Release v1.9.0

2023 May 09

NSM v1.9.0

NSM v1.9.0 has been successfully integration tested with Kubernetes versions:

  • v1.27.1
  • v1.26.3
  • v1.25.8
  • v1.24.6
  • v1.23.12
  • v1.22.13
  • v1.21.14
  • v1.20.15

NSM v1.9.0 has been tested on:

Added AF_XDP support

Now cmd-forwarder-vpp able to use AF_PACKET to bind to an existing node interface using LinkToAfPacket

AF_XDP is faster than AF_PACKET, but AF_XDP is only usable for our purposes from kernel version 5.4 onward. The good news is that lots of places have kernel versions that are new (including the more recent version of Docker Desktop).

See more details at https://github.com/networkservicemesh/cmd-forwarder-vpp/issues/283

Make SRIOV VFs to push/pop tags like vlan or vxlan

Now forwarder vpp is able to program the PF (physical interface) so that the VF (virtual interface) push/pops the correct vlan or vxlan tags. It is working whether or not the mechanism the VF is using is kernel or vfio. VLAN tag is not pushed by software in the kernel, we are programming the PF so that the particular VF is having its vlan tag push/popped in hardware by the NIC.

See more details at https://github.com/networkservicemesh/sdk-sriov/issues/489

Floating interdomain/ Interdomain NSE composition example

Created an interdomain version of the NSE Composition example. The difference with the single cluster example is that the first half of NSEs are running on the first cluster, and the second half are running on the second cluster.

See more details in https://github.com/networkservicemesh/deployments-k8s/issues/8874

Added support for DNS PTR records

A pointer (PTR) record resolves an IP address (made up of numbers and decimals) into a domain name (such as okta.com).

The act of translating an IP address into a domain name is known as a “reverse lookup” in the Domain Name System (DNS).

Now it is supported in vl3 DNS.

See more details in https://github.com/networkservicemesh/sdk/issues/1425

Interdomain DNS examples

We considered and tested the next scenarios:

  1. Interdomain DNS NSE has coredns sidecar. NSC should be able to resolve the DNS address specified in the NSE coredns config. Look at https://github.com/networkservicemesh/deployments-k8s/tree/main/examples/features/dns

  2. Floating interdomain DNS The same as Interdomain DNS, but NSE is registered in the floating registry

  3. Floating interdomain VL3 DNS Look at - https://github.com/networkservicemesh/deployments-k8s/tree/main/examples/multicluster/usecases/floating_vl3-basic Look at - https://github.com/networkservicemesh/deployments-k8s/tree/main/examples/features/vl3-dns NSC should be able to reach other NSCs using vl3 DNS.

And finally we get next new examples:

  1. https://github.com/networkservicemesh/deployments-k8s/tree/v1.9.0/examples/multicluster/usecases/floating_dns

  2. https://github.com/networkservicemesh/deployments-k8s/tree/v1.9.0/examples/multicluster/usecases/floating_vl3-dns

  3. https://github.com/networkservicemesh/deployments-k8s/tree/v1.9.0/examples/multicluster/usecases/interdomain_dns

Get rid of cloudtest in the interdomain repository

We no longer use cloudtest tool in interdomain testing. From this moment on, we’re using cloud provider commands directly in the integraiton-interdomain-k8s repository.

It makes our CI more simple and allows folks to simply reproduce our interdomain scenario on public clusters.

Spire update

Updated spire dependency since:

  1. k8s-workload-registrar has been deprecated and removed in the SPIRE 1.6 release, and SPIRE Controller Manager is included instead.

  2. SPIRE Community is no longer releasing GCR images in favor of scratch images on GHCR, thus the official image path changed to that.

See more details in https://github.com/networkservicemesh/deployments-k8s/pull/8963

Improve UX of examples

Improved and simplified examples with next changes:

  1. Namespaced from examples moved to kustomization files.
  2. Fixed refs: use relative paths in kustomization files
  3. Fixed refs: use refs to kustomization files where we used kubeclt apply -f .
  4. Avoided creating temporary files for configs. For example, usekubectl apply -f - <<EOF instead of https://github.com/networkservicemesh/deployments-k8s/blob/873559c602aab6ad43223927ea2f29d2dfb09478/examples/multicluster/dns/README.md#L131
  5. Avoided using environment variables for kubeconfig. Fixed for use --kubeconfig=$KUBECONFIG1 instead of export KUBECONFIG=$KUBECONFIG1
  6. Avoided using environment variables for kubectl exec. Instead of:
NSC=$(kubectl get pods -l app=alpine -n ns-kernel2kernel --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
kubectl exec ${NSC} -n ns-kernel2kernel -- ping -c 4 172.16.1.100

We can use

kubectl exec pods/alpine -n ns-kernel2kernel -- ping -c 4 172.16.1.100

6.Replaced using bases with resources in kustomization files. Bases is deprecated

See more details in https://github.com/networkservicemesh/deployments-k8s/pull/8985

Improve system stability

Resolved issues:

  1. https://github.com/networkservicemesh/cmd-registry-k8s/issues/158
  2. https://github.com/networkservicemesh/deployments-k8s/issues/9124
  3. https://github.com/networkservicemesh/integration-interdomain-k8s/issues/214
  4. https://github.com/networkservicemesh/deployments-k8s/issues/7694
  5. https://github.com/networkservicemesh/cmd-registry-k8s/issues/376
  6. https://github.com/networkservicemesh/sdk/issues/1446
  7. https://github.com/networkservicemesh/sdk/pull/1449
  8. https://github.com/networkservicemesh/integration-tests/pull/2692
  9. https://github.com/networkservicemesh/integration-k8s-packet/issues/320
  10. https://github.com/networkservicemesh/sdk/issues/1434
  11. https://github.com/networkservicemesh/cmd-forwarder-vpp/issues/841
  12. https://github.com/networkservicemesh/deployments-k8s/issues/8982
  13. https://github.com/networkservicemesh/sdk/pull/1447
  14. https://github.com/networkservicemesh/cmd-forwarder-vpp/issues/853
  15. https://github.com/networkservicemesh/deployments-k8s/pull/8878
  16. https://github.com/networkservicemesh/integration-k8s-aws/issues/345
  17. https://github.com/networkservicemesh/sdk/pull/1443
  18. https://github.com/networkservicemesh/integration-k8s-aws/issues/345
  19. https://github.com/networkservicemesh/deployments-k8s/pull/8879
  20. https://github.com/networkservicemesh/sdk/pull/1443
  21. https://github.com/networkservicemesh/integration-k8s-aks/issues/275
  22. https://github.com/networkservicemesh/integration-k8s-aws/issues/317
  23. https://github.com/networkservicemesh/integration-k8s-kind/pull/805
  24. https://github.com/networkservicemesh/integration-tests/issues/2706
  25. https://github.com/networkservicemesh/cmd-forwarder-vpp/issues/864
  26. https://github.com/networkservicemesh/deployments-k8s/issues/8964