Merge remote-tracking branch 'gitlab/development' into nemo

L2S-M core/.vscode/launch.json

+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Kopf Run: l2sm-operator",
+            "type": "node-terminal",
+            "request": "launch",
+            "command": "kopf run ${workspaceFolder}/src/operator/l2sm-operator.py",
+            "env": {
+                "CONTROLLER_IP": "10.152.183.3", 
+                "DATABASE_IP": "10.152.183.132",
+                "MYSQL_USER": "l2sm",
+                "MYSQL_PASSWORD": "l2sm",
+                "MYSQL_DATABASE": "l2sm"
+            }
+        }
+    ]
+}

L2S-M core/README.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# L2S-M 
+Welcome to the official repository of L2S-M, a **Kubernetes operator** that enables virtual networking in K8s clusters.
+
+Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s networking solution that complements the CNI plugin approach of K8s to create and manage virtual networks in K8s clusters. These virtual networks allow workloads (pods) to have isolated link-layer connectivity with other pods in a K8s cluster, regardless of the k8s node where they are actually deployed. L2S-M enables the creation/deletion of virtual networks on-demand, as well as attaching/detaching pods to that networks. The solution is seamlessly integrated within the K8s environment, through a K8s operator:
+
+![alt text](./assets/v1_architecture.png?raw=true)
+
+L2S-M provides its intended functionalities using a programmable data-plane based on Software Defined Networking (SDN), which in turn provides a high degree of flexibility to dynamically incorporate new application and/or network configurations into K8s clusters. Moreover, L2S-M has been designed to flexibly accommodate various deployment options, ranging from small K8s clusters to those with a high number of distributed nodes. 
+
+The main K8s interface of pods remains intact (provided by a CNI plugin), retaining the compatibility with all the standard K8s elements (e.g., services, connectivity through the main interface, etc.). Moreover, the solution has the potential to be used for inter-cluster communications to support scenarios where network functions are spread through multiple distributed infrastructures (this is still a work in progress).  
+
+The figure outlines the design of L2S-M. See [how L2S-M works](./additional-info/) to read further details on the L2S-M solution.
+
+If you want to learn how to install L2S-M in your cluster, see the [installation guide](./deployments) of this repository to start its installation.
+
+Did you already install the operator and  you cannot wait to start building your own virtual networks in your K8s cluster? Check out our [ping-pong](./examples/ping-pong) example!
+
+If you want more information about the original idea of L2S-M and its initial design, you can check our latest publication in the [IEEE Network journal](https://ieeexplore.ieee.org/document/9740640):
+
+- L. F. Gonzalez, I. Vidal, F. Valera and D. R. Lopez, "Link Layer Connectivity as a Service for Ad-Hoc Microservice Platforms," in IEEE Network, vol. 36, no. 1, pp. 10-17, January/February 2022, doi: 10.1109/MNET.001.2100363.
+
+Did you like L2S-M and want to use it in your K8s infrastructure or project? Please, feel free to do so, and don't forget to cite us! 
+
+### Projects where L2S-M is being used:
+- H2020 FISHY Project: https://fishy-project.eu (grant agreement 952644) 
+- True5G Project: (PID2019-108713RB-C52 / AEI / 10.13039/501100011033)
+- H2020 Labyrinth project: https://labyrinth2020.eu/ (grant agreement 861696).
+
+### Inter-cluster communications
+We are currently working on a solution to enable communications among workloads deployed on differente Kubernetes clusters. The solution enables the creation and deletion of virtual link-layer networks to connect application workloads running in different virtualization domains. This way, it supports inter-domain link-layer communications among remote workloads.  
+
+The solution can work jointly with L2S-M or be used standalone through the [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni). Details can be checked [here](https://github.com/Networks-it-uc3m/snd-based-inter-cluster-communications/blob/main/README.md).
+
+The solution enables the creation and deletion of virtual link-layer networks to connect application workloads running in different virtualization domains. This way, it supports inter-domain link-layer communications among remote workloads.
+
+### Additional information about L2S-M
+In the [following section](./additional-info) of the repository, you can find a series of documents and slides that provide additional information about L2S-M, including presentations where our solution has been showcased to the public in various events.
+
+L2S-M has been presented in the following events:
+
+* [Open Source Mano (OSM) #13 plenary meeting (01/06/2022)](https://github.com/Networks-it-uc3m/L2S-M/blob/main/additional%20info/OSM%2313%20Plenary%20Meeting.pdf): In this meeting, L2S-M was presented as a solution to enable virtual networking to deploy Cloud Network Functions (CNFs) in K8s clusters. Moreover, the potential use of L2S-M to become the basis for a feature to be introduced in OSM's code was discussed as well.
+
+* [FIHY Summer Camp (20/04/2023)](https://drcn2023.upc.edu/FISHYSummerCamp.html). In this summer camp, we described the utilization of L2S-M in next-generation secured communication scenarios, which are covered in the H2020 FIHSY and Labyrinth projects (see Acnkowledgemnt sections).
+
+### How to reach us
+
+Do you have any doubts about L2S-M or its installation? Do you want to provide feedback about the solution? Please, do not hesitate to contact us out through e-mail!
+
+- Alex T. de Cock Buning: 100383348@alumnos.uc3m.es (Universidad Carlos III de Madrid)
+- Luis F. Gonzalez: luisfgon@it.uc3m.es (Universidad Carlos III de Madrid)
+- Ivan Vidal : ividal@it.uc3m.es (Universidad Carlos III de Madrid)
+- Francisco Valera: fvalera@it.uc3m.es (Universidad Carlos III de Madrid)
+- Diego R. Lopez: diego.r.lopez@telefonica.com (Telefónica I+D)
+
+
+### Acknowledment
+The work in this open-source project has partially been supported by the European H2020 FISHY Project (grant agreement 952644) and by the H2020 Labyrinth project (grant agreement 861696).

L2S-M core/additional-info/README.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# How does L2S-M work?
+
+L2S-M takes a different approach to K8s networking in comparison with other solutions available, which mostly implement CNI plugins to be used as the main connectivity basis for a cluster. L2S-M is deployed as a complementary solution to these CNI Plugins, since it allows the creation and management of virtual networks in a K8s cluster in order to provide workloads with one (or several) interface(s) to communicate with other workloads attached to the same network(s) at the link-layer. The main CNI Plugin interface in these pods remains intact, allowing the standard K8s functionalities to still be available for the pods (services, communications using the main interface, etc.).
+
+The following figure outlines a high-level overview of L2S-M, with an illustrative example of a K8s cluster with L2S-M installed and running. L2S-M builds a programmable data plane using SDN switches over a K8s infrastructure. These switches can be either virtual (deployed by the L2S-M operator) or physical (such as those that can be found in a classic datacentre infrastructure). 
+
+![alt text](../assets/v1_architecture.png?raw=true)
+
+**NOTE**: The current version of L2S-M utilizes an infrastructure of virtual switches based on [Open Virtual Switch (OVS)](http://www.openvswitch.org). The integration of physical switches is currently ongoing.
+
+In L2S-M, a k8s node deploys a virtual SDN switch or is connected to a physical SDN switch. Virtual switches are interconnected through point-to-point links. These links are established using IP tunnels (based on VXLAN technologies). This way, SDN switches build an overlay network that interconnects all the K8s nodes. L2S-M uses an SDN controller to install forwarding rules on the virtual/physical switches. This way, data traffic among workloads is appropriately distributed through isolated virtual networks (i.e., the SDN controller instructs the switches which ports should be used to forward and/or block incoming/outgoing traffic).
+
+Specifically for K8s clusters, the element in charge of managing the creation, deletion and management of virtual networks is the L2S-M operator. This operator treats virtual networks as Multus CRDs, using the K8s events to detect the instances where a pod wants to attach/detach from a virtual network. In the former case, the operator will select one of the available interfaces in the SDN switch, and associate it with the virtual network that wants to be used. This interface will appear in the pod as a secondary interface that can be used to communicate with other pods attached to the network, which will be seen as if they were deployed in the same Local Area Network (LAN). The CNI interface remains intact.
+
+To provide isolation among virtual networks, the operator interacts with the SDN controller component to communicate which ports are associated with each virtual network, updating its status every time a pod is deployed/deleted. Using this information, the SDN controller injects the corresponding rules in the switches, forwarding and/or blocking traffic according to the virtual networks being used at each moment.
+
+**NOTE**: The current version of L2S-M utilizes a simple-switch implementation based on the [RYU](https://ryu.readthedocs.io/en/latest/) SDN controller. An SDN application to specifically support virtual network isolation is currently under implementation.
+
+More information on how to deploy virtualise workloads attached to virtual networks can be seen in the [ping-pong](https://github.com/Networks-it-uc3m/L2S-M/tree/main/examples/ping-pong) example.

L2S-M core/additional-info/development.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# L2S-M Development Guide
+
+Welcome to the L2S-M development guide. This README provides detailed instructions for setting up and developing L2S-M, which consists of four main components: `l2sm-controller`, `l2sm-operator`, `l2sm-switch`, and `l2sm-ned`. Follow the steps below to set up your development environment and deploy each component.
+
+## Table of Contents
+
+- [Repository Structure](#repository-structure)
+- [Prerequisites](#prerequisites)
+- [Component Development and Deployment](#component-development-and-deployment)
+  - [L2SM-Controller](#l2sm-controller)
+  - [L2SM-Operator](#l2sm-operator)
+  - [L2SM-Switch](#l2sm-switch)
+
+## Repository Structure
+
+Below is a brief overview of the repository's structure and the purpose of major directories:
+
+```bash
+L2S-M
+├── .vscode
+│   └── launch.json
+├── LICENSE
+├── README.md
+├── deployment
+|   └── custom-installation
+├── build
+... [shortened for brevity] ...
+└── src
+    ├── controller
+    ├── operator
+    └── switch
+```
+In the L2S-M/src directory you will find the source code of each component, which is used to build the images in L2S-M/build. 
+In L2S-M/build/README.md there is a guide of how to use the Dockerfiles and build the docker images referencing the code in L2S-M/src. A script has been made to ease this task.
+In L2S-M/deployment/custom-installation there is a guide on how to install each component in kubernetes, that will enable the developing of specific parts of L2S-M 
+
+## Prerequisites
+
+Before you begin, ensure you have met the following requirements:
+
+- A kubernetes cluster you have complete access to.
+- Multus installed in the cluster. 
+- For each component you're gonna develop, you may need specific tools and software.
+- [L2S-M custom installation](../deployments/custom-installation/). Install L2S-M up to the component you want to modify/debug/develop, and come back here to check how to proceed with the installation.
+
+## Component Development and Deployment
+
+### L2SM-Controller
+
+1. **Custom installation**: The source code for `l2sm-controller` is hosted in a separate repository. Refer to it to see how this component works and how to change it and deploy it manually.
+
+2. **Configuration**: Specify the IP address the `l2sm-controller` is working on in the `deployOperator.yaml` and `deploySwitch.yaml` files, in the [custom-installation](../deployments/custom-installation/) directory.
+
+3. **Custom Installation**: Follow the custom installation instructions exactly as described in the [custom-installation](../deployments/custom-installation/) directory.
+
+### L2SM-Operator
+
+>**Note:** you need python3 and the requirements specified in the [L2S-M/src/operator/requirements.txt](../src/operator/requirements.txt) to run it.
+
+1. **Database Setup**: Run the MySQL development database using `mysql-development.yaml`.
+
+2. **Configuration**: Update `launch.json` with the `l2sm-controller` service IP Address and the database IP Address. This file has been made to help launching the application locally.
+
+3. **Debugging**: In Visual Studio Code, run the debug Kopf application. It will launch the app in a terminal, but it doesn't allow actual debugging tools such as custom breakpoints, as it's not a feature in kopf applications.
+
+### L2SM-Switch
+
+1. **Deployment**: Deploy `l2sm-switch` normally, ensuring to comment out `initContainers` in the YAML file. Remove the initial configuration script by using as input spec.container.args: ["sleep infinity"]
+
+2. **Debugging**: For debugging, remove the initial configuration script by and use `exec -it` on the pods to achieve the desired configuration. Since it doesn’t run any background process, no specific image is needed, the current one implements custom commands that enable the current configuration, you can check in the script [L2S-M/src/switch/setup_switch.sh](../src/switch/setup_switch.sh) how the configuration is made.
+

L2S-M core/additional-info/go.mod

+module example
+
+go 1.18

L2S-M core/additional-info/inter-cluster.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# L2S-M in a Inter-Cluster scenario
+
+>**Note: Work in progress** :wrench::wrench:
+> This feature and repository is under development, keep it in mind when testing the application. For a stable version, refer to the main branch in the [L2S-M official repository](https://github.com/Networks-it-uc3m/L2S-M). 
+
+## How it works
+### Components in inter-cluster scenario:
+
+<p align="center">
+  <img src="../assets/inter-cluster-arch.svg" width="600">
+</p>
+
+### Sequence Diagram
+
+<p align="center">
+  <img src="../assets/inter-cluster-diagram.svg" width="600">
+</p>
+
+
+## YAML examples:
+
+### Inter cluster network example:
+
+```yaml
+apiVersion: l2sm.k8s.local/v1
+kind: L2SMNetwork
+metadata:
+  name: spain-network
+spec:
+  type: inter-vnet
+  config: |
+    {
+      "provider": {
+        "name": "uc3m",
+        "domain": "idco.uc3m.es"
+      },
+      "accessList": ["public-key-1", "public-key-2"]
+    }
+  signature: sxySO0jHw4h1kcqO/LMLDgOoOeH8dOn8vZWv4KMBq0upxz3lcbl+o/36JefpEwSlBJ6ukuKiQ79L4rsmmZgglk6y/VL54DFyLfPw9RJn3mzl99YE4qCaHyEBANSw+d5hPaJ/I8q+AMtjrYpglMTRPf0iMZQMNtMd0CdeX2V8aZOPCQP75PsZkWukPdoAK/++y1vbFQ6nQKagvpUZfr7Ecb4/QY+hIAzepm6N6lNiFNTgj6lGTrFK0qCVfRhMD+vXbBP6xzZjB2N1nIheK9vx7kvj3HORjZ+odVMa+AOU5ShSKpzXTvknrtcRTcWWmXPNUZLoq5k3U+z1g1OTFcjMdQ====
+
+```
+
+### Pod creation and attachment
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: spain-network-signature
+type: Opaque
+data:
+  public-key.pem: <signature-using-private-key-1>
+```
+
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: mypod
+  annotations:
+    l2sm/networks: spain-network
+spec:
+  containers:
+  - name: ping
+    image: busybox
+  volumes:
+  - name: inter-vnet-signature
+    secret:
+      secretName: spain-network-signature
+```
+

L2S-M core/additional-info/main.go

+/*******************************************************************************
+ * Copyright 2024  Universidad Carlos III de Madrid
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License.  You may obtain a copy
+ * of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ * 
+ * SPDX-License-Identifier: Apache-2.0
+ ******************************************************************************/
+package main
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"encoding/base64"
+	"fmt"
+	"os"
+)
+
+func main() {
+
+	// Generate Alice RSA keys Of 2048 Buts
+	alicePrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+	if err != nil {
+		fmt.Println(err.Error)
+		os.Exit(1)
+	}
+	// Extract Public Key from RSA Private Key
+	alicePublicKey := alicePrivateKey.PublicKey
+	secretMessage := "IHsKICAgICAgInByb3ZpZGVyIjogewogICAgICAgICJuYW1lIjogInVjM20iLAogICAgICAgICJkb21haW4iOiAiaWRjby51YzNtLmVzIgogICAgICB9LAogICAgICAiYWNjZXNzTGlzdCI6IFsicHVibGljLWtleS0xIiwgInB1YmxpYy1rZXktMiJdCiAgICB9Cg"
+	fmt.Println("Original Text  ", secretMessage)
+	signature := SignPKCS1v15(secretMessage, *alicePrivateKey)
+	fmt.Println("Singature :  ", signature)
+	verif := VerifyPKCS1v15(signature, secretMessage, alicePublicKey)
+	fmt.Println(verif)
+}
+
+func SignPKCS1v15(plaintext string, privKey rsa.PrivateKey) string {
+	// crypto/rand.Reader is a good source of entropy for blinding the RSA
+	// operation.
+	rng := rand.Reader
+	hashed := sha256.Sum256([]byte(plaintext))
+	signature, err := rsa.SignPKCS1v15(rng, &privKey, crypto.SHA256, hashed[:])
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error from signing: %s\n", err)
+		return "Error from signing"
+	}
+	return base64.StdEncoding.EncodeToString(signature)
+}
+
+func VerifyPKCS1v15(signature string, plaintext string, pubkey rsa.PublicKey) string {
+	sig, _ := base64.StdEncoding.DecodeString(signature)
+	hashed := sha256.Sum256([]byte(plaintext))
+	err := rsa.VerifyPKCS1v15(&pubkey, crypto.SHA256, hashed[:], sig)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error from verification: %s\n", err)
+		return "Error from verification:"
+	}
+	return "Signature Verification Passed"
+}

L2S-M core/build/README.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# Build Directory
+
+This directory contains Dockerfiles and scripts for building and pushing Docker images for different components of the project. 
+
+The files and scripts are meant to be run directly in the /L2S-M directory, as the COPY instructions will refer to the /L2S-M/src directory.
+
+## Directory Structure:
+
+- `./build/switch`: Dockerfile and related files for building the l2sm-switch Docker image.
+- `./build/controller`: Dockerfile and related files for building the l2sm-controller Docker image.
+- `./build/operator`: Dockerfile and related files for building the l2sm-operator Docker image.
+- `./build/build_images.sh`: Bash script for automating the build and push process of Docker images.
+
+## Script Usage:
+
+### 1. Build Images:
+```bash
+./build/build_images.sh build
+```
+
+This command will build Docker images for l2sm-switch, l2sm-controller, and l2sm-operator.
+
+### 2. Push Images:
+
+```bash
+./build/build_images.sh push
+```
+
+This command will push previously built Docker images to the specified DockerHub repository.
+
+### 3. Build and Push Images:
+
+```bash
+./build/build_images.sh build_push
+```
+
+This command will both build and push Docker images.
+
+Note: Make sure to set the appropriate environment variables in the script before running. (The repo name and the version tag)
+
+For any additional details or customization, refer to the respective Dockerfiles and the build script.

L2S-M core/build/build_images.sh

+#!/bin/bash
+set -e
+
+# Set environment variables
+export VERSION="2.3"
+export DOCKERHUB_REPO="alexdecb"
+
+# Function to build image
+build_image() {
+  local image_name="$1"
+  local folder_name="$2"
+
+  echo "Building ${image_name}..."
+  docker build -t "${DOCKERHUB_REPO}/${image_name}:${VERSION}" -f "./build/${folder_name}/Dockerfile" .
+}
+
+# Function to push image
+push_image() {
+  local image_name="$1"
+
+  echo "Pushing ${image_name}..."
+  docker push "${DOCKERHUB_REPO}/${image_name}:${VERSION}"
+}
+
+# Option 1: Build image
+if [ "$1" == "build" ]; then
+  build_image "l2sm-switch" "switch"
+  build_image "l2sm-controller" "controller"
+  build_image "l2sm-operator" "operator"
+  echo "Images have been built successfully."
+
+# Option 2: Push image
+elif [ "$1" == "push" ]; then
+  push_image "l2sm-switch"
+  push_image "l2sm-controller"
+  push_image "l2sm-operator"
+  echo "Images have been pushed successfully."
+
+# Option 3: Build and push image
+elif [ "$1" == "build_push" ]; then
+  build_image "l2sm-switch" "switch"
+  push_image "l2sm-switch"
+  build_image "l2sm-controller" "controller"
+  push_image "l2sm-controller"
+  build_image "l2sm-operator" "operator"
+  push_image "l2sm-operator"
+  echo "Images have been built and pushed successfully."
+
+# Invalid option
+else
+  echo "Invalid option. Please use 'build', 'push', or 'build_push'."
+  exit 1
+fi

L2S-M core/build/controller/Dockerfile

+FROM onosproject/onos:2.7-latest
+
+COPY ./src/controller ./
+
+RUN apt-get update && \
+    apt-get install wget && \
+    chmod +x ./setup_controller.sh
+
+ENTRYPOINT ["./setup_controller.sh"]
\ No newline at end of file

L2S-M core/build/operator/Dockerfile

+FROM python:3.11.6
+
+WORKDIR /usr/src/app
+
+COPY ./src/operator/requirements.txt ./
+RUN pip install --no-cache-dir -r requirements.txt
+
+COPY ./src/operator/l2sm-operator.py .
+
+CMD kopf run --liveness=http://0.0.0.0:8080/healthz --standalone --all-namespaces ./l2sm-operator.py

L2S-M core/build/switch/Dockerfile

+FROM golang:1.20 AS build
+
+WORKDIR /usr/src/l2sm-switch
+
+COPY ./src/switch/ ./build/switch/build-go.sh ./
+
+RUN chmod +x ./build-go.sh  && ./build-go.sh
+
+FROM ubuntu:latest 
+
+WORKDIR /usr/local/bin
+
+COPY ./src/switch/vswitch.ovsschema /tmp/
+
+COPY --from=build /usr/local/bin/ .
+
+RUN apt-get update && \
+  apt-get install -y net-tools iproute2 netcat-openbsd dnsutils curl iputils-ping iptables nmap tcpdump openvswitch-switch && \
+  mkdir /var/run/openvswitch && mkdir -p /etc/openvswitch && ovsdb-tool create /etc/openvswitch/conf.db /tmp/vswitch.ovsschema 
+
+COPY ./src/switch/setup_switch.sh .
+
+RUN chmod +x ./setup_switch.sh && \
+    mkdir /etc/l2sm/
+
+CMD [ "./setup_switch.sh" ]
\ No newline at end of file

L2S-M core/build/switch/build-go.sh

+#!/usr/bin/env bash
+set -e
+
+DEST_DIR="/usr/local/bin"
+
+
+if [ ! -d ${DEST_DIR} ]; then
+	mkdir ${DEST_DIR}
+fi
+
+go build -v -o "${DEST_DIR}"/l2sm-init ./cmd/l2sm-init 
+go build -v -o "${DEST_DIR}"/l2sm-vxlans ./cmd/l2sm-vxlans 

L2S-M core/configs/sampleFile.json

+[
+    {
+        "name": "<NODE_SWITCH_1>",
+        "nodeIP": "<IP_SWITCH_1>",
+        "neighborNodes": ["<NODE_SWITCH_2>"]
+    },
+    {
+        "name": "<NODE_SWITCH_2>",
+        "nodeIP": "<IP_SWITCH_2>",
+        "neighborNodes": ["<NODE_SWITCH_1>"]
+    }
+]

L2S-M core/deployments/README.md

+<!---
+ Copyright 2024  Universidad Carlos III de Madrid
+ 
+ Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ use this file except in compliance with the License.  You may obtain a copy
+ of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ License for the specific language governing permissions and limitations under
+ the License.
+ 
+ SPDX-License-Identifier: Apache-2.0
+-->
+
+# L2S-M Installation Guide
+This guide details the necessary steps to install the L2S-M Kubernetes operator to create and manage virtual networks in your Kubernetes cluster.
+
+
+# Prerequisites
+
+1. Clone the L2S-M repository in your host. This guide will assume that all commands are executed within the L2S-M directory.
+
+2. Install the Multus CNI Plugin in your K8s cluster. For more information on how to install Multus in your cluster, check their [official GitHub repository](https://github.com/k8snetworkplumbingwg/multus-cni).
+
+3. The host-device CNI plugin must be able to be used in your cluster. If it is not present in your K8s distribution, you can find how to install it in your K8s cluster in their [official GitHub repository](https://github.com/containernetworking/plugins).
+
+4. Your K8s Control-Plane node must be able to deploy K8s pods for the operator to work. Remove its master and control-plane taints using the following command:
+```bash
+kubectl taint nodes --all node-role.kubernetes.io/control-plane- node-role.kubernetes.io/master-
+```
+
+ 
+## Install L2S-M
+
+Installing L2S-M can be done by using a single command:
+
+```bash
+kubectl create -f ./deployments/l2sm-deployment.yaml
+```
+
+The installation will take around a minute to finish, and to check that everyting is running properly, you may run the following command:
+
+```bash
+kubectl get pods -o wide
+```
+
+Which should give you an output like this:
+
+```bash
+NAME                               READY   STATUS    RESTARTS   AGE    IP           NODE    NOMINATED NODE   READINESS GATES
+l2sm-controller-56b45487b7-nglns   1/1     Running   0          129m   10.1.72.72   l2sm2   <none>           <none>
+l2sm-operator-7794c5f66d-b9nsf     2/2     Running   0          119m   10.1.14.45   l2sm1   <none>           <none>
+l2sm-switch-49qpq                  1/1     Running   0          129m   10.1.14.63   l2sm1   <none>           <none>
+l2sm-switch-2g696                  1/1     Running   0          129m   10.1.72.73   l2sm2   <none>           <none>
+```
+With the components: _l2sm-controller_, _l2sm-operator_ and one _l2sm-switch_ for **each** node in the cluster. 
+
+After the installation, you can start using L2S-M in one Node. If your Cluster has more than one Node, additional steps must be done, to configure which Nodes are connected between themselves as can be seen in the next subsection, configuring the VxLAN tunnels.
+
+## Configuring VxLANs
+
+Each Node enables the creation of custom L2S-M networks, as can be seen in the [examples section.](../examples/) But for communicating pods that are in different Nodes of the cluster, additional configuration must be done, the VxLAN tunnels between them.
+
+But don't worry! A guide on how this is configured step by step is outlined in [the vxlan configuration guide.](../deployment/vxlans.md)