1 files changed, 200 insertions, 0 deletions

diff --git a/demo/sfc-setup/deploy/slb-ngfw-sdewan-cnf-deployment.yaml b/demo/sfc-setup/deploy/slb-ngfw-sdewan-cnf-deployment.yaml
new file mode 100644
index 0000000..4a1a9cd
--- /dev/null
+++ b/demo/sfc-setup/deploy/slb-ngfw-sdewan-cnf-deployment.yaml
@@ -0,0 +1,200 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: slb
+  labels:
+    app: slb
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: slb
+  template:
+    metadata:
+      labels:
+        app: slb
+      annotations:
+        k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "left-pnetwork", "interface": "net0" }, { "name": "dync-net1", "interface": "net1" }]}'
+
+    spec:
+      containers:
+      - name: slb
+        image: rkamudhan/netshoot:v1.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+        securityContext:
+          privileged: true
+          capabilities:
+            add: ["NET_ADMIN"]
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ngfw
+  labels:
+    app: ngfw
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ngfw
+  template:
+    metadata:
+      labels:
+        app: ngfw
+      annotations:
+        k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "dync-net1", "interface": "net0" }, { "name": "dync-net2", "interface": "net1" }]}'
+
+    spec:
+      containers:
+      - name: ngfw
+        image: rkamudhan/netshoot:v1.0
+        imagePullPolicy: IfNotPresent
+        stdin: true
+        tty: true
+        securityContext:
+          privileged: true
+          capabilities:
+            add: ["NET_ADMIN"]
+
+
+---
+
+apiVersion: v1
+data:
+  entrypoint.sh: |-
+    #!/bin/bash
+    # Always exit on errors.
+    set -ex
+    echo "" > /etc/config/network
+    cat > /etc/config/mwan3 <<EOF
+    config globals 'globals'
+        option mmx_mask '0x3F00'
+        option local_source 'lan'
+    EOF
+    eval "networks=$(grep nfn-network /tmp/podinfo/annotations | awk  -F '=' '{print $2}')"
+    for net in $(echo -e $networks | jq -c ".interface[]")
+    do
+      interface=$(echo $net | jq -r .interface)
+      ipaddr=$(ifconfig $interface | awk '/inet/{print $2}' | cut -f2 -d ":" | awk 'NR==1 {print $1}')
+      vif="$interface"
+      cat >> /etc/config/network <<EOF
+    config interface '$vif'
+        option ifname '$interface'
+        option proto 'static'
+        option ipaddr '$ipaddr'
+        option netmask '255.255.255.0'
+    EOF
+      cat >> /etc/config/mwan3 <<EOF
+    config interface '$vif'
+            option enabled '1'
+            option family 'ipv4'
+            option reliability '2'
+            option count '1'
+            option timeout '2'
+            option failure_latency '1000'
+            option recovery_latency '500'
+            option failure_loss '20'
+            option recovery_loss '5'
+            option interval '5'
+            option down '3'
+            option up '8'
+    EOF
+    done
+    /sbin/procd &
+    /sbin/ubusd &
+    iptables -t nat -L
+    sleep 1
+    /etc/init.d/rpcd start
+    /etc/init.d/dnsmasq start
+    /etc/init.d/network start
+    /etc/init.d/odhcpd start
+    /etc/init.d/uhttpd start
+    /etc/init.d/log start
+    /etc/init.d/dropbear start
+    /etc/init.d/mwan3 restart
+    /etc/init.d/firewall restart
+    echo "Entering sleep... (success)"
+    # Sleep forever.
+    while true; do sleep 100; done
+kind: ConfigMap
+metadata:
+  name: sdewan-sh
+  namespace: default
+...
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sdwan
+  namespace: default
+  labels:
+    app: sdwan
+    sdewanPurpose: cnf1
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  selector:
+    matchLabels:
+      app: sdwan
+      sdewanPurpose: cnf1
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      annotations:
+        k8s.plugin.opnfv.org/nfn-network: '{ "type": "ovn4nfv", "interface": [{ "name": "dync-net2", "interface": "net0" }, { "name": "right-pnetwork", "interface": "net1" }]}'
+      labels:
+        app: sdwan
+        sdewanPurpose: cnf1
+    spec:
+      containers:
+      - command:
+              #- sleep
+              #- "3600"
+        - /bin/sh
+        - /tmp/sdewan/entrypoint.sh
+        image: integratedcloudnative/openwrt:0.3.0
+        imagePullPolicy: IfNotPresent
+        name: sdewan
+        readinessProbe:
+          failureThreshold: 5
+          httpGet:
+            path: /
+            port: 80
+            scheme: HTTP
+          initialDelaySeconds: 5
+          periodSeconds: 5
+          successThreshold: 1
+          timeoutSeconds: 1
+        securityContext:
+          privileged: true
+          capabilities:
+            add: ["NET_ADMIN"]
+          procMount: Default
+        volumeMounts:
+        - mountPath: /tmp/sdewan
+          name: sdewan-sh
+          readOnly: true
+        - mountPath: /tmp/podinfo
+          name: podinfo
+          readOnly: true
+      restartPolicy: Always
+      volumes:
+      - configMap:
+          defaultMode: 420
+          name: sdewan-sh
+        name: sdewan-sh
+      - name: podinfo
+        downwardAPI:
+          items:
+            - path: "annotations"
+              fieldRef:
+                fieldPath: metadata.annotations