Skip to content

Commit

Permalink
Merge pull request #727 from loxilb-io/main
Browse files Browse the repository at this point in the history
PR : Merge from main
  • Loading branch information
TrekkieCoder authored Jul 10, 2024
2 parents b01cb9a + f04ebce commit 4bd402d
Show file tree
Hide file tree
Showing 20 changed files with 459 additions and 57 deletions.
12 changes: 12 additions & 0 deletions .github/workflows/advanced-lb-sanity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -101,3 +101,15 @@ jobs:
./validation.sh
./rmconfig.sh
cd -
- run: |
cd cicd/ipmasquerade/
./config.sh
./validation.sh
./rmconfig.sh
cd -
#- run: |
# cd cicd/httpsproxy/
# ./config.sh
# ./validation.sh
# ./rmconfig.sh
# cd -
32 changes: 18 additions & 14 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ Additionally, loxilb can also support cluster-ip and node-port services, thereby
loxilb works as a L4 load-balancer/service-proxy by default. Although it provides great performance, at times, L7 load-balancing might become necessary in K8s. There are many good L7 proxies already available for K8s. Still, we are working on providing a great L7 solution natively in eBPF. It is a tough endeavor one which should reap great benefits once completed. Please keep an eye for updates on this.

## Telco-Cloud with loxilb
For deploying telco-cloud with cloud-native functions, loxilb can be used as a SCP(service communication proxy). SCP is nothing but a communication hub for telco micro-services running in Kubernetes. But telco-cloud requires load-balancing and communication across various interfaces/standards like N2, N4, E2(ORAN), S6x, 5GLAN, GTP etc. Each of these present its own unique challenges which loxilb aims to solve e.g.
For deploying telco-cloud with cloud-native functions, loxilb can be used as a SCP(service communication proxy). SCP is a communication proxy defined by [3GPP](https://www.etsi.org/deliver/etsi_ts/129500_129599/129500/16.04.00_60/ts_129500v160400p.pdf) and aimed at telco micro-services running in cloud-native environment. Telco-cloud requires load-balancing and communication across various interfaces/standards like N2, N4, E2(ORAN), S6x, 5GLAN, GTP etc. Each of these present its own unique challenges which loxilb aims to solve e.g.:
- N4 requires PFCP level session-intelligence
- N2 requires NGAP parsing capability
- S6x requires Diameter/SCTP multi-homing LB support
Expand All @@ -66,20 +66,11 @@ For deploying telco-cloud with cloud-native functions, loxilb can be used as a S
- E2 might require SCTP-LB with OpenVPN bundled together
- SIP support is needed to enable cloud-native VOIP

## How-To Guides
- [How-To : Deploy loxilb in K8s with kube-loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/kube-loxilb.md)
- [How-To : Run in K8s with in-cluster mode](https://www.loxilb.io/post/k8s-nuances-of-in-cluster-external-service-lb-with-loxilb)
- [How-To : High-availability with loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/ha-deploy.md)
- [How-To : Run loxilb in standalone mode](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/standalone.md)
- [How-To : Manual build/run](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/run.md)
- [How-To : Standalone configuration](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/cmd.md)
- [How-To : Debug loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/debugging.md)
- [How-To : Access end-points outside K8s](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/ext-ep.md)
- [How-To : Deploy multi-server K3s HA with loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/k3s-multi-master.md)
- [How-To : Deploy loxilb with multi-AZ HA support in AWS](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/aws-multi-az.md)

## Getting started with different K8s distributions/tools
## Architectural Considerations
- [Understanding loxilb modes and deployment in K8s with kube-loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/kube-loxilb.md)
- [Understanding High-availability with loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/ha-deploy.md)

## Getting Started
#### loxilb as ext-cluster pod
- [K3s : loxilb with default flannel](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/k3s_quick_start_flannel.md)
- [K3s : loxilb with calico](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/k3s_quick_start_calico.md)
Expand All @@ -97,6 +88,16 @@ For deploying telco-cloud with cloud-native functions, loxilb can be used as a S
- [K3s : loxilb service-proxy with flannel](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/service-proxy-flannel.md)
- [K3s : loxilb service-proxy with calico](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/service-proxy-calico.md)

#### loxilb in standalone mode
- [Run loxilb standalone](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/standalone.md)

## Advanced Guides
- [How-To : Service-group zones with loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/service-zones.md)
- [How-To : Access end-points outside K8s](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/ext-ep.md)
- [How-To : Deploy multi-server K3s HA with loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/k3s-multi-master.md)
- [How-To : Deploy loxilb with multi-AZ HA support in AWS](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/aws-multi-az.md)
- [How-To : Deploy loxilb with Ingress](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/loxilb-nginx-ingress.md)

## Knowledge-Base
- [What is eBPF](ebpf.md)
- [What is k8s service - load-balancer](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/lb.md)
Expand All @@ -105,6 +106,9 @@ For deploying telco-cloud with cloud-native functions, loxilb can be used as a S
- [eBPF internals of loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/loxilbebpf.md)
- [What are loxilb NAT Modes](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/nat.md)
- [loxilb load-balancer algorithms](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/lb-algo.md)
- [Manual steps to build/run](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/run.md)
- [Debugging loxilb](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/debugging.md)
- [loxicmd command-line tool usage](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/cmd.md)
- [Developer's guide to loxicmd](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/cmd-dev.md)
- [Developer's guide to loxilb API](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/api-dev.md)
- [API Reference - loxilb web-Api](https://github.com/loxilb-io/loxilbdocs/blob/main/docs/api.md)
Expand Down
9 changes: 9 additions & 0 deletions api/models/firewall_option_entry.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions api/models/loadbalance_entry.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

36 changes: 36 additions & 0 deletions api/restapi/embedded_spec.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions api/restapi/handler/firewall.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,9 @@ func ConfigPostFW(params operations.PostConfigFirewallParams) middleware.Respond
Opts.Trap = params.Attr.Opts.Trap
Opts.Record = params.Attr.Opts.Record
Opts.Mark = uint32(params.Attr.Opts.FwMark)
Opts.DoSnat = params.Attr.Opts.DoSnat
Opts.ToIP = params.Attr.Opts.ToIP
Opts.ToPort = uint16(params.Attr.Opts.ToPort)

FW.Rule = Rules
FW.Opts = Opts
Expand Down Expand Up @@ -156,6 +159,9 @@ func ConfigGetFW(params operations.GetConfigFirewallAllParams) middleware.Respon
tmpOpts.Trap = FW.Opts.Trap
tmpOpts.Record = FW.Opts.Record
tmpOpts.FwMark = int64(FW.Opts.Mark)
tmpOpts.DoSnat = FW.Opts.DoSnat
tmpOpts.ToIP = FW.Opts.ToIP
tmpOpts.ToPort = int64(FW.Opts.ToPort)
tmpOpts.Counter = FW.Opts.Counter

tmpResult.RuleArguments = &tmpRule
Expand Down
1 change: 1 addition & 0 deletions api/restapi/handler/loadbalancer.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ func ConfigGetLoadbalancer(params operations.GetConfigLoadbalancerAllParams) mid
tmpSvc.Probetype = lb.Serv.ProbeType
tmpSvc.Probeport = lb.Serv.ProbePort
tmpSvc.Name = lb.Serv.Name
tmpSvc.Snat = lb.Serv.Snat

tmpLB.ServiceArguments = &tmpSvc

Expand Down
13 changes: 12 additions & 1 deletion api/swagger.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2894,6 +2894,9 @@ definitions:
name:
type: string
description: service name
snat:
type: boolean
description: snat rule
oper:
type: integer
format: int32
Expand Down Expand Up @@ -3614,6 +3617,15 @@ definitions:
fwMark:
type: integer
description: Set a fwmark for any matching rule
doSnat:
type: boolean
description: Do SNAT on matching rule
toIP:
type: string
description: Modify to given IP in CIDR notation
toPort:
type: integer
description: Modify to given Port (Zero if port is not to be modified)
counter:
type: string
description: traffic counters
Expand Down Expand Up @@ -3949,4 +3961,3 @@ definitions:
type: integer
format: uint8
description: Retry Count to detect failure

45 changes: 45 additions & 0 deletions cicd/httpsproxy/config.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
#!/bin/bash

source ../common.sh

echo "#########################################"
echo "Spawning all hosts"
echo "#########################################"

spawn_docker_host --dock-type loxilb --dock-name llb1
spawn_docker_host --dock-type host --dock-name l3h1
spawn_docker_host --dock-type host --dock-name l3ep1
spawn_docker_host --dock-type host --dock-name l3ep2
spawn_docker_host --dock-type host --dock-name l3ep3

echo "#########################################"
echo "Connecting and configuring hosts"
echo "#########################################"


connect_docker_hosts l3h1 llb1
connect_docker_hosts l3ep1 llb1
connect_docker_hosts l3ep2 llb1
connect_docker_hosts l3ep3 llb1

sleep 5

#L3 config
config_docker_host --host1 l3h1 --host2 llb1 --ptype phy --addr 10.10.10.1/24 --gw 10.10.10.254
config_docker_host --host1 l3ep1 --host2 llb1 --ptype phy --addr 31.31.31.1/24 --gw 31.31.31.254
config_docker_host --host1 l3ep2 --host2 llb1 --ptype phy --addr 32.32.32.1/24 --gw 32.32.32.254
config_docker_host --host1 l3ep3 --host2 llb1 --ptype phy --addr 33.33.33.1/24 --gw 33.33.33.254
config_docker_host --host1 llb1 --host2 l3h1 --ptype phy --addr 10.10.10.254/24
config_docker_host --host1 llb1 --host2 l3ep1 --ptype phy --addr 31.31.31.254/24
config_docker_host --host1 llb1 --host2 l3ep2 --ptype phy --addr 32.32.32.254/24
config_docker_host --host1 llb1 --host2 l3ep3 --ptype phy --addr 33.33.33.254/24

$dexec llb1 ip addr add 10.10.10.3/32 dev lo
./minica -ip-addresses 10.10.10.254

docker cp minica.pem llb1:/opt/loxilb/cert/rootCA.crt
docker cp 10.10.10.254/cert.pem llb1:/opt/loxilb/cert/server.crt
docker cp 10.10.10.254/key.pem llb1:/opt/loxilb/cert/server.key

sleep 5
create_lb_rule llb1 10.10.10.254 --tcp=2020:8080 --endpoints=31.31.31.1:1,32.32.32.1:1,33.33.33.1:1 --mode=fullproxy --security=https
Binary file added cicd/httpsproxy/minica
Binary file not shown.
18 changes: 18 additions & 0 deletions cicd/httpsproxy/rmconfig.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#!/bin/bash

source ../common.sh

disconnect_docker_hosts l3h1 llb1
disconnect_docker_hosts l3ep1 llb1
disconnect_docker_hosts l3ep2 llb1
disconnect_docker_hosts l3ep3 llb1

delete_docker_host llb1
delete_docker_host l3h1
delete_docker_host l3ep1
delete_docker_host l3ep2
delete_docker_host l3ep3

echo "#########################################"
echo "Deleted testbed"
echo "#########################################"
64 changes: 64 additions & 0 deletions cicd/httpsproxy/validation.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
#!/bin/bash
source ../common.sh
echo SCENARIO-https-tcplb
$hexec l3ep1 node ../common/tcp_server.js server1 &
$hexec l3ep2 node ../common/tcp_server.js server2 &
$hexec l3ep3 node ../common/tcp_server.js server3 &

sleep 5
code=0
servIP=( "10.10.10.254" )
servArr=( "server1" "server2" "server3" )
ep=( "31.31.31.1" "32.32.32.1" "33.33.33.1" )
j=0
waitCount=0
while [ $j -le 2 ]
do
res=$($hexec l3h1 curl --max-time 10 -s ${ep[j]}:8080)
#echo $res
if [[ $res == "${servArr[j]}" ]]
then
echo "$res UP"
j=$(( $j + 1 ))
else
echo "Waiting for ${servArr[j]}(${ep[j]})"
waitCount=$(( $waitCount + 1 ))
if [[ $waitCount == 10 ]];
then
echo "All Servers are not UP"
echo SCENARIO-tcplb [FAILED]
sudo killall -9 node 2>&1 > /dev/null
exit 1
fi
fi
sleep 1
done

for k in {0..0}
do
echo "Testing Service IP: ${servIP[k]}"
lcode=0
for i in {1..4}
do
for j in {0..2}
do
res=$($hexec l3h1 curl --max-time 10 --insecure -s https://${servIP[k]}:2020)
echo $res
if [[ $res != "${servArr[j]}" ]]
then
lcode=1
fi
sleep 1
done
done
if [[ $lcode == 0 ]]
then
echo SCENARIO-https-tcplb with ${servIP[k]} [OK]
else
echo SCENARIO-https-tcplb with ${servIP[k]} [FAILED]
code=1
fi
done

sudo killall -9 node 2>&1 > /dev/null
exit $code
Loading

0 comments on commit 4bd402d

Please sign in to comment.