post-thumb

Quick Start Network Service Mesh

This document will help you configure two Vagrant boxes in a Kubernetes cluster with a master and a worker node. You will also deploy the Network Service Mesh components in the cluster.

Pre-requisites

You can find instructions for your operation systems in the links below:

If you have another Linux distribution or prefer to go with the upstream, here

Getting the Network Service Mesh project

git clone https://github.com/networkservicemesh/networkservicemesh && cd networkservicemesh
cd networkservicemesh

Build

First let’s build the Docker images of the various components

make k8s-save

Local Vagrant setup

Then we’ll configure a Kubernetes cluster. A master and a worker node will be launched in two separate Vagrant machines. The Network Service Mesh components will then be deployed to the cluster.

make vagrant-start

Ensure your kubectl is configured to point to Vagrant’s Kubernetes cluster.

source scripts/vagrant/env.sh

Deploy the core Network Service Mesh components

The core Network Service Mesh infrastructure is deployed with the following command.

make k8s-infra-deploy

Verify the services are up and running

A simple check should show two nsmd, two nsm-vppagent-dataplane, two skydive-agent, one crossconnect-monitor and one skydive-analyzer pods.

kubect get pods

This will allow you to see your Network Service Mesh daemonset running:

kubectl get daemonset nsmd


NAME   DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR   AGE
nsmd   2         2         2       2            2           <none>          19m

Running the Networking Service Mesh examples

The basic ICMP example is deployed like this:

make k8s-icmp-deploy

The VPN service composition example is deployed with:

make k8s-vpn-deploy

Test

Both of the examples can be verified by running a simple check:

make k8s-check

For ICMP you should see ping succeeding as below:

./scripts/nsc_ping_all.sh
===== >>>>> PROCESSING nsc-84799b768f-99wgf  <<<<< ===========
PING 10.20.1.2 (10.20.1.2): 56 data bytes
64 bytes from 10.20.1.2: seq=0 ttl=64 time=6.313 ms

--- 10.20.1.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 6.313/6.313/6.313 ms
NSC nsc-84799b768f-99wgf with IP 10.20.1.1/30 pinging icmp-responder-nse TargetIP: 10.20.1.2 successful
===== >>>>> PROCESSING nsc-84799b768f-d82w5  <<<<< ===========
PING 10.20.1.2 (10.20.1.2): 56 data bytes
64 bytes from 10.20.1.2: seq=0 ttl=64 time=1.015 ms

--- 10.20.1.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 1.015/1.015/1.015 ms
NSC nsc-84799b768f-d82w5 with IP 10.20.1.1/30 pinging icmp-responder-nse TargetIP: 10.20.1.2 successful
===== >>>>> PROCESSING nsc-84799b768f-ktm4w  <<<<< ===========
PING 10.30.1.2 (10.30.1.2): 56 data bytes
64 bytes from 10.30.1.2: seq=0 ttl=64 time=3.199 ms

--- 10.30.1.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.199/3.199/3.199 ms
NSC nsc-84799b768f-ktm4w with IP 10.30.1.1/30 pinging vppagent-icmp-responder-nse TargetIP: 10.30.1.2 successful
===== >>>>> PROCESSING nsc-84799b768f-wvxwt  <<<<< ===========
PING 10.30.1.2 (10.30.1.2): 56 data bytes
64 bytes from 10.30.1.2: seq=0 ttl=64 time=6.070 ms

--- 10.30.1.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 6.070/6.070/6.070 ms
NSC nsc-84799b768f-wvxwt with IP 10.30.1.1/30 pinging vppagent-icmp-responder-nse TargetIP: 10.30.1.2 successful

Validating the VPN example will output the following:

===== >>>>> PROCESSING vpn-gateway-nsc-5458d48c86-zh4xf  <<<<< ===========
PING 10.60.1.2 (10.60.1.2): 56 data bytes
64 bytes from 10.60.1.2: seq=0 ttl=64 time=11.728 ms

--- 10.60.1.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 11.728/11.728/11.728 ms
NSC vpn-gateway-nsc-5458d48c86-zh4xf with IP 10.60.1.1/30 pinging vpn-gateway-nse TargetIP: 10.60.1.2 successful
Connecting to 10.60.1.2:80 (10.60.1.2:80)
null                 100% |*******************************|   112   0:00:00 ETA
NSC vpn-gateway-nsc-5458d48c86-zh4xf with IP 10.60.1.1/30 accessing vpn-gateway-nse TargetIP: 10.60.1.2 TargetPort:80 successful
Connecting to 10.60.1.2:8080 (10.60.1.2:8080)
wget: download timed out
command terminated with exit code 1
NSC vpn-gateway-nsc-5458d48c86-zh4xf with IP 10.60.1.1/30 blocked vpn-gateway-nse TargetIP: 10.60.1.2 TargetPort:8080
All check OK. NSC vpn-gateway-nsc-5458d48c86-zh4xf behaving as expected.