#!/bin/bash NFPSERVICE_DIR=$DEST/gbp DISK_IMAGE_DIR=$DEST/gbp/gbpservice/tests/contrib TOP_DIR=$PWD NEUTRON_CONF_DIR=/etc/neutron NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf NFP_CONF_DIR=/etc/nfp echo "TOP-DIR-NFP : $PWD" function prepare_nfp_image_builder { #setup_develop $NFPSERVICE_DIR sudo -H -E pip install -r $DISK_IMAGE_DIR/diskimage-create/requirements.txt sudo apt-get install -y --force-yes qemu-utils } function init_nfpgbpservice { # Run GBP db migrations gbp-db-manage --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head iniset $NEUTRON_CONF DEFAULT policy_dirs $NFP_CONF_DIR } function install_nfpgbpservice { git_clone $GBPSERVICE_REPO $NFPSERVICE_DIR $GBPSERVICE_BRANCH mv $NFPSERVICE_DIR/test-requirements.txt $NFPSERVICE_DIR/_test-requirements.txt setup_develop $NFPSERVICE_DIR mv -f $NEUTRON_CONF_DIR/policy.json $NEUTRON_CONF_DIR/policy.json.original 2>/dev/null; true cp -f $NFPSERVICE_DIR/etc/policy.json $NEUTRON_CONF_DIR/policy.json mv $NFPSERVICE_DIR/_test-requirements.txt $NFPSERVICE_DIR/test-requirements.txt } function create_nfp_image { TOP_DIR=$TOP_DIR sudo python $DISK_IMAGE_DIR/diskimage-create/disk_image_create.py $DISK_IMAGE_DIR/diskimage-create/conf.json BUILT_IMAGE_PATH=$(cat /tmp/nfp_image_path) upload_image file://$BUILT_IMAGE_PATH $TOKEN openstack --os-cloud=devstack-admin flavor create --ram 512 --disk 3 --vcpus 1 m1.nfp-tiny } function assign_user_role_credential { TOP_DIR=$TOP_DIR source $TOP_DIR/openrc admin admin #set -x serviceTenantID=`keystone tenant-list | grep "service" | awk '{print $2}'` serviceRoleID=`keystone role-list | grep "service" | awk '{print $2}'` adminRoleID=`keystone role-list | grep "admin" | awk '{print $2}'` keystone user-role-add --user nova --tenant $serviceTenantID --role $serviceRoleID keystone user-role-add --user neutron --tenant $serviceTenantID --role $adminRoleID } function namespace_delete { TOP_DIR=$TOP_DIR source $TOP_DIR/openrc neutron service #Deletion namespace NFP_P=`sudo ip netns | grep "nfp-proxy"` if [ ${#NFP_P} -ne 0 ]; then sudo ip netns delete nfp-proxy echo "namespace removed" fi #Delete veth peer PEER=`ip a | grep pt1` if [ ${#PEER} -ne 0 ]; then echo "veth peer removed" sudo ip link delete pt1 fi #pt1 port removing from ovs PORT=`sudo ovs-vsctl show | grep "pt1"` if [ ${#PORT} -ne 0 ]; then sudo ovs-vsctl del-port br-int pt1 echo "ovs port ptr1 is removed" fi echo "nfp-proxy cleaning success.... " } function namespace_create { TOP_DIR=$TOP_DIR #doing it in namespace_delete, so no need to do it again #source $1/openrc neutron service SERVICE_MGMT_NET="l2p_svc_management_ptg" cidr="/24" echo "Creating new namespace nfp-proxy...." #new namespace with name proxy NFP_P=`sudo ip netns add nfp-proxy` if [ ${#NFP_P} -eq 0 ]; then echo "New namepace nfp-proxt create" else echo "nfp-proxy creation failed" exit 0 fi #Create veth peer PEER=`sudo ip link add pt0 type veth peer name pt1` if [ ${#PEER} -eq 0 ]; then echo "New veth pair created" else echo "veth pair creation failed" exit 0 fi sleep 1 #move one side of veth into namesape sudo ip link set pt0 netns nfp-proxy #create new neutron port in service mgmt network new_ip=`neutron port-create $SERVICE_MGMT_NET | grep "fixed_ips" | awk '{print $7}' | sed 's/^\"\(.*\)\"}$/\1/'` if [ ${#new_ip} -lt 5 ]; then echo "new_ip =$new_ip" echo "Neutron port creation failed (check source) " exit 0 else echo "New Neutron Port Created on Service management network with ip =$new_ip" fi new_ip_cidr+="$new_ip/24" sleep 2 #get the ip address of new port eg : 11.0.0.6 and asign to namespace sudo ip netns exec nfp-proxy ip addr add $new_ip_cidr dev pt0 #move other side of veth into ovs : br-int sudo ovs-vsctl add-port br-int pt1 #get id of service management network smn_id=`neutron net-list | grep "$SERVICE_MGMT_NET" | awk '{print $2}'` #get the dhcp namespace of service management network nm_space=`sudo ip netns | grep "$smn_id"` #get port id from router nampace port=`sudo ip netns exec $nm_space ip a | grep "tap" | tail -n 1 | awk '{print $7}'` #get tag_id form port in ovs-bridge tag_id=`sudo ovs-vsctl list port $port | grep "tag" | tail -n 1 | awk '{print $3}'` sudo ovs-vsctl set port pt1 tag=$tag_id #up the both ports sudo ip netns exec nfp-proxy ip link set pt0 up sudo ip netns exec nfp-proxy ip link set lo up sudo ip link set pt1 up PING=`sudo ip netns exec nfp-proxy ping $2 -q -c 2 > /dev/null` if [ ${#PING} -eq 0 ] then echo "nfp-proxy namespcace creation success and reaching to $2" else echo "Fails reaching to $2" fi sudo ip netns exec nfp-proxy /usr/bin/nfp_proxy --config-file=/etc/nfp_proxy.ini } function create_nfp_gbp_resources { TOP_DIR=$TOP_DIR source $TOP_DIR/openrc neutron service if [[ $DISABLE_BUILD_IMAGE = False ]]; then IMAGE_PATH=$(cat /tmp/nfp_image_path) IMAGE_NAME=`basename "$IMAGE_PATH"` IMAGE_NAME_FLAT="${IMAGE_NAME%.*}" FLAVOR=m1.nfp-tiny else IMAGE_NAME_FLAT="reference_configurator_image" FLAVOR=m1.small fi gbp network-service-policy-create --network-service-params type=ip_pool,name=vip_ip,value=nat_pool svc_mgmt_fip_policy gbp service-profile-create --servicetype LOADBALANCER --insertion-mode l3 --shared True --service-flavor service_vendor=haproxy,device_type=None --vendor NFP base_mode_lb gbp service-profile-create --servicetype FIREWALL --insertion-mode l3 --shared True --service-flavor service_vendor=nfp,device_type=nova,image_name=$IMAGE_NAME_FLAT,flavor=$FLAVOR --vendor NFP base_mode_fw_vm gbp group-create svc_management_ptg --service_management True } function get_router_namespace { TOP_DIR=$TOP_DIR source $TOP_DIR/openrc neutron service GROUP="svc_management_ptg" echo "GroupName: $GROUP" l2p_id=`gbp ptg-show svc_management_ptg | grep l2_policy_id | awk '{print $4}'` l3p_id=`gbp l2p-show $l2p_id | grep l3_policy_id | awk '{print $4}'` RouterId=`gbp l3p-show $l3p_id | grep routers | awk '{print $4}'` } function copy_nfp_files_and_start_process { TOP_DIR=$TOP_DIR cd /opt/stack/gbp/gbpservice/nfp sudo cp -r bin/nfp /usr/bin/ sudo chmod +x /usr/bin/nfp sudo rm -rf /etc/nfp_* sudo cp -r bin/nfp_orchestrator.ini /etc/ sudo cp -r bin/nfp_proxy_agent.ini /etc/ sudo cp -r bin/nfp_proxy.ini /etc/nfp_proxy.ini sudo cp -r bin/nfp_proxy /usr/bin/ IpAddr=127.0.0.1 echo "Configuring proxy.ini .... with rest_server_address as $IpAddr" sudo sed -i "s/rest_server_address=*.*/rest_server_address=$IpAddr/g" /etc/nfp_proxy.ini sudo sed -i "s/rest_server_port= *.*/rest_server_port=8080/g" /etc/nfp_proxy.ini ipnetns_router=`sudo ip netns |grep $RouterId` sed -i 's#source.*#source '$TOP_DIR'/openrc demo demo#g' /opt/stack/gbp/devstack/exercises/nfp_service/*.sh source $TOP_DIR/functions-common echo "Starting orchestrator >>>> under screen named : orchestrator" run_process nfp_orchestrator "sudo /usr/bin/nfp --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/nfp_orchestrator.ini --log-file /opt/stack/logs/nfp_orchestrator.log" sleep 1 echo "Starting proxy_agent >>>> under screen named : proxy_agent" run_process nfp_proxy_agent "sudo /usr/bin/nfp --config-file /etc/nfp_proxy_agent.ini --log-file /opt/stack/logs/nfp_proxy_agent.log" sleep 1 echo "Starting proxy server under Namespace : nfp-proxy namespace >>>> under screen named : proxy" run_process nfp_proxy "source /opt/stack/gbp/devstack/lib/nfp;namespace_delete $TOP_DIR;namespace_create $TOP_DIR $IpAddr" sleep 10 cd pecan/api sudo python setup.py develop echo "Starting base_configurator >>>> under screen named : base_configurator" run_process nfp_base_configurator "cd /opt/stack/gbp/gbpservice/nfp/pecan/api;sudo ip netns exec nfp-proxy pecan configurator_decider config.py --mode base" sleep 1 echo "Running gbp-db-manage" source $TOP_DIR/openrc neutron service gbp-db-manage --config-file /etc/neutron/neutron.conf upgrade head sleep 2 echo "Configuration success ... " }