############################################################################## # Copyright (c) 2017 user@TRAFCLASS-PACKET1.fuel.local and others. # # All rights reserved. This program and the accompanying materials # are made available under the terms of the Apache License, Version 2.0 # which accompanies this distribution, and is available at # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## heat_template_version: 2014-10-16 description: HOT template to deploy a virtual Traffic Classifier parameters: default_net: type: string default_subnet: type: string source_net: type: string source_subnet: type: string destination_net: type: string destination_subnet: type: string timeout: type: number description: Timeout for WaitCondition, depends on your image and environment default: 2000 resources: wait_condition: type: OS::Heat::WaitCondition properties: handle: {get_resource: wait_handle} count: 1 timeout: {get_param: timeout} wait_handle: type: OS::Heat::WaitConditionHandle ### DEFAULT NETWORK FOR MNGM port_1: type: OS::Neutron::Port properties: network: { get_param: default_net } binding:vnic_type: normal port_security_enabled: true fixed_ips: - subnet: { get_param: default_subnet } ### NETWORK FOR RECEIVING TRAFFIC port_2: type: OS::Neutron::Port properties: network: { get_param: source_net } binding:vnic_type: #vnic_type port_security_enabled: false fixed_ips: - subnet: { get_param: source_subnet } ### NETWORK FOR SENDING TRAFFIC port_3: type: OS::Neutron::Port properties: network: { get_param: destination_net } binding:vnic_type: #vnic_type port_security_enabled: false fixed_ips: - subnet: { get_param: destination_subnet } server: type: OS::Nova::Server properties: name: vTC #key_name: { get_param: key_name } image: ubuntu1404 user_data: str_replace: template: | #!/bin/sh # Creation of a user echo "Creating custom user..." useradd clouduser -g admin -s /bin/bash -m echo clouduser:yardstick | chpasswd echo "Enabling ssh password login..." sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config service ssh restart sleep 1 # wake up interfaces ifconfig eth1 up ifconfig eth2 up dhclient eth1 dhclient eth2 ifconfig 10.254.254.253 up netmask 255.255.255.248 # Fix Network Confiuration sed -i 's/localhost/localhost vtc/g' /etc/hosts touch /etc/resolvconf/resolv.conf.d/tail #echo 'nameserver 192.168.10.1' > /etc/resolvconf/resolv.conf.d/tail #echo 'nameserver 10.20.0.2' > /etc/resolvconf/resolv.conf.d/tail echo 'nameserver 10.118.32.193' > /etc/resolvconf/resolv.conf.d/tail resolvconf -u echo 'nameserver 10.118.32.193' > /etc/resolv.conf # Install vTC Dependencies apt-get update apt-get install -y git build-essential gcc libnuma-dev bison flex byacc libjson0-dev libcurl4-gnutls-dev jq dh-autoreconf libpcap-dev libpulse-dev libtool pkg-config apt-get install -y byacc libtool libcurl4-openssl-dev cd /home/clouduser # Setup multicast echo mgroup from eth1 group 224.192.16.1 > /etc/smcroute.conf git clone https://github.com/troglobit/smcroute.git cd smcroute git reset --hard c3f5c56 sed -i 's/aclocal-1.11/aclocal/g' ./autogen.sh sed -i 's/automake-1.11/automake/g' ./autogen.sh ./autogen.sh ./configure make make install cd .. touch multicast.sh echo "#!/bin/bash" > multicast.sh echo "while [ true ]" >> multicast.sh echo "do" >> multicast.sh echo " smcroute -k" >> multicast.sh echo " smcroute -d" >> multicast.sh echo " sleep 50" >> multicast.sh echo "done" >> multicast.sh chmod +x multicast.sh ./multicast.sh & rm resp.json curl -X POST -u "mPkgwvJPsTFS8hYmHk:SDczcrK4cvnkMRWSEchB3ANcWbqFXqPx" https://bitbucket.org/site/oauth2/access_token -d grant_type=refresh_token -d refresh_token=38uFQuhEdPvCTbhc7k >> resp.json access_token=`jq -r '.access_token' resp.json` git clone https://x-token-auth:${access_token}@bitbucket.org/akiskourtis/vtc.git cd vtc git checkout -b stable #Build nDPI library cd nDPI NDPI_DIR=$(pwd) echo $NDPI_DIR NDPI_INCLUDE=$(pwd)/src/include echo $NDPI_INCLUDE ./autogen.sh ./configure make make install #Build PF_RING library cd .. cd PF_RING make #Build PF_RING examples, including the modified pfbridge, with nDPI integrated. cd userland/examples/ sed -i 's#EXTRA_LIBS =#EXTRA_LIBS='"${NDPI_DIR}"'/src/lib/.libs/libndpi.a -ljson-c#' ./Makefile sed -i 's# -Ithird-party# -Ithird-party/ -I'"$NDPI_INCLUDE"' -I'"$NDPI_DIR"'#' ./Makefile echo $NDPI_DIR make cd ../.. cd .. cd .. # To use PF_RING driver use the following #sudo rmmod pf_ring #insmod ./vtc/PF_RING/kernel/pf_ring.ko min_num_slots=16384 enable_debug=1 quick_mode=1 enable_tx_capture=0 #./vtc/PF_RING/userland/examples/pfbridge -a eth1 -b eth2 & sleep 5 # To use the Linux kernel driver use the following cd /home/clouduser/ sudo nohup ./vtc/nDPI/example/ndpiReader -i eth1 -a eth2 & sleep 5 curl --data-ascii "{\"classification_rules\":[{\"RuleId\":\"1\",\"ToS\":\"16\"}]}" http://localhost:9999/classifier/classification_rules/224.192.16.1 & wc_notify --data-binary '{"status": "SUCCESS"}' params: wc_notify: { get_attr: ['wait_handle', 'curl_cli'] } #$IP_FAMILY: { get_param: ip_family } flavor: #vtc_flavor networks: - port: { get_resource: port_1 } - port: { get_resource: port_2 } - port: { get_resource: port_3 } outputs: