Test architecture/topology

The test environment consists of three virtual machines in total.

one physical server for Jenkins CI.
one physical server for TarsFramework and Jenkins slave
one physical server for TarsNode and Jenkins slave.

Software Version

OpenStack: Rocky

k8s:1.15.0

Java:

openjdk version "1.8.0_232"
OpenJDK Runtime Environment (build 1.8.0_232-b09)
OpenJDK 64-Bit Server VM (build 25.232-b09, mixed mode)

Jenkins: Ver 2.190.2

CentOS 7

Mysql Ver 14.14 Distrib 5.6.26, for Linux

Devices Under Test

Hostname	Core	RAM	HDD	NIC	Role
Node-0	8	40GB	3TB	1GB	Jenkins Master
Node-1	8	96GB	3TB	1GB	Tars Framework
Node-2	8	96GB	3TB	1GB	Tars Node (CVB + Type4 Application + Virtual Classroom Teacher Client + Virtual Classroom Student Client)

Test Script

The test is to fulfill by Jenkins Job. The test script includes:

Compile the Tars Framework

cd /usr/local/robert/testCompileCode

git clone -b arm https://github.com/qiuxin/Tars.git

cd /usr/local/robert/testCompileCode/Tars

git submodule update --init --recursive

cd /usr/local/robert/testCompileCode/Tars/framework/build

chmod u+x build.sh./build.sh all

rm -rf /usr/local/robert/testCompileCode/Tars

Call the service deployed by Tars Framework

/usr/local/testClient/CVAppClient

The log is triggered periodically.

The log is updated to

https://nexus.akraino.org/content/sites/logs/tencent/job/TestCompileCode/

https://nexus.akraino.org/content/sites/logs/tencent/job/TestConnectVehicleService/

https://nexus.akraino.org/content/sites/logs/tencent/job/CD_Install_Tars/

BluVal Testing

1.bluval installation

mkdir demo
cd demo
mkdir results
git clone https://gerrit.akraino.org/r/validation.git
cd validation
vi tests/variables.yaml ## update k8s related ip. due to this bp do not use k8s , we don't need to change.

vi bluval/volumes.yaml

volumes:
# location of the ssh key to access the cluster
ssh_key_dir:
local: '/home/thorking/.ssh/'
target: '/root/.ssh/'
# location of the k8s access files (config file, certificates, keys)
kube_config_dir:
local: '/home/thorking/demo/.kube/'
target: '/root/demo/.kube/'
# location of the customized variables.yaml
custom_variables_file:
local: '/home/thorking/demo/validation/tests/variables.yaml'
target: '/opt/akraino/validation/tests/variables.yaml'
# location of the bluval-<blueprint>.yaml file
blueprint_dir:
local: '/home/thorking/demo/validation/bluval'
target: '/opt/akraino/validation/bluval'
# location on where to store the results on the local jumpserver
results_dir:
local: '/home/thorking/demo/results'
target: '/opt/akraino/results'
# location on where to store openrc file
openrc:
local: '/home/thorking/openrc'
target: '/root/openrc'

vi bluval/bluval-iec-type4.yaml

blueprint:
name: iec-type4
layers:
- os
- docker

os: &os
-
name: lynis
what: lynis
optional: "False"
-
name: vuls
what: vuls
optional: "False"

k8s: &k8s
-
name: conformance
what: conformance
optional: "False"
-
name: kube-hunter
what: kube-hunter
optional: "False"

./bluval/blucon.sh -l os iec-type4

==============================================================================
Debug: /opt/akraino/results/os/vuls/debug.log
Output: /opt/akraino/results/os/vuls/output.xml
Log: /opt/akraino/results/os/vuls/log.html
Report: /opt/akraino/results/os/vuls/report.html

2. Troubleshooting
##Iptable issues for centOS8
vi /etc/firewalld/firewalld.conf
in config file change
FirewallBackend=nftables
on
FirewallBackend=iptables
save change and reload firewalld
systemctl restart firewalld.service

CVB Release 3 Test Doc

[data-colorid=o2my78xedf]{color:#333333} html[data-color-mode=dark] [data-colorid=o2my78xedf]{color:#cccccc}[data-colorid=jlcn98uxek]{color:#444444} html[data-color-mode=dark] [data-colorid=jlcn98uxek]{color:#bbbbbb}Test architecture/topology

Software Version

Devices Under Test

Test Script

Test architecture/topology