From 88dafda5adbe3865b2226914353e9caecaa1e8ce Mon Sep 17 00:00:00 2001
From: Alex ubuntu vm <alexdecb@yahoo.es>
Date: Mon, 19 Feb 2024 14:58:02 +0100
Subject: [PATCH] added intercluster examples
---
additional-info/go.mod | 3 ++
additional-info/inter-cluster.md | 44 ++++++-------------
additional-info/main.go | 53 +++++++++++++++++++++++
examples/inter-cluster/inter-network.yaml | 31 ++++++-------
4 files changed, 83 insertions(+), 48 deletions(-)
create mode 100644 additional-info/go.mod
create mode 100644 additional-info/main.go
diff --git a/additional-info/go.mod b/additional-info/go.mod
new file mode 100644
index 0000000..bed5eee
--- /dev/null
+++ b/additional-info/go.mod
@@ -0,0 +1,3 @@
+module example
+
+go 1.18
diff --git a/additional-info/inter-cluster.md b/additional-info/inter-cluster.md
index 31e8560..cd8dd17 100644
--- a/additional-info/inter-cluster.md
+++ b/additional-info/inter-cluster.md
@@ -4,38 +4,22 @@
Ejemplo de network inter:
```yaml
-apiVersion: "k8s.cni.cncf.io/v1"
-kind: NetworkAttachmentDefinition
+apiVersion: l2sm.k8s.local/v1
+kind: L2SMNetwork
metadata:
- name: sample-inter-network
+ name: spain-network
spec:
- config: '{
- "cniVersion": "0.3.0",
- "type": "l2sm",
- "device": "l2sm-vNet",
- "kind": {
- "ext-vnet": {
- "provider": {
- "name": "<idco-name>",
- "domain": "<domain-name>"
- },
- "accessList": [ # no tiene porq ser asÃ. Dejar en abierto.
- # {
- # "user": "<username-1>",
- # "public-key": "<public-key-1>"
- # },
- # {
- # "user": "<username-2>",
- # "public-key": "<public-key-2>"
- # },
- # {
- # "user": "<username-3>",
- # "public-key": "<public-key-3>"
- # }
- ]
- }
- }
- }'
+ type: inter-vnet
+ config: |
+ {
+ "provider": {
+ "name": "uc3m",
+ "domain": "idco.uc3m.es"
+ },
+ "accessList": ["public-key-1", "public-key-2"]
+ }
+ signature: sxySO0jHw4h1kcqO/LMLDgOoOeH8dOn8vZWv4KMBq0upxz3lcbl+o/36JefpEwSlBJ6ukuKiQ79L4rsmmZgglk6y/VL54DFyLfPw9RJn3mzl99YE4qCaHyEBANSw+d5hPaJ/I8q+AMtjrYpglMTRPf0iMZQMNtMd0CdeX2V8aZOPCQP75PsZkWukPdoAK/++y1vbFQ6nQKagvpUZfr7Ecb4/QY+hIAzepm6N6lNiFNTgj6lGTrFK0qCVfRhMD+vXbBP6xzZjB2N1nIheK9vx7kvj3HORjZ+odVMa+AOU5ShSKpzXTvknrtcRTcWWmXPNUZLoq5k3U+z1g1OTFcjMdQ====
+
```
Hay un NED conectado al L2S-M switch del nodo master con 10 interfaces veth (como el NED es hostNetwork, nos podemos permitir crear las interfaces y conectarlas directamente -> Necesario que l2sm-switch se despliegue más tarde).
diff --git a/additional-info/main.go b/additional-info/main.go
new file mode 100644
index 0000000..eacd430
--- /dev/null
+++ b/additional-info/main.go
@@ -0,0 +1,53 @@
+package main
+
+import (
+ "crypto"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/sha256"
+ "encoding/base64"
+ "fmt"
+ "os"
+)
+
+func main() {
+
+ // Generate Alice RSA keys Of 2048 Buts
+ alicePrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+ if err != nil {
+ fmt.Println(err.Error)
+ os.Exit(1)
+ }
+ // Extract Public Key from RSA Private Key
+ alicePublicKey := alicePrivateKey.PublicKey
+ secretMessage := "IHsKICAgICAgInByb3ZpZGVyIjogewogICAgICAgICJuYW1lIjogInVjM20iLAogICAgICAgICJkb21haW4iOiAiaWRjby51YzNtLmVzIgogICAgICB9LAogICAgICAiYWNjZXNzTGlzdCI6IFsicHVibGljLWtleS0xIiwgInB1YmxpYy1rZXktMiJdCiAgICB9Cg"
+ fmt.Println("Original Text ", secretMessage)
+ signature := SignPKCS1v15(secretMessage, *alicePrivateKey)
+ fmt.Println("Singature : ", signature)
+ verif := VerifyPKCS1v15(signature, secretMessage, alicePublicKey)
+ fmt.Println(verif)
+}
+
+func SignPKCS1v15(plaintext string, privKey rsa.PrivateKey) string {
+ // crypto/rand.Reader is a good source of entropy for blinding the RSA
+ // operation.
+ rng := rand.Reader
+ hashed := sha256.Sum256([]byte(plaintext))
+ signature, err := rsa.SignPKCS1v15(rng, &privKey, crypto.SHA256, hashed[:])
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error from signing: %s\n", err)
+ return "Error from signing"
+ }
+ return base64.StdEncoding.EncodeToString(signature)
+}
+
+func VerifyPKCS1v15(signature string, plaintext string, pubkey rsa.PublicKey) string {
+ sig, _ := base64.StdEncoding.DecodeString(signature)
+ hashed := sha256.Sum256([]byte(plaintext))
+ err := rsa.VerifyPKCS1v15(&pubkey, crypto.SHA256, hashed[:], sig)
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error from verification: %s\n", err)
+ return "Error from verification:"
+ }
+ return "Signature Verification Passed"
+}
diff --git a/examples/inter-cluster/inter-network.yaml b/examples/inter-cluster/inter-network.yaml
index 2bb64d3..654b7fa 100644
--- a/examples/inter-cluster/inter-network.yaml
+++ b/examples/inter-cluster/inter-network.yaml
@@ -1,20 +1,15 @@
-apiVersion: "k8s.cni.cncf.io/v1"
-kind: NetworkAttachmentDefinition
+apiVersion: l2sm.k8s.local/v1
+kind: L2SMNetwork
metadata:
- name: sample-inter-network
+ name: spain-network
spec:
- config: '{
- "cniVersion": "0.3.0",
- "type": "l2sm",
- "device": "l2sm-vNet",
- "kind": {
- "inter": {
- "provider": {
- "name": "<idco-name>",
- "domain": "<domain-name>"
- },
- "accessList": ["<public-key-1>","<public-key-2>",...,"<public-key-N>"]
- ]
- }
- }
- }'
+ type: inter-vnet
+ config: |
+ {
+ "provider": {
+ "name": "uc3m",
+ "domain": "idco.uc3m.es"
+ },
+ "accessList": ["public-key-1", "public-key-2"]
+ }
+ signature: sxySO0jHw4h1kcqO/LMLDgOoOeH8dOn8vZWv4KMBq0upxz3lcbl+o/36JefpEwSlBJ6ukuKiQ79L4rsmmZgglk6y/VL54DFyLfPw9RJn3mzl99YE4qCaHyEBANSw+d5hPaJ/I8q+AMtjrYpglMTRPf0iMZQMNtMd0CdeX2V8aZOPCQP75PsZkWukPdoAK/++y1vbFQ6nQKagvpUZfr7Ecb4/QY+hIAzepm6N6lNiFNTgj6lGTrFK0qCVfRhMD+vXbBP6xzZjB2N1nIheK9vx7kvj3HORjZ+odVMa+AOU5ShSKpzXTvknrtcRTcWWmXPNUZLoq5k3U+z1g1OTFcjMdQ====
--
GitLab