This repo is for platform independent sdk code
For platform specific sdk code, please see the sdk-${platform} repos:
License: Apache License 2.0
This repo is for platform independent sdk code
For platform specific sdk code, please see the sdk-${platform} repos:
Very similar to /pkg/networkservice/common/refresh tests
The current chain element looks only at the last token in the path chain. This is insufficient for the full spectrum of policy we are likely to want to enforce.
Expand on the authorize chain element by providing as its 'input' object:
We need exclude prefixes Chain element for server.
As well we need exclude prefixes application to listen for Kubernetes network prefixes and CRD and update resource. Chain element should periodically track resource state and re-read exclude prefixes.
We've found one interesting problem with goleak uber-go/goleak#48, in short it can detect leaks from other tests.
We can avoid this problem if we'll use goleak tool in each test.
We've updated next logic for networkservice/next, networkservice/adapters with this 6a29a89, now we can apply this patch for https://github.com/networkservicemesh/sdk/tree/master/pkg/registry/core/next, https://github.com/networkservicemesh/sdk/tree/master/pkg/registry/core/adapters
We have go
generating file https://github.com/networkservicemesh/sdk/blob/master/pkg/tools/callback/gen.go#L19 and we have not a check on CI for this. There is a possibility that we will not notice any problems with the relevance of the generated files
Add CI job go generate
on CI.
Now, go-header linter included in the set of golangci linters golangci/golangci-lint#1181. We need to wait for the new release and after that simplify our ci.yaml config. (This section will be removed https://github.com/networkservicemesh/sdk/blob/master/.github/workflows/ci.yaml#L174)
We need to store context from the adapter server/client and pass it to the next client/server to avoid the problem with losing
values from adapted server/client context.
Note: Here we are passing context https://github.com/networkservicemesh/sdk/blob/master/pkg/networkservice/core/adapters/client_to_server.go#L41
and actually all values from the chain are losing.
https://github.com/networkservicemesh/sdk/pull/227/checks?check_run_id=645773960
##[error] leaks.go:78: found unexpected goroutines:
[Goroutine 62 in state chan send, with github.com/networkservicemesh/sdk/pkg/networkservice/common/refresh_test.TestNewClient_StopRefreshAtClose.func1 on top of the stack:
goroutine 62 [chan send]:
github.com/networkservicemesh/sdk/pkg/networkservice/common/refresh_test.TestNewClient_StopRefreshAtClose.func1(0x18d8e20, 0xc000154120, 0xc000180280, 0x0, 0x0, 0x0, 0x1180c0b, 0xc000154140, 0xc000154120)
/Users/runner/runners/2.169.1/work/sdk/sdk/pkg/networkservice/common/refresh/client_test.go:97 +0x78
github.com/networkservicemesh/sdk/pkg/networkservice/common/refresh_test.(*testRefresh).Request(0xc000010280, 0x18d8e20, 0xc000154120, 0xc000180280, 0x0, 0x0, 0x0, 0xc000154120, 0x18d21a0, 0xc000108b70)
/Users/runner/runners/2.169.1/work/sdk/sdk/pkg/networkservice/common/refresh/client_test.go:67 +0x96
github.com/networkservicemesh/sdk/pkg/networkservice/core/next.(*nextClient).Request(0xc000108b70, 0x18d8f60, 0xc000152100, 0xc000180280, 0x0, 0x0, 0x0, 0x106989c, 0xc000152100, 0xc000048c00)
/Users/runner/runners/2.169.1/work/sdk/sdk/pkg/networkservice/core/next/client.go:70 +0x5fb
github.com/networkservicemesh/sdk/pkg/networkservice/common/refresh.(*refreshClient).Request(0xc00000ee20, 0x18d8f60, 0xc000152100, 0xc000180280, 0x0, 0x0, 0x0, 0xc0001c8218, 0x1092790, 0xc0001c81c0)
/Users/runner/runners/2.169.1/work/sdk/sdk/pkg/networkservice/common/refresh/client.go:53 +0xaa
github.com/networkservicemesh/sdk/pkg/networkservice/common/refresh.(*refreshClient).createTimer.func1()
/Users/runner/runners/2.169.1/work/sdk/sdk/pkg/networkservice/common/refresh/client.go:96 +0x183
created by time.goFunc
/Users/runner/hostedtoolcache/go/1.13.4/x64/src/time/sleep.go:168 +0x52
]
We need to create vl3 chain components to add possible to build different vl3 NSEs based on SDK.
Related to networkservicemesh/networkservicemesh#2136
The main usage of these chain elements are:
https://drive.google.com/file/d/1jq4AMOICUsL3zx-4-5SJ1P3UpxYO4V0U/view?usp=sharing // WIP
To add possible to connect proxy registry to remote registry we need to put into context URL to the remote target.
Add dnsresolve
chain element that's simply will resolve passed domain to URL via DNS and pass it into context.
With the new registry model, we need to add a chain element to manage NSM resources(NSs,NSEs). This component should do next things:
nsmgr copies the connection context from the NSE response. Not all information should be copied. Determine what we should filter and implement a mechanism to do so.
Also, provide a way to validate the connection context. E.g. NSE ignoring exclude prefixes.
We've simplified registry API and now we need to update and fix build errors in SDK repository with the latest nsm/api dependency.
The contract for Matches in the Network Service is that we evaluate each one from first to last until one matches. It appears this is not currently the case:
=== FAIL: pkg/networkservice/common/refresh TestNewClient_StopRefreshAtAnotherRequest (0.19s)
client_test.go:170:
Error Trace: client_test.go:170
Error: Condition never satisfied
Test: TestNewClient_StopRefreshAtAnotherRequest
https://github.com/networkservicemesh/sdk/pull/257/checks?check_run_id=719395988
Create NetworkServiceRegistryClient to add podName/nodeName/clusterName labels to registrations.
Put it in sdk/pkg/registry/common/
We need default OPA Policies based upon the update in input found in #200
Among the examples we'd want:
https://github.com/uber-go/goleak - Goroutine leak detector to help avoid Goroutine leaks.
We need to rethink and migrate our interdomain staff from monorepo to SDK.
https://docs.google.com/document/d/1JOPV-9C7cUBAdDyPtHE5BgLHRqc_OJq4YOPy7_51gyo/edit?usp=sharing
Split tasks on separate issues
Probably we need to add authorization policies for NSM registries to cover scenarios such as
Bulk
API.We need to somehow pass Path data or other authorization data to registries.
We can use pkg grpc/metadata
for passing authorization data for registries.
import "google.golang.org/grpc/metadata"
...
ctx = metadata.NewContext(
ctx,
metadata.Pairs("path-data", "data"),
)
We need to add possible to register xconnect nses in the registry.
Add tools/xconnectnse
pkg and add a function that expects URL to registry and URL to xconnect nse.
package xconnectnse
Register(client, registry.NetworkServiceRegistryClient, name string, xconnectnseURL *url.URL, ) error {
//TODO implement function here
}
Unregister(client, registry.NetworkServiceRegistryClient, name string, xconnectnseURL *url.URL, ) error {
//TODO implement function here
}
Find(client registry.NetworkServiceRegistryClient) []registry.NetworkServiceEdnpoint {
}
OR
Add registry/xconnnse client chain element that will simply fill needed fields and pass it to next client (real registry client)
Initial OPA implementation is currently in the repo with a simple use case.
Sometimes PASS, sometimes FAIL. @alex-yust reproduced it locally too
attach test log:
=== Failed
=== FAIL: pkg/networkservice/common/heal TestNewClient_MissingConnectionsInInit (0.03s)
time="2020-02-21T08:21:46Z" level=info msg="Creating new eventReceiver"
time="2020-02-21T08:21:46Z" level=info msg="==--> *healClient.Request() span:{}"
time="2020-02-21T08:21:46Z" level=info msg=">><<-- request={\"connection\":{\"id\":\"conn-1\",\"network_service\":\"ns-1\"}} span={}"
time="2020-02-21T08:21:46Z" level=info msg=">><<-- response={\"id\":\"conn-1\",\"network_service\":\"ns-1\"} span={}"
time="2020-02-21T08:21:46Z" level=info msg="==--> *healClient.Request() span:{}"
time="2020-02-21T08:21:46Z" level=info msg=">><<-- request={\"connection\":{\"id\":\"conn-2\",\"network_service\":\"ns-2\"}} span={}"
time="2020-02-21T08:21:46Z" level=info msg=">><<-- response={\"id\":\"conn-2\",\"network_service\":\"ns-2\"} span={}"
client_test.go:238:
Error Trace: client_test.go:238
Error: Should be true
Test: TestNewClient_MissingConnectionsInInit
OPA currently only reasons on a single token in the chain. It will be useful to have OPA support multiple tokens so that it can reason about elements deeper in the chain.
Context: #40 (comment)
The main idea to create chain components to be able to build analogies registries like nsmd-k8s
via SDK and be not dependent on Kubernetes staff.
Memory registries could be useful for the next goals:
nsmd-k8s
. For example cmd-nsmgr
.Need to fix TODO comment: https://github.com/networkservicemesh/sdk/blob/master/pkg/networkservice/common/discover/server.go#L46
This is a followup for after #45.
We will also need authorization chain elements for connection.MonitorNetworkServiceServer and connection.MonitorNetworkServiceClient.
Please put them in the pkg/registry/common/ subdir
We need to migrate our caches components from monorepo to SDK. Should be created caches components for next registry models:
NOTE: these components should not depend on k8s.
Registry caches should be based on LRU caches to minimalize resource usage on the client-side.
This is a carry over of:
networkservicemesh/networkservicemesh#2032
and is already being worked on in #40
Create in pkg/connection/core/ the analog: next, chain, adapters and trace chain elements for MonitorConnection{Server,Client}.
See pkg/*/core for examples for other APIs.
We need to add possible to registries proxy all incoming registrations/unregistratiom/find to the next registry.
Do we want to use special symbol "@" in ns/nse name to mark it as interdomain? As an alternative variant, we can add special labels for nse. For example:
nse:
name:
labels:
icmp-responder:
k:v
interdomain:
k:v
This is a followup for after #45.
We will also need authorization chain elements for connection.MonitorNetworkServiceServer and connection.MonitorNetworkServiceClient.
Please put them in the pkg/connection/common subdir (as they are part of the connection API).
The coverage check might help to review PRs with tests.
refresh - a chain client element that refreshes registration at 1/3 of the time between initial registration and expiration
Registry join
chain element will add a possible to aggregate a few registry clients to one. It will be useful for cmd-nsmgr. For example, we can join memory registry and real registry client.
The current authorization chain element provides only policy handling but not building. We need to expand the OPA mechanism into several pieces:
For example in pseudocode it might look like:
b := NewBuilder(configFile, elseOption...)
handler := b.Validate() //building the provided policy
ok := handler.eval(opaInputObj) //get the policy decision
Support for embedding OPA was added with #40. Supporting a remote OPA evaluation engine will be useful.
We need to add benchmark testing on CI. We already have benchmark tests but they not run on CI: pkg/tools/serialize/serialize_test.go
Please create in pkg/networkservice/connectioncontext/dnscontext/ a NetworkServiceServer chain element appropriate for setting a DNSContext for an Endpoint.
Chain of next + adapters elements can produce extra adapters per each of the chain elements.
For example:
If we have a chain of
server->adapted client->server->server
then it can be represented on call Request/Register/Close:
server->adapted client->adapted server->adapted server
We need to investigate and fix extra adaptation.
Proxy registry should be able to connect to the registry from another domain by the domain name.
Add analog of chain element connect for registries.
Example of usage:
[email protected]
.Create NetworkServiceClient chain element to add podName/nodeName/clusterName labels to request.
Put it in sdk/pkg/networkservice/common/
After the latest merges, we faced new unstable heal tests:
TestHealClient_Request
TestNewClient_MissingConnectionsInInit
=== Failed
=== FAIL: pkg/networkservice/common/heal TestHealClient_Request (0.07s)
client_test.go:116:
Error Trace: client_test.go:116
Error: Condition never satisfied
Test: TestHealClient_Request
=== FAIL: pkg/networkservice/common/heal TestNewClient_MissingConnectionsInInit (0.12s)
client_test.go:217:
Error Trace: client_test.go:217
Error: Condition never satisfied
Test: TestNewClient_MissingConnectionsInInit
https://github.com/networkservicemesh/sdk/runs/854630760?check_suite_focus=true
pkg/core/adapters can adapt the server to client or vice versa, but if a server uses pkg/next
then the adapters will not correctly adapt the server to client and it will panic on called Request/Close
pkg/core/adapters
can be used with pkg/next
.
Code example:
server.go
type configServer struct{}
// NewServer - inserts a vppagent *configurator.Config into the GRPC call context.Context
func NewServer() networkservice.NetworkServiceServer {
return &configServer{}
}
func (c *configServer) Request(ctx context.Context, request *networkservice.NetworkServiceRequest) (*connection.Connection, error) {
return next.Server(ctx).Request(ctx, request)
}
func (c *configServer) Close(ctx context.Context, conn *connection.Connection) (*empty.Empty, error) {
return next.Server(ctx).Close(ctx, conn)
}
client_test.go
func TestClientBasic(t *testing.T) {
next.NewNetworkServiceClient(NewServerToClient(&configServer{})).Close(nil, nil, nil)
}
Example from sdk-vppagent:
https://github.com/networkservicemesh/sdk-vppagent/blob/master/pkg/networkservice/vppagent/client.go
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x9c1110]
goroutine 6 [running]:
testing.tRunner.func1(0xc000140100)
/usr/local/go/src/testing/testing.go:874 +0x60f
panic(0xa48b00, 0xeba540)
/usr/local/go/src/runtime/panic.go:679 +0x1e0
github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters.testServer.Close(0xb81160, 0xc0001344b0, 0x0, 0x0, 0x0, 0x0)
/home/user/go/src/github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters/client_test.go:21 +0x80
github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters.(*serverToClient).Close(0xc00007b910, 0xb81160, 0xc0001344b0, 0x0, 0xc00007b930, 0x1, 0x1, 0x0, 0x0, 0x0)
/home/user/go/src/github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters/server_to_client.go:44 +0x8a
github.com/networkservicemesh/sdk/pkg/networkservice/core/next.(*nextClient).Close(0xc00000eb20, 0x0, 0x0, 0x0, 0xc00007b930, 0x1, 0x1, 0x0, 0x0, 0x0)
/home/user/go/src/github.com/networkservicemesh/sdk/pkg/networkservice/core/next/client.go:67 +0x369
github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters.TestClientBasic(0xc000140100)
/home/user/go/src/github.com/networkservicemesh/sdk/pkg/networkservice/core/adapters/client_test.go:25 +0x1c0
testing.tRunner(0xc000140100, 0xb054d8)
/usr/local/go/src/testing/testing.go:909 +0x13c
created by testing.(*T).Run
/usr/local/go/src/testing/testing.go:960 +0x64f
When we pass the chained client element into next.NewNetworkServiceClient(), unexpected behaviour may occur in next.Request -- it will be impossible to make request through all the clients in the chain.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.