Separated clients into 2 yaml files, added README steps

Signed-off-by: Vladislav Byrgazov <[email protected]>
networkservicemesh · Oct 9, 2024 · 268067f · 268067f
1 parent 2d79459
commit 268067f
Show file tree

Hide file tree

Showing 7 changed files with 77 additions and 35 deletions.
diff --git a/examples/features/ipam-policies/README.md b/examples/features/ipam-policies/README.md
@@ -15,7 +15,7 @@ Make sure that you have completed steps from [basic](../../basic) setup.
 
 ## Run
 
-Deploy the client and the first NSE with CIDR `172.16.1.0/31` and `default` IPAM Policy:
+Deploy the client and the first NSE with CIDR `172.16.1.0/29` and `default` IPAM Policy:
 ```bash
 kubectl apply -k https://github.com/networkservicemesh/deployments-k8s/examples/features/ipam-policies?ref=42440f9d1b3e4daf8696da435bd128da8dd93b22
 ```
@@ -28,22 +28,32 @@ kubectl wait --for=condition=ready --timeout=1m pod -l app=alpine -n ns-ipam-pol
 kubectl wait --for=condition=ready --timeout=1m pod -l app=first-nse -n ns-ipam-policies
 ```
 
-Ping the first NSE from the client:
+Ping the first NSE from the first client:
 ```bash
 kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.1.0
 ```
 
-Ping the client from the first NSE:
+Ping the first NSE from the second client:
+```bash
+kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.1.0
+```
+
+Ping the first client from the first NSE:
 ```bash
 kubectl exec pods/first-nse -n ns-ipam-policies -- ping -c 4 172.16.1.1
 ```
 
+Ping the second client from the first NSE:
+```bash
+kubectl exec pods/first-nse -n ns-ipam-policies -- ping -c 4 172.16.3.1
+```
+
 Delete the first NSE:
 ```bash
 kubectl delete pod -l app=first-nse -n ns-ipam-policies
 ```
 
-Apply the second NSE with CIDR `172.16.2.0/31` and `strict` IPAM Policy:
+Apply the second NSE with CIDR `172.16.2.0/29` and `strict` IPAM Policy:
 ```bash
 kubectl apply -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/42440f9d1b3e4daf8696da435bd128da8dd93b22/examples/features/ipam-policies/second-nse.yaml -n ns-ipam-policies
 ```
@@ -53,20 +63,37 @@ Ping the second NSE from the client:
 kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.2.0
 ```
 
+Ping the second NSE from the second client:
+```bash
+kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.2.2
+```
+
 Ping the client from the second NSE:
 ```bash
 kubectl exec pods/second-nse -n ns-ipam-policies -- ping -c 4 172.16.2.1
 ```
 
-Check routes on the client. They should contain only the routes from CIDR `172.16.2.0/31`:
+Ping the second client from the second NSE:
 ```bash
-routes=$(kubectl exec pods/alpine -n ns-ipam-policies -- ip r show dev nsm-1 | xargs) # Use xargs here just to trim whitespaces in the routes
+kubectl exec pods/second-nse -n ns-ipam-policies -- ping -c 4 172.16.2.3
+```
+
+Check routes on the clients. They should contain only the routes from CIDR `172.16.2.0/29`:
+```bash
+routes=$(kubectl exec pods/alpine-1 -n ns-ipam-policies -- ip r show dev nsm-1 | xargs) # Use xargs here just to trim whitespaces in the routes
 if [[ "$routes" != "172.16.2.0 dev nsm-1" ]]; then
     echo "routes on the client are invalid"
     exit
 fi
 ```
 
+```bash
+routes=$(kubectl exec pods/alpine-2 -n ns-ipam-policies -- ip r show dev nsm-2 | xargs) # Use xargs here just to trim whitespaces in the routes
+if [[ "$routes" != "172.16.2.2 dev nsm-1" ]]; then
+    echo "routes on the client are invalid"
+    exit
+fi
+```
 
 ## Cleanup
 

diff --git a/examples/features/ipam-policies/client1.yaml b/examples/features/ipam-policies/client1.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-1
+  labels:
+    app: alpine-1
+  annotations:
+    networkservicemesh.io: kernel://ipam-policies/nsm-1
+spec:
+  containers:
+  - name: alpine-1
+    image: alpine:3.15.0
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: NSM_LOG_LEVEL
+        value: TRACE
+    # simple `sleep` command would work
+    # but we need `trap` to be able to delete pods quckly
+    command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]
diff --git a/examples/features/ipam-policies/client2.yaml b/examples/features/ipam-policies/client2.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-2
+  labels:
+    app: alpine-2
+  annotations:
+    networkservicemesh.io: kernel://ipam-policies/nsm-2
+spec:
+  containers:
+  - name: alpine-2
+    image: alpine:3.15.0
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: NSM_LOG_LEVEL
+        value: TRACE
+    # simple `sleep` command would work
+    # but we need `trap` to be able to delete pods quckly
+    command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]
diff --git a/examples/features/ipam-policies/clients.yaml b/examples/features/ipam-policies/clients.yaml
diff --git a/examples/features/ipam-policies/first-nse.yaml b/examples/features/ipam-policies/first-nse.yaml
@@ -29,7 +29,7 @@ spec:
         - name: NSM_REGISTER_SERVICE
           value: "false"
         - name: NSM_CIDR_PREFIX
-          value: 172.16.1.0/31
+          value: 172.16.2.0/29
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets

diff --git a/examples/features/ipam-policies/kustomization.yaml b/examples/features/ipam-policies/kustomization.yaml
@@ -7,5 +7,6 @@ namespace: ns-ipam-policies
 resources:
 - ns-ipam-policies.yaml
 - netsvc.yaml
-- clients.yaml
+- client1.yaml
+- client2.yaml
 - first-nse.yaml
diff --git a/examples/features/ipam-policies/second-nse.yaml b/examples/features/ipam-policies/second-nse.yaml
@@ -31,7 +31,7 @@ spec:
         - name: NSM_IPAM_POLICY
           value: strict
         - name: NSM_CIDR_PREFIX
-          value: 172.16.2.0/31
+          value: 172.16.2.0/29
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets