diff options
Diffstat (limited to 'moonv4/tests/01_smpolicy_average_latency')
| -rw-r--r-- | moonv4/tests/01_smpolicy_average_latency/Vagrantfile | 71 | ||||
| -rw-r--r-- | moonv4/tests/01_smpolicy_average_latency/bootstrap.sh | 51 | ||||
| -rw-r--r-- | moonv4/tests/01_smpolicy_average_latency/exec.sh | 19 | ||||
| -rw-r--r-- | moonv4/tests/01_smpolicy_average_latency/plot.sh | 20 | ||||
| -rw-r--r-- | moonv4/tests/01_smpolicy_average_latency/rbac_10.py | 233 |
5 files changed, 394 insertions, 0 deletions
diff --git a/moonv4/tests/01_smpolicy_average_latency/Vagrantfile b/moonv4/tests/01_smpolicy_average_latency/Vagrantfile new file mode 100644 index 00000000..72f1c6ed --- /dev/null +++ b/moonv4/tests/01_smpolicy_average_latency/Vagrantfile @@ -0,0 +1,71 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +# All Vagrant configuration is done below. The "2" in Vagrant.configure +# configures the configuration version (we support older styles for +# backwards compatibility). Please don't change it unless you know what +# you're doing. +Vagrant.configure("2") do |config| + # The most common configuration options are documented and commented below. + # For a complete reference, please see the online documentation at + # https://docs.vagrantup.com. + + # Every Vagrant development environment requires a box. You can search for + # boxes at https://atlas.hashicorp.com/search. + config.vm.box = "xenial64-python27" + + # Disable automatic box update checking. If you disable this, then + # boxes will only be checked for updates when the user runs + # `vagrant box outdated`. This is not recommended. + # config.vm.box_check_update = false + + # Create a forwarded port mapping which allows access to a specific port + # within the machine from a port on the host machine. In the example below, + # accessing "localhost:8080" will access port 80 on the guest machine. + # config.vm.network "forwarded_port", guest: 80, host: 8080 + + # Create a private network, which allows host-only access to the machine + # using a specific IP. + # config.vm.network "private_network", ip: "192.168.33.10" + + # Create a public network, which generally matched to bridged network. + # Bridged networks make the machine appear as another physical device on + # your network. + config.vm.network "public_network" + + # Share an additional folder to the guest VM. The first argument is + # the path on the host to the actual folder. The second argument is + # the path on the guest to mount the folder. And the optional third + # argument is a set of non-required options. + # config.vm.synced_folder "../data", "/vagrant_data" + + # Provider-specific configuration so you can fine-tune various + # backing providers for Vagrant. These expose provider-specific options. + # Example for VirtualBox: + # + config.vm.provider "virtualbox" do |vb| + # # Display the VirtualBox GUI when booting the machine + # vb.gui = true + # + # # Customize the amount of memory on the VM: + vb.memory = "4096" + vb.cpus = "1" + end + # + # View the documentation for the provider you are using for more + # information on available options. + + # Define a Vagrant Push strategy for pushing to Atlas. Other push strategies + # such as FTP and Heroku are also available. See the documentation at + # https://docs.vagrantup.com/v2/push/atlas.html for more information. + # config.push.define "atlas" do |push| + # push.app = "YOUR_ATLAS_USERNAME/YOUR_APPLICATION_NAME" + # end + + # Enable provisioning with a shell script. Additional provisioners such as + # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the + # documentation for more information about their specific syntax and use. + # config.vm.provision "shell", inline: <<-SHELL + + # SHELL +end diff --git a/moonv4/tests/01_smpolicy_average_latency/bootstrap.sh b/moonv4/tests/01_smpolicy_average_latency/bootstrap.sh new file mode 100644 index 00000000..8e150163 --- /dev/null +++ b/moonv4/tests/01_smpolicy_average_latency/bootstrap.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash + +apt-get update +apt-get install -y python3-dev python3-pip git +pip3 install pip --upgrade +echo 127.0.0.1 messenger db keystone | tee -a /etc/hosts +apt-get install -y apt-transport-https ca-certificates curl software-properties-common +apt-get update + +curl -sSL https://get.docker.com | sh +docker run hello-world +groupadd docker +gpasswd -a ${USER} docker +service docker restart + +cd +git clone https://git.opnfv.org/moon +cd moon/moonv4 +export MOON_HOME=$(pwd) +sudo ln -s $(pwd)/moon_orchestrator/conf /etc/moon + +docker network create -d bridge --subnet=172.18.0.0/16 --gateway=172.18.0.1 moon +docker load -i /vagrant/keystone.tar + +docker run -dti --net=moon --hostname messenger --name messenger --link messenger:messenger -e RABBITMQ_DEFAULT_USER=moon -e RABBITMQ_DEFAULT_PASS=p4sswOrd1 -e RABBITMQ_NODENAME=rabbit@messenger -e RABBITMQ_DEFAULT_VHOST=moon -p 5671:5671 -p 5672:5672 rabbitmq:3-management +docker run -dti --net=moon --hostname db --name db -e MYSQL_ROOT_PASSWORD=p4sswOrd1 -e MYSQL_DATABASE=moon -e MYSQL_USER=moon -e MYSQL_PASSWORD=p4sswOrd1 -p 3306:3306 mysql:latest + +bash ${MOON_HOME}/bin/build_all.sh + +cd ${MOON_HOME}/moon_orchestrator +pip3 install pip --upgrade +source ${MOON_HOME}/bin/build_all.sh +pip3 install -r requirements.txt --upgrade +pip3 install ${MOON_HOME}/moon_orchestrator/dist/moon_db-0.1.0.tar.gz --upgrade +pip3 install ${MOON_HOME}/moon_orchestrator/dist/moon_utilities-0.1.0.tar.gz --upgrade +pip3 install . --upgrade + +echo "waiting for Database (it may take time)..." +echo -e "\033[35m" +sed '/ready for connections/q' <(docker logs db -f) +echo -e "\033[m" + +echo "waiting for Messenger (it may take time)..." +echo -e "\033[35m" +sed '/Server startup complete;/q' <(docker logs messenger -f) +echo -e "\033[m" + + +docker run -dti --net moon --name keystone --hostname=keystone -e DB_HOST=db -e DB_PASSWORD_ROOT=p4sswOrd1 -p 35357:35357 -p 5000:5000 keystone_mitaka:latest + +echo moon_orchestrator diff --git a/moonv4/tests/01_smpolicy_average_latency/exec.sh b/moonv4/tests/01_smpolicy_average_latency/exec.sh new file mode 100644 index 00000000..20c3db94 --- /dev/null +++ b/moonv4/tests/01_smpolicy_average_latency/exec.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +TEST_SCRIPT=${MOON_HOME}/moon_interface/tests/apitests/set_authz.py +POPULATE_SCRIPT=${MOON_HOME}/moon_interface/tests/apitests/populate_default_values.py +RESULT_DIR=${MOON_HOME}/tests/01_smpolicy_average_latency/ida/c6 +SCENARIO_RBAC=${MOON_HOME}/tests/01_smpolicy_average_latency/rbac_10.py +SCENARIO_SESSION=${MOON_HOME}/tests/01_smpolicy_average_latency/session.py + +mkdir -p ${RESULT_DIR} 2>/dev/null + +python3 ${POPULATE_SCRIPT} ${SCENARIO_RBAC} +# python3 ${POPULATE_SCRIPT} ${SCENARIO_SESSION} + +python3 ${TEST_SCRIPT} --request-per-second 1 --write="${RESULT_DIR}/data_1.json" --write-html="${RESULT_DIR}/data_1.html" ${SCENARIO_RBAC} +python3 ${TEST_SCRIPT} --request-per-second 5 --write="${RESULT_DIR}/data_5.json" --write-html="${RESULT_DIR}/data_5.html" ${SCENARIO_RBAC} +python3 ${TEST_SCRIPT} --request-per-second 15 --write="${RESULT_DIR}/data_15.json" --write-html="${RESULT_DIR}/data_15.html" ${SCENARIO_RBAC} +python3 ${TEST_SCRIPT} --request-per-second 10 --write="${RESULT_DIR}/data_10.json" --write-html="${RESULT_DIR}/data_10.html" ${SCENARIO_RBAC} +python3 ${TEST_SCRIPT} --request-per-second 20 --write="${RESULT_DIR}/data_20.json" --write-html="${RESULT_DIR}/data_20.html" ${SCENARIO_RBAC} +python3 ${TEST_SCRIPT} --request-per-second 25 --write="${RESULT_DIR}/data_25.json" --write-html="${RESULT_DIR}/data_25.html" ${SCENARIO_RBAC} diff --git a/moonv4/tests/01_smpolicy_average_latency/plot.sh b/moonv4/tests/01_smpolicy_average_latency/plot.sh new file mode 100644 index 00000000..208ba941 --- /dev/null +++ b/moonv4/tests/01_smpolicy_average_latency/plot.sh @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +DIR=$1 + +cd ${DIR} + +#python3 ${MOON_HOME}/moon_interface/tests/apitests/plot_json.py \ +# --input="data_1.json,data_1bis.json,data_20.json" \ +# --legend="1 req/s,1bis req/s,20 req/s" \ +# -d +python3 ${MOON_HOME}/moon_interface/tests/apitests/plot_json.py \ + --input="data_1.json,data_2.json,data_3.json,data_4.json,data_5.json,data_10.json,data_20.json,data_25.json" \ + --legend="1 req/s,2 req/s,3 req/s,4 req/s,5 req/s,10 req/s,20 req/s,25 req/s" \ + --plot-result="*" \ + --plot-average \ + -d +#python3 ${MOON_HOME}/moon_interface/tests/apitests/plot_json.py \ +# --input="data_1.json,data_2.json,data_3.json,data_4.json,data_5.json,data_10.json,data_15.json,data_20.json,data_25.json" \ +# --legend="1 req/s,2 req/s,3 req/s,4 req/s,5 req/s,10 req/s,15 req/s,20 req/s,25 req/s" \ +# -d diff --git a/moonv4/tests/01_smpolicy_average_latency/rbac_10.py b/moonv4/tests/01_smpolicy_average_latency/rbac_10.py new file mode 100644 index 00000000..ef5dd9b2 --- /dev/null +++ b/moonv4/tests/01_smpolicy_average_latency/rbac_10.py @@ -0,0 +1,233 @@ + +pdp_name = "pdp1" +policy_name = "RBAC policy example" +model_name = "RBAC" +policy_genre = "authz" + +subjects = { + "user0": "", + "user1": "", + "user2": "", + "user3": "", + "user4": "", + "user5": "", + "user6": "", + "user7": "", + "user8": "", + "user9": "", +} +objects = { + "vm0": "", + "vm1": "", + "vm2": "", + "vm3": "", + "vm4": "", + "vm5": "", + "vm6": "", + "vm7": "", + "vm8": "", + "vm9": "", +} +actions = { + "start": "", + "stop": "", + "pause": "", + "unpause": "", + "destroy": "", +} + +subject_categories = {"role": "", } +object_categories = {"id": "", } +action_categories = {"action-type": "", } + +subject_data = {"role": { + "admin": "", + "employee": "", + "dev1": "", + "dev2": "", + "*": "" +}} +object_data = {"id": { + "vm0": "", + "vm1": "", + "vm2": "", + "vm3": "", + "vm4": "", + "vm5": "", + "vm6": "", + "vm7": "", + "vm8": "", + "vm9": "", + "*": "" +}} +action_data = {"action-type": { + "vm-read": "", + "vm-write": "", + "*": "" +}} + +subject_assignments = { + "user0": ({"role": "employee"}, {"role": "*"}), + "user1": ({"role": "employee"}, {"role": "*"}), + "user2": ({"role": "dev1"}, {"role": "*"}), + "user3": ({"role": "dev1"}, {"role": "*"}), + "user4": ({"role": "dev1"}, {"role": "*"}), + "user5": ({"role": "dev1"}, {"role": "*"}), + "user6": ({"role": "dev2"}, {"role": "*"}), + "user7": ({"role": "dev2"}, {"role": "*"}), + "user8": ({"role": "dev2"}, {"role": "*"}), + "user9": ({"role": "dev2"}, {"role": "*"}), +} +object_assignments = { + "vm0": ({"id": "vm0"}, {"id": "*"}), + "vm1": ({"id": "vm1"}, {"id": "*"}), + "vm2": ({"id": "vm2"}, {"id": "*"}), + "vm3": ({"id": "vm3"}, {"id": "*"}), + "vm4": ({"id": "vm4"}, {"id": "*"}), + "vm5": ({"id": "vm5"}, {"id": "*"}), + "vm6": ({"id": "vm6"}, {"id": "*"}), + "vm7": ({"id": "vm7"}, {"id": "*"}), + "vm8": ({"id": "vm8"}, {"id": "*"}), + "vm9": ({"id": "vm9"}, {"id": "*"}), +} +action_assignments = { + "start": ({"action-type": "vm-write"}, {"action-type": "*"}), + "stop": ({"action-type": "vm-write"}, {"action-type": "*"}), + "pause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "unpause": ({"action-type": "vm-read"}, {"action-type": "*"}), + "destroy": ({"action-type": "vm-write"}, {"action-type": "*"}), +} + +meta_rule = { + "rbac": {"id": "", "value": ("role", "id", "action-type")}, +} + +rules = { + "rbac": ( + { + "rule": ("admin", "vm0", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("admin", "vm0", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + # Rules for grant all employee to do read actions to all VM except vm0 + { + "rule": ("employee", "vm1", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm2", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm3", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm4", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm5", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm6", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm7", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm8", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("employee", "vm9", "vm-read"), + "instructions": ( + {"decision": "grant"}, + ) + }, + # Rules for grant all dev1 to do read actions to some VM + { + "rule": ("dev1", "vm1", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev1", "vm2", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev1", "vm3", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev1", "vm4", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + # Rules for grant all dev2 to do read actions to some VM + { + "rule": ("dev2", "vm5", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev2", "vm6", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev2", "vm7", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev2", "vm8", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + { + "rule": ("dev2", "vm9", "vm-write"), + "instructions": ( + {"decision": "grant"}, + ) + }, + ) +} + + |