Skip to content

Latest commit

 

History

History
 
 

Kernel2Wireguard2Memif

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 

README.md

Test kernel to wireguard to memif

This example shows that NSC and NSE on the different nodes could find and work with each other.

NSC is using the kernel mechanism to connect to its local forwarder. NSE is using the memif mechanism to connect to its local forwarder. Forwarders are using the wireguard mechanism to connect with each other.

Requires

Make sure that you have completed steps from basic or memory setup.

Run

Create test namespace:

NAMESPACE=($(kubectl create -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/041ba2468fb8177f53926af0eab984850aa682c2/examples/use-cases/namespace.yaml)[0])
NAMESPACE=${NAMESPACE:10}

Get nodes exclude control-plane:

NODES=($(kubectl get nodes -o go-template='{{range .items}}{{ if not .spec.taints  }}{{index .metadata.labels "kubernetes.io/hostname"}} {{end}}{{end}}'))

Create customization file:

cat > kustomization.yaml <<EOF
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

namespace: ${NAMESPACE}

resources: 
- client.yaml
bases:
- https://github.com/networkservicemesh/deployments-k8s/apps/nse-memif?ref=041ba2468fb8177f53926af0eab984850aa682c2

patchesStrategicMerge:
- patch-nse.yaml
EOF

Create Client:

cat > client.yaml <<EOF
---
apiVersion: v1
kind: Pod
metadata:
  name: alpine
  labels:
    app: alpine    
  annotations:
    networkservicemesh.io: kernel://icmp-responder-ip/nsm-1
spec:
  containers:
  - name: alpine
    image: alpine:3.15.0
    imagePullPolicy: IfNotPresent
    stdin: true
    tty: true
  nodeSelector:
    kubernetes.io/hostname: ${NODES[0]}
EOF

Create NSE patch:

cat > patch-nse.yaml <<EOF
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nse-memif
spec:
  template:
    spec:
      containers:
        - name: nse
          env:
            - name: NSM_CIDR_PREFIX
              value: 172.16.1.100/31
            - name: NSM_PAYLOAD
              value: IP
            - name: NSM_SERVICE_NAMES
              value: icmp-responder-ip
      nodeSelector:
        kubernetes.io/hostname: ${NODES[1]}
EOF

Deploy NSC and NSE:

kubectl apply -k .

Wait for applications ready:

kubectl wait --for=condition=ready --timeout=1m pod -l app=alpine -n ${NAMESPACE}
kubectl wait --for=condition=ready --timeout=1m pod -l app=nse-memif -n ${NAMESPACE}

Find NSC and NSE pods by labels:

NSC=$(kubectl get pods -l app=alpine -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
NSE=$(kubectl get pods -l app=nse-memif -n ${NAMESPACE} --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')

Ping from NSC to NSE:

kubectl exec ${NSC} -n ${NAMESPACE} -- ping -c 4 172.16.1.100

Ping from NSE to NSC:

result=$(kubectl exec "${NSE}" -n "${NAMESPACE}" -- vppctl ping 172.16.1.101 repeat 4)
echo ${result}
! echo ${result} | grep -E -q "(100% packet loss)|(0 sent)|(no egress interface)"

Cleanup

Delete ns:

kubectl delete ns ${NAMESPACE}