Support to run OVS-vswitch with ONOS configured to run with Openflow SSL (Voltha ONOS)
Also various changes to make sure the test container also has access to the ovs switch interfaces.
This comes into play if user has specified start_switch to true in manifest file.
Typically true when running cord-tester with voltha/ponsim,etc.
Change-Id: I501761f2b00b8f43caa9c92cff4d3d01860cb04d
diff --git a/src/test/setup/of-bridge-local.sh b/src/test/setup/of-bridge-local.sh
index da946dc..d41e18a 100755
--- a/src/test/setup/of-bridge-local.sh
+++ b/src/test/setup/of-bridge-local.sh
@@ -1,6 +1,7 @@
#!/usr/bin/env bash
bridge="$1"
controller="$2"
+voltha_loc="$3"
if [ x"$bridge" = "x" ]; then
bridge="ovsbr0"
fi
@@ -30,16 +31,31 @@
bridges[0]=$bridge
fi
-ctlr=""
-for ip in `echo $controller | tr ',' '\n'`; do
- ctlr="$ctlr tcp:$ip:6653"
-done
-
#Delete existing bridges if any
for br in "${bridges[@]}"; do
ovs-vsctl del-br $br
done
+proto=tcp
+if [ x"$voltha_loc" != "x" ]; then
+ onos_jks="$voltha_loc/docker/onos_cfg/onos.jks"
+ client_cert="$voltha_loc/pki/voltha.crt"
+ if [ -f $onos_jks ]; then
+ #extract server certificate
+ keytool -export -alias onos -file /tmp/onos.der -keystore $onos_jks -storepass 222222
+ openssl x509 -inform der -in /tmp/onos.der -out /tmp/onos-cert.pem
+ cat /tmp/onos-cert.pem $client_cert > /tmp/voltha-CA.pem
+ echo "Enabling OVS SSL connection to controller"
+ ovs-vsctl set-ssl $voltha_loc/pki/voltha.key $client_cert /tmp/voltha-CA.pem
+ proto=ssl
+ fi
+fi
+
+ctlr=""
+for ip in `echo $controller | tr ',' '\n'`; do
+ ctlr="$ctlr $proto:$ip:6653"
+done
+
for br in "${bridges[@]}"; do
echo "Configuring OVS bridge:$br"
ovs-vsctl add-br $br