diff --git a/apps/vl3-lb/kustomization.yaml b/apps/vl3-lb/kustomization.yaml new file mode 100644 index 000000000000..21e0ca8954db --- /dev/null +++ b/apps/vl3-lb/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- lb.yaml diff --git a/apps/vl3-lb/lb.yaml b/apps/vl3-lb/lb.yaml new file mode 100644 index 000000000000..42621489b632 --- /dev/null +++ b/apps/vl3-lb/lb.yaml @@ -0,0 +1,55 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: vl3-lb +spec: + selector: + matchLabels: + app: vl3-lb + template: + metadata: + labels: + app: vl3-lb + "spiffe.io/spiffe-id": "true" + spec: + containers: + - name: lb + image: ghcr.io/networkservicemesh/ci/cmd-lb-vl3-vpp:cd64380 + imagePullPolicy: IfNotPresent + env: + - name: SPIFFE_ENDPOINT_SOCKET + value: unix:///run/spire/sockets/agent.sock + - name: NSM_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAME + value: "$(NSM_NAME)" + - name: NSM_PORT + value: "80" + - name: NSM_LOG_LEVEL + value: TRACE + volumeMounts: + - name: spire-agent-socket + mountPath: /run/spire/sockets + readOnly: true + - name: nsm-socket + mountPath: /var/lib/networkservicemesh + readOnly: true + resources: + requests: + cpu: 150m + memory: 100Mi + limits: + cpu: 300m + memory: 300Mi + volumes: + - name: spire-agent-socket + hostPath: + path: /run/spire/sockets + type: Directory + - name: nsm-socket + hostPath: + path: /var/lib/networkservicemesh + type: DirectoryOrCreate diff --git a/examples/features/vl3-lb/README.md b/examples/features/vl3-lb/README.md new file mode 100644 index 000000000000..b9b30ed5ea22 --- /dev/null +++ b/examples/features/vl3-lb/README.md @@ -0,0 +1,79 @@ +# vL3 Load Balancer + +This example shows what is a vL3 Load Balancer (LB) and how it works. + +## Description + +We all know and use Kubernetes Services in our work. +Service is a method for exposing a network application that is running as one or more Pods in your cluster. It distributes traffic across a set of selected Pods. + +To define a Kubernetes Service: +``` +apiVersion: v1 +kind: Service +metadata: + name: my-service +spec: + selector: + app.kubernetes.io/name: MyApp + ports: + - protocol: TCP + port: 80 + targetPort: 9376 +``` +Now you can reach the service by its name. + +It turned out that we can use a similar mechanism in our vL3 networks - we can use a **vL3 Load Balancer**. +Being on the same vL3 network, clients can behave like pods - they can communicate with each other. Using selectors, we can combine some of them to implement a service. +vL3-LB will help us with this. We will call these clients that implement the service as _"real servers"_. + +So, vL3-LB has the following parameters: + +| NSM env | Description | +|--------------------|--------------------------------------------------------------------| +| `NSM_SELECTOR` | labels that group the vL3 clients we need to implement any service | +| `NSM_PROTOCOL` | TCP or UDP IP protocol | +| `NSM_PORT` | LB port | +| `NSM_TARGET_PORT` | real server port | + +vL3-LB is a vL3-network client that monitors the real servers using `NSM_SELECTOR`. It has its own DNS name that we can use.
+ +**Example of monitoring:** + +![NSM vL3 Diagram](./diagram1.svg "vL3-LB monitoring") +
_Please note: The network configuration is given as an example. It can have a different number of elements._ +

+In the current example, we want to get a _finance_ service for processing **http requests**.
+After calling the command `$:curl finance:8080`, the DNS name is converted to the IP address of the Load Balancer.
+When the http request reaches the balancer, it converts the destination address to the address of the real server. + +**Example of the data path:**
+ +![NSM vL3 Diagram](./diagram2.svg "vL3-LB data path") +
_Please note: The IP addresses are given as an example, they may change from run to run._ + +## Run + +Deploy the vL3 network service, vL3-NSE, vL3-LB, finance-servers and finance-client (the last 3 are actually clients of the vL3 network) (see `kustomization.yaml`): +```bash +kubectl apply -k https://github.com/networkservicemesh/deployments-k8s/examples/features/vl3-lb?ref=fea72f963b344a0acdae636ceec6ea9f25fbfffb +``` + +Wait for vL3-clients to be ready: +```bash +kubectl wait --for=condition=ready --timeout=2m pod -l type=vl3-client -n ns-vl3-lb +``` + +Send an http-request from the finance-client: +```bash +kubectl exec deployments/finance-client -n ns-vl3-lb -- curl -s finance:8080 | grep "Hello! I'm finance-server" +``` +In the response you will see the name of the real server that performed the processing. +If you run the command above many times, you will see that load balancing occurs and the responses are returned by different handlers. + +## Cleanup + +To clean up the example just follow the next command: +```bash +kubectl delete ns ns-vl3-lb +``` diff --git a/examples/features/vl3-lb/diagram1.svg b/examples/features/vl3-lb/diagram1.svg new file mode 100644 index 000000000000..81f101864d82 --- /dev/null +++ b/examples/features/vl3-lb/diagram1.svg @@ -0,0 +1,4 @@ + + + +
vL3-NSE
vL3-NSE
vL3-NSE
vL3-NSE
NSC
NSC
NSC
NSC
Load  Balancer

NSM_SELECTOR:
app=finance

POD_NAME: finance
Load  Balancer...
NSC

NSM_LABEL:
app=finance
NSC...
NSC

NSM_LABEL:
app=finance
NSC...
NSC

NSM_LABEL:
app=finance
NSC...
Application Servers
172.16.1.102
172.16.1.102
172.16.1.105
172.16.1.105
172.16.2.109
172.16.2.109
Text is not SVG - cannot display
\ No newline at end of file diff --git a/examples/features/vl3-lb/diagram2.svg b/examples/features/vl3-lb/diagram2.svg new file mode 100644 index 000000000000..a401c061d1af --- /dev/null +++ b/examples/features/vl3-lb/diagram2.svg @@ -0,0 +1,4 @@ + + + +
vL3-NSE
vL3-NSE
vL3-NSE
vL3-NSE
NSC
NSC
NSC
NSC
Load  Balancer

NSM_SELECTOR:
app=finance
Load  Balancer...
NSC

NSM_LABEL:
app=finance
NSC...
NSC

NSM_LABEL:
app=finance
NSC...
NSC

NSM_LABEL:
app=finance
NSC...
1
1
2
2
3
3
5
5
Load  Balancer

NSM_SELECTOR:
app=finance

POD_NAME: finance
Load  Balancer...
Application Servers
172.16.1.102
172.16.1.102
172.16.1.105
172.16.1.105
172.16.2.109
172.16.2.109
4
4
$: curl finance:8080
$: curl finance:8080
172.16.1.103:8080
172.16.1.103:8080
172.16.1.102:80
172.16.1.102:80
Text is not SVG - cannot display
\ No newline at end of file diff --git a/examples/features/vl3-lb/finance-client.yaml b/examples/features/vl3-lb/finance-client.yaml new file mode 100644 index 000000000000..9b014ec1af07 --- /dev/null +++ b/examples/features/vl3-lb/finance-client.yaml @@ -0,0 +1,25 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: finance-client +spec: + replicas: 1 + selector: + matchLabels: + app: finance-client + template: + metadata: + labels: + app: finance-client + type: vl3-client + annotations: + networkservicemesh.io: kernel://vl3-lb/nsm-1 + spec: + containers: + - name: nettools + image: travelping/nettools:1.10.1 + imagePullPolicy: IfNotPresent + # simple `sleep` command would work + # but we need `trap` to be able to delete pods quckly + command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"] diff --git a/examples/features/vl3-lb/finance-lb-patch.yaml b/examples/features/vl3-lb/finance-lb-patch.yaml new file mode 100644 index 000000000000..0743eff44347 --- /dev/null +++ b/examples/features/vl3-lb/finance-lb-patch.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: vl3-lb +spec: + template: + metadata: + labels: + type: vl3-client + spec: + containers: + - name: lb + env: + - name: POD_NAME + value: "finance" + - name: NSM_PORT + value: "8080" + - name: NSM_TARGET_PORT + value: "80" + - name: NSM_SELECTOR + value: "app:finance" + - name: NSM_NETWORK_SERVICES + value: "memif://vl3-lb/nsm-1" diff --git a/examples/features/vl3-lb/finance-server.yaml b/examples/features/vl3-lb/finance-server.yaml new file mode 100644 index 000000000000..4e7b03d7ba2a --- /dev/null +++ b/examples/features/vl3-lb/finance-server.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: finance-server +spec: + replicas: 3 + selector: + matchLabels: + app: finance-server + template: + metadata: + labels: + app: finance-server + type: vl3-client + annotations: + networkservicemesh.io: kernel://vl3-lb/nsm-1?app=finance + spec: + containers: + - name: nginx + image: hashicorp/http-echo:alpine + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + args: + - "-text=Hello! I'm $(POD_NAME)" + - -listen=:80 + ports: + - containerPort: 80 diff --git a/examples/features/vl3-lb/kustomization.yaml b/examples/features/vl3-lb/kustomization.yaml new file mode 100644 index 000000000000..2991a4750dd5 --- /dev/null +++ b/examples/features/vl3-lb/kustomization.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: ns-vl3-lb + +resources: +- ns-vl3-lb.yaml +- netsvc.yaml +- finance-client.yaml +- finance-server.yaml +- ../../../apps/nse-vl3-vpp +- ../../../apps/vl3-ipam +- ../../../apps/vl3-lb + +patchesStrategicMerge: +- nse-patch.yaml +- finance-lb-patch.yaml diff --git a/examples/features/vl3-lb/netsvc.yaml b/examples/features/vl3-lb/netsvc.yaml new file mode 100644 index 000000000000..8291c5c4a8e0 --- /dev/null +++ b/examples/features/vl3-lb/netsvc.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: networkservicemesh.io/v1 +kind: NetworkService +metadata: + name: vl3-lb +spec: + payload: IP diff --git a/examples/features/vl3-lb/ns-vl3-lb.yaml b/examples/features/vl3-lb/ns-vl3-lb.yaml new file mode 100644 index 000000000000..02e20ab416bc --- /dev/null +++ b/examples/features/vl3-lb/ns-vl3-lb.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: ns-vl3-lb diff --git a/examples/features/vl3-lb/nse-patch.yaml b/examples/features/vl3-lb/nse-patch.yaml new file mode 100644 index 000000000000..291e80458e18 --- /dev/null +++ b/examples/features/vl3-lb/nse-patch.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nse-vl3-vpp + labels: + app: nse-vl3-vpp +spec: + replicas: 1 + template: + spec: + containers: + - name: nse + env: + - name: NSM_SERVICE_NAMES + value: "vl3-lb" + - name: NSM_REGISTER_SERVICE + value: "false"