Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use NSM-envs from the client application #101

Open
glazychev-art opened this issue Mar 24, 2022 · 14 comments
Open

Use NSM-envs from the client application #101

glazychev-art opened this issue Mar 24, 2022 · 14 comments
Milestone
v1.5.0

Comments

@glazychev-art
Copy link
Contributor

glazychev-art commented Mar 24, 2022
edited
Loading

Description

We have a many NSM envs that allow us to configure the NSC in the best possible way:
https://github.com/networkservicemesh/cmd-nsc/blob/main/internal/config/config.go#L31-L43

	Name             string        `default:"nsc" desc:"Name of Network Service Client"`
	ConnectTo        url.URL       `default:"unix:///var/lib/networkservicemesh/nsm.io.sock" desc:"url to connect to NSM" split_words:"true"`
	DialTimeout      time.Duration `default:"5s" desc:"timeout to dial NSMgr" split_words:"true"`
	RequestTimeout   time.Duration `default:"15s" desc:"timeout to request NSE" split_words:"true"`
	MaxTokenLifetime time.Duration `default:"10m" desc:"maximum lifetime of tokens" split_words:"true"`

	Labels    []string `default:"" desc:"A list of client labels with format key1=val1,key2=val2, will be used a primary list for network services" split_words:"true"`
	Mechanism string   `default:"kernel" desc:"Default Mechanism to use, supported values: kernel, vfio" split_words:"true"`

	NetworkServices       []url.URL               `default:"" desc:"A list of Network Service Requests" split_words:"true"`
	AwarenessGroups       awarenessgroups.Decoder `defailt:"" desc:"Awareness groups for mutually aware NSEs" split_words:"true"`
	LogLevel              string                  `default:"INFO" desc:"Log level" split_words:"true"`
	OpenTelemetryEndpoint string                  `default:"otel-collector.observability.svc.cluster.local:4317" desc:"OpenTelemetry Collector Endpoint"`

And we definitely can do it when we use a bare NSC, without any actual client application.

But this is not the main use case for NSM - users can add networkservicemesh annotations:

...
annotations:
    networkservicemesh.io: "kernel://my-networkservice-1/nsm-1"
...

NetworkServices or Mechanism - we can take it from the annotation. But what about others? What if the user wants to add AwarenessGroups and so on?

Possible solutions:

  1. Use NSM_ prefixed envs that are passed by user and inject them into NSM-containers
  2. Expand the current networkservicemesh.io annotation and add new parameters
@glazychev-art
Copy link
Contributor Author

@denis-tingaikin @edwarnicke
Any thoughts?

@edwarnicke
Copy link
Member

@glazychev-art Could you provide concrete examples of things we might do with them?

@denis-tingaikin
Copy link
Member

@edwarnicke Imagine the case when external client wants set Mutually Aware Group

@edwarnicke
Copy link
Member

@LionelJouin Do you anticipate using the annotations for cases where you need to set a Mutually Aware Group?

@LionelJouin
Copy link
Member

@edwarnicke no, I don't think so, we are not using the webhook.

@edwarnicke
Copy link
Member

@glazychev-art @denis-tingaikin Do we have someone using Webhooks for more complex cases? Do we have a need ourselves there... or are we trying to get ahead of needs?

@denis-tingaikin
Copy link
Member

denis-tingaikin commented Mar 25, 2022
edited
Loading

@edwarnicke This could be useful for invariant testing. Moreover, I think this is actual question. What if external client wants to tune up nsc configuration?

@denis-tingaikin
Copy link
Member

@edwarnicke

I think we might be inrested in support next syntax:

networkservicemesh.io: | {{. mechanism }}://{{ .serviceName}}/{{ .interfaceName }}?{{. labels }}
{{.envConfig}

Example:

networkservicemesh.io: | kernel://ns-1/nsm-1
NSM_DIAL_TIMEOUT=5s
NSM_MAX_TOKEN_LIFE_TIME=30s
...

Thoughts?

@edwarnicke
Copy link
Member

What if we have multiple Network Services to which a Pod wishes to connect?

@denis-tingaikin
Copy link
Member

denis-tingaikin commented May 10, 2022
edited
Loading

What if we have multiple Network Services to which a Pod wishes to connect?

Thats an intresting question.

For this case we need change syntax to this

networkservicemesh.io: | 
  {{.envConfig}
  {{. mechanism1 }}://{{ .serviceName1}}/{{ .interfaceName1 }}?{{. labels1}}
  {{. mechanism2 }}://{{ .serviceName2}}/{{ .interfaceName2 }}?{{. labels2}}
  ...
  {{. mechanismN }}://{{ .serviceNameN}}/{{ .interfaceNameN }}?{{. labelsN}}

Or we could simply add a new annotation

networkservicemesh.io/env.config: |
   {{.envConfig}

@denis-tingaikin denis-tingaikin added this to the v1.5.0 milestone May 20, 2022
@edwarnicke
Copy link
Member

I am concerned here are that all the use cases we have so far involve us wanting to tweak our test cases. Introducing complex parameter tweaking into our test cases makes it less likely that things just 'work' out of the box with a simple single line annotation.

@denis-tingaikin
Copy link
Member

We don't want to use this for testing.

We need this for users who want to enable Mutually Aware Group, or disable heal, or tune something for the specific cluster,.

@edwarnicke Makes sense?

@edwarnicke
Copy link
Member

@denis-tingaikin Do we have users currently?

@denis-tingaikin
Copy link
Member

At this moment we dont get any requests.

I also saw that, for local datapath debug could be super useful to disable data path to avoid ton of icmp requests in traces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.5.0
Development

No branches or pull requests
4 participants
@edwarnicke @LionelJouin @glazychev-art @denis-tingaikin