diff --git a/kustomization.yaml b/kustomization.yaml index 0778973..b6c706e 100644 --- a/kustomization.yaml +++ b/kustomization.yaml @@ -5,6 +5,7 @@ resources: - repos/ks.yaml - network/ks-lb.yaml - firewall-s3/ks-vm.yaml + - test-connectivity/ks.yaml - windows-vm-standard/ks-vm.yaml - windows-vm-standard/ks-pvc.yaml - windows-vm-standard-dev/ks-vm.yaml diff --git a/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml b/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml new file mode 100644 index 0000000..fd0a1db --- /dev/null +++ b/test-connectivity/app/test-connectivity/loadbalancers/fortigate-wan.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: fortigate-lb-test + namespace: ${TENANT_NAMESPACE} + labels: + app.kubernetes.io/component: fortigate-lb +spec: + type: LoadBalancer + externalTrafficPolicy: Local + ports: + - port: 4500 + name: ipsec-nat + targetPort: 4500 + protocol: UDP + - port: 500 + name: key-management + targetPort: 500 + protocol: UDP + #- port: 22 + # name: ssh + # targetPort: 22 + # protocol: TCP + - port: 443 + name: https + targetPort: 443 + protocol: TCP + selector: + kubevirt.io/domain: fortigate-ksd diff --git a/test-connectivity/app/test-connectivity/network-definitions/lan.yaml b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml new file mode 100644 index 0000000..16d40cc --- /dev/null +++ b/test-connectivity/app/test-connectivity/network-definitions/lan.yaml @@ -0,0 +1,19 @@ +apiVersion: k8s.cni.cncf.io/v1 +kind: NetworkAttachmentDefinition +metadata: + name: lan-ovn-160 +spec: + config: | + { + "cniVersion": "0.3.1", + "type": "ovn-k8s-cni-overlay", + "name": "lan-ovn-160", + "topology": "layer2", + "subnets": [ + {"cidr": "192.168.160.0/24"} + ], + "mtu": 1400, + "routes": [ + {"dst": "10.60.0.0/16", "gw": "192.168.10.1"} + ] + } diff --git a/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml b/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml new file mode 100644 index 0000000..1f18275 --- /dev/null +++ b/test-connectivity/app/test-connectivity/network-definitions/mgmt.yaml @@ -0,0 +1,20 @@ +# apiVersion: "k8s.cni.cncf.io/v1" +# kind: NetworkAttachmentDefinition +# metadata: +# name: mgmt-net +# namespace: ${TENANT_NAMESPACE} +# spec: +# config: '{ +# "cniVersion": "0.3.1", +# "type": "bridge", +# "bridge": "br-mgmt", +# "ipam": { +# "type": "static", +# "addresses": [ +# { +# "address": "192.168.10.100/24", +# "gateway": "192.168.10.1" +# } +# ] +# } +# }' \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/pod/pod.yaml b/test-connectivity/app/test-connectivity/pod/pod.yaml new file mode 100644 index 0000000..44792b8 --- /dev/null +++ b/test-connectivity/app/test-connectivity/pod/pod.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: dualnet-pod-ovn + annotations: + k8s.v1.cni.cncf.io/networks: | + [ + { + "name": "lan-ovn-160", + "namespace": "${TENANT_NAMESPACE}", + "interface": "net1" + } + ] +spec: + containers: + - name: toolbox + image: quay.io/centos/centos:stream9 + command: [ "/bin/bash", "-c", "sleep infinity" ] + restartPolicy: Never \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/vm/fortigate.yaml b/test-connectivity/app/test-connectivity/vm/fortigate.yaml new file mode 100644 index 0000000..d1d61bf --- /dev/null +++ b/test-connectivity/app/test-connectivity/vm/fortigate.yaml @@ -0,0 +1,77 @@ +# apiVersion: kubevirt.io/v1 +# kind: VirtualMachine +# metadata: +# name: fortigate-ksd +# namespace: ${TENANT_NAMESPACE} +# spec: +# dataVolumeTemplates: +# - metadata: +# name: fortigate-rootdisk-ksd +# spec: +# source: +# http: +# url: "https://glacier-1.kvant.cloud/ocp-virt-images/sources/fortios_7_6_3.qcow2" +# #secretRef: s3-virt-credentials +# storage: +# resources: +# requests: +# storage: 30Gi +# runStrategy: Always +# template: +# metadata: +# labels: +# kubevirt.io/domain: fortigate-ksd +# spec: +# domain: +# cpu: +# cores: 1 +# memory: +# guest: 2Gi +# features: +# acpi: {} +# smm: +# enabled: true +# firmware: +# bootloader: +# efi: +# secureBoot: false +# devices: +# rng: {} +# networkInterfaceMultiqueue: true +# interfaces: +# - name: wan +# masquerade: {} +# ports: +# - port: 4500 +# - port: 443 +# - port: 22 +# - port: 500 +# - name: mgmt +# bridge: {} +# - name: lan +# bridge: {} +# disks: +# - disk: +# bus: sata +# name: rootdisk +# resources: +# requests: +# memory: 2Gi +# cpu: 1 +# limits: +# memory: 2Gi +# cpu: 1 +# networks: +# - name: wan +# pod: {} +# - name: mgmt +# multus: +# networkName: ${TENANT_NAMESPACE}/mgmt-net +# - name: lan +# multus: +# networkName: ${TENANT_NAMESPACE}/lan-net +# terminationGracePeriodSeconds: 180 +# volumes: +# - name: rootdisk +# dataVolume: +# name: fortigate-rootdisk-ksd \ No newline at end of file diff --git a/test-connectivity/app/test-connectivity/vm/strongswan.yaml b/test-connectivity/app/test-connectivity/vm/strongswan.yaml new file mode 100644 index 0000000..f982232 --- /dev/null +++ b/test-connectivity/app/test-connectivity/vm/strongswan.yaml @@ -0,0 +1,73 @@ +# apiVersion: kubevirt.io/v1 +# kind: VirtualMachine +# metadata: +# name: strongswan +# namespace: ${TENANT_NAMESPACE} +# spec: +# running: true +# template: +# metadata: +# labels: +# kubevirt.io/domain: strongswan +# spec: +# domain: +# cpu: +# cores: 2 +# resources: +# requests: +# memory: 2Gi +# cpu: 1 +# limits: +# memory: 2Gi +# cpu: 2 +# memory: +# guest: 2Gi +# devices: +# rng: {} +# networkInterfaceMultiqueue: true +# disks: +# - name: containerdisk +# disk: +# bus: virtio +# - name: cloudinitdisk +# disk: +# bus: virtio +# interfaces: +# - name: wan +# masquerade: {} +# ports: +# - port: 4500 +# - port: 443 +# - port: 22 +# - port: 500 +# - name: mgmt +# bridge: {} +# - name: lan +# bridge: {} +# networks: +# - name: wan +# pod: {} +# - name: mgmt +# multus: +# networkName: ${TENANT_NAMESPACE}/mgmt-net +# - name: lan +# multus: +# networkName: ${TENANT_NAMESPACE}/lan-net +# terminationGracePeriodSeconds: 180 +# volumes: +# - name: containerdisk +# containerDisk: +# image: quay.io/containerdisks/ubuntu:22.04 +# - name: cloudinitdisk +# cloudInitNoCloud: +# userData: | +# #cloud-config +# users: +# - name: testuser +# groups: [sudo] +# sudo: "ALL=(ALL) NOPASSWD:ALL" +# lock_passwd: false +# passwd: "$6$oMZf5uou7t0.oAJ1$825Te06yt7JZwHSSj4MGQMjpd87LflANQpajCwIVPASkKZdOJo4L2bAEDDuK.jtu.fsRNc9bZAsYefmoqdN8O1" +# chpasswd: +# expire: false +# ssh_pwauth: true \ No newline at end of file diff --git a/test-connectivity/ks.yaml b/test-connectivity/ks.yaml new file mode 100644 index 0000000..2093015 --- /dev/null +++ b/test-connectivity/ks.yaml @@ -0,0 +1,18 @@ +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app test-connectivity + namespace: ${TENANT_NAMESPACE} +spec: + commonMetadata: + labels: + app.kubernetes.io/name: *app + path: ./test-connectivity/app + prune: true + sourceRef: + kind: GitRepository + name: tenant-repos + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m \ No newline at end of file