License: Apache License 2.0
This repo has been archived. Network Service Mesh continues to be very actively developed in multiple repos.
Network Service Mesh (NSM) is the Hybrid/Multi-cloud IP Service Mesh.
For more information, have a look at our website
Get Started with our latest release
Documentation can be found on our website
Information on getting involved: meetings, slack, etc can be found on our commmunity page
During upgrade test with nse-icmp-responder and kernel2kernel example multiple interfaces appear in NSE with multiple IP addresses appear in NSE. NSC pods also get multiple addresses.
Before upgrade, the NSE looks like:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if28559: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UP group default
link/ether f6:78:de:28:16:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.149.48/32 scope global eth0
valid_lft forever preferred_lft forever
5: icmp-respo-37e0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UNKNOWN group default qlen 1000
link/ether 02:fe:4f:e2:31:12 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-37e0
valid_lft forever preferred_lft forever
inet6 fe80::fe:4fff:fee2:3112/64 scope link
valid_lft forever preferred_lft forever
After upgrade:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if28559: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UP group default
link/ether f6:78:de:28:16:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.149.48/32 scope global eth0
valid_lft forever preferred_lft forever
6: icmp-respo-fb43: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UNKNOWN group default qlen 1000
link/ether 02:fe:60:83:30:c0 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-fb43
valid_lft forever preferred_lft forever
inet 172.16.1.98/32 scope global icmp-respo-fb43
valid_lft forever preferred_lft forever
inet6 fe80::fe:60ff:fe83:30c0/64 scope link
valid_lft forever preferred_lft forever
7: icmp-respo-6de2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UNKNOWN group default qlen 1000
link/ether 02:fe:74:98:66:90 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-6de2
valid_lft forever preferred_lft forever
inet 172.16.1.98/32 scope global icmp-respo-6de2
valid_lft forever preferred_lft forever
inet 172.16.1.100/32 scope global icmp-respo-6de2
valid_lft forever preferred_lft forever
inet6 fe80::fe:74ff:fe98:6690/64 scope link
valid_lft forever preferred_lft forever
NSC before upgrade:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if28558: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UP group default
link/ether aa:b1:79:d5:54:8c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.149.18/32 scope global eth0
valid_lft forever preferred_lft forever
5: nsm-1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UNKNOWN group default qlen 1000
link/ether 02:fe:f8:1e:a1:43 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.97/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet6 fe80::fe:f8ff:fe1e:a143/64 scope link tentative
valid_lft forever preferred_lft forever
NSC after upgrade:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if28558: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue state UP group default
link/ether aa:b1:79:d5:54:8c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.149.18/32 scope global eth0
valid_lft forever preferred_lft forever
6: nsm-1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UNKNOWN group default qlen 1000
link/ether 02:fe:10:f1:00:35 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.97/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet 172.16.1.99/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet 172.16.1.101/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet6 fe80::fe:afff:fe2e:dad6/64 scope link
valid_lft forever preferred_lft forever
Traffic was OK during the upgrade using the original IP (it stopped during pod restart, but after that came back as it should), but after the upgrade, the multiple addresses confused our tests, this is how the issue was detected.
The issue is reproducable, sometimes only one new IP appears, sometimes 2, as in the example.
I attached logs for the test case execution.
Versions used:
nsmgr=f2f421a
registry-memory=4b0bb64
forwarder-vpp=4e1d713
nse-icmp-responder-vpp=9b4b3fa
nsc-vpp=4c53be1
As upgrade base, we used versions from 19th of November:
nsmgr=47451a4
registry-memory=f24d424
forwarder-vpp=1b74b40
nse-icmp-responder-vpp=5ac470e
nsc-vpp=888fbd4
endpoint-nsc-684f87c977-2npct-nsc.txt
endpoint-nse-588cc4f7bb-xrnts-nse.txt
forwarder-vpp-jv7xh-forwarder-vpp.txt
nsmgr-v7spq-nsmgr.txt
nsm-registry-5c6dc57b69-hd7wz-registry-memory.txt
We would like to use the nse-icmp-responder and nsc endpoint kernel2kernel example for NSM upgrade tests. Our tests fail, the connection is OK before 'helm upgrade', but after the upgrade the connection between NSE and NSC is usually lost. (NSE and NSC are not upgraded, only the NSM infrastructure below them.) The behavior is not entirely deterministic, in some cases multiple interfaces appear in the NSE after the upgrade with conflicting IP addresses.
For example:
Before the upgrade (ping OK):
NSC:
kubectl exec -n nsm endpoint-nsc-7789d64bcc-wc7p5 -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194402: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 66:82:28:2c:47:4c brd ff:ff:ff:ff:ff:ff
inet 192.168.215.162/32 scope global eth0
valid_lft forever preferred_lft forever
194404: nsm-1@if194403: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether e6:0b:fb:1a:cf:54 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.97/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet6 fe80::e40b:fbff:fe1a:cf54/64 scope link
valid_lft forever preferred_lft forever
NSE:
kubectl exec -n nsm endpoint-nse-5bd8b66987-bwj4l -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194401: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 6e:b7:f4:fc:1f:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.215.142/32 scope global eth0
valid_lft forever preferred_lft forever
194406: icmp-respo-f913@if194405: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether fa:3c:f2:96:2d:f2 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-f913
valid_lft forever preferred_lft forever
inet6 fe80::f83c:f2ff:fe96:2df2/64 scope link
valid_lft forever preferred_lft forever
After the upgrade (connection lost):
NSC:
kubectl exec -n nsm endpoint-nsc-7789d64bcc-wc7p5 -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194402: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 66:82:28:2c:47:4c brd ff:ff:ff:ff:ff:ff
inet 192.168.215.162/32 scope global eth0
valid_lft forever preferred_lft forever
194409: nsm-1@if194408: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether b6:9e:d6:9b:ec:b3 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.97/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet 172.16.1.99/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet6 fe80::b49e:d6ff:fe9b:ecb3/64 scope link
valid_lft forever preferred_lft forever
NSE:
kubectl exec -n nsm endpoint-nse-5bd8b66987-bwj4l -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194401: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 6e:b7:f4:fc:1f:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.215.142/32 scope global eth0
valid_lft forever preferred_lft forever
194406: icmp-respo-f913@if194405: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether fa:3c:f2:96:2d:f2 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-f913
valid_lft forever preferred_lft forever
inet6 fe80::f83c:f2ff:fe96:2df2/64 scope link
valid_lft forever preferred_lft forever
194411: icmp-respo-57e2@if194410: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether de:61:0c:9d:e4:d3 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-57e2
valid_lft forever preferred_lft forever
inet 172.16.1.98/32 scope global icmp-respo-57e2
valid_lft forever preferred_lft forever
inet6 fe80::dc61:cff:fe9d:e4d3/64 scope link
valid_lft forever preferred_lft forever
After a minute:
NSC:
kubectl exec -n nsm endpoint-nsc-7789d64bcc-wc7p5 -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194402: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 66:82:28:2c:47:4c brd ff:ff:ff:ff:ff:ff
inet 192.168.215.162/32 scope global eth0
valid_lft forever preferred_lft forever
194414: nsm-1@if194413: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether fe:fe:22:ea:b5:88 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.97/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet 172.16.1.101/32 scope global nsm-1
valid_lft forever preferred_lft forever
inet6 fe80::fcfe:22ff:feea:b588/64 scope link
valid_lft forever preferred_lft forever
NSE:
kubectl exec -n nsm endpoint-nse-5bd8b66987-bwj4l -- ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
link/ipip 0.0.0.0 brd 0.0.0.0
4: eth0@if194401: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1430 qdisc noqueue state UP
link/ether 6e:b7:f4:fc:1f:88 brd ff:ff:ff:ff:ff:ff
inet 192.168.215.142/32 scope global eth0
valid_lft forever preferred_lft forever
194406: icmp-respo-f913@if194405: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether fa:3c:f2:96:2d:f2 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-f913
valid_lft forever preferred_lft forever
inet6 fe80::f83c:f2ff:fe96:2df2/64 scope link
valid_lft forever preferred_lft forever
194411: icmp-respo-57e2@if194410: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether de:61:0c:9d:e4:d3 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-57e2
valid_lft forever preferred_lft forever
inet 172.16.1.98/32 scope global icmp-respo-57e2
valid_lft forever preferred_lft forever
inet6 fe80::dc61:cff:fe9d:e4d3/64 scope link
valid_lft forever preferred_lft forever
194416: icmp-respo-6c1c@if194415: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 9000 qdisc noqueue state UP qlen 1000
link/ether e2:c0:69:72:63:60 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.96/32 scope global icmp-respo-6c1c
valid_lft forever preferred_lft forever
inet 172.16.1.100/32 scope global icmp-respo-6c1c
valid_lft forever preferred_lft forever
inet6 fe80::e0c0:69ff:fe72:6360/64 scope link
valid_lft forever preferred_lft forever
Images used:
kubectl version
Client Version: version.Info{Major:"1", Minor:"21", GitVersion:"v1.21.1", GitCommit:"5e58841cce77d4bc13713ad2b91fa0d961e69192", GitTreeState:"clean", BuildDate:"2021-05-12T14:18:45Z", GoVersion:"go1.16.4", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.4", GitCommit:"ec2760d6d916781de466541a6babb4309766c995", GitTreeState:"clean", BuildDate:"2021-02-27T17:18:03Z", GoVersion:"go1.15.8", Compiler:"gc", Platform:"linux/amd64"}
helm version
version.BuildInfo{Version:"v3.6.0", GitCommit:"7f2df6467771a75f5646b7f12afb408590ed1755", GitTreeState:"clean", GoVersion:"go1.16.3"}
enhance cmd-nse-icmp-responder to have support for attaching NSCs over VF(s). depends on fix for sriov token server chain element (issue).
Currently icmp-responder supports only 1 network services.
For some cases it would be convenient to have it announce support for several network services during endpoint registration.
I download this code and run go build ./... and run docker build .
go build ./... not print any things, look like sucess
when run docker build .
[go 2/3] RUN go install github.com/go-delve/delve/cmd/[email protected]:
30.42 go: github.com/go-delve/delve/cmd/[email protected]: github.com/go-delve/delve/cmd/[email protected]: Get "https://proxy.golang.org/github.com/go-delve/delve/cmd/dlv/@v/v1.8.2.info": dial tcp 142.251.42.241:443: i/o timeout
ERROR: failed to solve: process "/bin/sh -c go install github.com/go-delve/delve/cmd/[email protected]" did not complete successfully: exit code: 1
Who can helo me , how to fix it
thanks
We need to test the new onidle chain element.
onidle element into responder endpoint chain, and configure it to stop the server on callback.For supporting mutually aware NSEs add env variable GROUP_ID which defaults to empty string
part of networkservicemesh/api#121
groupID to config for all nse cmdWe need to add a possible pass DNS contexts via env to cmd-nse-icmp-responder
additionalFunctionallity.2h
We've achieved next nsm applications: nsc, nsmgr, forwarder. For start testing, we need to migrate icmp-responder nse application.
Example:https://github.com/networkservicemesh/sdk/pull/221/files#diff-0289092949dd346f5fdfdc6486a2afb2R20
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.