2 # SPDX-license-identifier: Apache-2.0
3 ##############################################################################
5 # All rights reserved. This program and the accompanying materials
6 # are made available under the terms of the Apache License, Version 2.0
7 # which accompanies this distribution, and is available at
8 # http://www.apache.org/licenses/LICENSE-2.0
9 ##############################################################################
15 sdwan_pod_name=sdwan-ovn-pod
20 login_url=http://$1/cgi-bin/luci/
21 echo $(wget -S --spider --post-data "luci_username=root&luci_password=" $login_url 2>&1 | grep sysauth= | sed -r 's/.*sysauth=([^;]+);.*/\1/')
24 function disable_ping {
25 command_url=http://$2/cgi-bin/luci/admin/config/command
26 command="uci set firewall.@rule[1].target='REJECT';fw3 reload"
27 echo $(wget -S --spider --header="Cookie:sysauth=$1" --post-data "command=$command" $command_url 2>&1)
30 function enable_ping {
31 command_url=http://$2/cgi-bin/luci/admin/config/command
32 command="uci set firewall.@rule[1].target='ACCEPT';fw3 reload"
33 echo $(wget -S --spider --header="Cookie:sysauth=$1" --post-data "command=$command" $command_url 2>&1)
36 function wait_for_pod {
38 while [[ "$status_phase" != "Running" ]]; do
39 new_phase="$(kubectl get pods -o wide | grep ^$1 | awk '{print $3}')"
40 if [[ "$new_phase" != "$status_phase" ]]; then
41 status_phase="$new_phase"
43 if [[ "$new_phase" == "Err"* ]]; then
50 function wait_for_pod_namespace {
52 while [[ "$status_phase" != "Running" ]]; do
53 new_phase="$(kubectl get pods -o wide -n $2 | grep ^$1 | awk '{print $3}')"
54 if [[ "$new_phase" != "$status_phase" ]]; then
55 status_phase="$new_phase"
57 if [[ "$new_phase" == "Err"* ]]; then
64 echo "Waiting for multus CNI to be ready ..."
65 wait_for_pod_namespace kube-multus-ds kube-system
67 echo "Create pods ..."
68 kubectl apply -f ovn-pod.yml
69 kubectl apply -f sdwan-openwrt-ovn.yml
71 echo "Waiting for pods to be ready ..."
72 wait_for_pod $ovn_pod_name
73 wait_for_pod $sdwan_pod_name
74 echo "* Create pods success"
76 sdwan_pod_ip=$(kubectl get pods -o wide | grep ^$sdwan_pod_name | awk '{print $6}')
77 ovn_pod_ip=$(kubectl get pods -o wide | grep ^$ovn_pod_name | awk '{print $6}')
78 echo "SDWAN pod ip:"$sdwan_pod_ip
79 echo "OVN pod ip:"$ovn_pod_ip
81 echo "Login to sdwan ..."
83 while [[ "$security_token" == "" ]]; do
84 echo "Get Security Token ..."
85 security_token=$(login $sdwan_pod_ip)
88 echo "* Security Token: "$security_token
90 kubectl exec $sdwan_pod_name ifconfig
92 sdwan_pod_wan_ip=$(kubectl exec $sdwan_pod_name ifconfig $wan_interface | awk '/inet/{print $2}' | cut -f2 -d ":" | awk 'NR==1 {print $1}')
93 echo "Verify ping is work through wan interface between $sdwan_pod_name and $ovn_pod_name"
94 ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip)
95 if [[ $ping_result == *", 0% packet loss"* ]]; then
96 echo "* Ping is work through wan interface"
102 echo "Disable ping rule of wan interface ..."
103 ret=$(disable_ping $security_token $sdwan_pod_ip)
105 echo "Verify ping is not work through wan interface after ping rule disabled"
106 ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip 2>&1 || true)
107 if [[ $ping_result == *", 100% packet loss"* ]]; then
108 echo "* Ping is disabled"
110 echo "* Test failed!"
114 echo "Enable ping rule of wan interface ..."
115 ret=$(enable_ping $security_token $sdwan_pod_ip)
117 echo "Verify ping is work through wan interface after ping rule enabled"
118 ping_result=$(kubectl exec $ovn_pod_name -- ping -c 3 $sdwan_pod_wan_ip)
119 if [[ $ping_result == *", 0% packet loss"* ]]; then
120 echo "* Ping is enabled"
122 echo "* Test failed!"
126 echo "Clear pods ..."
127 kubectl delete pod $ovn_pod_name
128 kubectl delete -f sdwan-openwrt-ovn.yml
130 echo "Test Completed!"