Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • eclipse-research-labs/nemo-project/nemo-infrastructure-management/federated-meta-network-cluster-controller/multi-domain-l2s-m
1 result
Show changes
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 1119 additions and 1656 deletions
L2S-M core/src/operator/l2sm-operator.py deleted 100644 → 0
View file @ 30000056
This diff is collapsed.
L2S-M core/src/operator/requirements.txt deleted 100644 → 0
View file @ 30000056
#-------------------------------------------------------------------------------
# Copyright 2024 Universidad Carlos III de Madrid
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy
# of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.
#
# SPDX-License-Identifier: Apache-2.0
#-------------------------------------------------------------------------------
kopf==1.37.0
kubernetes==28.1.0
PyMySQL==1.1.0
requests==2.25.1
L2S-M core/src/switch/cmd/l2sm-init/main.go deleted 100644 → 0
View file @ 30000056
/*******************************************************************************
* Copyright 2024 Universidad Carlos III de Madrid
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy
* of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*
* SPDX-License-Identifier: Apache-2.0
******************************************************************************/
package main
import (
"errors"
"flag"
"fmt"
"os/exec"
"regexp"
)
// Script that takes two required arguments:
// the first one is the name in the cluster of the node where the script is running
// the second one is the path to the configuration file, in reference to the code.
func main() {
vethNumber, controllerIP, err := takeArguments()
if err != nil {
fmt.Println("Error with the arguments. Error:", err)
return
}
fmt.Println("Initializing switch, connected to controller: ", controllerIP)
err = initializeSwitch(controllerIP)
if err != nil {
fmt.Println("Could not initialize switch. Error:", err)
return
}
fmt.Println("Switch initialized and connected to the controller.")
// Set all virtual interfaces up, and connect them to the tunnel bridge:
for i := 1; i <= vethNumber; i++ {
veth := fmt.Sprintf("net%d", i)
cmd := exec.Command("ip", "link", "set", veth, "up") // i.e: ip link set veth1 up
if err := cmd.Run(); err != nil {
fmt.Println("Error:", err)
}
exec.Command("ovs-vsctl", "add-port", "brtun", veth).Run() // i.e: ovs-vsctl add-port brtun veth1
}
}
func takeArguments() (int, string, error) {
vethNumber := flag.Int("n_veths", 0, "number of pod interfaces that are going to be attached to the switch")
controllerIP := flag.String("controller_ip", "", "ip where the SDN controller is listening using the OpenFlow13 protocol. Required")
flag.Parse()
switch {
case *controllerIP == "":
return 0, "", errors.New("controller IP is not defined")
}
return *vethNumber, *controllerIP, nil
}
func initializeSwitch(controllerIP string) error {
re := regexp.MustCompile(`\b(?:[0-9]{1,3}\.){3}[0-9]{1,3}\b`)
if !re.MatchString(controllerIP) {
out, _ := exec.Command("host", controllerIP).Output()
controllerIP = re.FindString(string(out))
}
var err error
err = exec.Command("ovs-vsctl", "add-br", "brtun").Run()
if err != nil {
return errors.New("could not create brtun interface")
}
err = exec.Command("ip", "link", "set", "brtun", "up").Run()
if err != nil {
return errors.New("could not set brtun interface up")
}
err = exec.Command("ovs-vsctl", "set", "bridge", "brtun", "protocols=OpenFlow13").Run()
if err != nil {
return errors.New("could not set brtun messaing protocol to OpenFlow13")
}
target := fmt.Sprintf("tcp:%s:6633", controllerIP)
err = exec.Command("ovs-vsctl", "set-controller", "brtun", target).Run()
if err != nil {
return errors.New("could not connect to controller")
}
return nil
}
L2S-M core/src/switch/cmd/l2sm-vxlans/main.go deleted 100644 → 0
View file @ 30000056
/*******************************************************************************
* Copyright 2024 Universidad Carlos III de Madrid
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy
* of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*
* SPDX-License-Identifier: Apache-2.0
******************************************************************************/
package main
import (
"encoding/json"
"errors"
"flag"
"fmt"
"io/ioutil"
"os"
"os/exec"
"strings"
)
type Node struct {
Name string `json:"name"`
NodeIP string `json:"nodeIP"`
NeighborNodes []string `json:"neighborNodes"`
}
// Script that takes two required arguments:
// the first one is the name in the cluster of the node where the script is running
// the second one is the path to the configuration file, in reference to the code.
func main() {
configDir, nodeName, err := takeArguments()
if err != nil {
fmt.Println("Error with the arguments. Error:", err)
return
}
err = createVxlans(configDir, nodeName)
if err != nil {
fmt.Println("Vxlans not created: ", err)
return
}
}
func takeArguments() (string, string, error) {
configDir := os.Args[len(os.Args)-1]
nodeName := flag.String("node_name", "", "name of the node the script is executed in. Required.")
flag.Parse()
switch {
case *nodeName == "":
return "", "", errors.New("node name is not defined")
case configDir == "":
return "", "", errors.New("config directory is not defined")
}
return configDir, *nodeName, nil
}
func createVxlans(configDir, nodeName string) error {
/// Read file and save in memory the JSON info
data, err := ioutil.ReadFile(configDir)
if err != nil {
fmt.Println("No input file was found.", err)
return err
}
var nodes []Node
err = json.Unmarshal(data, &nodes)
if err != nil {
return err
}
// Search for the corresponding node in the configuration, according to the first passed parameter.
// Once the node is found, create a bridge for every neighbour node defined.
// The bridge is created with the nodeIp and neighborNodeIP and VNI. The VNI is generated in the l2sm-controller thats why its set to 'flow'.
for _, node := range nodes {
if node.Name == nodeName {
nodeIP := strings.TrimSpace(node.NodeIP)
for _, neighbor := range node.NeighborNodes {
vxlanNumber := 1
for _, n := range nodes {
if n.Name == neighbor {
neighborIP := strings.TrimSpace(n.NodeIP)
commandArgs := []string{
"add-port",
"brtun",
fmt.Sprintf("vxlan%d", vxlanNumber),
"--",
"set", "interface",
fmt.Sprintf("vxlan%d", vxlanNumber),
"type=vxlan",
"options:key=flow",
fmt.Sprintf("options:remote_ip=%s", neighborIP),
fmt.Sprintf("options:local_ip=%s", nodeIP),
"options:dst_port=7000",
}
_, err := exec.Command("ovs-vsctl", commandArgs...).Output()
if err != nil {
return fmt.Errorf("could not create vxlan between node %s and node %s", node.Name, neighbor)
} else {
fmt.Printf("Created vxlan between node %s and node %s.\n", node.Name, neighbor)
}
}
vxlanNumber++
}
}
}
}
return nil
}
L2S-M core/src/switch/go.mod deleted 100644 → 0
View file @ 30000056
module app
go 1.18
L2S-M core/src/switch/setup_switch.sh deleted 100644 → 0
View file @ 30000056
#!/bin/bash
#-------------------------------------------------------------------------------
# Copyright 2024 Universidad Carlos III de Madrid
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy
# of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.
#
# SPDX-License-Identifier: Apache-2.0
#-------------------------------------------------------------------------------
ovsdb-server --remote=punix:/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach
ovs-vsctl --db=unix:/var/run/openvswitch/db.sock --no-wait init
ovs-vswitchd --pidfile=/var/run/openvswitch/ovs-vswitchd.pid --detach
l2sm-init --n_veths=$NVETHS --controller_ip=$CONTROLLERIP
#l2sm-vxlans --node_name=$NODENAME /etc/l2sm/switchConfig.json
sleep infinity
L2S-M core/src/switch/vswitch.ovsschema deleted 100644 → 0
View file @ 30000056
This diff is collapsed.
l2sm-api-resources/Makefile Makefile
View file @ 4be2bde9
#-------------------------------------------------------------------------------
# Copyright 2024 Universidad Carlos III de Madrid
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy
# of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.
#
# SPDX-License-Identifier: Apache-2.0
#-------------------------------------------------------------------------------
# Image URL to use all building/pushing image targets # Image URL to use all building/pushing image targets
IMG ?= controller:latest IMG ?= alexdecb/l2sm-controller-manager:2.7.1
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION = 1.29.0 ENVTEST_K8S_VERSION = 1.29.0
...@@ -32,13 +15,15 @@ endif ...@@ -32,13 +15,15 @@ endif
# Be aware that the target commands are only tested with Docker which is # Be aware that the target commands are only tested with Docker which is
# scaffolded by default. However, you might want to replace it to use other # scaffolded by default. However, you might want to replace it to use other
# tools. (i.e. podman) # tools. (i.e. podman)
CONTAINER_TOOL ?= docker CONTAINER_TOOL ?= sudo docker
# Setting SHELL to bash allows bash commands to be executed by recipes. # Setting SHELL to bash allows bash commands to be executed by recipes.
# Options are set to exit when a recipe line exits non-zero or a piped command fails. # Options are set to exit when a recipe line exits non-zero or a piped command fails.
SHELL = /usr/bin/env bash -o pipefail SHELL = /usr/bin/env bash -o pipefail
.SHELLFLAGS = -ec .SHELLFLAGS = -ec
REPOSITORY=L2S-M
.PHONY: all .PHONY: all
all: build all: build
...@@ -101,6 +86,8 @@ build: manifests generate fmt vet ## Build manager binary. ...@@ -101,6 +86,8 @@ build: manifests generate fmt vet ## Build manager binary.
go build -o bin/manager cmd/main.go go build -o bin/manager cmd/main.go
.PHONY: run .PHONY: run
include .env
export $(shell sed 's/=.*//' .env)
run: manifests generate fmt vet ## Run a controller from your host. run: manifests generate fmt vet ## Run a controller from your host.
go run ./cmd/main.go go run ./cmd/main.go
...@@ -134,13 +121,12 @@ docker-buildx: ## Build and push docker image for the manager for cross-platform ...@@ -134,13 +121,12 @@ docker-buildx: ## Build and push docker image for the manager for cross-platform
.PHONY: build-installer .PHONY: build-installer
build-installer: manifests generate kustomize ## Generate a consolidated YAML with CRDs and deployment. build-installer: manifests generate kustomize ## Generate a consolidated YAML with CRDs and deployment.
mkdir -p dist echo "" > deployments/l2sm-deployment.yaml
@if [ -d "config/crd" ]; then \ echo "---" >> deployments/l2sm-deployment.yaml # Add a document separator before appending
$(KUSTOMIZE) build config/crd > dist/install.yaml; \
fi
echo "---" >> dist/install.yaml # Add a document separator before appending
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default >> dist/install.yaml $(KUSTOMIZE) build config/default >> deployments/l2sm-deployment.yaml
$(KUSTOMIZE) build config/tmp >> deployments/l2sm-deployment.yaml
##@ Deployment ##@ Deployment
...@@ -160,11 +146,60 @@ uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified ...@@ -160,11 +146,60 @@ uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified
deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config. deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default | $(KUBECTL) apply -f - $(KUSTOMIZE) build config/default | $(KUBECTL) apply -f -
$(KUSTOMIZE) build config/tmp | $(KUBECTL) apply -f -
.PHONY: undeploy .PHONY: undeploy
undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion. undeploy: kustomize ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
$(KUSTOMIZE) build config/tmp | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f -
$(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f - $(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f -
.PHONY: webhook-certs
webhook-certs: ## generate self-signed cert and key for local webhook development
mkdir -p /tmp/k8s-webhook-server/serving-certs
openssl req -x509 -newkey rsa:2048 -nodes -keyout /tmp/k8s-webhook-server/serving-certs/tls.key -out /tmp/k8s-webhook-server/serving-certs/tls.crt -days 365 -config ./config/dev/openssl.cnf -batch -subj '/CN=local-webhook'
cat /tmp/k8s-webhook-server/serving-certs/tls.crt | base64 -w0 > /tmp/k8s-webhook-server/tls.b64
# $(eval B64_CERT := $(shell cat /tmp/k8s-webhook-server/tls.b64))
# echo $(B64_CERT)
# cat /tmp/k8s-webhook-server/tls.b64
# openssl req -x509 \
# -newkey rsa:2048 \
# -nodes \
# -keyout /tmp/k8s-webhook-server/serving-certs/tls.key \
# -out /tmp/k8s-webhook-server/serving-certs/tls.crt \
# -days 365 \
# -subj '/CN=local-webhook'
##@ Webhook
.PHONY: deploy-dev
deploy-dev: webhook-certs manifests kustomize ## Deploy validating and mutating webhooks to the K8s cluster specified in ~/.kube/config.
sed -i'' -e 's/caBundle: .*/caBundle: $(shell cat /tmp/k8s-webhook-server/tls.b64)/' ./config/dev/webhookcainjection_patch.yaml
$(KUSTOMIZE) build config/dev | $(KUBECTL) apply -f -
.PHONY: undeploy-dev
undeploy-dev: kustomize ## Undeploy validating and mutating webhooks from the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/dev | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f -
# Define file extensions for various formats
FILES := $(shell find . -type f \( -name "*.go" -o -name "*.json" -o -name "*.yaml" -o -name "*.yml" -o -name "*.md" \))
# Install the addlicense tool if not installed
.PHONY: install-tools
install-tools:
@go install github.com/google/addlicense@latest
# Add license headers to the files
.PHONY: add-license
add-license: install-tools
@for file in $(FILES); do \
addlicense -f ./hack/LICENSE.txt -l apache "$${file}"; \
done
##@ Dependencies ##@ Dependencies
## Location to install dependencies to ## Location to install dependencies to
...@@ -205,6 +240,7 @@ golangci-lint: $(GOLANGCI_LINT) ## Download golangci-lint locally if necessary. ...@@ -205,6 +240,7 @@ golangci-lint: $(GOLANGCI_LINT) ## Download golangci-lint locally if necessary.
$(GOLANGCI_LINT): $(LOCALBIN) $(GOLANGCI_LINT): $(LOCALBIN)
$(call go-install-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint,${GOLANGCI_LINT_VERSION}) $(call go-install-tool,$(GOLANGCI_LINT),github.com/golangci/golangci-lint/cmd/golangci-lint,${GOLANGCI_LINT_VERSION})
# go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist # go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist
# $1 - target path with name of binary (ideally with version) # $1 - target path with name of binary (ideally with version)
# $2 - package url which can be installed # $2 - package url which can be installed
...@@ -218,3 +254,4 @@ GOBIN=$(LOCALBIN) go install $${package} ;\ ...@@ -218,3 +254,4 @@ GOBIN=$(LOCALBIN) go install $${package} ;\
mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\ mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\
} }
endef endef
l2sm-api-resources/PROJECT PROJECT
View file @ 4be2bde9
...@@ -5,8 +5,8 @@ ...@@ -5,8 +5,8 @@
domain: l2sm.k8s.local domain: l2sm.k8s.local
layout: layout:
- go.kubebuilder.io/v4 - go.kubebuilder.io/v4
projectName: l2smnetwork projectName: controllermanager
repo: l2sm.k8s.local/l2smnetwork repo: github.com/Networks-it-uc3m/L2S-M
resources: resources:
- api: - api:
crdVersion: v1 crdVersion: v1
...@@ -14,12 +14,34 @@ resources: ...@@ -14,12 +14,34 @@ resources:
controller: true controller: true
domain: l2sm.k8s.local domain: l2sm.k8s.local
group: l2sm group: l2sm
kind: L2SMNetwork kind: L2Network
path: l2sm.k8s.local/l2smnetwork/api/v1 path: github.com/Networks-it-uc3m/L2S-M/api/v1
version: v1 version: v1
- controller: true - controller: true
group: core group: core
kind: Pod kind: Pod
path: k8s.io/api/core/v1 path: k8s.io/api/core/v1
version: v1 version: v1
- api:
crdVersion: v1
namespaced: true
controller: true
domain: l2sm.k8s.local
group: l2sm
kind: NetworkEdgeDevice
path: github.com/Networks-it-uc3m/L2S-M/api/v1
version: v1
- api:
crdVersion: v1
namespaced: true
controller: true
domain: l2sm.k8s.local
group: l2sm
kind: Overlay
path: github.com/Networks-it-uc3m/L2S-M/api/v1
version: v1
webhooks:
defaulting: true
validation: true
webhookVersion: v1
version: "3" version: "3"
README.md
View file @ 4be2bde9
<!--- # Multi domain L2S-M
Copyright 2024 Universidad Carlos III de Madrid
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License. You may obtain a copy
of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.
SPDX-License-Identifier: Apache-2.0
-->
# Multi domain L2S-M
Welcome to the official repository of L2S-M, a **Kubernetes operator** that enables virtual networking in K8s clusters. Welcome to the official repository of L2S-M, a **Kubernetes operator** that enables virtual networking in K8s clusters.
Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s networking solution that complements the CNI plugin approach of K8s to create and manage virtual networks in K8s clusters. These virtual networks allow workloads (pods) to have isolated link-layer connectivity with other pods in a K8s cluster, regardless of the k8s node where they are actually deployed. L2S-M enables the creation/deletion of virtual networks on-demand, as well as attaching/detaching pods to that networks. The solution is seamlessly integrated within the K8s environment, through a K8s operator: Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s networking solution that complements the CNI plugin approach of K8s to create and manage virtual networks in K8s clusters. These virtual networks allow workloads (pods) to have isolated link-layer connectivity with other pods in a K8s cluster, regardless of the k8s node where they are actually deployed. L2S-M enables the creation/deletion of virtual networks on-demand, as well as attaching/detaching pods to that networks. The solution is seamlessly integrated within the K8s environment, through a K8s operator:
![alt text](./L2S-M%20core/assets/v1_architecture.png?raw=true) ![alt text](./assets/v1_architecture.png?raw=true)
L2S-M provides its intended functionalities using a programmable data-plane based on Software Defined Networking (SDN), which in turn provides a high degree of flexibility to dynamically incorporate new application and/or network configurations into K8s clusters. Moreover, L2S-M has been designed to flexibly accommodate various deployment options, ranging from small K8s clusters to those with a high number of distributed nodes. L2S-M provides its intended functionalities using a programmable data-plane based on Software Defined Networking (SDN), which in turn provides a high degree of flexibility to dynamically incorporate new application and/or network configurations into K8s clusters. Moreover, L2S-M has been designed to flexibly accommodate various deployment options, ranging from small K8s clusters to those with a high number of distributed nodes.
The main K8s interface of pods remains intact (provided by a CNI plugin), retaining the compatibility with all the standard K8s elements (e.g., services, connectivity through the main interface, etc.). Moreover, the solution has the potential to be used for inter-cluster communications to support scenarios where network functions are spread through multiple distributed infrastructures (this is still a work in progress). The main K8s interface of pods remains intact (provided by a CNI plugin), retaining the compatibility with all the standard K8s elements (e.g., services, connectivity through the main interface, etc.). Moreover, the solution has the potential to be used for inter-cluster communications to support scenarios where network functions are spread through multiple distributed infrastructures (this is still a work in progress).
The figure outlines the design of L2S-M. See [how L2S-M works](./L2S-M%20core/L2S-M/additional-info/) to read further details on the L2S-M solution. The figure outlines the design of L2S-M. See [how L2S-M works](./additional-info/) to read further details on the L2S-M solution.
If you want to learn how to install L2S-M in your cluster, see the [installation guide](./L2S-M%20core/deployments) of this repository to start its installation. If you want to learn how to install L2S-M in your cluster, see the [installation guide](./deployments) of this repository to start its installation.
Did you already install the operator and you cannot wait to start building your own virtual networks in your K8s cluster? Check out our [ping-pong](./L2S-M%20core/examples/ping-pong) example!
Did you already install the operator and you cannot wait to start building your own virtual networks in your K8s cluster? Check out our [general usage guide](./additional-info/general-use.md)! If you're more interested in seeing a simple working example, you can start out with the [ping pong example](./examples/ping-pong/).
If you want more information about the original idea of L2S-M and its initial design, you can check our latest publication in the [IEEE Network journal](https://ieeexplore.ieee.org/document/9740640): If you want more information about the original idea of L2S-M and its initial design, you can check our latest publication in the [IEEE Network journal](https://ieeexplore.ieee.org/document/9740640):
...@@ -39,12 +22,15 @@ If you want more information about the original idea of L2S-M and its initial de ...@@ -39,12 +22,15 @@ If you want more information about the original idea of L2S-M and its initial de
Did you like L2S-M and want to use it in your K8s infrastructure or project? Please, feel free to do so, and don't forget to cite us! Did you like L2S-M and want to use it in your K8s infrastructure or project? Please, feel free to do so, and don't forget to cite us!
### Demo video
This [video](https://youtube.com/watch?v=Oj2gzm-YxYE&si=bV9eN77wTlXQZY3Y) exemplifies the process to create virtual networks in Kubernetes using the L2S-M open-source software. More concretely, it shows how L2S is used to create a simple content distribution network on a Kubernetes cluster.
### Inter-cluster communications ### Inter-cluster communications
L2S-M is now capable of managing inter-cluster communications, with custom resources that enable the creation of overlay network topologies and multi domain networks on demand. If you are interested in how these resources are defined, you can check [the provided inter-cluster example](./L2S-M%20core/examples/inter-cluster/) and [the source code of the Custom Resources.](./l2sm-api-resources)
The solution can work jointly with L2S-M or be used standalone through the [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni). Details can be checked [here](https://github.com/Networks-it-uc3m/snd-based-inter-cluster-communications/blob/main/README.md).
The solution enables the creation and deletion of virtual link-layer networks to connect application workloads running in different virtualization domains. This way, it supports inter-domain link-layer communications among remote workloads. One of the most interesting features L2S-M has is that it enables communications among workloads deployed on differente Kubernetes clusters. You can perform the creation and deletion of virtual link-layer networks to connect application workloads running in different virtualization domains. This way, it supports inter-domain link-layer communications among remote workloads.
The solution can work jointly with L2S-M or be used standalone through the [Multus CNI](https://github.com/k8snetworkplumbingwg/multus-cni). Details can be checked [here](./additional-info/inter-cluster.md). Even though the inter-cluster solution is meant to be used via [the multi-domain client](http://github.com/Networks-it-uc3m/l2sm-md), we provide examples of how can you manually set up an entire inter-cluster virtual overlay network in the [inter cluster setup guide](./examples/inter-cluster-setup/). If you have your infrastructure ready, you can go ahead to the [inter cluster networks example](./examples/inter-cluster-network)!
### Additional information about L2S-M ### Additional information about L2S-M
In the [following section](./additional-info) of the repository, you can find a series of documents and slides that provide additional information about L2S-M, including presentations where our solution has been showcased to the public in various events. In the [following section](./additional-info) of the repository, you can find a series of documents and slides that provide additional information about L2S-M, including presentations where our solution has been showcased to the public in various events.
...@@ -87,7 +73,7 @@ Do you have any doubts about L2S-M or its installation? Do you want to provide f ...@@ -87,7 +73,7 @@ Do you have any doubts about L2S-M or its installation? Do you want to provide f
### Acknowledgement ### Acknowledgement
The work in this open-source project has partially been supported by the European Horizon NEMO project (grant agreement 101070118), the European Horizon CODECO project (grant agreement 101092696), and by the national 6GINSPIRE project (PID2022-137329OB-C429). The work in this open-source project has partially been supported by the European Horizon NEMO project (grant agreement 101070118), the European Horizon CODECO project (grant agreement 101092696), and by the national 6GINSPIRE project (PID2022-137329OB-C429).
### Other projects where L2S-M has been used #### Other projects where L2S-M has been used
- H2020 FISHY Project: https://fishy-project.eu (grant agreement 952644) - H2020 FISHY Project: https://fishy-project.eu (grant agreement 952644)
- True5G Project: (PID2019-108713RB-C52 / AEI / 10.13039/501100011033) - True5G Project: (PID2019-108713RB-C52 / AEI / 10.13039/501100011033)
- H2020 Labyrinth project: https://labyrinth2020.eu/ (grant agreement 861696). - H2020 Labyrinth project: https://labyrinth2020.eu/ (grant agreement 861696).
L2S-M core/additional-info/README.md additional-info/README.md
View file @ 4be2bde9
<!---
Copyright 2024 Universidad Carlos III de Madrid
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License. You may obtain a copy
of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.
SPDX-License-Identifier: Apache-2.0
-->
# How does L2S-M work? # How does L2S-M work?
L2S-M takes a different approach to K8s networking in comparison with other solutions available, which mostly implement CNI plugins to be used as the main connectivity basis for a cluster. L2S-M is deployed as a complementary solution to these CNI Plugins, since it allows the creation and management of virtual networks in a K8s cluster in order to provide workloads with one (or several) interface(s) to communicate with other workloads attached to the same network(s) at the link-layer. The main CNI Plugin interface in these pods remains intact, allowing the standard K8s functionalities to still be available for the pods (services, communications using the main interface, etc.). L2S-M takes a different approach to K8s networking in comparison with other solutions available, which mostly implement CNI plugins to be used as the main connectivity basis for a cluster. L2S-M is deployed as a complementary solution to these CNI Plugins, since it allows the creation and management of virtual networks in a K8s cluster in order to provide workloads with one (or several) interface(s) to communicate with other workloads attached to the same network(s) at the link-layer. The main CNI Plugin interface in these pods remains intact, allowing the standard K8s functionalities to still be available for the pods (services, communications using the main interface, etc.).
...@@ -24,7 +6,7 @@ The following figure outlines a high-level overview of L2S-M, with an illustrati ...@@ -24,7 +6,7 @@ The following figure outlines a high-level overview of L2S-M, with an illustrati
![alt text](../assets/v1_architecture.png?raw=true) ![alt text](../assets/v1_architecture.png?raw=true)
**NOTE**: The current version of L2S-M utilizes an infrastructure of virtual switches based on [Open Virtual Switch (OVS)](http://www.openvswitch.org). The integration of physical switches is currently ongoing. **NOTE**: The current version of L2S-M utilizes an infrastructure of virtual switches based on [Open Virtual Switch (OVS)](http://www.openvswitch.org). This implementation can be followed up in https://github.com/Networks-it-uc3m/l2sm-switch .
In L2S-M, a k8s node deploys a virtual SDN switch or is connected to a physical SDN switch. Virtual switches are interconnected through point-to-point links. These links are established using IP tunnels (based on VXLAN technologies). This way, SDN switches build an overlay network that interconnects all the K8s nodes. L2S-M uses an SDN controller to install forwarding rules on the virtual/physical switches. This way, data traffic among workloads is appropriately distributed through isolated virtual networks (i.e., the SDN controller instructs the switches which ports should be used to forward and/or block incoming/outgoing traffic). In L2S-M, a k8s node deploys a virtual SDN switch or is connected to a physical SDN switch. Virtual switches are interconnected through point-to-point links. These links are established using IP tunnels (based on VXLAN technologies). This way, SDN switches build an overlay network that interconnects all the K8s nodes. L2S-M uses an SDN controller to install forwarding rules on the virtual/physical switches. This way, data traffic among workloads is appropriately distributed through isolated virtual networks (i.e., the SDN controller instructs the switches which ports should be used to forward and/or block incoming/outgoing traffic).
...@@ -32,6 +14,6 @@ Specifically for K8s clusters, the element in charge of managing the creation, d ...@@ -32,6 +14,6 @@ Specifically for K8s clusters, the element in charge of managing the creation, d
To provide isolation among virtual networks, the operator interacts with the SDN controller component to communicate which ports are associated with each virtual network, updating its status every time a pod is deployed/deleted. Using this information, the SDN controller injects the corresponding rules in the switches, forwarding and/or blocking traffic according to the virtual networks being used at each moment. To provide isolation among virtual networks, the operator interacts with the SDN controller component to communicate which ports are associated with each virtual network, updating its status every time a pod is deployed/deleted. Using this information, the SDN controller injects the corresponding rules in the switches, forwarding and/or blocking traffic according to the virtual networks being used at each moment.
**NOTE**: The current version of L2S-M utilizes a simple-switch implementation based on the [RYU](https://ryu.readthedocs.io/en/latest/) SDN controller. An SDN application to specifically support virtual network isolation is currently under implementation. **NOTE**: The current version of L2S-M utilizes a custom implementation of SDN controller. This sdn controller implementation can be seen at https://github.com/Networks-it-uc3m/l2sm-controller .
More information on how to deploy virtualise workloads attached to virtual networks can be seen in the [ping-pong](https://github.com/Networks-it-uc3m/L2S-M/tree/main/examples/ping-pong) example. More information on how to use this solution can be seen in the [how to use guide](./general-use.md).
additional-info/general-use.md 0 → 100644
View file @ 4be2bde9
# General Use of L2S-M Application
This document will guide you through the usage of L2S-M, a tool designed to manage L2 networks, overlays, and Network Edge Devices (NEDs) within a Kubernetes cluster environment. L2S-M uses Custom Resource Definitions (CRDs) to enable flexible network management and pod attachment within Kubernetes.
For more specific examples, you can go to the [examples section](../examples/), this document is meant to be a general use guide.
## Custom Resource Definitions (CRDs)
L2S-M introduces three core CRDs that allow users to configure networks, overlays, and edge devices dynamically:
### 1. **L2Network CRD**
- **Purpose**: Defines a Layer 2 virtual network inside the Kubernetes environment.
- **Configurable Fields**:
- **Network Type**: Specifies the type of network.
- **Connectivity**: Controls the connection with the Software-Defined Networking (SDN) controller.
- **Connected Pods**: Lists the pods connected to this network.
- **Usage**: Once a network is defined, pods can be connected to it. The L2Network CRD provides specifications through the `spec` field, where the user defines the network attributes, while the `status` field reports the current state of the network, including the pods connected to it.
- An example of this CR can be found [here](../config/samples/l2sm_v1_l2network.yaml)
### 2. **Overlay CRD**
- **Purpose**: Defines the logical connections between nodes in the cluster, creating the overlay network.
- **Configurable Fields**:
- **Topology**: Specifies how nodes should be interconnected.
- **Switch Template**: Defines the type of switches used within the overlay.
- **Network Controller**: Identifies the SDN controller responsible for managing the topology.
- **Usage**: Administrators can use the Overlay CRD to define the connections between nodes based on their resource capacities or geographic location, creating custom topologies suited to specific needs.
- An example of this CR can be found [here](../config/samples/l2sm_v1_overlay.yaml)
### 3. **NetworkEdgeDevice (NED) CRD**
- **Purpose**: Extends the network beyond the cluster, enabling communication with external networks or other clusters.
- **Configurable Fields**:
- **Device Type**: Defines the hardware or software that forms the edge device.
- **Connections**: Specifies the external networks or clusters this NED should connect to.
- **Usage**: The NED CRD facilitates inter-cluster communication by connecting Kubernetes clusters or other platforms like OpenStack. Each NED is controlled by an SDN controller for dynamic flow control and traffic management.
- An example of this CR can be found [here](../config/samples/l2sm_v1_networkedgedevice.yaml)
## Attaching Pods to Networks
Pods can be dynamically attached to L2 networks defined by the L2Network CRD. This process involves the following steps:
1. **Defining the L2Network**: Use the L2Network CRD to create a network in Kubernetes. The network will be managed by the L2S-M controller, which communicates with the SDN controller to configure the necessary networking parameters.
2. **Scheduling Pods**: When a pod is deployed in the cluster, it can be attached to the L2Network by specifying the network during the pod creation process. The L2S-M controller will automatically configure the required network interfaces and assign IP addresses via the integrated IP Address Management (IPAM) system.
3. **Monitoring Connectivity**: Once attached, the status of the pod’s network connectivity can be checked via the L2Network CRD’s `status` field, which will list all connected pods and report any changes in the connectivity state.
l2sm-api-resources/README.md additional-info/implementation.md
View file @ 4be2bde9
<!--- # L2S-M Development
Copyright 2024 Universidad Carlos III de Madrid
This component is essentially a set of Custom Resource Definitions (CRDs) accompanied by a controller and a manager. It's designed to manage the overlays and virtual networks that L2S-M uses between pods within a K8s cluster.
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License. You may obtain a copy
of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.
SPDX-License-Identifier: Apache-2.0
-->
# l2smnetwork
The "l2smnetworks" component is essentially a set of Custom Resource Definitions (CRDs) accompanied by a controller and a manager. It's designed to manage the virtual networks that L2S-M uses between pods within a K8s cluster. These virtual networks facilitate isolated link-layer connectivity among pods, enhancing security and network efficiency.
## Description
Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s networking solution that complements the CNI plugin approach of K8s to create and manage virtual networks in K8s clusters. These virtual networks allow workloads (pods) to have isolated link-layer connectivity with other pods in a K8s cluster, regardless of the k8s node where they are actually deployed. L2S-M enables the creation/deletion of virtual networks on-demand, as well as attaching/detaching pods to that networks. [More info can be found in the original repo.](https://github.com/Networks-it-uc3m/L2S-M)
## Getting Started ## Getting Started
### Prerequisites ### Prerequisites
...@@ -30,30 +11,23 @@ Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s netwo ...@@ -30,30 +11,23 @@ Link-Layer Secure connectivity for Microservice platforms (L2S-M) is a K8s netwo
- Access to a Kubernetes v1.11.3+ cluster. - Access to a Kubernetes v1.11.3+ cluster.
### To Deploy on the cluster ### To Deploy on the cluster
**Build and push your image to the location specified by `IMG`:** **Build and push your image to the location specified by `IMG`, inside the Makefile:**
```sh ```sh
make docker-build docker-push IMG=<some-registry>/l2smnetwork:tag make docker-build docker-push
``` ```
**NOTE:** This image ought to be published in the personal registry you specified. **NOTE:** The image ought to be published in the personal registry you specified.
And it is required to have access to pull the image from the working environment. And it is required to have access to pull the image from the working environment.
Make sure you have the proper permission to the registry if the above commands don’t work. Make sure you have the proper permission to the registry if the above commands don’t work.
**Install the CRDs into the cluster:**
```sh
make install
```
**Deploy the Manager to the cluster with the image specified by `IMG`:** **Deploy the Manager to the cluster with the image specified by `IMG`:**
```sh ```sh
make deploy IMG=<some-registry>/l2smnetwork:tag make deploy
``` ```
> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin
privileges or be logged in as admin.
**Create instances of your solution** **Create instances of your solution**
You can apply the samples (examples) from the config/sample: You can apply the samples (examples) from the config/sample:
...@@ -71,18 +45,48 @@ kubectl apply -k config/samples/ ...@@ -71,18 +45,48 @@ kubectl apply -k config/samples/
kubectl delete -k config/samples/ kubectl delete -k config/samples/
``` ```
**Delete the APIs(CRDs) from the cluster:** **UnDeploy the controller from the cluster:**
```sh ```sh
make uninstall make undeploy
``` ```
**UnDeploy the controller from the cluster:**
> **NOTE**: If you encounter RBAC errors, you may need to grant yourself cluster-admin
privileges or be logged in as admin.
### To Run locally the solution and make your custom changes
If you are interested in running the solution locally, feel free to make your own branch and start developing! Any feedback is welcome as well.
We provide the following commands to run the application locally
1. **Install the CRDs into the cluster:**
```sh ```sh
make undeploy make install
```
2. **Deploy the webhook server locally:**
```sh
make deploy-webhook
```
3. **Run the application with the changes:**
```sh
make run
```
And once you've finished:
**Delete the APIs(CRDs) from the cluster:**
```sh
make uninstall
```
**Remove the Webhook Server from the cluster:**
```sh
make undeploy-webhook
``` ```
## Project Distribution ## Project Distribution
Following are the steps to build the installer and distribute this project to users. Following are the steps to build the installer and distribute this project to users.
...@@ -90,11 +94,11 @@ Following are the steps to build the installer and distribute this project to us ...@@ -90,11 +94,11 @@ Following are the steps to build the installer and distribute this project to us
1. Build the installer for the image built and published in the registry: 1. Build the installer for the image built and published in the registry:
```sh ```sh
make build-installer IMG=<some-registry>/l2smnetwork:tag make build-installer
``` ```
NOTE: The makefile target mentioned above generates an 'install.yaml' NOTE: The makefile target mentioned above generates an 'install.yaml'
file in the dist directory. This file contains all the resources built file in the deployment directory. This file contains all the resources built
with Kustomize, which are necessary to install this project without with Kustomize, which are necessary to install this project without
its dependencies. its dependencies.
...@@ -103,29 +107,5 @@ its dependencies. ...@@ -103,29 +107,5 @@ its dependencies.
Users can just run kubectl apply -f <URL for YAML BUNDLE> to install the project, i.e.: Users can just run kubectl apply -f <URL for YAML BUNDLE> to install the project, i.e.:
```sh ```sh
kubectl apply -f https://raw.githubusercontent.com/<org>/l2smnetwork/<tag or branch>/dist/install.yaml kubectl apply -f https://raw.githubusercontent.com/<org>/L2S-M/<tag or branch>/deployments/l2sm-deployment.yaml
``` ```
\ No newline at end of file
## Contributing
// TODO(user): Add detailed information on how you would like others to contribute to this project
**NOTE:** Run `make help` for more information on all potential `make` targets
More information can be found via the [Kubebuilder Documentation](https://book.kubebuilder.io/introduction.html)
## License
Copyright 2024.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
L2S-M core/additional-info/inter-cluster.md additional-info/inter-cluster.md
View file @ 4be2bde9
<!---
Copyright 2024 Universidad Carlos III de Madrid
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License. You may obtain a copy
of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.
SPDX-License-Identifier: Apache-2.0
-->
# L2S-M in a Inter-Cluster scenario # L2S-M in a Inter-Cluster scenario
>**Note: Work in progress** :wrench::wrench: >**Note: Work in progress** :wrench::wrench:
......
l2sm-api-resources/api/v1/groupversion_info.go api/v1/groupversion_info.go
View file @ 4be2bde9
/******************************************************************************* // Copyright 2024 Universidad Carlos III de Madrid
* Copyright 2024 Universidad Carlos III de Madrid //
* // Licensed under the Apache License, Version 2.0 (the "License");
* Licensed under the Apache License, Version 2.0 (the "License"); you may not // you may not use this file except in compliance with the License.
* use this file except in compliance with the License. You may obtain a copy // You may obtain a copy of the License at
* of the License at //
* // http://www.apache.org/licenses/LICENSE-2.0
* http://www.apache.org/licenses/LICENSE-2.0 //
* // Unless required by applicable law or agreed to in writing, software
* Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS,
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the // See the License for the specific language governing permissions and
* License for the specific language governing permissions and limitations under // limitations under the License.
* the License.
*
* SPDX-License-Identifier: Apache-2.0
******************************************************************************/
// Package v1 contains API Schema definitions for the l2sm v1 API group // Package v1 contains API Schema definitions for the l2sm v1 API group
// +kubebuilder:object:generate=true // +kubebuilder:object:generate=true
// +groupName=l2sm.l2sm.k8s.local // +groupName=l2sm.l2sm.k8s.local
......
l2sm-api-resources/api/v1/l2smnetwork_types.go api/v1/l2network_types.go
View file @ 4be2bde9
/******************************************************************************* // Copyright 2024 Universidad Carlos III de Madrid
* Copyright 2024 Universidad Carlos III de Madrid //
* // Licensed under the Apache License, Version 2.0 (the "License");
* Licensed under the Apache License, Version 2.0 (the "License"); you may not // you may not use this file except in compliance with the License.
* use this file except in compliance with the License. You may obtain a copy // You may obtain a copy of the License at
* of the License at //
* // http://www.apache.org/licenses/LICENSE-2.0
* http://www.apache.org/licenses/LICENSE-2.0 //
* // Unless required by applicable law or agreed to in writing, software
* Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS,
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the // See the License for the specific language governing permissions and
* License for the specific language governing permissions and limitations under // limitations under the License.
* the License.
*
* SPDX-License-Identifier: Apache-2.0
******************************************************************************/
package v1 package v1
import ( import (
...@@ -49,8 +46,8 @@ type ProviderSpec struct { ...@@ -49,8 +46,8 @@ type ProviderSpec struct {
Domain string `json:"domain"` Domain string `json:"domain"`
} }
// L2SMNetworkSpec defines the desired state of L2SMNetwork // L2NetworkSpec defines the desired state of L2Network
type L2SMNetworkSpec struct { type L2NetworkSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file // Important: Run "make" to regenerate code after modifying this file
...@@ -64,8 +61,8 @@ type L2SMNetworkSpec struct { ...@@ -64,8 +61,8 @@ type L2SMNetworkSpec struct {
Provider *ProviderSpec `json:"provider,omitempty"` Provider *ProviderSpec `json:"provider,omitempty"`
} }
// L2SMNetworkStatus defines the observed state of L2SMNetwork // L2NetworkStatus defines the observed state of L2Network
type L2SMNetworkStatus struct { type L2NetworkStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file // Important: Run "make" to regenerate code after modifying this file
...@@ -85,24 +82,24 @@ type L2SMNetworkStatus struct { ...@@ -85,24 +82,24 @@ type L2SMNetworkStatus struct {
// +kubebuilder:printcolumn:name="AVAILABILITY",type="string",JSONPath=".status.internalConnectivity",description="Internal SDN Controller Connectivity" // +kubebuilder:printcolumn:name="AVAILABILITY",type="string",JSONPath=".status.internalConnectivity",description="Internal SDN Controller Connectivity"
// +kubebuilder:printcolumn:name="CONNECTED_PODS",type=integer,JSONPath=".status.connectedPods",description="Internal SDN Controller Connectivity" // +kubebuilder:printcolumn:name="CONNECTED_PODS",type=integer,JSONPath=".status.connectedPods",description="Internal SDN Controller Connectivity"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// L2SMNetwork is the Schema for the l2smnetworks API // L2Network is the Schema for the l2networks API
type L2SMNetwork struct { type L2Network struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"` metav1.ObjectMeta `json:"metadata,omitempty"`
Spec L2SMNetworkSpec `json:"spec,omitempty"` Spec L2NetworkSpec `json:"spec,omitempty"`
Status L2SMNetworkStatus `json:"status,omitempty"` Status L2NetworkStatus `json:"status,omitempty"`
} }
//+kubebuilder:object:root=true //+kubebuilder:object:root=true
// L2SMNetworkList contains a list of L2SMNetwork // L2NetworkList contains a list of L2Network
type L2SMNetworkList struct { type L2NetworkList struct {
metav1.TypeMeta `json:",inline"` metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"` metav1.ListMeta `json:"metadata,omitempty"`
Items []L2SMNetwork `json:"items"` Items []L2Network `json:"items"`
} }
func init() { func init() {
SchemeBuilder.Register(&L2SMNetwork{}, &L2SMNetworkList{}) SchemeBuilder.Register(&L2Network{}, &L2NetworkList{})
} }
api/v1/networkedgedevice_types.go 0 → 100644
View file @ 4be2bde9
// Copyright 2024 Universidad Carlos III de Madrid
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package v1
import (
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// The SDN Controller that manages the overlay network.
type NetworkControllerSpec struct {
// Name of the Network controller
Name string `json:"name"`
// Domain where the controller can be reached at. Must be a valid IP Address or Domain name, reachable from all the nodes where the switches are deployed at.
Domain string `json:"domain"`
}
type NeighborSpec struct {
// Name of the cluster the link is going to be made upon.
Node string `json:"node"`
// Domain where the neighbor's NED switch can be reached at. Must be a valid IP Address or Domain name, reachable from the node the NED
// is going to be deployed at.
Domain string `json:"domain"`
}
type SwitchPodSpec struct {
// List of volumes that can be mounted by containers belonging to the pod.
// More info: https://kubernetes.io/docs/concepts/storage/volumes
// +optional
// +patchMergeKey=name
// +patchStrategy=merge,retainKeys
// +listType=map
// +listMapKey=name
Volumes []corev1.Volume `json:"volumes,omitempty" patchStrategy:"merge,retainKeys" patchMergeKey:"name" protobuf:"bytes,1,rep,name=volumes"`
// List of initialization containers belonging to the pod.
// Init containers are executed in order prior to containers being started. If any
// init container fails, the pod is considered to have failed and is handled according
// to its restartPolicy. The name for an init container or normal container must be
// unique among all containers.
// Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.
// The resourceRequirements of an init container are taken into account during scheduling
// by finding the highest request/limit for each resource type, and then using the max of
// of that value or the sum of the normal containers. Limits are applied to init containers
// in a similar fashion.
// Init containers cannot currently be added or removed.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
// +patchMergeKey=name
// +patchStrategy=merge
// +listType=map
// +listMapKey=name
InitContainers []corev1.Container `json:"initContainers,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,20,rep,name=initContainers"`
// List of containers belonging to the pod.
// Containers cannot currently be added or removed.
// There must be at least one container in a Pod.
// Cannot be updated.
// +patchMergeKey=name
// +patchStrategy=merge
// +listType=map
// +listMapKey=name
Containers []corev1.Container `json:"containers" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,2,rep,name=containers"`
// Host networking requested for this pod. Use the host's network namespace.
// If this option is set, the ports that will be used must be specified.
// Default to false.
// +k8s:conversion-gen=false
// +optional
HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,11,opt,name=hostNetwork"`
}
type SwitchTemplateSpec struct {
// Standard object's metadata.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
// +optional
metav1.ObjectMeta `json:"metadata,omitempty"`
// Specification of the desired behavior of the pod.
// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
// +optional
Spec SwitchPodSpec `json:"spec,omitempty"`
}
type NodeConfigSpec struct {
NodeName string `json:"nodeName"`
IPAddress string `json:"ipAddress"`
}
// NetworkEdgeDeviceSpec defines the desired state of NetworkEdgeDevice
type NetworkEdgeDeviceSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// The SDN Controller that manages the overlay network. Must specify a domain and a name.
NetworkController *NetworkControllerSpec `json:"networkController"`
// Node Configuration
NodeConfig *NodeConfigSpec `json:"nodeConfig"`
// Field exclusive to the multi-domain overlay type. If specified in other types of overlays, the reosurce will launch an error and won't be created.
Neighbors []NeighborSpec `json:"neighbors,omitempty"`
// Template describes the virtual switch pod that will be created.
SwitchTemplate *SwitchTemplateSpec `json:"switchTemplate"`
// Available pod range. The pod specified will run a local grpc server and the next one will be used for the VXLAN creation
}
// NetworkEdgeDeviceStatus defines the observed state of NetworkEdgeDevice
type NetworkEdgeDeviceStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
// Status of the overlay. Is available when switches are connected between them and with the network Controller.
// +kubebuilder:default=Unavailable
Availability *ConnectivityStatus `json:"availability"`
ConnectedNeighbors []NeighborSpec `json:"connectedNeighbors,omitempty"`
OpenflowId string `json:"openflowId,omitempty"`
}
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// NetworkEdgeDevice is the Schema for the networkedgedevices API
// +kubebuilder:printcolumn:name="STATUS",type="string",JSONPath=".status.availability",description="Availability status of the overlay"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
type NetworkEdgeDevice struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec NetworkEdgeDeviceSpec `json:"spec,omitempty"`
Status NetworkEdgeDeviceStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// NetworkEdgeDeviceList contains a list of NetworkEdgeDevice
type NetworkEdgeDeviceList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []NetworkEdgeDevice `json:"items"`
}
func init() {
SchemeBuilder.Register(&NetworkEdgeDevice{}, &NetworkEdgeDeviceList{})
}
api/v1/overlay_types.go 0 → 100644
View file @ 4be2bde9
// Copyright 2024 Universidad Carlos III de Madrid
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package v1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type Link struct {
EndpointA string `json:"endpointA"`
EndpointB string `json:"endpointB"`
}
type TopologySpec struct {
Nodes []string `json:"nodes"`
Links []Link `json:"links"`
}
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// OverlaySpec defines the desired state of Overlay
type OverlaySpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// The SDN Controller that manages the overlay network. Must specify a domain and a name.
NetworkController *NetworkControllerSpec `json:"networkController"`
// Topology represents the desired topology, it's represented by the 'Nodes' field, a list of nodes where the switches are going to be deployed and a list of bidirectional links,
// selecting the nodes that are going to be linked.
Topology *TopologySpec `json:"topology,omitempty"`
// Field exclusive to the multi-domain overlay type. If specified in other types of overlays, the reosurce will launch an error and won't be created.
Neighbors []NeighborSpec `json:"neighbors,omitempty"`
// Template describes the virtual switch pod that will be created.
SwitchTemplate *SwitchTemplateSpec `json:"switchTemplate"`
}
// OverlayStatus defines the observed state of Overlay
type OverlayStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
ConnectedNeighbors []NeighborSpec `json:"connectedNeighbors,omitempty"`
}
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
// Overlay is the Schema for the overlays API
type Overlay struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec OverlaySpec `json:"spec,omitempty"`
Status OverlayStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// OverlayList contains a list of Overlay
type OverlayList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Overlay `json:"items"`
}
func init() {
SchemeBuilder.Register(&Overlay{}, &OverlayList{})
}
api/v1/zz_generated.deepcopy.go 0 → 100644
View file @ 4be2bde9
This diff is collapsed.

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent