004 (VNF deletion) # models-tacker-005 (VNFD deletion) # models-tacker-vnfd-004 (artifacts deletion) # 4) bash vHello_Tacker.sh clean # TODO: add assertions # # Post-State: # After step 1, Tacker is installed and active in a docker container, and the # test blueprint etc are prepared in a shared virtual folder /opt/tacker. # After step 2, the VNF is running and verified. # After step 3, the VNF is deleted and the system returned to step 1 post-state. # After step 4, the system returned to test pre-state. # # Cleanup: bash vHello_Tacker.sh clean # # How to use: # $ git clone https://gerrit.opnfv.org/gerrit/models # $ cd models/tests # $ bash vHello_3Node_Tacker.sh [setup|run] [] [branch] # setup: setup test environment # : location of OpenStack openrc file # branch: OpenStack branch to install (default: master) # $ bash vHello_3Node_Tacker.sh [start|stop|clean] # run: setup test environment and run test # start: install blueprint and run test # stop: stop test and uninstall blueprint # clean: cleanup after test trap 'fail' ERR pass() { echo "$0: $(date) Hooray!" end=`date +%s` runtime=$((end-test_start)) echo "$0: $(date) Test Duration = $runtime seconds" exit 0 } fail() { echo "$0: $(date) Test Failed!" end=`date +%s` runtime=$((end-test_start)) runtime=$((runtime/60)) echo "$0: $(date) Test Duration = $runtime seconds" exit 1 } assert() { if [[ $2 == true ]]; then echo "$0 test assertion passed: $1" else echo "$0 test assertion failed: $1" fail fi } get_floating_net () { network_ids=($(neutron net-list|grep -v "+"|grep -v name|awk '{print $2}')) for id in ${network_ids[@]}; do [[ $(neutron net-show ${id}|grep 'router:external'|grep -i "true") != "" ]] && FLOATING_NETWORK_ID=${id} done if [[ $FLOATING_NETWORK_ID ]]; then FLOATING_NETWORK_NAME=$(neutron net-show $FLOATING_NETWORK_ID | awk "/ name / { print \$4 }") else echo "$0: $(date) Floating network not found" exit 1 fi } try () { count=$1 $3 while [[ $? == 1 && $count -gt 0 ]]; do sleep $2 let count=$count-1 $3 done if [[ $count -eq 0 ]]; then echo "$0: $(date) Command \"$3\" was not successful after $1 tries"; fi } setup () { trap 'fail' ERR echo "$0: $(date) Setup shared test folder /opt/tacker" if [ -d /opt/tacker ]; then sudo rm -rf /opt/tacker; fi sudo mkdir -p /opt/tacker sudo chown $USER /opt/tacker chmod 777 /opt/tacker/ echo "$0: $(date) copy test script and openrc to /opt/tacker" cp $0 /opt/tacker/. cp $1 /opt/tacker/admin-openrc.sh source /opt/tacker/admin-openrc.sh chmod 755 /opt/tacker/*.sh echo "$0: $(date) tacker-setup part 1" bash utils/tacker-setup.sh init if [ $? -eq 1 ]; then fail; fi echo "$0: $(date) tacker-setup part 2" # TODO: find a generic way to set extension_drivers = port_security in ml2_conf.ini # On the neutron service host, update ml2_conf.ini and and restart neutron service # sed -i -- 's~#extension_drivers =~extension_drivers = port_security~' /etc/neutron/plugins/ml2/ml2_conf.ini # For devstack, set in local.conf per http://docs.openstack.org/developer/devstack/guides/neutron.html # Q_ML2_PLUGIN_EXT_DRIVERS=port_security dist=`grep DISTRIB_ID /etc/*-release | awk -F '=' '{print $2}'` if [ "$dist" == "Ubuntu" ]; then echo "$0: $(date) Execute tacker-setup.sh in the container" sudo docker exec -it tacker /bin/bash /opt/tacker/tacker-setup.sh setup $2 if [ $? -eq 1 ]; then fail; fi else echo "$0: $(date) Execute tacker-setup.sh in the container" sudo docker exec -i -t tacker /bin/bash /opt/tacker/tacker-setup.sh setup $2 if [ $? -eq 1 ]; then fail; fi fi assert "models-tacker-001 (Tacker installation in a docker container on the jumphost)" true } say_hello() { echo "$0: $(date) Testing $1" pass=false count=10 while [[ $count -gt 0 && $pass != true ]] do sleep 30 let count=$count-1 if [[ $(curl $1 | grep -c "Hello World") > 0 ]]; then echo "$0: $(date) Hello World found at $1" pass=true fi done if [[ $pass != true ]]; then fail; fi } copy_blueprint() { echo "$0: $(date) copy test script to /opt/tacker" cp $0 /opt/tacker/. echo "$0: $(date) reset blueprints folder" if [[ -d /opt/tacker/blueprints/tosca-vnfd-3node-tacker ]]; then rm -rf /opt/tacker/blueprints/tosca-vnfd-3node-tacker fi echo "$0: $(date) copy tosca-vnfd-3node-tacker to blueprints folder" cp -r blueprints/tosca-vnfd-3node-tacker /opt/tacker/blueprints/tosca-vnfd-3node-tacker cp $0 /opt/tacker/. } start() { # Disable trap for now, need to test to ensure premature fail does not occur # trap 'fail' ERR echo "$0: $(date) setup OpenStack CLI environment" source /opt/tacker/admin-openrc.sh echo "$0: $(date) Create Nova key pair" if [[ -f /opt/tacker/vHello ]]; then rm /opt/tacker/vHello; fi ssh-keygen -t rsa -N "" -f /opt/tacker/vHello -C ubuntu@vHello chmod 600 /opt/tacker/vHello openstack keypair create --public-key /opt/tacker/vHello.pub vHello assert "models-nova-001 (Keypair creation)" true echo "$0: $(date) Inject public key into blueprint" pubkey=$(cat /opt/tacker/vHello.pub) sed -i -- "s~~$pubkey~g" /opt/tacker/blueprints/tosca-vnfd-3node-tacker/blueprint.yaml vdus="VDU1 VDU2 VDU3" vdui="1 2 3" declare -a vdu_id=() declare -a vdu_ip=() declare -a vdu_url=() # Setup for workarounds echo "$0: $(date) allocate floating IPs" get_floating_net for i in $vdui; do vdu_ip[$i]=$(nova floating-ip-create $FLOATING_NETWORK_NAME | awk "/$FLOATING_NETWORK_NAME/ { print \$4 }") echo "$0: $(date) Pre-allocated ${vdu_ip[$i]} to VDU$i" done echo "$0: $(date) Inject web server floating IPs into LB code in blueprint" sed -i -- "s//${vdu_ip[1]}/" /opt/tacker/blueprints/tosca-vnfd-3node-tacker/blueprint.yaml sed -i -- "s//${vdu_ip[2]}/" /opt/tacker/blueprints/tosca-vnfd-3node-tacker/blueprint.yaml # End setup for workarounds echo "$0: $(date) create VNFD" cd /opt/tacker/blueprints/tosca-vnfd-3node-tacker # newton: NAME (was "--name") is now a positional parameter tacker vnfd-create --vnfd-file blueprint.yaml hello-3node if [[ $? -eq 0 ]]; then assert "models-tacker-002 (VNFD creation)" true else assert "models-tacker-002 (VNFD creation)" false fi echo "$0: $(date) create VNF" # newton: NAME (was "--name") is now a positional parameter tacker vnf-create --vnfd-name hello-3node hello-3node if [ $? -eq 1 ]; then fail; fi echo "$0: $(date) wait for hello-3node to go ACTIVE" active="" count=48 while [[ -z $active && $count -gt 0 ]] do active=$(tacker vnf-show hello-3node | grep ACTIVE) if [ "$(tacker vnf-show hello-3node | grep -c ERROR)" == "1" ]; then echo "$0: $(date) hello-3node VNF creation failed with state ERROR" fail fi let count=$count-1 sleep 30 echo "$0: $(date) wait for hello-3node to go ACTIVE" done if [[ $count == 0 ]]; then echo "$0: $(date) hello-world-tacker VNF creation failed - timed out" assert "models-tacker-002 (VNF creation)" false fi assert "models-tacker-002 (VNF creation)" true # Workarounds echo "$0: $(date) directly set port security on ports (bug/unsupported in Mitaka Tacker?)" for vdu in $vdus; do echo "$0: $(date) Setting port security on $vdu" SERVER_ID=$(openstack server list | awk "/$vdu/ { print \$2 }") id=($(neutron port-list|grep -v "+"|grep -v name|awk '{print $2}')) for id in ${id[@]}; do if [[ $(neutron port-show $id|grep $SERVER_ID) ]]; then neutron port-update ${id} --port-security-enabled=True; fi done done echo "$0: $(date) directly assign security group (unsupported in Mitaka Tacker)" if [[ $(neutron security-group-list | awk "/ vHello / { print \$2 }") ]]; then neutron security-group-delete vHello; fi neutron security-group-create vHello neutron security-group-rule-create --direction ingress --protocol TCP --port-range-min 22 --port-range-max 22 vHello neutron security-group-rule-create --direction ingress --protocol TCP --port-range-min 80 --port-range-max 80 vHello for i in $vdui; do vdu_id[$i]=$(openstack server list | awk "/VDU$i/ { print \$2 }") echo "$0: $(date) Assigning security groups to VDU$i (${vdu_id[$i]})" openstack server add security group ${vdu_id[$i]} vHello openstack server add security group ${vdu_id[$i]} default done echo "$0: $(date) associate floating IPs" for i in $vdui; do nova floating-ip-associate ${vdu_id[$i]} ${vdu_ip[$i]} done echo "$0: $(date) get web server internal and LB addresses" vdu_url[1]="http://${vdu_ip[1]}" vdu_url[2]="http://${vdu_ip[2]}" vdu_url[3]="http://${vdu_ip[3]}" apt-get install -y curl count=0 resp=$(curl http://${vdu_ip[1]}) while [[ $count -lt 10 && "$resp" == "" ]]; do echo "$0: $(date) waiting for web server at VDU1 to startup" sleep 60 let count=$count+1 resp=$(curl http://${vdu_ip[1]}) done echo "$0: $(date) verify vHello server is running at each web server and via the LB" say_hello http://${vdu_ip[1]} say_hello http://${vdu_ip[2]} say_hello http://${vdu_ip[3]} } stop() { trap 'fail' ERR echo "$0: $(date) setup OpenStack CLI environment" source /opt/tacker/admin-openrc.sh echo "$0: $(date) uninstall vHello blueprint via CLI" vdus="VDU1 VDU2 VDU3" for vdu in $vdus; do get_vdu_info $vdu if [[ ! -z $id ]]; then echo "$0: $(date) disassociate floating ip for $vdu" nova floating-ip-disassociate $id $ip else echo "$0: $(date) No instance for $vdu found" fi done if [[ "$(tacker vnf-list|grep hello-3node|awk '{print $2}')" != '' ]]; then echo "$0: $(date) uninstall vHello blueprint via CLI" try 12 10 "tacker vnf-delete hello-3node" # It can take some time to delete a VNF - thus wait 2 minutes count=12 while [[ $count -gt 0 && "$(tacker vnf-list|grep hello-3node|awk '{print $2}')" != '' ]]; do sleep 10 let count=$count-1 done if [[ "$(tacker vnf-list|grep hello-3node|awk '{print $2}')" == '' ]]; then assert "models-tacker-004 (VNF deletion)" true else assert "models-tacker-004 (VNF deletion)" false fi else echo "$0: $(date) No hello-3node VNF instance found" fi # It can take some time to delete a VNFD - thus wait 2 minutes if [[ "$(tacker vnfd-list|grep hello-3node|awk '{print $2}')" != '' ]]; then try 12 10 "tacker vnfd-delete hello-3node" if [[ "$(tacker vnfd-list|grep hello-3node|awk '{print $2}')" == '' ]]; then assert "models-tacker-005 (VNFD deletion)" true else assert "models-tacker-005 (VNFD deletion)" false fi else echo "$0: $(date) No hello-3node VNFD found" fi # This part will apply for tests that dynamically create the VDU base image # if [[ ! -z $(openstack image list|grep VNFImage|awk '{print $2}') ]]; then # iid=($(openstack image list|grep VNFImage|awk '{print $2}')); for id in ${iid[@]}; do openstack image delete ${id}; done # if [[ "$(openstack image list|grep VNFImage|awk '{print $2}')" == '' ]]; then # assert "models-tacker-vnfd-004 (artifacts deletion)" true # else # assert "models-tacker-vnfd-004 (artifacts deletion)" false # fi # else echo "$0: $(date) No VNFImage found" # fi # Cleanup for workarounds fip=($(neutron floatingip-list|grep -v "+"|grep -v id|awk '{print $2}')); for id in ${fip[@]}; do neutron floatingip-delete ${id}; done sg=($(openstack security group list|grep vHello|awk '{print $2}')) for id in ${sg[@]}; do try 5 5 "openstack security group delete ${id}"; done } # # Test tools and scenarios # get_vdu_info () { id=$(openstack server list | awk "/$1/ { print \$2 }") ip=$(openstack server list | awk "/$1/ { print \$10 }") } forward_to_container () { echo "$0: $(date) pass $1 command to this script in the tacker container" CONTAINER=$(sudo docker ps -a | awk "/tacker/ { print \$1 }") sudo docker exec $CONTAINER /bin/bash /opt/tacker/vHello_3Node_Tacker.sh $1 if [ $? -eq 1 ]; then fail; fi } test_start=`date +%s` dist=`grep DISTRIB_ID /etc/*-release | awk -F '=' '{print $2}'` case "$1" in setup) setup $2 $3 if [ $? -eq 1 ]; then fail; fi pass ;; run) setup $2 $3 copy_blueprint forward_to_container start if [ $? -eq 1 ]; then fail; fi pass ;; start) if [[ -f /.dockerenv ]]; then start else copy_blueprint forward_to_container start fi if [ $? -eq 1 ]; then fail; fi pass ;; stop) if [[ -f /.dockerenv ]]; then stop else forward_to_container stop fi if [ $? -eq 1 ]; then fail; fi pass ;; clean) echo "$0: $(date) Uninstall Tacker and test environment" forward_to_container stop sudo docker exec -it tacker /bin/bash /opt/tacker/tacker-setup.sh clean sudo docker stop tacker sudo docker rm -v tacker sudo rm -rf /opt/tacker pass ;; *) echo "usage: " echo "$ bash vHello_3Node_Tacker.sh [setup|run] [] [branch]" echo " setup: setup test environment" echo " : location of OpenStack openrc file" echo " branch: OpenStack branch to install (default: master)" echo "$ bash vHello_3Node_Tacker.sh [start|stop|clean]" echo " run: setup test environment and run test" echo " start: install blueprint and run test" echo " stop: stop test and uninstall blueprint" echo " clean: cleanup after test" fail esac