Added second client to the IPAM policies tests

examples/features/ipam-policies/README.md

@@ -15,58 +15,93 @@ Make sure that you have completed steps from [basic](../../basic) setup.
 
 ## Run
 
-Deploy the client and the first NSE with CIDR `172.16.1.0/31` and `default` IPAM Policy:
+Deploy the client and the first NSE with CIDR `172.16.1.0/29` and `default` IPAM Policy:
 ```bash
 kubectl apply -k https://github.com/networkservicemesh/deployments-k8s/examples/features/ipam-policies?ref=42440f9d1b3e4daf8696da435bd128da8dd93b22
 ```
 
 Wait for applications ready:
 ```bash
-kubectl wait --for=condition=ready --timeout=1m pod -l app=alpine -n ns-ipam-policies
+kubectl wait --for=condition=ready --timeout=1m pod -l app=alpine-1 -n ns-ipam-policies
+```
+```bash
+kubectl wait --for=condition=ready --timeout=1m pod -l app=alpine-2 -n ns-ipam-policies
 ```
 ```bash
 kubectl wait --for=condition=ready --timeout=1m pod -l app=first-nse -n ns-ipam-policies
 ```
 
-Ping the first NSE from the client:
+Ping the first NSE from the first client:
+```bash
+kubectl exec pods/alpine-1 -n ns-ipam-policies -- ping -c 4 172.16.1.0
+```
+
+Ping the first NSE from the second client:
 ```bash
-kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.1.0
+kubectl exec pods/alpine-2 -n ns-ipam-policies -- ping -c 4 172.16.1.2
 ```
 
-Ping the client from the first NSE:
+Ping the first client from the first NSE:
 ```bash
 kubectl exec pods/first-nse -n ns-ipam-policies -- ping -c 4 172.16.1.1
 ```
 
+Ping the second client from the first NSE:
+```bash
+kubectl exec pods/first-nse -n ns-ipam-policies -- ping -c 4 172.16.1.3
+```
+
 Delete the first NSE:
 ```bash
 kubectl delete pod -l app=first-nse -n ns-ipam-policies
 ```
 
-Apply the second NSE with CIDR `172.16.2.0/31` and `strict` IPAM Policy:
+Apply the second NSE with CIDR `172.16.2.0/29` and `strict` IPAM Policy:
 ```bash
 kubectl apply -f https://raw.githubusercontent.com/networkservicemesh/deployments-k8s/42440f9d1b3e4daf8696da435bd128da8dd93b22/examples/features/ipam-policies/second-nse.yaml -n ns-ipam-policies
 ```
 
-Ping the second NSE from the client:
+Wait for application ready:
+```bash
+kubectl wait --for=condition=ready --timeout=1m pod -l app=second-nse -n ns-ipam-policies
+```
+
+Ping the second NSE from the first client:
 ```bash
-kubectl exec pods/alpine -n ns-ipam-policies -- ping -c 4 172.16.2.0
+kubectl exec pods/alpine-1 -n ns-ipam-policies -- ping -c 4 172.16.2.0
 ```
 
-Ping the client from the second NSE:
+Ping the second NSE from the second client:
+```bash
+kubectl exec pods/alpine-2 -n ns-ipam-policies -- ping -c 4 172.16.2.2
+```
+
+Ping the first client from the NSE:
 ```bash
 kubectl exec pods/second-nse -n ns-ipam-policies -- ping -c 4 172.16.2.1
 ```
 
-Check routes on the client. They should contain only the routes from CIDR `172.16.2.0/31`:
+Ping the second client from the NSE:
+```bash
+kubectl exec pods/second-nse -n ns-ipam-policies -- ping -c 4 172.16.2.3
+```
+
+Check routes on the clients. They should contain only the routes from CIDR `172.16.2.0/29`:
 ```bash
-routes=$(kubectl exec pods/alpine -n ns-ipam-policies -- ip r show dev nsm-1 | xargs) # Use xargs here just to trim whitespaces in the routes
+routes=$(kubectl exec pods/alpine-1 -n ns-ipam-policies -- ip r show dev nsm-1 | xargs) # Use xargs here just to trim whitespaces in the routes
 if [[ "$routes" != "172.16.2.0 dev nsm-1" ]]; then
     echo "routes on the client are invalid"
     exit
 fi
 ```
 
+```bash
+routes=$(kubectl exec pods/alpine-2 -n ns-ipam-policies -- ip r show dev nsm-2 | xargs) # Use xargs here just to trim whitespaces in the routes
+if [[ "$routes" != "172.16.2.2 dev nsm-1" ]]; then
+    echo "routes on the client are invalid"
+    exit
+fi
+```
 
 ## Cleanup
 

examples/features/ipam-policies/client.yaml → examples/features/ipam-policies/client1.yaml

@@ -2,16 +2,19 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: alpine
+  name: alpine-1
   labels:
-    app: alpine
+    app: alpine-1
   annotations:
     networkservicemesh.io: kernel://ipam-policies/nsm-1
 spec:
   containers:
-  - name: alpine
+  - name: alpine-1
     image: alpine:3.15.0
     imagePullPolicy: IfNotPresent
+    env:
+      - name: NSM_LOG_LEVEL
+        value: TRACE
     # simple `sleep` command would work
     # but we need `trap` to be able to delete pods quckly
     command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]

examples/features/ipam-policies/client2.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-2
+  labels:
+    app: alpine-2
+  annotations:
+    networkservicemesh.io: kernel://ipam-policies/nsm-2
+spec:
+  containers:
+  - name: alpine-2
+    image: alpine:3.15.0
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: NSM_LOG_LEVEL
+        value: TRACE
+    # simple `sleep` command would work
+    # but we need `trap` to be able to delete pods quckly
+    command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]

examples/features/ipam-policies/first-nse.yaml

@@ -29,7 +29,7 @@ spec:
         - name: NSM_REGISTER_SERVICE
           value: "false"
         - name: NSM_CIDR_PREFIX
-          value: 172.16.1.0/31
+          value: 172.16.1.0/29
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets

examples/features/ipam-policies/kustomization.yaml

@@ -7,5 +7,6 @@ namespace: ns-ipam-policies
 resources:
 - ns-ipam-policies.yaml
 - netsvc.yaml
-- client.yaml
+- client1.yaml
+- client2.yaml
 - first-nse.yaml

examples/features/ipam-policies/second-nse.yaml

@@ -31,7 +31,7 @@ spec:
         - name: NSM_IPAM_POLICY
           value: strict
         - name: NSM_CIDR_PREFIX
-          value: 172.16.2.0/31
+          value: 172.16.2.0/29
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets