diff --git a/gbpservice/tests/contrib/devstack/exercises/fw.sh b/gbpservice/tests/contrib/devstack/exercises/fw.sh deleted file mode 100755 index b1aa6565e..000000000 --- a/gbpservice/tests/contrib/devstack/exercises/fw.sh +++ /dev/null @@ -1,138 +0,0 @@ -#!/usr/bin/env bash - -# **fw.sh** - -# Sanity check that firewall service is created with NFP - -echo "*********************************************************************" -echo "Begin NFP Exercise: $0" -echo "*********************************************************************" - -# Settings -# ======== - -# This script exits on an error so that errors don't compound and you see -# only the first error that occurred. -set -o errexit - -# Keep track of the current directory -EXERCISE_DIR=$(cd $(dirname "$0") && pwd) -TOP_DIR=$(cd $EXERCISE_DIR/..; pwd) - -source $TOP_DIR/openrc neutron service - -create_gbp_resources() { - gbp servicechain-node-create --service-profile base_mode_fw --template-file $TOP_DIR/nfp-templates/fw_template.yml FWNODE - gbp servicechain-spec-create --nodes "FWNODE" fw-chainspec - gbp policy-action-create --action-type REDIRECT --action-value fw-chainspec redirect-to-fw - gbp policy-action-create --action-type ALLOW allow-to-fw - gbp policy-classifier-create --protocol tcp --direction bi fw-web-classifier-tcp - gbp policy-classifier-create --protocol udp --direction bi fw-web-classifier-udp - gbp policy-classifier-create --protocol icmp --direction bi fw-web-classifier-icmp - gbp policy-rule-create --classifier fw-web-classifier-tcp --actions redirect-to-fw fw-web-redirect-rule - gbp policy-rule-create --classifier fw-web-classifier-tcp --actions allow-to-fw fw-web-allow-rule-tcp - gbp policy-rule-create --classifier fw-web-classifier-udp --actions allow-to-fw fw-web-allow-rule-udp - gbp policy-rule-create --classifier fw-web-classifier-icmp --actions allow-to-fw fw-web-allow-rule-icmp - gbp policy-rule-set-create --policy-rules "fw-web-redirect-rule fw-web-allow-rule-tcp fw-web-allow-rule-udp fw-web-allow-rule-icmp" fw-webredirect-ruleset - gbp group-create fw-consumer --consumed-policy-rule-sets "fw-webredirect-ruleset=None" - gbp group-create fw-provider --provided-policy-rule-sets "fw-webredirect-ruleset=None" -} - -delete_gbp_resources() { - gbp group-delete fw-provider - gbp group-delete fw-consumer - gbp policy-rule-set-delete fw-webredirect-ruleset - gbp policy-rule-delete fw-web-redirect-rule - gbp policy-rule-delete fw-web-allow-rule-tcp - gbp policy-rule-delete fw-web-allow-rule-icmp - gbp policy-rule-delete fw-web-allow-rule-udp - gbp policy-classifier-delete fw-web-classifier-tcp - gbp policy-classifier-delete fw-web-classifier-icmp - gbp policy-classifier-delete fw-web-classifier-udp - gbp policy-action-delete redirect-to-fw - gbp policy-action-delete allow-to-fw - gbp servicechain-spec-delete fw-chainspec - gbp servicechain-node-delete FWNODE -} - -validate_gbp_resources() { - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain creation Succeded" - else - echo "Chain creation failed" - fi -} - -validate_firewall_resources() { - FirewallRuleCount=`neutron firewall-rule-list -f value | grep Rule | wc -l` - if [ "$FirewallRuleCount" -eq "4" ]; then - echo "Firewall Rule resource created" - else - echo "Firewall Rule resource not created" - fi - - FirewallPolicyCount=`neutron firewall-policy-list -f value | grep fw | wc -l` - if [ "$FirewallPolicyCount" -eq "1" ]; then - echo "Firewall Policy resource created" - else - echo "Firewall Policy resource not created" - fi - - FirewallCount=`neutron firewall-list -f value | wc -l` - if [ "$FirewallCount" -eq "1" ]; then - echo "Firewall resource created" - FirewallUUID=`neutron firewall-list -f value | awk '{print $1}'` - FirewallStatus=`neutron firewall-show $FirewallUUID -f value -c status` - echo "Firewall resource is in $FirewallStatus state" - else - echo "Firewall resource not created" - fi -} - -update_gbp_resources() { - # Update existing chain, by removing 2 rules - #gbp servicechain-node-update FWNODE --template-file $TOP_DIR/nfp-templates/fw_updated_template.yml - - #FirewallRuleCount=`neutron firewall-rule-list -f value | wc -l` - #if [ "$FirewallRuleCount" -eq "2" ]; then - # echo "Chain created" - #else - # echo "Chain not created" - #fi - - gbp group-delete fw-provider - gbp group-delete fw-consumer - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain deleted" - else - echo "Chain not deleted" - fi - - # Service chain creation/deletion through PRS update - gbp group-create fw-consumer --consumed-policy-rule-sets "fw-webredirect-ruleset=None" - gbp group-create fw-provider - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain not created" - else - echo "Chain not deleted" - fi - - gbp group-update fw-provider --provided-policy-rule-sets "fw-webredirect-ruleset=None" - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain created" - else - echo "Chain not created" - fi -} - -create_gbp_resources -validate_gbp_resources -validate_firewall_resources - -update_gbp_resources - -delete_gbp_resources diff --git a/gbpservice/tests/contrib/devstack/exercises/fw_lb.sh b/gbpservice/tests/contrib/devstack/exercises/fw_lb.sh deleted file mode 100755 index 397f80a5c..000000000 --- a/gbpservice/tests/contrib/devstack/exercises/fw_lb.sh +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/env bash - -# **fw_lb.sh** - -# Sanity check that firewall and loadbalancer service chain is created with NFP - -echo "*********************************************************************" -echo "Begin NFP Exercise: $0" -echo "*********************************************************************" - -# Settings -# ======== - -# This script exits on an error so that errors don't compound and you see -# only the first error that occurred. -set -o errexit - -# Keep track of the current directory -EXERCISE_DIR=$(cd $(dirname "$0") && pwd) -TOP_DIR=$(cd $EXERCISE_DIR/..; pwd) - -source $TOP_DIR/openrc neutron service - -create_gbp_resources() { - # E-W insertion - gbp servicechain-node-create --service-profile base_mode_fw --template-file $TOP_DIR/nfp-templates/fw_template.yml FW_LB-FWNODE - gbp servicechain-node-create --service-profile base_mode_lb --template-file $TOP_DIR/nfp-templates/haproxy.template FW_LB-LBNODE - gbp servicechain-spec-create --nodes "FW_LB-FWNODE FW_LB-LBNODE" fw_lb_chainspec - gbp policy-action-create --action-type REDIRECT --action-value fw_lb_chainspec redirect-to-fw_lb - gbp policy-classifier-create --protocol tcp --direction bi fw_lb-webredirect - gbp policy-rule-create --classifier fw_lb-webredirect --actions redirect-to-fw_lb fw_lb-web-redirect-rule - gbp policy-rule-set-create --policy-rules "fw_lb-web-redirect-rule" fw_lb-webredirect-ruleset - gbp network-service-policy-create --network-service-params type=ip_single,name=vip_ip,value=self_subnet fw_lb_nsp - gbp group-create fw_lb-consumer --consumed-policy-rule-sets "fw_lb-webredirect-ruleset=None" - gbp group-create fw_lb-provider --provided-policy-rule-sets "fw_lb-webredirect-ruleset=None" --network-service-policy fw_lb_nsp -} - -delete_gbp_resources() { - gbp group-delete fw_lb-provider - gbp group-delete fw_lb-consumer - gbp network-service-policy-delete fw_lb_nsp - gbp policy-rule-set-delete fw_lb-webredirect-ruleset - gbp policy-rule-delete fw_lb-web-redirect-rule - gbp policy-classifier-delete fw_lb-webredirect - gbp policy-action-delete redirect-to-fw_lb - gbp servicechain-spec-delete fw_lb_chainspec - gbp servicechain-node-delete FW_LB-LBNODE - gbp servicechain-node-delete FW_LB-FWNODE -} - -validate_gbp_resources() { - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain creation Succeded" - else - echo "Chain creation failed" - fi - - ServiceChainNodeCount=`gbp scn-list -f value | grep FW_LB | wc -l` - if [ "$ServiceChainNodeCount" -eq "2" ]; then - echo "Network function creation Succeded" - else - echo "Network function creation failed" - fi -} - -validate_firewall_resources() { - FirewallRuleCount=`neutron firewall-rule-list -f value | grep Rule | wc -l` - if [ "$FirewallRuleCount" -eq "4" ]; then - echo "Firewall Rule resource created" - else - echo "Firewall Rule resource not created" - fi - - FirewallPolicyCount=`neutron firewall-policy-list -f value | grep fw | wc -l` - if [ "$FirewallPolicyCount" -eq "1" ]; then - echo "Firewall Policy resource created" - else - echo "Firewall Policy resource not created" - fi - - FirewallCount=`neutron firewall-list -f value | wc -l` - if [ "$FirewallCount" -eq "1" ]; then - echo "Firewall resource created" - FirewallUUID=`neutron firewall-list -f value | awk '{print $1}'` - FirewallStatus=`neutron firewall-show $FirewallUUID -f value -c status` - echo "Firewall resource is in $FirewallStatus state" - else - echo "Firewall resource not created" - fi -} - -validate_loadbalancer_resources() { - LBPoolCount=`neutron lb-pool-list -f value | wc -l` - if [ "$LBPoolCount" -eq "1" ]; then - echo "LB Pool resource created" - LBPoolUUID=`neutron lb-pool-list -f value | awk '{print $1}'` - LBPoolStatus=`neutron lb-pool-show $LBPoolUUID -f value -c status` - echo "LB Pool resource is in $LBPoolStatus state" - else - echo "LB Pool resource not created" - fi - - LBVIPCount=`neutron lb-vip-list -f value | wc -l` - if [ "$LBVIPCount" -eq "1" ]; then - echo "LB VIP resource created" - LBVIPUUID=`neutron lb-vip-list -f value | awk '{print $1}'` - LBVIPStatus=`neutron lb-vip-show $LBVIPUUID -f value -c status` - echo "LB VIP resource is in $LBVIPStatus state" - else - echo "LB VIP resource not created" - fi - - LBHMCount=`neutron lb-healthmonitor-list -f value | wc -l` - if [ "$LBHMCount" -eq "1" ]; then - echo "LB Healthmonitor resource created" - else - echo "LB Healthmonitor resource not created" - fi - - gbp policy-target-create --policy-target-group fw_lb-provider provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-create --policy-target-group fw_lb-provider provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "2" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-delete provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi - - gbp policy-target-delete provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "0" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi -} - -update_gbp_resources() { - # Update existing chain, by removing 2 rules - #gbp servicechain-node-update FW_LB-FWNODE --template-file $TOP_DIR/nfp-templates/fw_updated_template.yml - - #FirewallRuleCount=`neutron firewall-rule-list -f value | wc -l` - #if [ "$FirewallRuleCount" -eq "2" ]; then - # echo "Chain created" - #else - # echo "Chain not created" - #fi - - gbp group-delete fw_lb-provider - gbp group-delete fw_lb-consumer - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain deleted" - else - echo "Chain not deleted" - fi - - # Service chain creation/deletion through PRS update - gbp group-create fw_lb-consumer --consumed-policy-rule-sets "fw_lb-webredirect-ruleset=None" - gbp group-create fw_lb-provider - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain not created" - else - echo "Chain not deleted" - fi - - gbp group-update fw_lb-provider --provided-policy-rule-sets "fw_lb-webredirect-ruleset=None" --network-service-policy fw_lb_nsp - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain created" - else - echo "Chain not created" - fi -} - -create_gbp_resources -validate_gbp_resources -validate_firewall_resources -validate_loadbalancer_resources - -update_gbp_resources - -delete_gbp_resources diff --git a/gbpservice/tests/contrib/devstack/exercises/fw_vm.sh b/gbpservice/tests/contrib/devstack/exercises/fw_vm.sh deleted file mode 100755 index 8d294fee1..000000000 --- a/gbpservice/tests/contrib/devstack/exercises/fw_vm.sh +++ /dev/null @@ -1,138 +0,0 @@ -#!/usr/bin/env bash - -# **fw_vm.sh** - -# Sanity check that firewall(in service VM) service is created with NFP - -echo "*********************************************************************" -echo "Begin NFP Exercise: $0" -echo "*********************************************************************" - -# Settings -# ======== - -# This script exits on an error so that errors don't compound and you see -# only the first error that occurred. -set -o errexit - -# Keep track of the current directory -EXERCISE_DIR=$(cd $(dirname "$0") && pwd) -TOP_DIR=$(cd $EXERCISE_DIR/..; pwd) - -source $TOP_DIR/openrc neutron service - -create_gbp_resources() { - gbp servicechain-node-create --service-profile base_mode_fw_vm --config 'custom_json:{"mimetype": "config/custom+json","rules": [{"action": "log", "name": "tcp", "service": "tcp/80"}, {"action": "log", "name": "tcp", "service": "tcp/8080"}, {"action": "accept", "name": "tcp", "service": "tcp/22"}, {"action": "accept", "name": "icmp", "service": "icmp"}]}' FWNODE - gbp servicechain-spec-create --nodes "FWNODE" fw-chainspec - gbp policy-action-create --action-type REDIRECT --action-value fw-chainspec redirect-to-fw - gbp policy-action-create --action-type ALLOW allow-to-fw - gbp policy-classifier-create --protocol tcp --direction bi fw-web-classifier-tcp - gbp policy-classifier-create --protocol udp --direction bi fw-web-classifier-udp - gbp policy-classifier-create --protocol icmp --direction bi fw-web-classifier-icmp - gbp policy-rule-create --classifier fw-web-classifier-tcp --actions redirect-to-fw fw-web-redirect-rule - gbp policy-rule-create --classifier fw-web-classifier-tcp --actions allow-to-fw fw-web-allow-rule-tcp - gbp policy-rule-create --classifier fw-web-classifier-udp --actions allow-to-fw fw-web-allow-rule-udp - gbp policy-rule-create --classifier fw-web-classifier-icmp --actions allow-to-fw fw-web-allow-rule-icmp - gbp policy-rule-set-create --policy-rules "fw-web-redirect-rule fw-web-allow-rule-tcp fw-web-allow-rule-udp fw-web-allow-rule-icmp" fw-webredirect-ruleset - gbp group-create fw-consumer --consumed-policy-rule-sets "fw-webredirect-ruleset=None" - gbp group-create fw-provider --provided-policy-rule-sets "fw-webredirect-ruleset=None" -} - -delete_gbp_resources() { - gbp group-delete fw-provider - gbp group-delete fw-consumer - gbp policy-rule-set-delete fw-webredirect-ruleset - gbp policy-rule-delete fw-web-redirect-rule - gbp policy-rule-delete fw-web-allow-rule-tcp - gbp policy-rule-delete fw-web-allow-rule-icmp - gbp policy-rule-delete fw-web-allow-rule-udp - gbp policy-classifier-delete fw-web-classifier-tcp - gbp policy-classifier-delete fw-web-classifier-icmp - gbp policy-classifier-delete fw-web-classifier-udp - gbp policy-action-delete redirect-to-fw - gbp policy-action-delete allow-to-fw - gbp servicechain-spec-delete fw-chainspec - gbp servicechain-node-delete FWNODE -} - -validate_gbp_resources() { - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain creation Succeded" - else - echo "Chain creation failed" - fi -} - -validate_firewall_resources() { - FirewallRuleCount=`neutron firewall-rule-list -f value | grep Rule | wc -l` - if [ "$FirewallRuleCount" -eq "4" ]; then - echo "Firewall Rule resource created" - else - echo "Firewall Rule resource not created" - fi - - FirewallPolicyCount=`neutron firewall-policy-list -f value | grep fw | wc -l` - if [ "$FirewallPolicyCount" -eq "1" ]; then - echo "Firewall Policy resource created" - else - echo "Firewall Policy resource not created" - fi - - FirewallCount=`neutron firewall-list -f value | wc -l` - if [ "$FirewallCount" -eq "1" ]; then - echo "Firewall resource created" - FirewallUUID=`neutron firewall-list -f value | awk '{print $1}'` - FirewallStatus=`neutron firewall-show $FirewallUUID -f value -c status` - echo "Firewall resource is in $FirewallStatus state" - else - echo "Firewall resource not created" - fi -} - -update_gbp_resources() { - # Update existing chain, by removing 2 rules - #gbp servicechain-node-update FWNODE --template-file $TOP_DIR/nfp-templates/fw_updated_template.yml - - #FirewallRuleCount=`neutron firewall-rule-list -f value | wc -l` - #if [ "$FirewallRuleCount" -eq "2" ]; then - # echo "Chain created" - #else - # echo "Chain not created" - #fi - - gbp group-delete fw-provider - gbp group-delete fw-consumer - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain deleted" - else - echo "Chain not deleted" - fi - - # Service chain creation/deletion through PRS update - gbp group-create fw-consumer --consumed-policy-rule-sets "fw-webredirect-ruleset=None" - gbp group-create fw-provider - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain not created" - else - echo "Chain not deleted" - fi - - gbp group-update fw-provider --provided-policy-rule-sets "fw-webredirect-ruleset=None" - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain created" - else - echo "Chain not created" - fi -} - -create_gbp_resources -validate_gbp_resources -validate_firewall_resources - -update_gbp_resources - -delete_gbp_resources diff --git a/gbpservice/tests/contrib/devstack/exercises/fw_vm_lb.sh b/gbpservice/tests/contrib/devstack/exercises/fw_vm_lb.sh deleted file mode 100755 index 0614f4c79..000000000 --- a/gbpservice/tests/contrib/devstack/exercises/fw_vm_lb.sh +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/bin/env bash - -# **fw_vm_lb.sh** - -# Sanity check that firewall(in service VM) and loadbalancer service chain is created with NFP - -echo "*********************************************************************" -echo "Begin NFP Exercise: $0" -echo "*********************************************************************" - -# Settings -# ======== - -# This script exits on an error so that errors don't compound and you see -# only the first error that occurred. -set -o errexit - -# Keep track of the current directory -EXERCISE_DIR=$(cd $(dirname "$0") && pwd) -TOP_DIR=$(cd $EXERCISE_DIR/..; pwd) - -source $TOP_DIR/openrc neutron service - -create_gbp_resources() { - # E-W insertion - gbp servicechain-node-create --service-profile base_mode_fw_vm --config 'custom_json:{"mimetype": "config/custom+json","rules": [{"action": "log", "name": "tcp", "service": "tcp/80"}, {"action": "log", "name": "tcp", "service": "tcp/8080"}, {"action": "accept", "name": "tcp", "service": "tcp/22"}, {"action": "accept", "name": "icmp", "service": "icmp"}]}' FW_LB-FWNODE - gbp servicechain-node-create --service-profile base_mode_lb --template-file $TOP_DIR/nfp-templates/haproxy.template FW_LB-LBNODE - gbp servicechain-spec-create --nodes "FW_LB-FWNODE FW_LB-LBNODE" fw_lb_chainspec - gbp policy-action-create --action-type REDIRECT --action-value fw_lb_chainspec redirect-to-fw_lb - gbp policy-classifier-create --protocol tcp --direction bi fw_lb-webredirect - gbp policy-rule-create --classifier fw_lb-webredirect --actions redirect-to-fw_lb fw_lb-web-redirect-rule - gbp policy-rule-set-create --policy-rules "fw_lb-web-redirect-rule" fw_lb-webredirect-ruleset - gbp network-service-policy-create --network-service-params type=ip_single,name=vip_ip,value=self_subnet fw_lb_nsp - gbp group-create fw_lb-consumer --consumed-policy-rule-sets "fw_lb-webredirect-ruleset=None" - gbp group-create fw_lb-provider --provided-policy-rule-sets "fw_lb-webredirect-ruleset=None" --network-service-policy fw_lb_nsp -} - -delete_gbp_resources() { - gbp group-delete fw_lb-provider - gbp group-delete fw_lb-consumer - gbp network-service-policy-delete fw_lb_nsp - gbp policy-rule-set-delete fw_lb-webredirect-ruleset - gbp policy-rule-delete fw_lb-web-redirect-rule - gbp policy-classifier-delete fw_lb-webredirect - gbp policy-action-delete redirect-to-fw_lb - gbp servicechain-spec-delete fw_lb_chainspec - gbp servicechain-node-delete FW_LB-LBNODE - gbp servicechain-node-delete FW_LB-FWNODE -} - -validate_gbp_resources() { - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain creation Succeded" - else - echo "Chain creation failed" - fi - - ServiceChainNodeCount=`gbp scn-list -f value | grep FW_LB | wc -l` - if [ "$ServiceChainNodeCount" -eq "2" ]; then - echo "Network function creation Succeded" - else - echo "Network function creation failed" - fi -} - -validate_firewall_resources() { - FirewallRuleCount=`neutron firewall-rule-list -f value | grep Rule | wc -l` - if [ "$FirewallRuleCount" -eq "4" ]; then - echo "Firewall Rule resource created" - else - echo "Firewall Rule resource not created" - fi - - FirewallPolicyCount=`neutron firewall-policy-list -f value | grep fw | wc -l` - if [ "$FirewallPolicyCount" -eq "1" ]; then - echo "Firewall Policy resource created" - else - echo "Firewall Policy resource not created" - fi - - FirewallCount=`neutron firewall-list -f value | wc -l` - if [ "$FirewallCount" -eq "1" ]; then - echo "Firewall resource created" - FirewallUUID=`neutron firewall-list -f value | awk '{print $1}'` - FirewallStatus=`neutron firewall-show $FirewallUUID -f value -c status` - echo "Firewall resource is in $FirewallStatus state" - else - echo "Firewall resource not created" - fi -} - -validate_loadbalancer_resources() { - LBPoolCount=`neutron lb-pool-list -f value | wc -l` - if [ "$LBPoolCount" -eq "1" ]; then - echo "LB Pool resource created" - LBPoolUUID=`neutron lb-pool-list -f value | awk '{print $1}'` - LBPoolStatus=`neutron lb-pool-show $LBPoolUUID -f value -c status` - echo "LB Pool resource is in $LBPoolStatus state" - else - echo "LB Pool resource not created" - fi - - LBVIPCount=`neutron lb-vip-list -f value | wc -l` - if [ "$LBVIPCount" -eq "1" ]; then - echo "LB VIP resource created" - LBVIPUUID=`neutron lb-vip-list -f value | awk '{print $1}'` - LBVIPStatus=`neutron lb-vip-show $LBVIPUUID -f value -c status` - echo "LB VIP resource is in $LBVIPStatus state" - else - echo "LB VIP resource not created" - fi - - LBHMCount=`neutron lb-healthmonitor-list -f value | wc -l` - if [ "$LBHMCount" -eq "1" ]; then - echo "LB Healthmonitor resource created" - else - echo "LB Healthmonitor resource not created" - fi - - gbp policy-target-create --policy-target-group fw_lb-provider provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-create --policy-target-group fw_lb-provider provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "2" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-delete provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi - - gbp policy-target-delete provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "0" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi -} - -update_gbp_resources() { - # Update existing chain, by removing 2 rules - #gbp servicechain-node-update FW_LB-FWNODE --template-file $TOP_DIR/nfp-templates/fw_updated_template.yml - - #FirewallRuleCount=`neutron firewall-rule-list -f value | wc -l` - #if [ "$FirewallRuleCount" -eq "2" ]; then - # echo "Chain created" - #else - # echo "Chain not created" - #fi - - gbp group-delete fw_lb-provider - gbp group-delete fw_lb-consumer - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain deleted" - else - echo "Chain not deleted" - fi - - # Service chain creation/deletion through PRS update - gbp group-create fw_lb-consumer --consumed-policy-rule-sets "fw_lb-webredirect-ruleset=None" - gbp group-create fw_lb-provider - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain not created" - else - echo "Chain not deleted" - fi - - gbp group-update fw_lb-provider --provided-policy-rule-sets "fw_lb-webredirect-ruleset=None" --network-service-policy fw_lb_nsp - ServiceChainInstanceCount=`gbp sci-list -f value | grep fw_lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain created" - else - echo "Chain not created" - fi -} - -create_gbp_resources -validate_gbp_resources -validate_firewall_resources -validate_loadbalancer_resources - -update_gbp_resources - -delete_gbp_resources diff --git a/gbpservice/tests/contrib/devstack/exercises/lb.sh b/gbpservice/tests/contrib/devstack/exercises/lb.sh deleted file mode 100755 index 4b621f22f..000000000 --- a/gbpservice/tests/contrib/devstack/exercises/lb.sh +++ /dev/null @@ -1,159 +0,0 @@ - -#!/usr/bin/env bash - -# **lb.sh** - -# Sanity check that loadbalancer service is created with NFP - -echo "*********************************************************************" -echo "Begin NFP Exercise: $0" -echo "*********************************************************************" - -# Settings -# ======== - -# This script exits on an error so that errors don't compound and you see -# only the first error that occurred. -set -o errexit - -# Keep track of the current directory -EXERCISE_DIR=$(cd $(dirname "$0") && pwd) -TOP_DIR=$(cd $EXERCISE_DIR/..; pwd) - -source $TOP_DIR/openrc neutron service - -create_gbp_resources() { - # E-W insertion - gbp servicechain-node-create --service-profile base_mode_lb --template-file $TOP_DIR/nfp-templates/haproxy.template LB-NODE - gbp servicechain-spec-create --nodes "LB-NODE" lb_chainspec - gbp policy-action-create --action-type REDIRECT --action-value lb_chainspec redirect-to-lb - gbp policy-classifier-create --protocol tcp --direction bi lb-webredirect - gbp policy-rule-create --classifier lb-webredirect --actions redirect-to-lb lb-webredirect-rule - gbp policy-rule-set-create --policy-rules "lb-webredirect-rule" lb-webredirect-ruleset - gbp network-service-policy-create --network-service-params type=ip_single,name=vip_ip,value=self_subnet lb_nsp - gbp group-create lb-consumer --consumed-policy-rule-sets "lb-webredirect-ruleset=None" - gbp group-create lb-provider --provided-policy-rule-sets "lb-webredirect-ruleset=None" --network-service-policy lb_nsp -} - -delete_gbp_resources() { - gbp group-delete lb-consumer - gbp group-delete lb-provider - gbp network-service-policy-delete lb_nsp - gbp policy-rule-set-delete lb-webredirect-ruleset - gbp policy-rule-delete lb-webredirect-rule - gbp policy-classifier-delete lb-webredirect - gbp policy-action-delete redirect-to-lb - gbp servicechain-spec-delete lb_chainspec - gbp servicechain-node-delete LB-NODE -} - -validate_gbp_resources() { - ServiceChainInstanceCount=`gbp sci-list -f value | grep lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain creation Succeded" - else - echo "Chain creation failed" - fi -} - -validate_loadbalancer_resources() { - LBPoolCount=`neutron lb-pool-list -f value | wc -l` - if [ "$LBPoolCount" -eq "1" ]; then - echo "LB Pool resource created" - LBPoolUUID=`neutron lb-pool-list -f value | awk '{print $1}'` - LBPoolStatus=`neutron lb-pool-show $LBPoolUUID -f value -c status` - echo "LB Pool resource is in $LBPoolStatus state" - else - echo "LB Pool resource not created" - fi - - LBVIPCount=`neutron lb-vip-list -f value | wc -l` - if [ "$LBVIPCount" -eq "1" ]; then - echo "LB VIP resource created" - LBVIPUUID=`neutron lb-vip-list -f value | awk '{print $1}'` - LBVIPStatus=`neutron lb-vip-show $LBVIPUUID -f value -c status` - echo "LB VIP resource is in $LBVIPStatus state" - else - echo "LB VIP resource not created" - fi - - LBHMCount=`neutron lb-healthmonitor-list -f value | wc -l` - if [ "$LBHMCount" -eq "1" ]; then - echo "LB Healthmonitor resource created" - else - echo "LB Healthmonitor resource not created" - fi - - gbp policy-target-create --policy-target-group lb-provider provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-create --policy-target-group lb-provider provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "2" ]; then - echo "LB Member resource created" - else - echo "LB Member resource not created" - fi - - gbp policy-target-delete provider_pt1 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "1" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi - - gbp policy-target-delete provider_pt2 - sleep 5 - LBMemberCount=`neutron lb-member-list -f value | wc -l` - if [ "$LBMemberCount" -eq "0" ]; then - echo "LB Member resource deleted" - else - echo "LB Member resource not deleted" - fi -} - -update_gbp_resources() { - gbp group-delete lb-provider - gbp group-delete lb-consumer - ServiceChainInstanceCount=`gbp sci-list -f value | grep lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain deleted" - else - echo "Chain not deleted" - fi - - # Service chain creation/deletion through PRS update - gbp group-create lb-consumer --consumed-policy-rule-sets "lb-webredirect-ruleset=None" - gbp group-create lb-provider - ServiceChainInstanceCount=`gbp sci-list -f value | grep lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "0" ]; then - echo "Chain not created" - else - echo "Chain not deleted" - fi - - gbp group-update lb-provider --provided-policy-rule-sets "lb-webredirect-ruleset=None" --network-service-policy lb_nsp - ServiceChainInstanceCount=`gbp sci-list -f value | grep lb-provider | wc -l` - if [ "$ServiceChainInstanceCount" -eq "1" ]; then - echo "Chain created" - else - echo "Chain not created" - fi -} - -create_gbp_resources -validate_gbp_resources -validate_loadbalancer_resources - -update_gbp_resources - -delete_gbp_resources diff --git a/gbpservice/tests/contrib/functions-gbp b/gbpservice/tests/contrib/functions-gbp index b8a7ff12b..2eda412cb 100644 --- a/gbpservice/tests/contrib/functions-gbp +++ b/gbpservice/tests/contrib/functions-gbp @@ -27,6 +27,8 @@ function prepare_gbp_devstack { function prepare_nfp_devstack { cd $TOP_DIR sudo cp $CONTRIB_DIR/devstack/local-nfp.conf $TOP_DIR/local.conf + sudo rm -rf $TOP_DIR/exercises/*.sh + sudo cp $CONTRIB_DIR/devstack/exercises-nfp/*.sh $TOP_DIR/exercises/ sudo cp -r $CONTRIB_DIR/devstack/nfp-templates $TOP_DIR sudo cp $CONTRIB_DIR/devstack/nfp $TOP_DIR/lib/ sed -i 's/source $TOP_DIR\/lib\/dstat/source $TOP_DIR\/lib\/dstat\nsource $TOP_DIR\/lib\/nfp/g' stack.sh diff --git a/gbpservice/tests/contrib/gate_hook.sh b/gbpservice/tests/contrib/gate_hook.sh index 35beb2e5b..29fa01190 100644 --- a/gbpservice/tests/contrib/gate_hook.sh +++ b/gbpservice/tests/contrib/gate_hook.sh @@ -9,7 +9,6 @@ set -x trap prepare_logs ERR prepare_gbp_devstack -prepare_nfp_devstack $TOP_DIR/stack.sh # Use devstack functions to install mysql and psql servers diff --git a/gbpservice/tests/contrib/post_test_hook.sh b/gbpservice/tests/contrib/post_test_hook.sh index efd96d220..df9af46bf 100644 --- a/gbpservice/tests/contrib/post_test_hook.sh +++ b/gbpservice/tests/contrib/post_test_hook.sh @@ -10,11 +10,7 @@ trap prepare_logs ERR $TOP_DIR/exercise.sh exercises_exit_code=$? -source $TOP_DIR/lib/nfp -delete_nfp_gbp_resources $TOP_DIR - # Check if exercises left any resources undeleted -check_residual_resources neutron service check_residual_resources admin admin check_residual_resources admin demo check_residual_resources demo demo diff --git a/gbpservice/tests/contrib/post_test_nfp_hook.sh b/gbpservice/tests/contrib/post_test_nfp_hook.sh index a6cff026f..392ed39c6 100644 --- a/gbpservice/tests/contrib/post_test_nfp_hook.sh +++ b/gbpservice/tests/contrib/post_test_nfp_hook.sh @@ -6,8 +6,6 @@ set -x trap prepare_logs ERR -rm -rf $TOP_DIR/exercises/* -cp $TOP_DIR/exercises-nfp/* $TOP_DIR/exercises/ # Run exercise scripts $TOP_DIR/exercise.sh exercises_exit_code=$?