diff --git a/create_client_server.sh b/create_client_server.sh new file mode 100755 index 0000000..af8537e --- /dev/null +++ b/create_client_server.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +function wait_for { + local command=$1 + local amount=$2 + while true; do + if eval "${command}"; then + break; + fi + sleep "${amount}" + done +} + +kubectl create namespace foo +kubectl run --image kuryr/demo -n foo server +wait_for "kubectl get pod -A |grep server|grep -q Running" 1 +kubectl expose pod/server -n foo --port 80 --target-port 8080 --name=foosrvr +sleep 6 +wait_for "openstack loadbalancer list -f value -c name -c provisioning_status | grep foosrvr | grep -q ACTIVE" 4 +kubectl run --image kuryr/demo -n foo client +wait_for "kubectl get pod -A |grep client|grep -q Running" 1 +kubectl exec -ti -n foo client -- wget http://server.foo -q -O - +cat > policy_foo_deny_all.yaml << NIL +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: deny-all + namespace: foo +spec: + podSelector: {} + policyTypes: + - Ingress +NIL +kubectl apply -f policy_foo_deny_all.yaml diff --git a/delete_client_server.sh b/delete_client_server.sh new file mode 100755 index 0000000..8c5fadb --- /dev/null +++ b/delete_client_server.sh @@ -0,0 +1,7 @@ +#!/usr/bin/env bash + +kubectl -n foo delete networkpolicy deny_all +kubectl -n foo delete pod client +kubectl -n foo delete service foosrvr # remove LB +kubectl -n foo delete pod server +kubectl delete namespace foo