Issue #13 - SFC examples added

examples/README.md

@@ -0,0 +1,228 @@
+# Examples
+
+
+### Simple example
+
+*simple-example-blueprint.yaml*
+
+TODO
+
+### Replicasets
+
+*replicasets-example-blueprint.yaml*
+
+TODO
+
+### Persistent volumes
+
+*persistent_volumes-example-blueprint*
+
+TODO
+
+### Service chaining
+
+There are 3 blueprints defined as examples of container-based service chaining for kubernetes.
+These scenarios are using Linux bridging and static routing to provide chain connectivity between separate pods.
+Implementations of all scenarios are done using utilities-plugin.
+Separate generic blueprint *vnf-blueprint* is used to define each pod and network interfaces by *service_chain* deployment.
+In other words main (*service_chain*) deployment is creating separate deployments from *vnf-blueprint* for each pod using utilities-plugin.
+
+So, before start you need to upload *vnf-blueprint* to Cloudify Manager. You can do it by:
+
+```
+cfy blueprints upload vnf-blueprint.yaml -b service_chain_vnf_component
+```
+
+It is also need to upload wagons for plugins used in blueprints:
+
+```
+cfy plugins upload PATH_TO_WAGON_FOR_cloudify-fabric-plugin_1.5
+cfy plugins upload PATH_TO_WAGON_FOR_cloudify-kubernetes-plugin_1.0.0
+cfy plugins upload PATH_TO_WAGON_FOR_cloudify-utilities-plugin_1.2.5
+```
+
+
+#### Example 1
+
+*service_chain_1-example-blueprint.yaml*
+
+Use case deploys chain with 3 containers:
+* client
+* VNF (router)
+* server
+
+![sfc_uc1](https://user-images.githubusercontent.com/20417307/28112813-b29b6a5c-66fa-11e7-8ecd-8c219a984412.jpg)
+
+You can deploy it executing:
+
+```
+cfy install -b service_chain_1 -i inputs/service_chain_1-example-inputs.yaml service_chain_1-example-blueprint.yaml
+```
+
+Example inputs are provided in *inputs/service_chain_1-example-inputs.yaml*.
+Inputs should be adjusted to your setup.
+
+You can verify if this setup has been deployed correctly on Kuberentes VM using command line:
+
+1.  Check if all pod has been created. Execute:
+
+*kubectl get pods*
+
+You should see 3 pods. All have to be in 'Running' state:
+
+```
+NAME           READY     STATUS    RESTARTS   AGE
+client         1/1       Running   0          2m
+router         1/1       Running   0          2m
+server         1/1       Running   0          1m
+```
+
+2. Attach to 'client' console:
+
+*kubectl attach client -it*
+
+3. Perform tests for server connectivity ping ICMP traffic should pass
+
+*ping 192.168.1.7*
+
+4. Try to establish a ssh session. You should have possibility of making a connection.
+
+*ssh [email protected]*
+
+password: *test*
+
+5. Check if HTTP server is responding.
+
+*curl 192.168.1.7:8080*
+
+HTTP traffic should pass. A standard python SimpleHTTPServer directory listing should be present.
+
+*curl 192.168.1.7:8080/?q=banned*
+
+Expected 404 error.
+
+
+#### Example 2
+
+*service_chain_2-example-blueprint.yaml*
+
+Use case deploys chain with 4 containers:
+* client
+* VNF (router)
+* VNF (firewall)
+* server
+
+![sfc_uc2](https://user-images.githubusercontent.com/20417307/28112823-b7632502-66fa-11e7-9851-0bdc96017a4a.jpg)
+
+You can deploy it executing:
+
+```
+cfy install -b service_chain_2 -i inputs/service_chain_2-example-inputs.yaml service_chain_2-example-blueprint.yaml
+```
+
+Example inputs are provided in *inputs/service_chain_2-example-inputs.yaml*.
+Inputs should be adjusted to your setup.
+
+You can verify if this setup has been deployed correctly on Kuberentes VM using command line:
+
+1.  Check if all pod has been created. Execute:
+
+*kubectl get pods*
+
+You should see 4 pods. All have to be in 'Running' state:
+
+```
+NAME           READY     STATUS    RESTARTS   AGE
+client         1/1       Running   0          2m
+router         1/1       Running   0          2m
+firewall       1/1       Running   0          2m
+server         1/1       Running   0          1m
+```
+
+2. Attach to 'client' console:
+
+*kubectl attach client -it*
+
+3. Perform tests for server connectivity ping ICMP traffic should pass
+
+*ping 192.168.1.7*
+
+4. Try to establish a ssh session. 
+TCP SSH traffic should be blocked by firewall.
+Making new connection should be impossible.
+
+*ssh [email protected]*
+
+5. Check if HTTP server is responding.
+
+*curl 192.168.1.7:8080*
+
+HTTP traffic should pass. A standard python SimpleHTTPServer directory listing should be present.
+
+*curl 192.168.1.7:8080/?q=banned*
+
+Expected 404 error.
+
+
+#### Example 3
+
+*service_chain_3-example-blueprint.yaml*
+
+Use case deploys chain with 5 containers:
+* client
+* VNF (router)
+* VNF (firewall)
+* VNF (URL filter)
+* server
+
+![sfc_uc3](https://user-images.githubusercontent.com/20417307/28112833-be9eb232-66fa-11e7-8ab5-dbdca51bda99.jpg)
+
+You can deploy it executing:
+
+```
+cfy install -b service_chain_3 -i inputs/service_chain_3-example-inputs.yaml service_chain_3-example-blueprint.yaml
+```
+
+Example inputs are provided in *inputs/service_chain_3-example-inputs.yaml*.
+Inputs should be adjusted to your setup.
+
+You can verify if this setup has been deployed correctly on Kuberentes VM using command line:
+
+1.  Check if all pod has been created. Execute:
+
+*kubectl get pods*
+
+You should see 5 pods. All have to be in 'Running' state:
+
+```
+NAME           READY     STATUS    RESTARTS   AGE
+client         1/1       Running   0          2m
+router         1/1       Running   0          2m
+firewall       1/1       Running   0          2m
+filter         1/1       Running   0          2m
+server         1/1       Running   0          1m
+```
+
+2. Attach to 'client' console:
+
+*kubectl attach client -it*
+
+3. Perform tests for server connectivity ping ICMP traffic should pass
+
+*ping 192.168.1.7*
+
+4. Try to establish a ssh session. 
+TCP SSH traffic should be blocked by firewall.
+Making new connection should be impossible.
+
+*ssh [email protected]*
+
+5. Check if HTTP server is responding.
+
+*curl 192.168.1.7:8080*
+
+HTTP traffic should pass. A standard python SimpleHTTPServer directory listing should be present.
+
+*curl 192.168.1.7:8080/?q=banned*
+
+HTTP traffic should pass. A web page with information about a banned request is displayed

examples/common/docker.yaml

@@ -0,0 +1,17 @@
+node_types:
+  cloudify.docker.ImageBuilder:
+    derived_from: cloudify.nodes.Root
+    properties:
+      name:
+        type: string
+      dockerfile_content:
+        type: string
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        create:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/docker/image_builder.py
+            task_name:
+              default: create

examples/common/networking.yaml

@@ -0,0 +1,72 @@
+node_types:
+  cloudify.kubernetes.networking.linux.ConnectionPoint:
+    derived_from: cloudify.nodes.Root
+    properties:
+      pod_name:
+        type: string
+      name:
+        type: string
+      ip:
+        type: string
+      down:
+        type: boolean
+        default: false
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        create:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/networking/linux/connection_point.py
+            task_name:
+              default: create
+
+  cloudify.kubernetes.networking.linux.VirtualLink:
+    derived_from: cloudify.nodes.Root
+    properties:
+      name:
+        type: string
+      ip:
+        type: string
+      input_interface:
+        type: string
+      output_interface:
+        type: string
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        create:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/networking/linux/virtual_link.py
+            task_name:
+              default: create
+        delete:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/networking/linux/virtual_link.py
+            task_name:
+              default: delete
+
+  cloudify.kubernetes.networking.linux.ForwardingPath:
+    derived_from: cloudify.nodes.Root
+    properties:
+      members:
+        description: ''
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        create:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/networking/linux/forwarding_path.py
+            task_name:
+              default: create
+        delete:
+          implementation: fabric.fabric_plugin.tasks.run_task
+          inputs:
+            tasks_file:
+              default: scripts/networking/linux/forwarding_path.py
+            task_name:
+              default: delete

examples/inputs/service_chain_1-example-inputs.yaml

@@ -0,0 +1,40 @@
+# proxy plugin configuration
+vnf_blueprint_id: 'service_chain_vnf_component'
+
+# docker images configuration
+client_docker_image_name: 'kubernetes_sfc_example:client'
+router_docker_image_name: 'kubernetes_sfc_example:router_vnf'
+server_docker_image_name: 'kubernetes_sfc_example:server'
+
+# kubernetes configuration
+kubernetes_master_ip: '10.239.2.85'
+kubernetes_master_user: 'centos'
+kubernetes_master_ssh_key_path: '/opt/kubernetes-key.pem'
+kubernetes_master_config_file_path: '/opt/kubernetes-config'
+
+# pods configuration
+client_pod_name: 'client'
+router_pod_name: 'router'
+server_pod_name: 'server'
+
+# interfaces configuration
+client_access_ip: '192.168.1.254'
+client_access_interface: 'eth0'
+client_out_ip: '10.10.1.1'
+client_out_interface: 'veth00'
+router_access_ip: '192.168.1.4'
+router_access_interface: 'eth0'
+router_in_ip: '10.10.1.2'
+router_in_interface: 'veth10'
+router_out_ip: '10.10.2.1'
+router_out_interface: 'veth11'
+server_access_ip: '192.168.1.7'
+server_access_interface: 'eth0'
+
+# L2 networks configuration
+client_router_link_name: 'br01'
+client_router_link_ip: '10.10.1.3'
+
+# L3 networks configuration
+client_router_network_cidr: '10.10.1.0/24'
+access_network_cidr: '192.168.1.0/24'