├── .github └── workflows │ ├── docs-build-check.yaml │ └── docs.yaml ├── .gitignore ├── CODEOWNERS ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── docs ├── 01-getting-started │ ├── 01_install.md │ └── 02_prereq.md ├── 02-examples │ ├── 01_about.md │ ├── 02_discovery.md │ ├── 03_inventory.md │ ├── 04_networkconfig.md │ ├── 05_defaultnetwork.md │ ├── 06_bridgednetwork.md │ ├── 07_routednetwork.md │ ├── 08_irbnetwork.md │ └── 09_gitops.md ├── 03-videos │ └── 01_videos.md ├── 04-community │ ├── 01_about.md │ └── 02_faq.md ├── CNAME ├── assets │ └── logos │ │ ├── Kubenet-logo-square.svg │ │ ├── Kubenet-logo-transparent-withname-100x123.png │ │ ├── Kubenet-logo.svg │ │ ├── Kubenet-transparent-noname-square-628x628.png │ │ └── Kubenet-transparent-withname-543x703.png ├── index.md ├── overrides │ ├── .icons │ │ └── kubenet_logo_only_final.svg │ ├── main.html │ └── partials │ │ ├── comments.html │ │ └── copyright.html └── stylesheets │ └── extra.css └── mkdocs.yml /.github/workflows/docs-build-check.yaml: -------------------------------------------------------------------------------- 1 | name: "Pull Request Docs Build Check" 2 | on: 3 | pull_request: 4 | 5 | env: 6 | MKDOCS_MATERIAL_VER: 9.1.4 7 | 8 | jobs: 9 | build-docs: 10 | permissions: write-all 11 | runs-on: ubuntu-latest 12 | steps: 13 | - name: Checkout 14 | uses: actions/checkout@v4 15 | with: 16 | fetch-depth: 0 17 | 18 | - name: Set up Docker 19 | uses: docker/setup-buildx-action@v3 20 | 21 | - name: Build Docker image 22 | run: | 23 | docker build -t my-mkdocs-image \ 24 | -f Dockerfile . 25 | env: 26 | DOCKER_BUILDKIT: 1 27 | 28 | - name: Build MkDocs Site 29 | run: | 30 | docker run -v $(pwd):/docs my-mkdocs-image build --strict -c -f mkdocs.yml -d build 31 | - name: Store html build result 32 | uses: actions/upload-artifact@v4 33 | with: 34 | name: learn.kubenet.dev.${{ github.sha }}.zip 35 | path: | 36 | build 37 | - name: Set summary 38 | run: | 39 | echo "### Documentation built and can be downloaded from the job summary page. :rocket:" >> $GITHUB_STEP_SUMMARY 40 | -------------------------------------------------------------------------------- /.github/workflows/docs.yaml: -------------------------------------------------------------------------------- 1 | name: docs 2 | on: 3 | workflow_dispatch: 4 | push: 5 | branches: 6 | - "main" 7 | 8 | env: 9 | MKDOCS_MATERIAL_VER: 9.1.4 10 | 11 | jobs: 12 | publish: 13 | permissions: write-all 14 | runs-on: ubuntu-latest 15 | steps: 16 | - name: Checkout 17 | uses: actions/checkout@v4 18 | with: 19 | fetch-depth: 0 20 | 21 | - name: Set up Docker 22 | uses: docker/setup-buildx-action@v3 23 | 24 | - name: Build Docker image 25 | run: | 26 | docker build -t my-mkdocs-image \ 27 | -f Dockerfile . 28 | env: 29 | DOCKER_BUILDKIT: 1 30 | 31 | - name: Deploy MkDocs Site 32 | run: | 33 | docker run -v $(pwd):/docs my-mkdocs-image gh-deploy --force --strict 34 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | **/.DS_Store -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | # This is a comment. 2 | # Each line is a file pattern followed by one or more owners. 3 | 4 | # These owners will be the default owners for everything in 5 | # the repo. Unless a later match takes precedence, 6 | # @global-owner1 and @global-owner2 will be requested for 7 | # review when someone opens a pull request. 8 | 9 | * @henderiw @steiler @hansthienpondt @CsatariGergely -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # Copyright 2024 Nokia 2 | # Licensed under the Apache License 2.0 3 | # SPDX-License-Identifier: Apache-2.0 4 | 5 | FROM squidfunk/mkdocs-material:9.1.4 6 | 7 | # Install the Mermaid plugin 8 | RUN pip install mkdocs-mermaid2-plugin -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2021 ORAS Authors. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | PORT ?= 8000 2 | 3 | ifeq ($(shell command -v podman 2> /dev/null),) 4 | CMD=docker 5 | else 6 | CMD=podman 7 | endif 8 | 9 | docker-run: 10 | $(CMD) build . -t mkdocs-learn-kubenet-docs 11 | $(CMD) run --rm --name learn-kubenet-docs -v "$$(pwd)":/docs -p ${PORT}:${PORT} --entrypoint ash mkdocs-learn-kubenet-docs:latest -c 'mkdocs serve -a 0.0.0.0:${PORT}' 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![Kubenet logo](https://learn.kubenet.dev/assets/logos/Kubenet-logo-transparent-withname-100x123.png) 2 | 3 | [![Discord](https://img.shields.io/discord/860500297297821756?style=flat-square&label=discord&logo=discord&color=00c9ff&labelColor=bec8d2)](https://discord.gg/fH35bmcTU9) 4 | 5 | # [Kubenet](https://learn.kubenet.dev/) 6 | 7 | The Kubenet community has been created with the goal to help network engineers understand the potential of kubernetes for network automation. While we discuss networking, we are not talking about CNI(s) here, but about using `kubernetes` as an automation engine to manage physical, virtual or containerized NOS(s). 8 | 9 | The environment is build such that can leverage multiple vendors. We use [srlinux][srlinux] for now as this is open to use, but we would welcome other vendors contributions. 10 | 11 | If you are interested to learn and discuss [join us](https://discord.gg/fH35bmcTU9) 12 | 13 | This repository contains the source for [learn.kubenet.dev](https://learn.kubenet.dev/). 14 | 15 | ## Why 16 | 17 | Kubernetes stands out as the most extensive and robust automation and orchestration system available today, already leveraged across many industries. The question to ask here is why is the networking industry not leveraging kubernetes for network automation. This community is setup to help understand the potential of kubernetes for network automation. 18 | 19 | Here are some attributes to consider why kubernetes is a good automation platform: 20 | 21 | - Open Source: As an open-source platform, Kubernetes offers transparency, flexibility, and a collaborative community-driven approach. This fosters innovation and continuous improvement. 22 | - Highly Extendable: Kubernetes is designed to be highly extendable, allowing for customization and integration with various tools and services to meet specific needs. 23 | - Vast Ecosystem: The Kubernetes ecosystem is immense, with a wide range of tools, plugins, and extensions available. This ecosystem provides the resources needed to build comprehensive automation solutions. 24 | - Declarative Model: Kubernetes uses a declarative model, making it easier to define and manage the desired state of network configurations. 25 | - Event-Driven and Continuous Reconciliation: Kubernetes supports event-driven automation and continuous reconciliation, ensuring that the network’s state is consistently aligned with the defined configurations. 26 | - Collaborative Approach with GitOps: Leveraging GitOps principles, Kubernetes enables a collaborative approach to network management. Changes can be tracked, reviewed, and deployed using version control systems, enhancing transparency and collaboration. 27 | - Extensive Knowledge Base: The widespread adoption of Kubernetes means there is a vast knowledge base and a large community of experts. This allows organizations to leverage existing expertise to extend and optimize their automation systems. 28 | 29 | 30 | ## Use cases 31 | 32 | Independent on physical, virtual or containerized networking systems 33 | 34 | Use cases: 35 | 36 | - Datacenter networking 37 | - WAN networking 38 | - Peering 39 | - Access/Campus networking 40 | - Core networking 41 | - Backhaul/Fronthaul 42 | - Cloud Networking 43 | 44 | Scenario's: 45 | 46 | - day-0, day-1, day-2 operations 47 | - lifecycle management 48 | - config management 49 | 50 | ## Join us 51 | 52 | Join us on this journey as we learn how to leverage kubernetes for network automation. 53 | 54 | Have questions, ideas, bug reports or just want to chat? Come join [our discord server](https://discord.gg/fH35bmcTU9). 55 | 56 | ### License and governance 57 | 58 | Code in the Kubenet repositories licensed with Apache License 2.0. At the moment the project is governed by the benevolent dictatorship of @henderiw @steiler @karimra and @hansthienpondt . On the long run we plan to move to a meritocracy based governance model. 59 | 60 | ## Contribute to the documentation 61 | ### How to compile? 62 | 63 | We are using containers to build the documentation, therefore you need to have [Docker](https://docs.docker.com/engine/install/) or [Podman](https://podman.io/docs/installation) installed. 64 | 65 | You can simply issue `make` in the root folder. This will compile the documentation and expose the documentation in https://localhost:8000 if you would like to use a different port, just override the PORT variable. For example using port 1313 is with `make PORT=1313` . 66 | 67 | 68 | [KRM]: https://github.com/kubernetes/design-proposals-archive/blob/main/architecture/resource-management.md 69 | [GITOPS]: https://opengitops.dev 70 | [YAML]: https://en.wikipedia.org/wiki/YAML 71 | [srlinux]: https://learn.srlinux.dev -------------------------------------------------------------------------------- /docs/01-getting-started/01_install.md: -------------------------------------------------------------------------------- 1 | 2 | # Getting Started 3 | 4 | First check the [prerequisites](./02_prereq.md). Take special attention to the CPU and OS dependencies 5 | 6 | ## Setup environment 7 | 8 | The first step is setting up the environment: 9 | 10 | - A kubernetes cluster (we use [kind][kind] in the exercises) 11 | - A network lab environment (we use [containerlab][containerlab] in the exercises) 12 | 13 | Create a directory where the exercises will be executed. Some tools install files in this directory, so we dont want to mess with your environment. 14 | 15 | ``` 16 | mkdir -p kubenet; cd kubenet 17 | ``` 18 | 19 | Lets get started with setting up the environment. With the following command 20 | 21 | - A kind kubernetes cluster is created 22 | - An iprule is create to allow containerlab and the kind cluster to communicate 23 | - A lab according to the following topology 24 | 25 | /// details | clab topology 26 | 27 | ```yaml 28 | --8<-- 29 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/lab/3node.yaml 30 | --8<-- 31 | ``` 32 | /// 33 | 34 | ``` 35 | kubenetctl setup 36 | ``` 37 | 38 | A similar output is expected 39 | 40 | ``` 41 | Setup kubenet Environment 42 | ========================= 43 | # create k8s kind cluster [1/3]: 44 | 45 | > kind create cluster --name kubenet 46 | Creating cluster "kubenet" ... 47 | ✓ Ensuring node image (kindest/node:v1.27.3) 🖼 48 | ✓ Preparing nodes 📦 49 | ✓ Writing configuration 📜 50 | ✓ Starting control-plane 🕹️ 51 | ✓ Installing CNI 🔌 52 | ✓ Installing StorageClass 💾 53 | Set kubectl context to "kind-kubenet" 54 | You can now use your cluster with: 55 | 56 | kubectl cluster-info --context kind-kubenet 57 | 58 | Thanks for using kind! 😊 59 | 60 | # Allow the kind cluster to communicate with the containerlab topology (clab will be created in a later step) [2/3]: 61 | 62 | > sudo iptables -I DOCKER-USER -o br-$(docker network inspect -f '{{ printf "%.12s" .ID }}' kind) -j ACCEPT 63 | 64 | # Deploy Containerlab topology [3/3]: 65 | 66 | > sudo containerlab deploy -t https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/lab/3node.yaml --reconfigure 67 | INFO[0000] Containerlab v0.54.2 started 68 | INFO[0000] Parsing & checking topology file: topo-3311532188.clab.yml 69 | INFO[0000] Removing /home/henderiw/test/kubenet/clab-topo3nodesrl directory... 70 | INFO[0000] Creating lab directory: /home/henderiw/test/kubenet/clab-topo3nodesrl 71 | INFO[0000] Creating container: "client1" 72 | INFO[0000] Creating container: "client2" 73 | INFO[0000] Creating container: "core01" 74 | INFO[0000] Creating container: "edge01" 75 | INFO[0000] Creating container: "edge02" 76 | INFO[0001] Created link: client1:eth1 <--> edge01:e1-1 77 | INFO[0001] Running postdeploy actions for Nokia SR Linux 'edge01' node 78 | INFO[0001] Created link: client2:eth1 <--> edge02:e1-1 79 | INFO[0001] Running postdeploy actions for Nokia SR Linux 'edge02' node 80 | INFO[0001] Created link: edge01:e1-49 <--> core01:e1-1 81 | INFO[0001] Created link: edge02:e1-49 <--> core01:e1-2 82 | INFO[0001] Running postdeploy actions for Nokia SR Linux 'core01' node 83 | INFO[0017] Adding containerlab host entries to /etc/hosts file 84 | INFO[0017] Adding ssh config for containerlab nodes 85 | +---+---------------------------+--------------+---------------------------------+---------------+---------+---------------+--------------+ 86 | | # | Name | Container ID | Image | Kind | State | IPv4 Address | IPv6 Address | 87 | +---+---------------------------+--------------+---------------------------------+---------------+---------+---------------+--------------+ 88 | | 1 | clab-topo3nodesrl-client1 | fe49acb930b9 | ghcr.io/hellt/network-multitool | linux | running | 172.21.0.6/16 | N/A | 89 | | 2 | clab-topo3nodesrl-client2 | dbb22872be06 | ghcr.io/hellt/network-multitool | linux | running | 172.21.0.2/16 | N/A | 90 | | 3 | clab-topo3nodesrl-core01 | 60447c1b38e6 | ghcr.io/nokia/srlinux | nokia_srlinux | running | 172.21.0.3/16 | N/A | 91 | | 4 | clab-topo3nodesrl-edge01 | 3ba50344c008 | ghcr.io/nokia/srlinux | nokia_srlinux | running | 172.21.0.4/16 | N/A | 92 | | 5 | clab-topo3nodesrl-edge02 | 320a373157a9 | ghcr.io/nokia/srlinux | nokia_srlinux | running | 172.21.0.5/16 | N/A | 93 | +---+---------------------------+--------------+---------------------------------+---------------+---------+---------------+--------------+ 94 | ``` 95 | 96 | The following commands help to see the running containers. 97 | 98 | - A container for the kind cluster 99 | - 3 [srlinux][srlinux] containers (2 for the edge and 1 for the core) 100 | - 2 multitool test tools 101 | 102 | ``` 103 | docker ps 104 | ``` 105 | 106 | ``` 107 | CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 108 | 320a373157a9 ghcr.io/nokia/srlinux "/tini -- fixuid -q …" 2 minutes ago Up 2 minutes clab-topo3nodesrl-edge02 109 | 60447c1b38e6 ghcr.io/nokia/srlinux "/tini -- fixuid -q …" 2 minutes ago Up 2 minutes clab-topo3nodesrl-core01 110 | dbb22872be06 ghcr.io/hellt/network-multitool "/docker-entrypoint.…" 2 minutes ago Up 2 minutes 80/tcp, 443/tcp clab-topo3nodesrl-client2 111 | 3ba50344c008 ghcr.io/nokia/srlinux "/tini -- fixuid -q …" 2 minutes ago Up 2 minutes clab-topo3nodesrl-edge01 112 | fe49acb930b9 ghcr.io/hellt/network-multitool "/docker-entrypoint.…" 2 minutes ago Up 2 minutes 80/tcp, 443/tcp clab-topo3nodesrl-client1 113 | f0fe7884d98d kindest/node:v1.27.3 "/usr/local/bin/entr…" 3 minutes ago Up 3 minutes 127.0.0.1:43347->6443/tcp kubenet-control-plane 114 | ``` 115 | 116 | 🎉 Yeah 🎉 you have a kubernetes cluster running. With the following command you can see the running pods. These are the base kubernetes building blocks 117 | 118 | ``` 119 | kubectl get pods -A 120 | ``` 121 | 122 | ``` 123 | NAMESPACE NAME READY STATUS RESTARTS AGE 124 | kube-system coredns-5d78c9869d-pm2nc 1/1 Running 0 10m 125 | kube-system coredns-5d78c9869d-t7jw6 1/1 Running 0 10m 126 | kube-system etcd-kubenet-control-plane 1/1 Running 0 10m 127 | kube-system kindnet-8g2cz 1/1 Running 0 10m 128 | kube-system kube-apiserver-kubenet-control-plane 1/1 Running 0 10m 129 | kube-system kube-controller-manager-kubenet-control-plane 1/1 Running 0 10m 130 | kube-system kube-proxy-8bwmb 1/1 Running 0 10m 131 | kube-system kube-scheduler-kubenet-control-plane 1/1 Running 0 10m 132 | local-path-storage local-path-provisioner-6bc4bddd6b-tjmt2 1/1 Running 0 10m 133 | ``` 134 | 135 | ## Install kubenet components 136 | 137 | After the [kind][kind] cluster is up and running, proceed to install the Kubenet components. These software building blocks are essential for the exercises and will help you interact with Kubernetes, providing insights into how Kubernetes can be leveraged for network automation use cases. 138 | 139 | - [pkgserver][pkgserver]: A SW component that provides 2 way git access to kubernetes: basically read and write to a repository. 140 | - [sdc][sdc]: A SW component that maps a kubernetes manifest to a YANG based system. 141 | - [kuid][kuid]: An inventory and identity system, which allows to create resources and claim identifier required for networking (e.g. IPAM, VLAN, AS, etc). Some people think of this as a source of truth. 142 | - [kuidapps][kuid]: Application leveraging the kuid backend API and extend kuid with applications that are tailored for specific tasks. E.g, a specific kuid app is installed to interact with Nokia [SRLinux][srlinux] devices to translate the abstracted data-model of kuid to the specific implementation in [SRLinux][srlinux]. Another app is setup to map the [containerlab][containerlab] topology into the [kuid][kuid] backend. 143 | 144 | ``` 145 | kubenetctl install 146 | ``` 147 | 148 | ```shell 149 | Install kubenet Components 150 | ========================== 151 | # install package server: (tool to interact with git from k8s using packages (KRM manifests)) [1/5]: 152 | 153 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/artifacts/out/pkgserver.yaml 154 | namespace/pkg-system created 155 | customresourcedefinition.apiextensions.k8s.io/packagevariants.config.pkg.pkgserver.dev created 156 | customresourcedefinition.apiextensions.k8s.io/repositories.config.pkg.pkgserver.dev created 157 | apiservice.apiregistration.k8s.io/v1alpha1.pkg.pkgserver.dev created 158 | deployment.apps/pkg-server created 159 | clusterrole.rbac.authorization.k8s.io/pkg-server-clusterrole created 160 | clusterrolebinding.rbac.authorization.k8s.io/package:system:auth-delegator created 161 | clusterrolebinding.rbac.authorization.k8s.io/pkg-server-clusterrolebinding created 162 | role.rbac.authorization.k8s.io/pkg-server-role created 163 | rolebinding.rbac.authorization.k8s.io/pkg-server-clusterrolebinding created 164 | rolebinding.rbac.authorization.k8s.io/pkg-server-auth-reader created 165 | secret/pkg-server created 166 | service/pkg-server created 167 | serviceaccount/pkg-server created 168 | 169 | # install sdc: (tool to interact with yang devices from k8s) [2/5]: 170 | 171 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/artifacts/out/sdc.yaml 172 | namespace/network-system created 173 | customresourcedefinition.apiextensions.k8s.io/targetsyncprofiles.inv.sdcio.dev created 174 | customresourcedefinition.apiextensions.k8s.io/targetconnectionprofiles.inv.sdcio.dev created 175 | customresourcedefinition.apiextensions.k8s.io/schemas.inv.sdcio.dev created 176 | customresourcedefinition.apiextensions.k8s.io/discoveryrules.inv.sdcio.dev created 177 | customresourcedefinition.apiextensions.k8s.io/targets.inv.sdcio.dev created 178 | apiservice.apiregistration.k8s.io/v1alpha1.config.sdcio.dev created 179 | deployment.apps/config-server created 180 | clusterrole.rbac.authorization.k8s.io/config-server-clusterrole created 181 | clusterrolebinding.rbac.authorization.k8s.io/config-server-clusterrolebinding created 182 | clusterrolebinding.rbac.authorization.k8s.io/config:system:auth-delegator created 183 | role.rbac.authorization.k8s.io/aggregated-apiserver-role created 184 | rolebinding.rbac.authorization.k8s.io/config-server-clusterrolebinding created 185 | rolebinding.rbac.authorization.k8s.io/config-auth-reader created 186 | configmap/data-server created 187 | persistentvolumeclaim/pvc-config-store created 188 | persistentvolumeclaim/pvc-schema-db created 189 | persistentvolumeclaim/pvc-schema-store created 190 | secret/config-server-cert created 191 | service/config-server created 192 | service/data-server created 193 | serviceaccount/config-server created 194 | 195 | # install kuid-server: (tool for inventory and identity (IPAM/VLAN/AS/etc) using k8s api [3/5]: 196 | 197 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/artifacts/out/kuid-server.yaml 198 | namespace/kuid-system created 199 | apiservice.apiregistration.k8s.io/v1alpha1.as.be.kuid.dev created 200 | apiservice.apiregistration.k8s.io/v1alpha1.extcomm.be.kuid.dev created 201 | apiservice.apiregistration.k8s.io/v1alpha1.genid.be.kuid.dev created 202 | apiservice.apiregistration.k8s.io/v1alpha1.infra.be.kuid.dev created 203 | apiservice.apiregistration.k8s.io/v1alpha1.ipam.be.kuid.dev created 204 | apiservice.apiregistration.k8s.io/v1alpha1.vlan.be.kuid.dev created 205 | apiservice.apiregistration.k8s.io/v1alpha1.vxlan.be.kuid.dev created 206 | deployment.apps/kuid-server created 207 | clusterrole.rbac.authorization.k8s.io/kuid-server-clusterrole created 208 | clusterrolebinding.rbac.authorization.k8s.io/kuid:system:auth-delegator created 209 | clusterrolebinding.rbac.authorization.k8s.io/kuid-server-clusterrolebinding created 210 | role.rbac.authorization.k8s.io/kuid-server-apiserver-role created 211 | rolebinding.rbac.authorization.k8s.io/kuid-server-clusterrolebinding created 212 | rolebinding.rbac.authorization.k8s.io/kuid-server-auth-reader created 213 | persistentvolumeclaim/pvc-config-store created 214 | secret/kuid-server created 215 | service/kuid-server created 216 | serviceaccount/kuid-server created 217 | 218 | # install kuid-apps: (apps leveraging kuid-server focussed on networking [4/5]: 219 | 220 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/artifacts/out/kuidapps.yaml 221 | customresourcedefinition.apiextensions.k8s.io/networkconfigs.network.app.kuid.dev created 222 | customresourcedefinition.apiextensions.k8s.io/networkdevices.network.app.kuid.dev created 223 | customresourcedefinition.apiextensions.k8s.io/networks.network.app.kuid.dev created 224 | customresourcedefinition.apiextensions.k8s.io/topologies.topo.app.kuid.dev created 225 | deployment.apps/kuidapps created 226 | clusterrole.rbac.authorization.k8s.io/kuidapps-clusterrole created 227 | clusterrolebinding.rbac.authorization.k8s.io/kuidapps-clusterrole-binding created 228 | role.rbac.authorization.k8s.io/kuidapps-leader-election-role created 229 | rolebinding.rbac.authorization.k8s.io/kuidapps-leader-election-role-binding created 230 | serviceaccount/kuidapps created 231 | 232 | # install kuid-nokia-srl: (vendor specific app for specific nokia srl artifacts [5/5]: 233 | 234 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/artifacts/out/kuid-nokia-srl.yaml 235 | customresourcedefinition.apiextensions.k8s.io/nodemodels.srl.nokia.app.kuid.dev created 236 | deployment.apps/kuid-nokia-srl created 237 | clusterrole.rbac.authorization.k8s.io/kuid-nokia-srl-clusterrole created 238 | clusterrolebinding.rbac.authorization.k8s.io/kuid-nokia-srl-clusterrole-binding created 239 | role.rbac.authorization.k8s.io/kuid-nokia-srl-leader-election-role created 240 | rolebinding.rbac.authorization.k8s.io/kuid-nokia-srl-leader-election-role-binding created 241 | configmap/gotemplates-srl created 242 | serviceaccount/kuid-nokia-srl created 243 | ``` 244 | 245 | ``` 246 | kubectl get pods -A 247 | ``` 248 | 249 | ``` 250 | NAMESPACE NAME READY STATUS RESTARTS AGE 251 | kube-system coredns-5d78c9869d-pm2nc 1/1 Running 0 22m 252 | kube-system coredns-5d78c9869d-t7jw6 1/1 Running 0 22m 253 | kube-system etcd-kubenet-control-plane 1/1 Running 0 23m 254 | kube-system kindnet-8g2cz 1/1 Running 0 22m 255 | kube-system kube-apiserver-kubenet-control-plane 1/1 Running 0 23m 256 | kube-system kube-controller-manager-kubenet-control-plane 1/1 Running 0 23m 257 | kube-system kube-proxy-8bwmb 1/1 Running 0 22m 258 | kube-system kube-scheduler-kubenet-control-plane 1/1 Running 0 23m 259 | kuid-system kuid-nokia-srl-68d7956db8-2c89h 1/1 Running 0 11m 260 | kuid-system kuid-server-74597d956b-rjkt6 1/1 Running 0 11m 261 | kuid-system kuidapps-5867fbfcbf-ztrn4 1/1 Running 0 11m 262 | local-path-storage local-path-provisioner-6bc4bddd6b-tjmt2 1/1 Running 0 22m 263 | network-system config-server-6ffb4bdcc8-wjnbw 2/2 Running 0 11m 264 | pkg-system pkg-server-5444f74b69-px88b 1/1 Running 0 11m 265 | ``` 266 | 267 | Hoera, the kubenet components are running. 🥳 268 | 269 | Up to the next exercise [discover devices](../02-examples/02_discovery.md). Lets discover to the [srlinux][srlinux] devices, that were deployed by [containerlab][containerlab] 270 | 271 | [containerlab]: https://containerlab.dev 272 | [kind]: https://kind.sigs.k8s.io 273 | [pkgserver]: https://docs.pkgserver.dev 274 | [sdc]: https://docs.sdcio.dev 275 | [kuid]: https://kuidio.github.io/docs/ 276 | [srlinux]: https://learn.srlinux.dev/ 277 | -------------------------------------------------------------------------------- /docs/01-getting-started/02_prereq.md: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | 3 | ## CPU architecture 4 | 5 | All the kubernetes components run on both AMD and ARM based CPU, but most network OS(es) are not supported on ARM based CPU(s). As a result use an AMD based CPU to run the exercises. 6 | 7 | ## Operating system 8 | 9 | We tested on WSL for windows and Linux and darwin OS. 10 | 11 | ## kubectl 12 | 13 | Install [kubectl][kubectl] 14 | 15 | ## Auto completions for kubectl (optional) 16 | 17 | /// tab | bash 18 | 19 | ``` 20 | source <(kubectl completion bash) 21 | alias k=kubectl 22 | complete -o default -F __start_kubectl k 23 | ``` 24 | /// 25 | 26 | /// tab | zsh 27 | ``` 28 | source <(kubectl completion zsh) 29 | alias k=kubectl 30 | complete -F _start_kubectl k 31 | ``` 32 | /// 33 | 34 | ## kubenetctl 35 | 36 | kubenetctl is a single binary built for linux and Mac OS, distributed via [ghreleases][ghreleases] focussed to help run through the kubenet exercises (basically `kubenetctl` tries to avoid fat fingering when executing the exercises). 37 | 38 | 39 | !!!note "kubenetctl is a binary tool that executes kubenet tasks (exercises) through the OS shell. By default kubenetctl uses the bash shell. if you prefer a different shell, you can alter the shell using the --shell option. E.g. using zsh or other" 40 | 41 | /// tab | linux/Mac OS 42 | 43 | To download & install the latest release the following automated [installation script][installscript] can be used. 44 | 45 | ```bash 46 | bash -c "$(curl -sL https://github.com/kubenet-dev/kubenetctl/raw/main/install.sh)" 47 | ``` 48 | 49 | As a result, the latest `kubenetctl` version will be installed in the /usr/local/bin directory and the version information will be printed out. 50 | 51 | To install a specific version of `kubenetctl`, provide the version with -v flag to the installation script: 52 | 53 | ```bash 54 | bash -c "$(curl -sL https://github.com/kubenet-dev/kubenetctl/raw/main/install.sh)" -- -v 0.0.1 55 | ``` 56 | 57 | /// 58 | 59 | /// tab | Packages 60 | 61 | Linux users running distributions with support for deb/rpm packages can install gnmic using pre-built packages: 62 | 63 | ```bash 64 | bash -c "$(curl -sL https://github.com/kubenet-dev/kubenetctl/raw/main/install.sh)" -- --use-pkg 65 | ``` 66 | 67 | /// 68 | 69 | ## Install Kubernetes 70 | 71 | we use kind for the exercises as it is a convenient tool to setup a kubernetes cluster 72 | 73 | /// tab | kind 74 | 75 | Install kind using [kind][kind-install] 76 | 77 | /// 78 | 79 | /// tab | other 80 | /// 81 | 82 | [kind-install]: https://kind.sigs.k8s.io/docs/user/quick-start/#installation 83 | [kind]: https://kind.sigs.k8s.io/ 84 | [kubectl]: https://kubernetes.io/docs/tasks/tools/ 85 | [ghreleases]: https://github.com/pkgserver-dev/pkgctl/releases 86 | [installscript]: https://github.com/pkgserver-dev/pkgctl/blob/main/install.sh -------------------------------------------------------------------------------- /docs/02-examples/01_about.md: -------------------------------------------------------------------------------- 1 | # Examples 2 | 3 | In this section we will run over various exercises leveraging kubernetes for network automation use case. There is a lot we unpack in these exercises. The following topics are covered in the various exercises. 4 | 5 | - Device discovery 6 | - Inventory management (Devices, Links, Endpoints/Interfaces) 7 | - Identifier management (IPAM, VLAN, AS) 8 | - Network Configuration and Automation 9 | - Vendor Agnostic data modeling to Vendor specific data models with provider plugins 10 | - Abstract network configuration 11 | - Gitops workflows 12 | - ... 13 | 14 | Lets get started ! 15 | 16 | !!!note "The exercises use [srlinux][srlinux] images, but we welcome other vendor to provide the mappings to their data/device models" 17 | 18 | [srlinux]: https://learn.srlinux.dev/ -------------------------------------------------------------------------------- /docs/02-examples/02_discovery.md: -------------------------------------------------------------------------------- 1 | # Discovery 2 | 3 | This exercise will focus on network device discovery. We will discover the network devices that were deployed using [containerlab][containerlab] in the installation section. 4 | 5 | 6 | Given [sdc][sdc] is built to support multiple vendors, the first thing we need to do is load the YANG schema for the respective vendor and release. In this exercise we use [gNMI][gnmi], but note that netconf could also be used. 7 | 8 | /// details | Schema 9 | 10 | ```yaml 11 | --8<-- 12 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/schemas/srl24-3-2.yaml 13 | --8<-- 14 | ``` 15 | /// 16 | 17 | After the schema is configured we create a set of profiles that [sdc][sdc] uses to connect and sync the configurations from the devices. Also the credentials, using secrets are setup for the respective device. 18 | 19 | /// details | Connection Profile 20 | 21 | ```yaml 22 | --8<-- 23 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/profiles/conn-gnmi-skipverify.yaml 24 | --8<-- 25 | ``` 26 | /// 27 | 28 | /// details | Sync Profile 29 | 30 | ```yaml 31 | --8<-- 32 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/profiles/sync-gnmi-get.yaml 33 | --8<-- 34 | ``` 35 | /// 36 | 37 | Lastly we configure a discovery rule that is used by [sdc][sdc] to discover the devices within the ip range provided in the setup step. 38 | 39 | /// details | Discovery rule 40 | 41 | ```yaml 42 | --8<-- 43 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/drrules/dr-dynamic.yaml 44 | --8<-- 45 | ``` 46 | 47 | /// 48 | 49 | ``` 50 | kubenetctl sdc 51 | ``` 52 | 53 | ```shell 54 | Configure sdc 55 | ============ 56 | # apply the schema for srlinux 24.3.2 [1/5]: 57 | 58 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/schemas/srl24-3-2.yaml 59 | schema.inv.sdcio.dev/srl.nokia.sdcio.dev-24.3.2 created 60 | 61 | # apply the gnmi profile to connect to the target (clab node) [2/5]: 62 | 63 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/profiles/conn-gnmi-skipverify.yaml 64 | targetconnectionprofile.inv.sdcio.dev/conn-gnmi-skipverify created 65 | 66 | # apply the gnmi sync profile to sync config from the target (clab node) [3/5]: 67 | 68 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/profiles/sync-gnmi-get.yaml 69 | targetsyncprofile.inv.sdcio.dev/sync-gnmi-get created 70 | 71 | # apply the srl secret with credentials to authenticate to the target (clab node) [4/5]: 72 | 73 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/profiles/secret.yaml 74 | secret/srl.nokia.sdcio.dev created 75 | 76 | # apply the discovery rule to discover the srl devices deployed by containerlab [5/5]: 77 | 78 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/sdc/drrules/dr-dynamic.yaml 79 | discoveryrule.inv.sdcio.dev/dr-dynamic created 80 | ``` 81 | 82 | Let's see if this was successfull. 83 | 84 | ``` 85 | kubectl get targets 86 | ``` 87 | 88 | Wow 🎉 we discovered the 3 devices setup with containerlab, with their respective MAC address, IP address, Provider, etc. 89 | 90 | ``` 91 | NAME READY REASON PROVIDER ADDRESS PLATFORM SERIALNUMBER MACADDRESS 92 | core01 True srl.nokia.sdcio.dev 172.21.0.3:57400 7220 IXR-D3 Sim Serial No. 1A:D3:02:FF:00:00 93 | edge01 True srl.nokia.sdcio.dev 172.21.0.4:57400 7220 IXR-D2 Sim Serial No. 1A:16:03:FF:00:00 94 | edge02 True srl.nokia.sdcio.dev 172.21.0.5:57400 7220 IXR-D2 Sim Serial No. 1A:1D:04:FF:00:00 95 | ``` 96 | 97 | The following command allows us to see the running config of the respective devices. 98 | 99 | ``` 100 | kubectl get runningconfigs.config.sdcio.dev core01 -o yaml 101 | ``` 102 | 103 | E.g. if you want to backup the config of your devices this command allows you to pull the configuration and back them up in your preferred backup system. 104 | 105 | Lets configure the network devices such that we can exchange routes and validate the configuration. 106 | 107 | [containerlab]: https://containerlab.dev 108 | [kind]: https://kind.sigs.k8s.io 109 | [pkgserver]: https://docs.pkgserver.dev 110 | [sdc]: https://docs.sdcio.dev 111 | [kuid]: https://kuidio.github.io/docs/ 112 | [srlinux]: https://learn.srlinux.dev/ 113 | [gnmi]: https://github.com/openconfig/gnmi 114 | [netconf]: https://en.wikipedia.org/wiki/NETCONF 115 | -------------------------------------------------------------------------------- /docs/02-examples/03_inventory.md: -------------------------------------------------------------------------------- 1 | # Inventory 2 | 3 | In this exercise, we will focus on inventory and identifiers for network automation, commonly referred to as a source of truth. The goal is to demonstrate how we can leverage the extendability and flexibility of Kubernetes, which allows customization of the API and the development of applications that utilize this API to build various constructs for different use cases. 4 | 5 | Before configuring devices with IP, VLAN, BGP, and EVPN constructs, it is crucial to understand the topology these devices utilize. In this exercise, we have chosen to import the inventory used in the [containerlab][containerlab] setup. This approach highlights how discovery and provisioning methods can be leveraged and interworked together. 6 | 7 | First, we create the device models for the [srlinux][srlinux] devices used in our environment. This exercise demonstrates how to use a device profile for a specific role in the network and the corresponding device configuration. Different profiles can be applied for various network roles, with this configuration serving as the source of truth. It also shows how to handle a multi-vendor environment and customize configurations for different vendors and roles in the deployment. 8 | 9 | !!!note "This capability is enabled using [kuidapps][kuid], such as the Nokia-specific kuid app in this case. However, a specific vendor app can be installed for other vendors. In this exercise, we opted for a specific srlinux API (srl.nokia.app.kuid.dev/v1alpha1), but a vendor-agnostic API could also be used." 10 | 11 | We used this approach because [containerlab][containerlab] will only connect and configure the interfaces used in the lab, but the automation might want to use other interfaces the device supports. You could also add specific information to each interface e.g. whether this interface is used for client/customer connectivity, etc 12 | 13 | /// details | Specific vendor device model 14 | 15 | ```yaml 16 | --8<-- 17 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/inventory/srl/ixrd2.yaml 18 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/inventory/srl/ixrd3.yaml 19 | --8<-- 20 | ``` 21 | /// 22 | 23 | Afterwards you import the containerlab topology, which is used to populate the inventory in [kuid][kuid]. 24 | 25 | /// details | Topology 26 | 27 | ```yaml 28 | --8<-- 29 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/topo/3node-topology.yaml 30 | --8<-- 31 | ``` 32 | /// 33 | 34 | Execute the following command 35 | 36 | ``` 37 | kubenetctl inventory 38 | ``` 39 | 40 | ```shell 41 | Configue the topology inventory 42 | =============================== 43 | # apply the nodemodel configuration for ixrd2 srlinux device [1/3]: 44 | 45 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/inventory/srl/ixrd2.yaml 46 | nodemodel.srl.nokia.app.kuid.dev/ixrd2.srlinux.nokia.com created 47 | 48 | # apply the nodemodel configuration for ixrd3 srlinux device [2/3]: 49 | 50 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/inventory/srl/ixrd3.yaml 51 | nodemodel.srl.nokia.app.kuid.dev/ixrd3.srlinux.nokia.com created 52 | 53 | # import the containerlab topology in kubernetes [3/3]: 54 | 55 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/topo/3node-topology.yaml 56 | topology.topo.app.kuid.dev/topo3nodesrl created 57 | ``` 58 | 59 | Lets check the inventory in [kuid][kuid]. 60 | 61 | We first see that the 3 nodes are populated in the inventory system 62 | 63 | ``` 64 | kubectl get nodes.infra.be.kuid.dev 65 | ``` 66 | 67 | ``` 68 | NAME READY REGION SITE TOPOLOGY PROVIDER 69 | topo3nodesrl.region1.site1.core01 True region1 site1 topo3nodesrl srlinux.nokia.com 70 | topo3nodesrl.region1.site1.edge01 True region1 site1 topo3nodesrl srlinux.nokia.com 71 | topo3nodesrl.region1.site1.edge02 True region1 site1 topo3nodesrl srlinux.nokia.com 72 | ``` 73 | 74 | We can also check the links. 75 | 76 | ``` 77 | kubectl get links.infra.be.kuid.dev 78 | ``` 79 | 80 | ``` 81 | NAME READY EPA EPB 82 | topo3nodesrl.region1.site1.edge01.e1-49.topo3nodesrl.region1.site1.core01.e1-1 True topo3nodesrl.region1.site1.edge01.e1-49 topo3nodesrl.region1.site1.core01.e1-1 83 | topo3nodesrl.region1.site1.edge02.e1-49.topo3nodesrl.region1.site1.core01.e1-2 True topo3nodesrl.region1.site1.edge02.e1-49 topo3nodesrl.region1.site1.core01.e1-2 84 | ``` 85 | 86 | And Lastly the endpoints 87 | 88 | ``` 89 | kubectl get endpoints.infra.be.kuid.dev 90 | ``` 91 | 92 | !!!note "Dont mind the False ready condition in the endpoint. No k8s controller is acting on this and hence the status is False" 93 | 94 | ``` 95 | NAME READY TOPOLOGY REGION SITE NODE 96 | topo3nodesrl.region1.site1.core01.e1-1 False topo3nodesrl region1 site1 core01 97 | topo3nodesrl.region1.site1.core01.e1-10 False topo3nodesrl region1 site1 core01 98 | topo3nodesrl.region1.site1.core01.e1-11 False topo3nodesrl region1 site1 core01 99 | topo3nodesrl.region1.site1.core01.e1-12 False topo3nodesrl region1 site1 core01 100 | topo3nodesrl.region1.site1.core01.e1-13 False topo3nodesrl region1 site1 core01 101 | topo3nodesrl.region1.site1.core01.e1-14 False topo3nodesrl region1 site1 core01 102 | topo3nodesrl.region1.site1.core01.e1-15 False topo3nodesrl region1 site1 core01 103 | topo3nodesrl.region1.site1.core01.e1-16 False topo3nodesrl region1 site1 core01 104 | topo3nodesrl.region1.site1.core01.e1-17 False topo3nodesrl region1 site1 core01 105 | topo3nodesrl.region1.site1.core01.e1-18 False topo3nodesrl region1 site1 core01 106 | topo3nodesrl.region1.site1.core01.e1-19 False topo3nodesrl region1 site1 core01 107 | topo3nodesrl.region1.site1.core01.e1-2 False topo3nodesrl region1 site1 core01 108 | topo3nodesrl.region1.site1.core01.e1-20 False topo3nodesrl region1 site1 core01 109 | topo3nodesrl.region1.site1.core01.e1-21 False topo3nodesrl region1 site1 core01 110 | topo3nodesrl.region1.site1.core01.e1-22 False topo3nodesrl region1 site1 core01 111 | topo3nodesrl.region1.site1.core01.e1-23 False topo3nodesrl region1 site1 core01 112 | topo3nodesrl.region1.site1.core01.e1-24 False topo3nodesrl region1 site1 core01 113 | topo3nodesrl.region1.site1.core01.e1-25 False topo3nodesrl region1 site1 core01 114 | topo3nodesrl.region1.site1.core01.e1-26 False topo3nodesrl region1 site1 core01 115 | topo3nodesrl.region1.site1.core01.e1-27 False topo3nodesrl region1 site1 core01 116 | topo3nodesrl.region1.site1.core01.e1-28 False topo3nodesrl region1 site1 core01 117 | topo3nodesrl.region1.site1.core01.e1-29 False topo3nodesrl region1 site1 core01 118 | topo3nodesrl.region1.site1.core01.e1-3 False topo3nodesrl region1 site1 core01 119 | topo3nodesrl.region1.site1.core01.e1-30 False topo3nodesrl region1 site1 core01 120 | topo3nodesrl.region1.site1.core01.e1-31 False topo3nodesrl region1 site1 core01 121 | topo3nodesrl.region1.site1.core01.e1-32 False topo3nodesrl region1 site1 core01 122 | topo3nodesrl.region1.site1.core01.e1-33 False topo3nodesrl region1 site1 core01 123 | topo3nodesrl.region1.site1.core01.e1-34 False topo3nodesrl region1 site1 core01 124 | topo3nodesrl.region1.site1.core01.e1-4 False topo3nodesrl region1 site1 core01 125 | topo3nodesrl.region1.site1.core01.e1-5 False topo3nodesrl region1 site1 core01 126 | topo3nodesrl.region1.site1.core01.e1-6 False topo3nodesrl region1 site1 core01 127 | topo3nodesrl.region1.site1.core01.e1-7 False topo3nodesrl region1 site1 core01 128 | topo3nodesrl.region1.site1.core01.e1-8 False topo3nodesrl region1 site1 core01 129 | topo3nodesrl.region1.site1.core01.e1-9 False topo3nodesrl region1 site1 core01 130 | topo3nodesrl.region1.site1.edge01.e1-1 False topo3nodesrl region1 site1 edge01 131 | topo3nodesrl.region1.site1.edge01.e1-10 False topo3nodesrl region1 site1 edge01 132 | topo3nodesrl.region1.site1.edge01.e1-11 False topo3nodesrl region1 site1 edge01 133 | topo3nodesrl.region1.site1.edge01.e1-12 False topo3nodesrl region1 site1 edge01 134 | topo3nodesrl.region1.site1.edge01.e1-13 False topo3nodesrl region1 site1 edge01 135 | topo3nodesrl.region1.site1.edge01.e1-14 False topo3nodesrl region1 site1 edge01 136 | topo3nodesrl.region1.site1.edge01.e1-15 False topo3nodesrl region1 site1 edge01 137 | topo3nodesrl.region1.site1.edge01.e1-16 False topo3nodesrl region1 site1 edge01 138 | topo3nodesrl.region1.site1.edge01.e1-17 False topo3nodesrl region1 site1 edge01 139 | topo3nodesrl.region1.site1.edge01.e1-18 False topo3nodesrl region1 site1 edge01 140 | topo3nodesrl.region1.site1.edge01.e1-19 False topo3nodesrl region1 site1 edge01 141 | topo3nodesrl.region1.site1.edge01.e1-2 False topo3nodesrl region1 site1 edge01 142 | topo3nodesrl.region1.site1.edge01.e1-20 False topo3nodesrl region1 site1 edge01 143 | topo3nodesrl.region1.site1.edge01.e1-21 False topo3nodesrl region1 site1 edge01 144 | topo3nodesrl.region1.site1.edge01.e1-22 False topo3nodesrl region1 site1 edge01 145 | topo3nodesrl.region1.site1.edge01.e1-23 False topo3nodesrl region1 site1 edge01 146 | topo3nodesrl.region1.site1.edge01.e1-24 False topo3nodesrl region1 site1 edge01 147 | topo3nodesrl.region1.site1.edge01.e1-25 False topo3nodesrl region1 site1 edge01 148 | topo3nodesrl.region1.site1.edge01.e1-26 False topo3nodesrl region1 site1 edge01 149 | topo3nodesrl.region1.site1.edge01.e1-27 False topo3nodesrl region1 site1 edge01 150 | topo3nodesrl.region1.site1.edge01.e1-28 False topo3nodesrl region1 site1 edge01 151 | topo3nodesrl.region1.site1.edge01.e1-29 False topo3nodesrl region1 site1 edge01 152 | topo3nodesrl.region1.site1.edge01.e1-3 False topo3nodesrl region1 site1 edge01 153 | topo3nodesrl.region1.site1.edge01.e1-30 False topo3nodesrl region1 site1 edge01 154 | topo3nodesrl.region1.site1.edge01.e1-31 False topo3nodesrl region1 site1 edge01 155 | topo3nodesrl.region1.site1.edge01.e1-32 False topo3nodesrl region1 site1 edge01 156 | topo3nodesrl.region1.site1.edge01.e1-33 False topo3nodesrl region1 site1 edge01 157 | topo3nodesrl.region1.site1.edge01.e1-34 False topo3nodesrl region1 site1 edge01 158 | topo3nodesrl.region1.site1.edge01.e1-35 False topo3nodesrl region1 site1 edge01 159 | topo3nodesrl.region1.site1.edge01.e1-36 False topo3nodesrl region1 site1 edge01 160 | topo3nodesrl.region1.site1.edge01.e1-37 False topo3nodesrl region1 site1 edge01 161 | topo3nodesrl.region1.site1.edge01.e1-38 False topo3nodesrl region1 site1 edge01 162 | topo3nodesrl.region1.site1.edge01.e1-39 False topo3nodesrl region1 site1 edge01 163 | topo3nodesrl.region1.site1.edge01.e1-4 False topo3nodesrl region1 site1 edge01 164 | topo3nodesrl.region1.site1.edge01.e1-40 False topo3nodesrl region1 site1 edge01 165 | topo3nodesrl.region1.site1.edge01.e1-41 False topo3nodesrl region1 site1 edge01 166 | topo3nodesrl.region1.site1.edge01.e1-42 False topo3nodesrl region1 site1 edge01 167 | topo3nodesrl.region1.site1.edge01.e1-43 False topo3nodesrl region1 site1 edge01 168 | topo3nodesrl.region1.site1.edge01.e1-44 False topo3nodesrl region1 site1 edge01 169 | topo3nodesrl.region1.site1.edge01.e1-45 False topo3nodesrl region1 site1 edge01 170 | topo3nodesrl.region1.site1.edge01.e1-46 False topo3nodesrl region1 site1 edge01 171 | topo3nodesrl.region1.site1.edge01.e1-47 False topo3nodesrl region1 site1 edge01 172 | topo3nodesrl.region1.site1.edge01.e1-48 False topo3nodesrl region1 site1 edge01 173 | topo3nodesrl.region1.site1.edge01.e1-49 False topo3nodesrl region1 site1 edge01 174 | topo3nodesrl.region1.site1.edge01.e1-5 False topo3nodesrl region1 site1 edge01 175 | topo3nodesrl.region1.site1.edge01.e1-50 False topo3nodesrl region1 site1 edge01 176 | topo3nodesrl.region1.site1.edge01.e1-51 False topo3nodesrl region1 site1 edge01 177 | topo3nodesrl.region1.site1.edge01.e1-52 False topo3nodesrl region1 site1 edge01 178 | topo3nodesrl.region1.site1.edge01.e1-53 False topo3nodesrl region1 site1 edge01 179 | topo3nodesrl.region1.site1.edge01.e1-54 False topo3nodesrl region1 site1 edge01 180 | topo3nodesrl.region1.site1.edge01.e1-55 False topo3nodesrl region1 site1 edge01 181 | topo3nodesrl.region1.site1.edge01.e1-56 False topo3nodesrl region1 site1 edge01 182 | topo3nodesrl.region1.site1.edge01.e1-6 False topo3nodesrl region1 site1 edge01 183 | topo3nodesrl.region1.site1.edge01.e1-7 False topo3nodesrl region1 site1 edge01 184 | topo3nodesrl.region1.site1.edge01.e1-8 False topo3nodesrl region1 site1 edge01 185 | topo3nodesrl.region1.site1.edge01.e1-9 False topo3nodesrl region1 site1 edge01 186 | topo3nodesrl.region1.site1.edge02.e1-1 False topo3nodesrl region1 site1 edge02 187 | topo3nodesrl.region1.site1.edge02.e1-10 False topo3nodesrl region1 site1 edge02 188 | topo3nodesrl.region1.site1.edge02.e1-11 False topo3nodesrl region1 site1 edge02 189 | topo3nodesrl.region1.site1.edge02.e1-12 False topo3nodesrl region1 site1 edge02 190 | topo3nodesrl.region1.site1.edge02.e1-13 False topo3nodesrl region1 site1 edge02 191 | topo3nodesrl.region1.site1.edge02.e1-14 False topo3nodesrl region1 site1 edge02 192 | topo3nodesrl.region1.site1.edge02.e1-15 False topo3nodesrl region1 site1 edge02 193 | topo3nodesrl.region1.site1.edge02.e1-16 False topo3nodesrl region1 site1 edge02 194 | topo3nodesrl.region1.site1.edge02.e1-17 False topo3nodesrl region1 site1 edge02 195 | topo3nodesrl.region1.site1.edge02.e1-18 False topo3nodesrl region1 site1 edge02 196 | topo3nodesrl.region1.site1.edge02.e1-19 False topo3nodesrl region1 site1 edge02 197 | topo3nodesrl.region1.site1.edge02.e1-2 False topo3nodesrl region1 site1 edge02 198 | topo3nodesrl.region1.site1.edge02.e1-20 False topo3nodesrl region1 site1 edge02 199 | topo3nodesrl.region1.site1.edge02.e1-21 False topo3nodesrl region1 site1 edge02 200 | topo3nodesrl.region1.site1.edge02.e1-22 False topo3nodesrl region1 site1 edge02 201 | topo3nodesrl.region1.site1.edge02.e1-23 False topo3nodesrl region1 site1 edge02 202 | topo3nodesrl.region1.site1.edge02.e1-24 False topo3nodesrl region1 site1 edge02 203 | topo3nodesrl.region1.site1.edge02.e1-25 False topo3nodesrl region1 site1 edge02 204 | topo3nodesrl.region1.site1.edge02.e1-26 False topo3nodesrl region1 site1 edge02 205 | topo3nodesrl.region1.site1.edge02.e1-27 False topo3nodesrl region1 site1 edge02 206 | topo3nodesrl.region1.site1.edge02.e1-28 False topo3nodesrl region1 site1 edge02 207 | topo3nodesrl.region1.site1.edge02.e1-29 False topo3nodesrl region1 site1 edge02 208 | topo3nodesrl.region1.site1.edge02.e1-3 False topo3nodesrl region1 site1 edge02 209 | topo3nodesrl.region1.site1.edge02.e1-30 False topo3nodesrl region1 site1 edge02 210 | topo3nodesrl.region1.site1.edge02.e1-31 False topo3nodesrl region1 site1 edge02 211 | topo3nodesrl.region1.site1.edge02.e1-32 False topo3nodesrl region1 site1 edge02 212 | topo3nodesrl.region1.site1.edge02.e1-33 False topo3nodesrl region1 site1 edge02 213 | topo3nodesrl.region1.site1.edge02.e1-34 False topo3nodesrl region1 site1 edge02 214 | topo3nodesrl.region1.site1.edge02.e1-35 False topo3nodesrl region1 site1 edge02 215 | topo3nodesrl.region1.site1.edge02.e1-36 False topo3nodesrl region1 site1 edge02 216 | topo3nodesrl.region1.site1.edge02.e1-37 False topo3nodesrl region1 site1 edge02 217 | topo3nodesrl.region1.site1.edge02.e1-38 False topo3nodesrl region1 site1 edge02 218 | topo3nodesrl.region1.site1.edge02.e1-39 False topo3nodesrl region1 site1 edge02 219 | topo3nodesrl.region1.site1.edge02.e1-4 False topo3nodesrl region1 site1 edge02 220 | topo3nodesrl.region1.site1.edge02.e1-40 False topo3nodesrl region1 site1 edge02 221 | topo3nodesrl.region1.site1.edge02.e1-41 False topo3nodesrl region1 site1 edge02 222 | topo3nodesrl.region1.site1.edge02.e1-42 False topo3nodesrl region1 site1 edge02 223 | topo3nodesrl.region1.site1.edge02.e1-43 False topo3nodesrl region1 site1 edge02 224 | topo3nodesrl.region1.site1.edge02.e1-44 False topo3nodesrl region1 site1 edge02 225 | topo3nodesrl.region1.site1.edge02.e1-45 False topo3nodesrl region1 site1 edge02 226 | topo3nodesrl.region1.site1.edge02.e1-46 False topo3nodesrl region1 site1 edge02 227 | topo3nodesrl.region1.site1.edge02.e1-47 False topo3nodesrl region1 site1 edge02 228 | topo3nodesrl.region1.site1.edge02.e1-48 False topo3nodesrl region1 site1 edge02 229 | topo3nodesrl.region1.site1.edge02.e1-49 False topo3nodesrl region1 site1 edge02 230 | topo3nodesrl.region1.site1.edge02.e1-5 False topo3nodesrl region1 site1 edge02 231 | topo3nodesrl.region1.site1.edge02.e1-50 False topo3nodesrl region1 site1 edge02 232 | topo3nodesrl.region1.site1.edge02.e1-51 False topo3nodesrl region1 site1 edge02 233 | topo3nodesrl.region1.site1.edge02.e1-52 False topo3nodesrl region1 site1 edge02 234 | topo3nodesrl.region1.site1.edge02.e1-53 False topo3nodesrl region1 site1 edge02 235 | topo3nodesrl.region1.site1.edge02.e1-54 False topo3nodesrl region1 site1 edge02 236 | topo3nodesrl.region1.site1.edge02.e1-55 False topo3nodesrl region1 site1 edge02 237 | topo3nodesrl.region1.site1.edge02.e1-56 False topo3nodesrl region1 site1 edge02 238 | topo3nodesrl.region1.site1.edge02.e1-6 False topo3nodesrl region1 site1 edge02 239 | topo3nodesrl.region1.site1.edge02.e1-7 False topo3nodesrl region1 site1 edge02 240 | topo3nodesrl.region1.site1.edge02.e1-8 False topo3nodesrl region1 site1 edge02 241 | topo3nodesrl.region1.site1.edge02.e1-9 False topo3nodesrl region1 site1 edge02 242 | ``` 243 | 244 | We now have a full device and link inventory in the system, which we can use to build network constructs. 245 | 246 | 247 | [containerlab]: https://containerlab.dev 248 | [kind]: https://kind.sigs.k8s.io 249 | [pkgserver]: https://docs.pkgserver.dev 250 | [sdc]: https://docs.sdcio.dev 251 | [kuid]: https://kuidio.github.io/docs/ 252 | [srlinux]: https://learn.srlinux.dev/ 253 | [gnmi]: https://github.com/openconfig/gnmi 254 | [netconf]: https://en.wikipedia.org/wiki/NETCONF -------------------------------------------------------------------------------- /docs/02-examples/04_networkconfig.md: -------------------------------------------------------------------------------- 1 | # Network Config 2 | 3 | Configuring networking involves managing numerous parameters and fine-tuning various settings. In this exercise, we demonstrate how to define network-wide parameters that network design engineers can use to accommodate diverse environments. The goal is to decouple the network design details from the service configuration. As such the detailed network design parameters are hidden from the people consuming the network. This is a technique to help abstraction. 4 | 5 | First, we create an IP Index, which acts like a routing table. This IP Index serves as the global network IP range for the entire setup. We configure both IPv4 and IPv6 prefixes to ensure comprehensive coverage and flexibility in addressing. 6 | 7 | 8 | /// details | IP Index 9 | 10 | ```yaml 11 | --8<-- 12 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-ipindex.yaml 13 | --8<-- 14 | ``` 15 | /// 16 | 17 | The 2nd configuration defines various parameters for the network that are specific to network designers. 18 | 19 | - Which IP prefix to be used for interfaces versus loopback IP(s) 20 | - The selection of dual stack for addressing 21 | - The use of EBGP for the underlay and the respective AS pool, for allocating AS numbers per device. 22 | - The usage of a RR for IBGP 23 | - The selection of EVPN for the overlay routes for L2 and L3 24 | - Which encapsulation is used for overlays 25 | - etc 26 | 27 | !!!note "The parameters can be extended/tuned for other environments. The idea here is to show how one could use such a concept" 28 | 29 | Below we can see which information we use in this exercise 30 | 31 | /// details | Network config 32 | 33 | ```yaml 34 | --8<-- 35 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-networkconfig.yaml 36 | --8<-- 37 | ``` 38 | /// 39 | 40 | Execute the following command 41 | 42 | ``` 43 | kubenetctl networkconfig 44 | ``` 45 | 46 | ```shell 47 | Configue the default network configuration (config parameters for the underlay) 48 | =============================================================================== 49 | # apply the ip index (network prefixes the network is setup with) [1/2]: 50 | 51 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-ipindex.yaml 52 | ipindex.ipam.be.kuid.dev/topo3nodesrl.default created 53 | 54 | # apply the network config (network parameters for your network, BGP, VXLAN, Prefixes) [2/2]: 55 | 56 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-networkconfig.yaml 57 | networkconfig.network.app.kuid.dev/topo3nodesrl.default created 58 | ``` 59 | 60 | Lets see what happened 61 | 62 | An IP index is created with the respective IPs 63 | 64 | ``` 65 | kubectl get ipindices.ipam.be.kuid.dev 66 | ``` 67 | 68 | ``` 69 | NAME READY PREFIX0 PREFIX1 PREFIX2 PREFIX3 PREFIX4 70 | topo3nodesrl.default True 10.0.0.0/8 1000::/32 192.0.0.0/8 1192::/32 71 | ``` 72 | 73 | A Set of IP claims are created for the respective loopbacks and inter-subnet links. 74 | 75 | ``` 76 | kubectl get ipclaims.ipam.be.kuid.dev 77 | ``` 78 | 79 | ``` 80 | 81 | NAME READY INDEX CLAIMTYPE PREFIXTYPE CLAIMREQ CLAIMRSP DEFAULTGATEWAY 82 | topo3nodesrl.default.10.0.0.0-16 True topo3nodesrl.default staticPrefix pool 10.0.0.0/16 10.0.0.0/16 83 | topo3nodesrl.default.1000---64 True topo3nodesrl.default staticPrefix pool 1000::/64 1000::/64 84 | topo3nodesrl.default.1192---56 True topo3nodesrl.default staticPrefix network 1192::/56 1192::/56 85 | topo3nodesrl.default.192.0.0.0-16 True topo3nodesrl.default staticPrefix network 192.0.0.0/16 192.0.0.0/16 86 | ``` 87 | 88 | The AS pool is setup and we registered the AS number for the network 89 | 90 | ``` 91 | kubectl get asclaims.as.be.kuid.dev 92 | ``` 93 | 94 | ``` 95 | NAME READY INDEX CLAIMTYPE CLAIMREQ CLAIMRSP 96 | topo3nodesrl.default.aspool True topo3nodesrl.default range 65000-65100 65000-65100 97 | topo3nodesrl.default.ibgp True topo3nodesrl.default staticID 65535 65535 98 | ``` 99 | 100 | All these parameters are registered through [kuid][kuid] API and can be leveraged as a source of truth that various components leverage for specific use cases. In the next examples you will see how certain networking applications leverage this for configuring the network, 101 | 102 | You are ready to configure underlay and overlay !!!. 103 | 104 | 105 | [containerlab]: https://containerlab.dev 106 | [kind]: https://kind.sigs.k8s.io 107 | [pkgserver]: https://docs.pkgserver.dev 108 | [sdc]: https://docs.sdcio.dev 109 | [kuid]: https://kuidio.github.io/docs/ 110 | [srlinux]: https://learn.srlinux.dev/ 111 | [gnmi]: https://github.com/openconfig/gnmi 112 | [netconf]: https://en.wikipedia.org/wiki/NETCONF -------------------------------------------------------------------------------- /docs/02-examples/05_defaultnetwork.md: -------------------------------------------------------------------------------- 1 | # Default Network 2 | 3 | In this exercise we create the default network. The default network is your underlay network configuration, the network that interconnects all the devices. Looking at the configuration it looks really slim. The reason is that this leverages the parameters setup in the previous step [network config][network config]. 4 | 5 | /// details | Default Network 6 | 7 | ```yaml 8 | --8<-- 9 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-network.yaml 10 | --8<-- 11 | ``` 12 | /// 13 | 14 | Execute the following command to instantiate the default network 15 | 16 | ``` 17 | kubenetctl networkdefault 18 | ``` 19 | 20 | ```shell 21 | Configure the default underlay network 22 | ===================================== 23 | # apply the default network config [1/1]: 24 | 25 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-network.yaml 26 | network.network.app.kuid.dev/topo3nodesrl.default created 27 | ``` 28 | 29 | While this looks really simple, a lot is happening under the hood. This default network is leveraging the network config setup in the previous step and allocates AS per device for the underlay, It allocate a IP prefix for each link in the network per address family and a IP address for its individual endpoints, etc. On top a device config is derived through an abstract data model, which is mapped to [srlinux][srlinux] for the specific implementation of the device. Once the device configuration is available for all the devices, the configurations are transacted to the device using [sdc][sdc]. 30 | 31 | !!!note "In a later exercise (gitops) you will see that another option is to check in the resulting device configurations in git, rather than transacting to the network". 32 | 33 | Let's go through some resources that got allocated through these steps. 34 | 35 | First an AS number per device is allocated, through the ASClaim API. 36 | 37 | ``` 38 | kubectl get asclaims.as.be.kuid.dev 39 | ``` 40 | 41 | ``` 42 | NAME READY INDEX CLAIMTYPE CLAIMREQ CLAIMRSP 43 | topo3nodesrl.default.aspool True topo3nodesrl.default range 65000-65100 65000-65100 44 | topo3nodesrl.default.core01 True topo3nodesrl.default dynamicID 65002 45 | topo3nodesrl.default.edge01 True topo3nodesrl.default dynamicID 65001 46 | topo3nodesrl.default.edge02 True topo3nodesrl.default dynamicID 65000 47 | topo3nodesrl.default.ibgp True topo3nodesrl.default staticID 65535 65535 48 | ``` 49 | 50 | A Set of IP claims are created for the respective loopbacks and inter-subnet links using the IPClaim API. 51 | 52 | ``` 53 | kubectl get ipclaims.ipam.be.kuid.dev 54 | ``` 55 | 56 | ``` 57 | NAME READY INDEX CLAIMTYPE PREFIXTYPE CLAIMREQ CLAIMRSP DEFAULTGATEWAY 58 | topo3nodesrl.default.10.0.0.0-16 True topo3nodesrl.default staticPrefix pool 10.0.0.0/16 10.0.0.0/16 59 | topo3nodesrl.default.1000---64 True topo3nodesrl.default staticPrefix pool 1000::/64 1000::/64 60 | topo3nodesrl.default.1192---56 True topo3nodesrl.default staticPrefix network 1192::/56 1192::/56 61 | topo3nodesrl.default.192.0.0.0-16 True topo3nodesrl.default staticPrefix network 192.0.0.0/16 192.0.0.0/16 62 | topo3nodesrl.default.core01.e1-1.ipv4 True topo3nodesrl.default dynamicAddress network 192.0.255.253/31 63 | topo3nodesrl.default.core01.e1-1.ipv6 True topo3nodesrl.default dynamicAddress network 1192::2/127 64 | topo3nodesrl.default.core01.e1-2.ipv4 True topo3nodesrl.default dynamicAddress network 192.0.0.3/31 65 | topo3nodesrl.default.core01.e1-2.ipv6 True topo3nodesrl.default dynamicAddress network 1192::ff:ffff:ffff:ffff:fffd/127 66 | topo3nodesrl.default.core01.ipv4 True topo3nodesrl.default dynamicAddress pool 10.0.0.0/32 67 | topo3nodesrl.default.core01.ipv6 True topo3nodesrl.default dynamicAddress pool 1000::2/128 68 | topo3nodesrl.default.edge01.e1-49.core01.e1-1.ipv4 True topo3nodesrl.default dynamicPrefix network 192.0.255.252/31 69 | topo3nodesrl.default.edge01.e1-49.core01.e1-1.ipv6 True topo3nodesrl.default dynamicPrefix network 1192::2/127 70 | topo3nodesrl.default.edge01.e1-49.ipv4 True topo3nodesrl.default dynamicAddress network 192.0.255.252/31 71 | topo3nodesrl.default.edge01.e1-49.ipv6 True topo3nodesrl.default dynamicAddress network 1192::3/127 72 | topo3nodesrl.default.edge01.ipv4 True topo3nodesrl.default dynamicAddress pool 10.0.0.1/32 73 | topo3nodesrl.default.edge01.ipv6 True topo3nodesrl.default dynamicAddress pool 1000::1/128 74 | topo3nodesrl.default.edge02.e1-49.core01.e1-2.ipv4 True topo3nodesrl.default dynamicPrefix network 192.0.0.2/31 75 | topo3nodesrl.default.edge02.e1-49.core01.e1-2.ipv6 True topo3nodesrl.default dynamicPrefix network 1192::ff:ffff:ffff:ffff:fffc/127 76 | topo3nodesrl.default.edge02.e1-49.ipv4 True topo3nodesrl.default dynamicAddress network 192.0.0.2/31 77 | topo3nodesrl.default.edge02.e1-49.ipv6 True topo3nodesrl.default dynamicAddress network 1192::ff:ffff:ffff:ffff:fffc/127 78 | topo3nodesrl.default.edge02.ipv4 True topo3nodesrl.default dynamicAddress pool 10.0.0.2/32 79 | topo3nodesrl.default.edge02.ipv6 True topo3nodesrl.default dynamicAddress pool 1000::/128 80 | ``` 81 | 82 | The abstracted device models per device can be viewed with this command 83 | 84 | ``` 85 | kubectl get networkdevices.network.app.kuid.dev 86 | ``` 87 | 88 | ``` 89 | NAME READY PROVIDER 90 | topo3nodesrl.default.core01 True srlinux.nokia.com 91 | topo3nodesrl.default.edge01 True srlinux.nokia.com 92 | topo3nodesrl.default.edge02 True srlinux.nokia.com 93 | ``` 94 | 95 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provides the json based output" 96 | 97 | example command for the abstracted config of the edge01 device 98 | 99 | ``` 100 | kubectl get networkdevices.network.app.kuid.dev topo3nodesrl.default.edge01 -o yaml 101 | ``` 102 | 103 | The final device specific [srlinux][srlinux] configuration sent to the device can be seen through this command. 104 | 105 | ``` 106 | kubectl get configs.config.sdcio.dev 107 | ``` 108 | 109 | ``` 110 | NAME READY REASON TARGET SCHEMA 111 | topo3nodesrl.default.core01 True ready default/core01 srl.nokia.sdcio.dev/24.3.2 112 | topo3nodesrl.default.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 113 | topo3nodesrl.default.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 114 | ``` 115 | 116 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provides the json based output" 117 | 118 | example command for the detailed [srlinux][srlinux] config of the edge01 device 119 | 120 | ``` 121 | kubectl get configs.config.sdcio.dev topo3nodesrl.default.edge01 -o yaml 122 | ``` 123 | 124 | Let's check if this finally ended up on the devices 125 | 126 | /// tab | edge01 127 | 128 | ``` 129 | docker exec clab-topo3nodesrl-edge01 sr_cli -- show network-instance summary 130 | ``` 131 | 132 | Expected output 133 | 134 | ``` 135 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 136 | | Name | Type | Admin state | Oper state | Router id | Description | 137 | +==============================+================+================+================+==============================+======================================+ 138 | | default | default | enable | up | | k8s-default | 139 | | mgmt | ip-vrf | enable | up | | Management network instance | 140 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 141 | ``` 142 | 143 | ``` 144 | docker exec clab-topo3nodesrl-edge01 sr_cli -- show network-instance default protocols bgp neighbor 145 | ``` 146 | 147 | Expected output 148 | 149 | ``` 150 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 151 | BGP neighbor summary for network-instance "default" 152 | Flags: S static, D dynamic, L discovered by LLDP, B BFD enabled, - disabled, * slow 153 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 154 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 155 | +-----------------+-------------------------+-----------------+------+---------+--------------+--------------+------------+-------------------------+ 156 | | Net-Inst | Peer | Group | Flag | Peer-AS | State | Uptime | AFI/SAFI | [Rx/Active/Tx] | 157 | | | | | s | | | | | | 158 | +=================+=========================+=================+======+=========+==============+==============+============+=========================+ 159 | | default | 10.0.0.0 | overlay | S | 65535 | established | 0d:0h:8m:2s | evpn | [0/0/0] | 160 | | | | | | | | | ipv4- | [2/0/2] | 161 | | | | | | | | | unicast | [2/0/2] | 162 | | | | | | | | | ipv6- | | 163 | | | | | | | | | unicast | | 164 | | default | 192.0.255.253 | underlay | S | 65002 | established | 0d:0h:8m:32s | ipv4- | [2/2/1] | 165 | | | | | | | | | unicast | [2/2/1] | 166 | | | | | | | | | ipv6- | | 167 | | | | | | | | | unicast | | 168 | | default | 1192::2 | underlay | S | 65002 | established | 0d:0h:8m:37s | ipv4- | [3/1/3] | 169 | | | | | | | | | unicast | [3/2/3] | 170 | | | | | | | | | ipv6- | | 171 | | | | | | | | | unicast | | 172 | +-----------------+-------------------------+-----------------+------+---------+--------------+--------------+------------+-------------------------+ 173 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 174 | Summary: 175 | 3 configured neighbors, 3 configured sessions are established,0 disabled peers 176 | 0 dynamic peers 177 | ``` 178 | /// 179 | 180 | 181 | /// tab | core01 182 | 183 | ``` 184 | docker exec clab-topo3nodesrl-core01 sr_cli -- show network-instance summary 185 | ``` 186 | 187 | Expected output 188 | 189 | ``` 190 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 191 | | Name | Type | Admin state | Oper state | Router id | Description | 192 | +==============================+================+================+================+==============================+======================================+ 193 | | default | default | enable | up | | k8s-default | 194 | | mgmt | ip-vrf | enable | up | | Management network instance | 195 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 196 | 197 | ``` 198 | 199 | Expected output 200 | 201 | ``` 202 | docker exec clab-topo3nodesrl-core01 sr_cli -- show network-instance default protocols bgp neighbor 203 | ``` 204 | 205 | ``` 206 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 207 | BGP neighbor summary for network-instance "default" 208 | Flags: S static, D dynamic, L discovered by LLDP, B BFD enabled, - disabled, * slow 209 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 210 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 211 | +-----------------+-------------------------+-----------------+------+---------+--------------+--------------+------------+-------------------------+ 212 | | Net-Inst | Peer | Group | Flag | Peer-AS | State | Uptime | AFI/SAFI | [Rx/Active/Tx] | 213 | | | | | s | | | | | | 214 | +=================+=========================+=================+======+=========+==============+==============+============+=========================+ 215 | | default | 10.0.0.1 | overlay | S | 65535 | established | 0d:0h:9m:54s | evpn | [0/0/0] | 216 | | | | | | | | | ipv4- | [2/0/2] | 217 | | | | | | | | | unicast | [2/0/2] | 218 | | | | | | | | | ipv6- | | 219 | | | | | | | | | unicast | | 220 | | default | 10.0.0.2 | overlay | S | 65535 | established | 0d:0h:9m:56s | evpn | [0/0/0] | 221 | | | | | | | | | ipv4- | [2/0/2] | 222 | | | | | | | | | unicast | [2/0/2] | 223 | | | | | | | | | ipv6- | | 224 | | | | | | | | | unicast | | 225 | | default | 192.0.0.2 | underlay | S | 65000 | established | 0d:0h:10m:26 | ipv4- | [1/1/2] | 226 | | | | | | | | s | unicast | [1/1/2] | 227 | | | | | | | | | ipv6- | | 228 | | | | | | | | | unicast | | 229 | | default | 192.0.255.252 | underlay | S | 65001 | established | 0d:0h:10m:23 | ipv4- | [1/1/2] | 230 | | | | | | | | s | unicast | [1/1/2] | 231 | | | | | | | | | ipv6- | | 232 | | | | | | | | | unicast | | 233 | | default | 1192::3 | underlay | S | 65001 | established | 0d:0h:10m:28 | ipv4- | [3/0/3] | 234 | | | | | | | | s | unicast | [3/1/3] | 235 | | | | | | | | | ipv6- | | 236 | | | | | | | | | unicast | | 237 | | default | 1192::ff:ffff:ffff:ffff | underlay | S | 65000 | established | 0d:0h:10m:31 | ipv4- | [3/0/3] | 238 | | | :fffc | | | | | s | unicast | [3/1/3] | 239 | | | | | | | | | ipv6- | | 240 | | | | | | | | | unicast | | 241 | +-----------------+-------------------------+-----------------+------+---------+--------------+--------------+------------+-------------------------+ 242 | ---------------------------------------------------------------------------------------------------------------------------------------------------------- 243 | Summary: 244 | 6 configured neighbors, 6 configured sessions are established,0 disabled peers 245 | 0 dynamic peers 246 | ``` 247 | 248 | /// 249 | 250 | You can also see the resulting configuration using kubectl using the following command. 251 | 252 | ``` 253 | kubectl get runningconfigs.config.sdcio.dev core01 -o yaml 254 | kubectl get runningconfigs.config.sdcio.dev edge01 -o yaml 255 | kubectl get runningconfigs.config.sdcio.dev edge02 -o yaml 256 | ``` 257 | 258 | Let's see how we can do the same for overlays 259 | 260 | 261 | [containerlab]: https://containerlab.dev 262 | [kind]: https://kind.sigs.k8s.io 263 | [pkgserver]: https://docs.pkgserver.dev 264 | [sdc]: https://docs.sdcio.dev 265 | [kuid]: https://kuidio.github.io/docs/ 266 | [srlinux]: https://learn.srlinux.dev/ 267 | [gnmi]: https://github.com/openconfig/gnmi 268 | [netconf]: https://en.wikipedia.org/wiki/NETCONF 269 | [network config]: https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/default-networkconfig.yaml 270 | -------------------------------------------------------------------------------- /docs/02-examples/06_bridgednetwork.md: -------------------------------------------------------------------------------- 1 | # Bridged Overlay Network 2 | 3 | In this exercise we configure a bridged overlay network using EVPN. The same principle apply here. The default network config is used to simplify the configuration for the end user as much as possible. 4 | 5 | /// details | Bridged Network 6 | 7 | ```yaml 8 | --8<-- 9 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc1-bridged-network.yaml 10 | --8<-- 11 | ``` 12 | /// 13 | 14 | Execute the following command to instantiate the bridged network 15 | 16 | ``` 17 | kubenetctl networkbridged 18 | ``` 19 | 20 | ```shell 21 | Configue a bridged EVPN overlay network 22 | ======================================= 23 | # apply the default network config [1/1]: 24 | 25 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc1-bridged-network.yaml 26 | network.network.app.kuid.dev/topo3nodesrl.vpc1 created 27 | ``` 28 | 29 | An abstract data model is derived per device for this confiuration, which is translated to the specific implementation of [srlinux][srlinux] and finally transacted to the device. Important to note that only edge01 and edge02 got a new configuration, since these devices are only used for this specific configuration. The topology information is used to determine this. 30 | 31 | The abstracted device models per device can be viewed with this command 32 | 33 | ``` 34 | kubectl get networkdevices.network.app.kuid.dev 35 | ``` 36 | 37 | ``` 38 | NAME READY PROVIDER 39 | topo3nodesrl.default.core01 True srlinux.nokia.com 40 | topo3nodesrl.default.edge01 True srlinux.nokia.com 41 | topo3nodesrl.default.edge02 True srlinux.nokia.com 42 | topo3nodesrl.vpc1.edge01 True srlinux.nokia.com 43 | topo3nodesrl.vpc1.edge02 True srlinux.nokia.com 44 | ``` 45 | 46 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 47 | 48 | example command for the abstracted config of the edge01 device 49 | 50 | ``` 51 | kubectl get networkdevices.network.app.kuid.dev topo3nodesrl.vpc1.edge01 -o yaml 52 | ``` 53 | 54 | The final device specific [srlinux][srlinux] configuration send to the device can be seen through this command. 55 | 56 | ``` 57 | kubectl get configs.config.sdcio.dev 58 | ``` 59 | 60 | ``` 61 | NAME READY REASON TARGET SCHEMA 62 | topo3nodesrl.default.core01 True ready default/core01 srl.nokia.sdcio.dev/24.3.2 63 | topo3nodesrl.default.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 64 | topo3nodesrl.default.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 65 | topo3nodesrl.vpc1.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 66 | topo3nodesrl.vpc1.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 67 | ``` 68 | 69 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 70 | 71 | example command for the detailed [srlinux][srlinux] config of the edge01 device 72 | 73 | ``` 74 | kubectl get configs.config.sdcio.dev topo3nodesrl.vpc1.edge01 -o yaml 75 | ``` 76 | 77 | Let's check if this final ended up on the devices. 78 | 79 | /// tab | edge01 80 | 81 | ``` 82 | docker exec clab-topo3nodesrl-edge01 sr_cli -- show network-instance summary 83 | ``` 84 | 85 | Expected output 86 | 87 | ``` 88 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 89 | | Name | Type | Admin state | Oper state | Router id | Description | 90 | +==============================+================+================+================+==============================+======================================+ 91 | | default | default | enable | up | | k8s-default | 92 | | mgmt | ip-vrf | enable | up | | Management network instance | 93 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 94 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 95 | 96 | ``` 97 | /// 98 | 99 | /// tab | edge02 100 | 101 | ``` 102 | docker exec clab-topo3nodesrl-edge02 sr_cli -- show network-instance summary 103 | ``` 104 | 105 | Expected output 106 | 107 | ``` 108 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 109 | | Name | Type | Admin state | Oper state | Router id | Description | 110 | +==============================+================+================+================+==============================+======================================+ 111 | | default | default | enable | up | | k8s-default | 112 | | mgmt | ip-vrf | enable | up | | Management network instance | 113 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 114 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 115 | 116 | --{ + running }--[ ]-- 117 | ``` 118 | 119 | /// 120 | 121 | You can also see the resulting configuration using kubectl using the following command. 122 | 123 | ``` 124 | kubectl get runningconfigs.config.sdcio.dev edge01 -o yaml 125 | kubectl get runningconfigs.config.sdcio.dev edge02 -o yaml 126 | ``` 127 | 128 | Nice !! 129 | 130 | [containerlab]: https://containerlab.dev 131 | [kind]: https://kind.sigs.k8s.io 132 | [pkgserver]: https://docs.pkgserver.dev 133 | [sdc]: https://docs.sdcio.dev 134 | [kuid]: https://kuidio.github.io/docs/ 135 | [srlinux]: https://learn.srlinux.dev/ 136 | [gnmi]: https://github.com/openconfig/gnmi 137 | [netconf]: https://en.wikipedia.org/wiki/NETCONF -------------------------------------------------------------------------------- /docs/02-examples/07_routednetwork.md: -------------------------------------------------------------------------------- 1 | # Routed Overlay Network 2 | 3 | In this exercise we configure a routed overlay network using EVPN. The same principle apply here. The default network config is used to simplify the configuration for the end user as much as possible. 4 | 5 | /// details | Routed Network 6 | 7 | ```yaml 8 | --8<-- 9 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc2-routed-network.yaml 10 | --8<-- 11 | ``` 12 | /// 13 | 14 | Execute the following command to instantiate the routed network 15 | 16 | ``` 17 | kubenetctl networkrouted 18 | ``` 19 | 20 | ```shell 21 | Configue a routed overlay EVPN network 22 | ====================================== 23 | # apply the default network config [1/1]: 24 | 25 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc2-routed-network.yaml 26 | network.network.app.kuid.dev/topo3nodesrl.vpc2 created 27 | ``` 28 | 29 | An abstract data model is derived per device for this confiuration, which is translated to the specific implementation of [srlinux][srlinux] and finally transacted to the device. Important to note that only edge01 and edge02 has a configuration, since these devices are only used for this specific configuration. The topology information is used to determine this. 30 | 31 | The abstracted device models per device can be viewed with this command 32 | 33 | ``` 34 | kubectl get networkdevices.network.app.kuid.dev 35 | ``` 36 | 37 | ``` 38 | NAME READY PROVIDER 39 | topo3nodesrl.default.core01 True srlinux.nokia.com 40 | topo3nodesrl.default.edge01 True srlinux.nokia.com 41 | topo3nodesrl.default.edge02 True srlinux.nokia.com 42 | topo3nodesrl.vpc1.edge01 True srlinux.nokia.com 43 | topo3nodesrl.vpc1.edge02 True srlinux.nokia.com 44 | topo3nodesrl.vpc2.edge01 True srlinux.nokia.com 45 | topo3nodesrl.vpc2.edge02 True srlinux.nokia.com 46 | ``` 47 | 48 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 49 | 50 | 51 | example command for the abstracted config of the edge01 device 52 | 53 | ``` 54 | kubectl get networkdevices.network.app.kuid.dev topo3nodesrl.vpc2.edge01 -o yaml 55 | ``` 56 | 57 | The final device specific [srlinux][srlinux] configuration send to the device can be seen through this command. 58 | 59 | ``` 60 | kubectl get configs.config.sdcio.dev 61 | ``` 62 | 63 | ``` 64 | NAME READY REASON TARGET SCHEMA 65 | topo3nodesrl.default.core01 True ready default/core01 srl.nokia.sdcio.dev/24.3.2 66 | topo3nodesrl.default.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 67 | topo3nodesrl.default.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 68 | topo3nodesrl.vpc1.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 69 | topo3nodesrl.vpc1.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 70 | topo3nodesrl.vpc2.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 71 | topo3nodesrl.vpc2.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 72 | ``` 73 | 74 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 75 | 76 | example command for the detailed [srlinux][srlinux] config of the edge01 device 77 | 78 | ``` 79 | kubectl get configs.config.sdcio.dev topo3nodesrl.vpc2.edge01 -o yaml 80 | ``` 81 | 82 | Let's check if this final ended up on the devices 83 | 84 | /// tab | edge01 85 | 86 | ``` 87 | docker exec clab-topo3nodesrl-edge01 sr_cli -- show network-instance summary 88 | ``` 89 | 90 | Expected output 91 | 92 | ``` 93 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 94 | | Name | Type | Admin state | Oper state | Router id | Description | 95 | +==============================+================+================+================+==============================+======================================+ 96 | | default | default | enable | up | | k8s-default | 97 | | mgmt | ip-vrf | enable | up | | Management network instance | 98 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 99 | | vpc2.rt20 | ip-vrf | enable | up | | k8s-vpc2.rt20 | 100 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 101 | ``` 102 | 103 | /// 104 | 105 | /// tab | edge02 106 | 107 | ``` 108 | docker exec clab-topo3nodesrl-edge02 sr_cli -- show network-instance summary 109 | ``` 110 | 111 | Expected output 112 | 113 | ``` 114 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 115 | | Name | Type | Admin state | Oper state | Router id | Description | 116 | +==============================+================+================+================+==============================+======================================+ 117 | | default | default | enable | up | | k8s-default | 118 | | mgmt | ip-vrf | enable | up | | Management network instance | 119 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 120 | | vpc2.rt20 | ip-vrf | enable | up | | k8s-vpc2.rt20 | 121 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 122 | 123 | --{ + running }--[ ]-- 124 | ``` 125 | 126 | /// 127 | 128 | You can also see the resulting configuration using kubectl using the following command. 129 | 130 | ``` 131 | kubectl get runningconfigs.config.sdcio.dev edge01 -o yaml 132 | kubectl get runningconfigs.config.sdcio.dev edge02 -o yaml 133 | ``` 134 | 135 | Nice, a single API for either routed or bridged, can we combine routed and bridged in the same network ? Yes we can see next exercise 136 | 137 | [containerlab]: https://containerlab.dev 138 | [kind]: https://kind.sigs.k8s.io 139 | [pkgserver]: https://docs.pkgserver.dev 140 | [sdc]: https://docs.sdcio.dev 141 | [kuid]: https://kuidio.github.io/docs/ 142 | [srlinux]: https://learn.srlinux.dev/ 143 | [gnmi]: https://github.com/openconfig/gnmi 144 | [netconf]: https://en.wikipedia.org/wiki/NETCONF -------------------------------------------------------------------------------- /docs/02-examples/08_irbnetwork.md: -------------------------------------------------------------------------------- 1 | # IRB Overlay Network 2 | 3 | In this exercise we configure a irb overlay network using EVPN. The same principle apply here. The default network config is used to simplify the configuration for the end user as much as possible. Also note that the same API can be used to configure both routed and/or bridged instances. 4 | 5 | /// details | IRB Network 6 | 7 | ```yaml 8 | --8<-- 9 | https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc3-irb-network.yaml 10 | --8<-- 11 | ``` 12 | /// 13 | 14 | Execute the following command to instantiate the routed network 15 | 16 | ``` 17 | kubenetctl networkirb 18 | ``` 19 | 20 | ```shell 21 | Configue a IRB overlay EVPN network 22 | =================================== 23 | # apply the default network config [1/1]: 24 | 25 | > kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/v0.0.1/network/vpc3-irb-network.yaml 26 | network.network.app.kuid.dev/topo3nodesrl.vpc3 created 27 | ``` 28 | 29 | An abstract data model is derived per device for this confiuration, which is translated to the specific implementation of [srlinux][srlinux] and finally transacted to the device. Important to note that only Edge01 and edge01 has a configuration, since these devices are only used for this specific configuration. The topology information is used to determine this. 30 | 31 | The abstracted device models per device can be viewed with this command. 32 | 33 | ``` 34 | kubectl get networkdevices.network.app.kuid.dev 35 | ``` 36 | 37 | ``` 38 | AME READY PROVIDER 39 | topo3nodesrl.default.core01 True srlinux.nokia.com 40 | topo3nodesrl.default.edge01 True srlinux.nokia.com 41 | topo3nodesrl.default.edge02 True srlinux.nokia.com 42 | topo3nodesrl.vpc1.edge01 True srlinux.nokia.com 43 | topo3nodesrl.vpc1.edge02 True srlinux.nokia.com 44 | topo3nodesrl.vpc2.edge01 True srlinux.nokia.com 45 | topo3nodesrl.vpc2.edge02 True srlinux.nokia.com 46 | topo3nodesrl.vpc3.edge01 True srlinux.nokia.com 47 | topo3nodesrl.vpc3.edge02 True srlinux.nokia.com 48 | ``` 49 | 50 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 51 | 52 | example command for the abstracted config of the edge01 device 53 | 54 | ``` 55 | kubectl get networkdevices.network.app.kuid.dev topo3nodesrl.vpc3.edge01 -o yaml 56 | ``` 57 | 58 | The final device specific [srlinux][srlinux] configuration send to the device can be seen through this command. 59 | 60 | ``` 61 | kubectl get configs.config.sdcio.dev 62 | ``` 63 | 64 | ``` 65 | NAME READY REASON TARGET SCHEMA 66 | topo3nodesrl.default.core01 True ready default/core01 srl.nokia.sdcio.dev/24.3.2 67 | topo3nodesrl.default.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 68 | topo3nodesrl.default.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 69 | topo3nodesrl.vpc1.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 70 | topo3nodesrl.vpc1.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 71 | topo3nodesrl.vpc2.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 72 | topo3nodesrl.vpc2.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 73 | topo3nodesrl.vpc3.edge01 True ready default/edge01 srl.nokia.sdcio.dev/24.3.2 74 | topo3nodesrl.vpc3.edge02 True ready default/edge02 srl.nokia.sdcio.dev/24.3.2 75 | ``` 76 | 77 | !!!Note "through the -o yaml option in `kubectl` you get the detailed view of the config in yaml format; -o json provide the json based output" 78 | 79 | example command for the detailed [srlinux][srlinux] config of the edge01 device 80 | 81 | ``` 82 | kubectl get configs.config.sdcio.dev topo3nodesrl.vpc3.edge01 -o yaml 83 | ``` 84 | 85 | Let's check if this final ended up on the devices 86 | 87 | /// tab | edge01 88 | 89 | ``` 90 | docker exec clab-topo3nodesrl-edge01 sr_cli -- show network-instance summary 91 | ``` 92 | 93 | Expected output 94 | 95 | ``` 96 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 97 | | Name | Type | Admin state | Oper state | Router id | Description | 98 | +==============================+================+================+================+==============================+======================================+ 99 | | default | default | enable | up | | k8s-default | 100 | | mgmt | ip-vrf | enable | up | | Management network instance | 101 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 102 | | vpc2.rt20 | ip-vrf | enable | up | | k8s-vpc2.rt20 | 103 | | vpc3.br30 | mac-vrf | enable | up | N/A | k8s-vpc3.br30 | 104 | | vpc3.rt35 | ip-vrf | enable | up | | k8s-vpc3.rt35 | 105 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 106 | 107 | ``` 108 | 109 | /// 110 | 111 | /// tab | edge02 112 | 113 | ``` 114 | docker exec clab-topo3nodesrl-edge02 sr_cli -- show network-instance summary 115 | ``` 116 | 117 | Expected output 118 | 119 | ``` 120 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 121 | | Name | Type | Admin state | Oper state | Router id | Description | 122 | +==============================+================+================+================+==============================+======================================+ 123 | | default | default | enable | up | | k8s-default | 124 | | mgmt | ip-vrf | enable | up | | Management network instance | 125 | | vpc1.br10 | mac-vrf | enable | up | N/A | k8s-vpc1.br10 | 126 | | vpc2.rt20 | ip-vrf | enable | up | | k8s-vpc2.rt20 | 127 | +------------------------------+----------------+----------------+----------------+------------------------------+--------------------------------------+ 128 | 129 | --{ + running }--[ ]-- 130 | ``` 131 | 132 | /// 133 | 134 | You can also see the resulting configuration using kubectl using the following command. 135 | 136 | ``` 137 | kubectl get runningconfigs.config.sdcio.dev edge01 -o yaml 138 | kubectl get runningconfigs.config.sdcio.dev edge02 -o yaml 139 | ``` 140 | 141 | Nice, a single API for both routed and/or bridged !! Lets explore gitops. 142 | 143 | [containerlab]: https://containerlab.dev 144 | [kind]: https://kind.sigs.k8s.io 145 | [pkgserver]: https://docs.pkgserver.dev 146 | [sdc]: https://docs.sdcio.dev 147 | [kuid]: https://kuidio.github.io/docs/ 148 | [srlinux]: https://learn.srlinux.dev/ 149 | [gnmi]: https://github.com/openconfig/gnmi 150 | [netconf]: https://en.wikipedia.org/wiki/NETCONF -------------------------------------------------------------------------------- /docs/02-examples/09_gitops.md: -------------------------------------------------------------------------------- 1 | # GitOps 2 | 3 | So far we have seen that the device configurations that are derived from the network configs are directly transacted to the respective devices. However many people have expressed the need to validate and check the derived configurations before they can be applied to the network. This is where the package server comes in. 4 | 5 | The philiosphy in this exercise is like this. We have a set of catalog (templates) configuration people use to configure network constructs. Lets use the overlay's as an example. We have a system (git) in which these blueprints are maintained and we want to instantiate them to the network using the flow that we saw in the previous exercises. However there is 1 big difference, rather than transacting the specific device config directly, we want to check them in into git and someone ( a human or a ci system can validate them before they get applied to the network). If this workflow is relevant for you, this is an exercise you shoudl execute. 6 | 7 | First we register the repository in which the blueprints are maintained. This repo is public and uses a bridged network blueprint. 8 | 9 | ``` 10 | kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/main/pkg/repo/repo-catalog.yaml 11 | ``` 12 | 13 | After the repo is registered, the package server discovers the blueprint package from git. You can see the result using the following comman. 14 | 15 | ``` 16 | kubectl get packagerevisions.pkg.pkgserver.dev 17 | ``` 18 | 19 | We discovered the blueprint package and we can access it using the kubernetes API. 20 | 21 | ``` 22 | NAME READY REPOSITORY TARGET REALM PACKAGE REVISION WORKSPACE LIFECYCLE 23 | catalog.repo-catalog.network.bridge.v1 True repo-catalog catalog network bridge v1 v1 published 24 | ``` 25 | 26 | You could also look at the content, like this 27 | 28 | ``` 29 | kubectl describe packagerevisionresourceses.pkg.pkgserver.dev catalog.repo-catalog.network.bridge.v1 30 | ``` 31 | 32 | ``` 33 | Name: catalog.repo-catalog.network.bridge.v1 34 | Namespace: default 35 | Labels: 36 | Annotations: pkg.pkgserver.dev/DiscoveredPkgRev: true 37 | API Version: pkg.pkgserver.dev/v1alpha1 38 | Kind: PackageRevisionResources 39 | Metadata: 40 | Creation Timestamp: 2024-05-26T19:00:26Z 41 | Finalizers: 42 | packagerevision.pkg.pkgserver.dev/finalizer 43 | packagediscovery.pkg.pkgserver.dev/finalizer 44 | Resource Version: 17693 45 | UID: a7d29fc6-80ef-4e84-9f7d-42bf7e3ea284 46 | Spec: 47 | Package Rev ID: 48 | Package: bridge 49 | Realm: network 50 | Repository: repo-catalog 51 | Revision: v1 52 | Target: catalog 53 | Workspace: v1 54 | Resources: 55 | README.md: # vpc1 56 | 57 | This examples show a bridged network, which leverages the SRE parameters setup by the SRE on which parameters are used for your particular environemnt. 58 | 59 | it should be used with a topology setup using the identifiers specified. 60 | 61 | topology: topo3nodesrl 62 | nodes: edge01, edge02 63 | artifacts.yaml: apiVersion: network.app.kuid.dev/v1alpha1 64 | kind: Network 65 | metadata: 66 | name: topo3nodesrl.vpc100 67 | namespace: default 68 | annotations: 69 | kform.dev/block-type: resource 70 | kform.dev/resource-type: kubernetes_manifest 71 | kform.dev/resource-id: vpc100 72 | spec: 73 | topology: topo3nodesrl 74 | bridgeDomains: 75 | - name: br100 76 | networkID: 100 77 | interfaces: 78 | - endpoint: e1-1 79 | node: edge01 80 | region: region1 81 | site: site1 82 | - endpoint: e1-1 83 | node: edge02 84 | region: region1 85 | site: site1 86 | 87 | --- 88 | apiVersion: kubernetes.provider.kform.dev/v1alpha1 89 | kind: ProviderConfig 90 | metadata: 91 | name: kubernetes 92 | namespace: default 93 | annotations: 94 | kform.dev/block-type: provider 95 | Status: 96 | Events: 97 | ``` 98 | 99 | To continue with this exercise you should now setup your own repository, which is used to store the derived device specific configuration. We need to provide write access to the package server. As such you should setup 2 things. 100 | 101 | 1. A git repository 102 | 2. A token to access the git repository 103 | 104 | I am using my own git repo to show the exercise, but this repo should be replaced with your own. [Here][pkgserver-repo] is some detail how this can be achieved. 105 | 106 | ``` 107 | kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/main/pkg/repo/repo-target.yaml 108 | ``` 109 | 110 | After this repo is registered the following show the respective information 111 | 112 | ``` 113 | kubectl get repositories.config.pkg.pkgserver.dev 114 | ``` 115 | 116 | ``` 117 | NAME READY DEPLOYMENT TYPE ADDRESS 118 | repo-catalog True git https://github.com/kubenet-dev/examples.git 119 | repo-target True true git https://github.com/kubenet-dev/demo.git 120 | ``` 121 | 122 | Once this is configured, lets install the blueprint. This can be done using the package variant resource/API. 123 | 124 | ``` 125 | kubectl apply -f https://raw.githubusercontent.com/kubenet-dev/kubenet/main/pkg/pvar/pvar-bridge.yaml 126 | ``` 127 | 128 | A packagevariant is a way to instantiate a variant of the package revision. The package variant has an upstream reference (blueprint) and a downstream reference (the repo in which the final device configurations will be stored). On top you could also supply input variant information to customize the specific parameters for the environment. We dont use this in this excersize, but no we hope you understand where the name is coming from (Creating a variant of a blueprint package with specific parameters). 129 | 130 | Once the package variant is instantiated a new package revision is created in the downstream repo (the repo you created) with LifecycleStatus = Draft. 131 | 132 | ``` 133 | kubectl get packagerevisions.pkg.pkgserver.dev 134 | ``` 135 | 136 | ``` 137 | NAME READY REPOSITORY TARGET REALM PACKAGE REVISION WORKSPACE LIFECYCLE 138 | catalog.repo-catalog.network.bridge.v1 True repo-catalog catalog network bridge v1 v1 published 139 | topo3nodesrl.repo-target.network.bridge.pv-077eb8d077b36655 True repo-target topo3nodesrl network bridge pv-077eb8d077b36655 draft 140 | ``` 141 | 142 | Once the pipeline completes you should see the resulting configuration in the package revision with the final device configuration derived from the blueprint content you instantiated through the package variant. 143 | 144 | ``` 145 | kubectl describe packagerevisionresourceses.pkg.pkgserver.dev topo3nodesrl.repo-target.network.bridge.pv-077eb8d077b36655 146 | ``` 147 | 148 | ``` 149 | Name: topo3nodesrl.repo-target.network.bridge.pv-077eb8d077b36655 150 | Namespace: default 151 | Labels: 152 | Annotations: 153 | API Version: pkg.pkgserver.dev/v1alpha1 154 | Kind: PackageRevisionResources 155 | Metadata: 156 | Creation Timestamp: 2024-05-26T19:05:26Z 157 | Finalizers: 158 | packagerevision.pkg.pkgserver.dev/finalizer 159 | networkpackage.network.app.kuid.dev/finalizer 160 | Owner References: 161 | API Version: config.pkg.pkgserver.dev/v1alpha1 162 | Controller: true 163 | Kind: PackageVariant 164 | Name: pv-network-bridge 165 | UID: 90656874-0bab-44c9-b5e5-51f36120f053 166 | Resource Version: 18474 167 | UID: ca87d87b-e468-4358-abbd-87719fe2b9d5 168 | Spec: 169 | Package Rev ID: 170 | Package: bridge 171 | Realm: network 172 | Repository: repo-target 173 | Target: topo3nodesrl 174 | Workspace: pv-077eb8d077b36655 175 | Resources: 176 | README.md: # vpc1 177 | 178 | This examples show a bridged network, which leverages the SRE parameters setup by the SRE on which parameters are used for your particular environemnt. 179 | 180 | it should be used with a topology setup using the identifiers specified. 181 | 182 | topology: topo3nodesrl 183 | nodes: edge01, edge02 184 | artifacts.yaml: apiVersion: network.app.kuid.dev/v1alpha1 185 | kind: Network 186 | metadata: 187 | name: topo3nodesrl.vpc100 188 | namespace: default 189 | annotations: 190 | kform.dev/block-type: resource 191 | kform.dev/resource-type: kubernetes_manifest 192 | kform.dev/resource-id: vpc100 193 | spec: 194 | topology: topo3nodesrl 195 | bridgeDomains: 196 | - name: br100 197 | networkID: 100 198 | interfaces: 199 | - endpoint: e1-1 200 | node: edge01 201 | region: region1 202 | site: site1 203 | - endpoint: e1-1 204 | node: edge02 205 | region: region1 206 | site: site1 207 | 208 | --- 209 | apiVersion: kubernetes.provider.kform.dev/v1alpha1 210 | kind: ProviderConfig 211 | metadata: 212 | name: kubernetes 213 | namespace: default 214 | annotations: 215 | kform.dev/block-type: provider 216 | out/config.sdcio.dev_v1alpha1.Config.default.topo3nodesrl.vpc100.edge01.yaml: apiVersion: config.sdcio.dev/v1alpha1 217 | kind: Config 218 | metadata: 219 | creationTimestamp: null 220 | labels: 221 | config.sdcio.dev/targetName: edge01 222 | config.sdcio.dev/targetNamespace: default 223 | name: topo3nodesrl.vpc100.edge01 224 | namespace: default 225 | spec: 226 | config: 227 | - path: / 228 | value: 229 | interface: 230 | - admin-state: enable 231 | description: k8s-ethernet-1/1 232 | ethernet: {} 233 | name: ethernet-1/1 234 | subinterface: 235 | - admin-state: enable 236 | description: k8s-customer 237 | index: 100 238 | type: bridged 239 | vlan: 240 | encap: 241 | single-tagged: 242 | vlan-id: 100 243 | vlan-tagging: true 244 | network-instance: 245 | - admin-state: enable 246 | description: k8s-vpc100.br100 247 | interface: 248 | - name: ethernet-1/1.100 249 | name: vpc100.br100 250 | protocols: 251 | bgp-evpn: 252 | bgp-instance: 253 | - admin-state: enable 254 | encapsulation-type: vxlan 255 | evi: 100 256 | id: 1 257 | vxlan-interface: vxlan0.100 258 | bgp-vpn: 259 | bgp-instance: 260 | - id: 1 261 | route-target: 262 | export-rt: target:65535:100 263 | import-rt: target:65535:100 264 | type: mac-vrf 265 | vxlan-interface: 266 | - name: vxlan0.100 267 | tunnel-interface: 268 | - name: vxlan0 269 | vxlan-interface: 270 | - index: 100 271 | ingress: 272 | vni: 100 273 | type: bridged 274 | lifecycle: {} 275 | priority: 10 276 | status: {} 277 | 278 | out/config.sdcio.dev_v1alpha1.Config.default.topo3nodesrl.vpc100.edge02.yaml: apiVersion: config.sdcio.dev/v1alpha1 279 | kind: Config 280 | metadata: 281 | creationTimestamp: null 282 | labels: 283 | config.sdcio.dev/targetName: edge02 284 | config.sdcio.dev/targetNamespace: default 285 | name: topo3nodesrl.vpc100.edge02 286 | namespace: default 287 | spec: 288 | config: 289 | - path: / 290 | value: 291 | interface: 292 | - admin-state: enable 293 | description: k8s-ethernet-1/1 294 | ethernet: {} 295 | name: ethernet-1/1 296 | subinterface: 297 | - admin-state: enable 298 | description: k8s-customer 299 | index: 100 300 | type: bridged 301 | vlan: 302 | encap: 303 | single-tagged: 304 | vlan-id: 100 305 | vlan-tagging: true 306 | network-instance: 307 | - admin-state: enable 308 | description: k8s-vpc100.br100 309 | interface: 310 | - name: ethernet-1/1.100 311 | name: vpc100.br100 312 | protocols: 313 | bgp-evpn: 314 | bgp-instance: 315 | - admin-state: enable 316 | encapsulation-type: vxlan 317 | evi: 100 318 | id: 1 319 | vxlan-interface: vxlan0.100 320 | bgp-vpn: 321 | bgp-instance: 322 | - id: 1 323 | route-target: 324 | export-rt: target:65535:100 325 | import-rt: target:65535:100 326 | type: mac-vrf 327 | vxlan-interface: 328 | - name: vxlan0.100 329 | tunnel-interface: 330 | - name: vxlan0 331 | vxlan-interface: 332 | - index: 100 333 | ingress: 334 | vni: 100 335 | type: bridged 336 | lifecycle: {} 337 | priority: 10 338 | status: {} 339 | 340 | Status: 341 | Events: 342 | ``` 343 | 344 | Awesome, we hope you enjoyed and thanks for completing these exercises. If you have other ideas, suggestion or want to discuss this further join us [here](https://discord.gg/fH35bmcTU9) 345 | 346 | [pkgserver-repo]: https://docs.pkgserver.dev/03-userguide/03_register_deployment_repo/ -------------------------------------------------------------------------------- /docs/03-videos/01_videos.md: -------------------------------------------------------------------------------- 1 | # Videos, presentations and articles 2 | 3 | ## Kubenet YouTube channel 4 | 5 | The Kubenet [YouTube channel](https://www.youtube.com/@kubenet-wq9nt) contains topical 6 | presentations and meeting recordings of Kubenet. 7 | 8 | ## Video tutorials 9 | 10 | * [Kubenet: From Abstract network definition to device specific config](https://www.youtube.com/watch?v=PIFCdoTJdZg) 11 | * [Kubenet architecture](https://www.youtube.com/watch?v=_a01lxAX1pQ) 12 | * [TGIKN: Kubernetes KRM and API](https://www.youtube.com/watch?v=8xrQG6Zzzxo), [slides](https://docs.google.com/presentation/d/1Zk5tGQ6DFu2D_rAs3XcKNnHuIRyaIxosjHFsw9zT-MQ/edit?usp=sharing) 13 | * [TGIKN: Create Tour Own K8s API](https://youtu.be/tXg7Rq0u-es?si=ghL_Hg8xZ3q77PUH), [slides](https://docs.google.com/presentation/d/1kqXToBXkG2R4zf8sP5dpPt0QuJm7WrWhmbME7sJgtSo/edit#slide=id.p) 14 | * [TGIKN: Kubenet Demystify the k8s APIServer part1](https://www.youtube.com/watch?v=M6wXbAs055U), [slides](https://docs.google.com/presentation/d/1n4kHaYS0FTcBNUeE3k5wKypUNoRw-kUrIrGsGfvQAAs/edit#slide=id.p) 15 | * [TGIKN: Kubenet Demystify the k8s APIServer part2](https://www.youtube.com/watch?v=D0vNfyy3g48), [slides](https://docs.google.com/presentation/d/1jvRK_LJbQfYeOScNG-LxY-JMIzF9MhlORJ9UhNUm744/edit?usp=sharing) 16 | * [TGIKN: Practically building your own controller with python](https://www.youtube.com/watch?v=QTwhZ2jXmGk) 17 | * [TGIKN: Choreo](https://www.youtube.com/watch?v=J8b3kNxItos), [slides](https://docs.google.com/presentation/d/1QqEGb0lIaHaXM1EeGtKpDBuEmpFtH-MayLasMkUU2iA/edit?usp=sharing) 18 | * [TGIKN: Choreo autcon2 workshop part3](https://www.youtube.com/watch?v=Af3NNPsGTG0), [slides](https://docs.google.com/presentation/d/11TZL3O58s2ZTj2kqsqdm6dpiHuHpKqYUABQaD0gpkkM/edit#slide=id.g31e3b64b718_0_0) 19 | * [TGIKN: build your own automation with choreo](https://www.youtube.com/watch?v=Q1wBe7zINzA), [slides from slide 18](https://docs.google.com/presentation/d/11TZL3O58s2ZTj2kqsqdm6dpiHuHpKqYUABQaD0gpkkM/edit#slide=id.g320a34f456e_0_0) 20 | * [TGIKN: SDC overview](https://www.youtube.com/watch?v=Wj0mgIoJVgQ), [slides](https://docs.google.com/presentation/d/1pefnFpPxZpbzsAqM3kBY2lMNWv6-or0zSn5t7HR2ymA/edit?usp=sharing) 21 | * [TGIKN SDC deep dive: K8s YANG](https://www.youtube.com/watch?v=UBOxsKfiCBs), [slides](https://docs.google.com/presentation/d/1XhHJkST8AjkkerKi-JPtjBD9iU0Yjn1lz26jve9riVA/edit?usp=sharing) 22 | * [TGIKN SDC enhancements](https://www.youtube.com/watch?v=S-fmb4_MWak), [slides](https://docs.google.com/presentation/d/1fCNP0_472eEjC9Bs_0fm58TiD0XpDuqDKGvsl75ZGT4/edit?slide=id.g31bb407839a_0_71#slide=id.g31bb407839a_0_71) 23 | 24 | 25 | ## Presentations 26 | 27 | ### Kubenet 28 | 29 | * [Cloud Native Telco Day EU 2025 - Kubenet: Harnessing Kubernetes for Network Automation - Wim Henderickx & Ashan Senevirathne](https://www.youtube.com/watch?v=QipW3oOQNqw&list=PLj6h78yzYM2NGdnUvsyUPUZZ2Pm9Cn7FO&index=1) 30 | * [Autocon1 - Introduction of Kubenet by Wim on stage and interview by Packet Pushers](https://www.youtube.com/watch?v=L97fg1kYXTs) 31 | 32 | ### SDC 33 | 34 | * [ONE Summit 2024 - Cloud Native YANG Mgmt - Wim Henderickx, Nokia](https://www.youtube.com/watch?v=dHOeqbqkN1s) 35 | * [KubeCon EU 2024 - How We Are Moving from GitOps to Kubernetes Resource Model in 5G Core - Joel Studler & Ashan Senevirathne, Swisscom](https://youtu.be/crmTnB6Zwt8), 36 | [slides](https://static.sched.com/hosted_files/kccnceu2024/ee/From%20GitOps%20to%20KRM%20in%20Swisscoms%205G%20Core%20KubeCon%202024-03-20.pdf) 37 | * [ContainerDays 2025 - The Cloud-Native Advantage: Intent-based Network Automation - Alexander North, Swisscom & Markus Vahlenkamp, Nokia](https://youtu.be/P7cCeGBq3aQ) 38 | 39 | 40 | ## Articles 41 | 42 | * [Kubenet: A Framework for Declarative Network Automation on Medium by Wim Henderickx](https://medium.com/@wim.henderickx/kubenet-a-framework-for-declarative-network-automation-57454cba1281) -------------------------------------------------------------------------------- /docs/04-community/01_about.md: -------------------------------------------------------------------------------- 1 | # Community 2 | 3 | Join us on this journey as we learn how to leverage kubernetes for network automation. 4 | 5 | Have questions, ideas, bug reports or just want to chat? Come join [our discord server](https://discord.gg/fH35bmcTU9). 6 | 7 | ## Logos 8 | 9 | Logos of Kubenet in different formats: 10 | 11 | * [With name 100x123 png](../assets/logos/Kubenet-logo-transparent-withname-100x123.png) 12 | * [With name 543x703 png](../assets/logos/Kubenet-transparent-withname-543x703.png) 13 | * [Without name 628x628 png](../assets/logos/Kubenet-transparent-noname-square-628x628.png) 14 | * [With name svg](../assets/logos/Kubenet-logo.svg) 15 | * [Without name svg](../assets/logos/Kubenet-logo-square.svg) 16 | -------------------------------------------------------------------------------- /docs/04-community/02_faq.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubenet-dev/docs/1b36f72774eed12ce7776d1e3dbcd7a862d4413c/docs/04-community/02_faq.md -------------------------------------------------------------------------------- /docs/CNAME: -------------------------------------------------------------------------------- 1 | learn.kubenet.dev -------------------------------------------------------------------------------- /docs/assets/logos/Kubenet-logo-square.svg: -------------------------------------------------------------------------------- 1 | 2 | 18 | 37 | 39 | 73 | 74 | 77 | 81 | 85 | 89 | 93 | 97 | 101 | 105 | 106 | 107 | -------------------------------------------------------------------------------- /docs/assets/logos/Kubenet-logo-transparent-withname-100x123.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubenet-dev/docs/1b36f72774eed12ce7776d1e3dbcd7a862d4413c/docs/assets/logos/Kubenet-logo-transparent-withname-100x123.png -------------------------------------------------------------------------------- /docs/assets/logos/Kubenet-logo.svg: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | -------------------------------------------------------------------------------- /docs/assets/logos/Kubenet-transparent-noname-square-628x628.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubenet-dev/docs/1b36f72774eed12ce7776d1e3dbcd7a862d4413c/docs/assets/logos/Kubenet-transparent-noname-square-628x628.png -------------------------------------------------------------------------------- /docs/assets/logos/Kubenet-transparent-withname-543x703.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kubenet-dev/docs/1b36f72774eed12ce7776d1e3dbcd7a862d4413c/docs/assets/logos/Kubenet-transparent-withname-543x703.png -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | hide: 3 | - navigation 4 | --- 5 | ![Kubenet logo](assets/logos/Kubenet-logo-transparent-withname-100x123.png) 6 | 7 | [![Discord](https://img.shields.io/discord/860500297297821756?style=flat-square&label=discord&logo=discord&color=00c9ff&labelColor=bec8d2)](https://discord.gg/fH35bmcTU9) 8 | 9 | The Kubenet community has been created with the goal to help network engineers understand the potential of kubernetes for network automation. While we discuss networking, we are NOT talking about CNI(s) here, but about using `kubernetes` as an automation/orchestration engine to manage physical, virtual or containerized NOS(s). 10 | 11 | If you are interested to learn and discuss [join us](https://discord.gg/fH35bmcTU9) 12 | 13 | ## Why 14 | 15 | Kubernetes stands out as the most extensive and robust automation and orchestration system available today. Originally focussed on container orchestration but leveraged across many industries, beyond container orchestration. The question to ask here is why is the networking industry not leveraging kubernetes for network automation. The Kubenet community is setup with to goal to help understand networking engineers the potential of kubernetes for network automation. 16 | 17 | Here are some attributes to consider why kubernetes is a good automation platform: 18 | 19 | - Open Source: As an open-source platform, Kubernetes offers transparency, flexibility, and a collaborative community-driven approach. This fosters innovation and continuous improvement. 20 | - Highly Extendable: Kubernetes is designed to be highly extendable, allowing for customization and integration with various tools and services to meet specific needs. 21 | - Vast Ecosystem: The Kubernetes ecosystem is immense, with a wide range of tools, plugins, and extensions available. This ecosystem provides the resources needed to build comprehensive automation solutions. 22 | - Declarative Model: Kubernetes uses a declarative model, making it easier to define and manage the desired state of network configurations. 23 | - Event-Driven and Continuous Reconciliation: Kubernetes supports event-driven automation and continuous reconciliation, ensuring that the network’s state is consistently aligned with the defined configurations. 24 | - Collaborative Approach with GitOps: Leveraging GitOps principles, Kubernetes enables a collaborative approach to network management. Changes can be tracked, reviewed, and deployed using version control systems, enhancing transparency and collaboration. 25 | - Extensive Knowledge Base: The widespread adoption of Kubernetes means there is a vast knowledge base and a large community of experts. This allows organizations to leverage existing expertise to extend and optimize their automation systems. 26 | 27 | 28 | ## Use cases 29 | 30 | Independent on physical, virtual or containerized networking systems 31 | 32 | Use cases: 33 | 34 | - Datacenter networking 35 | - WAN networking 36 | - Peering 37 | - Access/Campus networking 38 | - Core networking 39 | - Backhaul/Fronthaul 40 | - Cloud Networking 41 | 42 | Scenario's: 43 | 44 | - day-0, day-1, day-2 operations 45 | - lifecycle management 46 | - config management 47 | 48 | ## Kubenet components 49 | 50 | Kubenet uses a set of open source components to implement the target use cases. These components are listed in the next 51 | subchapters. 52 | 53 | ### [SDC](https://docs.sdcio.dev/) 54 | 55 | ![SDC logo](https://docs.sdcio.dev/assets/logos/SDC-transparent-noname-100x100.png) 56 | 57 | A SW component that maps a kubernetes manifest to a YANG based system. 58 | 59 | ### [KUID](https://kuidio.github.io/docs/) 60 | 61 | ![KUID logo](https://kuidio.github.io/docs/assets/logos/KUID-logo-100x123.png) 62 | 63 | An inventory and identity system, which allows to create resources and claim identifier required for networking (e.g. IPAM, VLAN, AS, etc). Some people think of this as a source of truth. 64 | 65 | 66 | ### [KForm](https://docs.kform.dev/) 67 | 68 | ![KForm logo](https://docs.kform.dev/assets/logos/Kform-transparent-withname-100x123.png) 69 | 70 | A framework that brings the power of 'KRM as code or data' to Kubernetes. With Kform, orchestrating KRM resources becomes a easy through intuitive and human-readable configuration files. These files are not only reusable and shareable but can also be version-controlled, ensuring seamless collaboration among team members. 71 | 72 | ### [pkgserver](https://docs.pkgserver.dev/) 73 | 74 | ![pkgserver logo](https://docs.pkgserver.dev/assets/logos/Pkgserver-logo-100x123.png) 75 | 76 | A SW component that provides 2 way git access to kubernetes: basically read and write to a repository. 77 | 78 | ## Join us 79 | 80 | Join us on this journey as we learn how to leverage kubernetes for network automation. 81 | 82 | Have questions, ideas, bug reports or just want to chat? Come join [our discord server](https://discord.gg/fH35bmcTU9). 83 | 84 | 85 | 86 | [KRM]: https://github.com/kubernetes/design-proposals-archive/blob/main/architecture/resource-management.md 87 | [GITOPS]: https://opengitops.dev 88 | [YAML]: https://en.wikipedia.org/wiki/YAML 89 | [srlinux]: https://learn.srlinux.dev -------------------------------------------------------------------------------- /docs/overrides/.icons/kubenet_logo_only_final.svg: -------------------------------------------------------------------------------- 1 | 2 | 15 | 34 | 36 | 70 | 71 | 75 | 79 | 83 | 87 | 91 | 95 | 99 | 100 | -------------------------------------------------------------------------------- /docs/overrides/main.html: -------------------------------------------------------------------------------- 1 | {% extends "base.html" %} 2 | 3 | 4 | {% block extrahead %} 5 | 6 | 7 | {% set title = config.site_name %} 8 | {% if page and page.title and not page.is_homepage %} 9 | {% set title = config.site_name ~ " - " ~ page.title | striptags %} 10 | {% endif %} 11 | 12 | 13 | {% set image = 'https://raw.githubusercontent.com/kubenet-dev/docs/main/docs/assets/logos/Kubenet-logo-square.svg' %} 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 33 | 34 | {% endblock %} 35 | 36 | 37 | {% block content %} 38 | {{ super() }} 39 | 40 | 41 |
42 | 43 |
44 | 45 | {% include '.icons/kubenet_logo_only_final.svg' %} 46 | 47 |
48 | 49 |
50 | {% endblock %} -------------------------------------------------------------------------------- /docs/overrides/partials/comments.html: -------------------------------------------------------------------------------- 1 | {% if page.meta.comments %} 2 |

{{ lang.t("meta.comments") }}

3 | 8 | 9 | 10 | 38 | {% endif %} -------------------------------------------------------------------------------- /docs/overrides/partials/copyright.html: -------------------------------------------------------------------------------- 1 | 19 | 20 | 21 |
22 | {% if config.copyright %} 23 |
24 | {{ config.copyright }} 25 |
26 | {% endif %} 27 | {% if not config.extra.generator == false %} 28 | Made with 29 | 30 | {% include ".icons/octicons/heart-fill-24.svg" %} 31 | by kubenet team 32 | {% endif %} 33 |
-------------------------------------------------------------------------------- /docs/stylesheets/extra.css: -------------------------------------------------------------------------------- 1 | .mdx-content__footer { 2 | margin-top: 20px; 3 | text-align: center; 4 | } 5 | 6 | .mdx-content__footer a { 7 | display: inline-block; 8 | transition: transform 250ms cubic-bezier(0.1, 0.7, 0.1, 1), color 125ms; 9 | } 10 | 11 | .mdx-content__footer a:focus, 12 | .mdx-content__footer a:hover { 13 | transform: scale(1.2); 14 | } 15 | 16 | .mdx-content__footer hr { 17 | display: inline-block; 18 | width: 40px; 19 | margin: 16px; 20 | vertical-align: middle; 21 | background-color: currentColor; 22 | border: none; 23 | } 24 | 25 | @-webkit-keyframes heart { 26 | 27 | 0%, 28 | 40%, 29 | 80%, 30 | to { 31 | transform: scale(1) 32 | } 33 | 34 | 20%, 35 | 60% { 36 | transform: scale(1.15) 37 | } 38 | } 39 | 40 | @keyframes heart { 41 | 42 | 0%, 43 | 40%, 44 | 80%, 45 | to { 46 | transform: scale(1) 47 | } 48 | 49 | 20%, 50 | 60% { 51 | transform: scale(1.15) 52 | } 53 | } 54 | 55 | .heart { 56 | animation: heart 1s infinite; 57 | color: #e91e63 58 | } 59 | 60 | /* classes to make iframe elements responsive */ 61 | .iframe-container { 62 | position: relative; 63 | width: 100%; 64 | padding-bottom: 56.25%; 65 | height: 0; 66 | } 67 | 68 | .iframe-container iframe { 69 | position: absolute; 70 | top: 0; 71 | left: 0; 72 | width: 100%; 73 | height: 100%; 74 | } 75 | 76 | /* this is for anchor.fm iframes */ 77 | .iframe-audio-container { 78 | position: relative; 79 | width: 100%; 80 | padding-bottom: 7rem; 81 | height: 0; 82 | } 83 | 84 | .iframe-audio-container iframe { 85 | position: absolute; 86 | top: 0; 87 | left: 0; 88 | width: 100%; 89 | height: 100%; 90 | } 91 | 92 | /* this is for low-height iframe audio containers */ 93 | .iframe-audio2-container { 94 | position: relative; 95 | width: 100%; 96 | padding-bottom: 2rem; 97 | height: 0; 98 | } 99 | 100 | .iframe-audio2-container iframe { 101 | position: absolute; 102 | top: 0; 103 | left: 0; 104 | width: 100%; 105 | height: 100%; 106 | } 107 | 108 | /* shadow effect for images and divs for video */ 109 | .img-shadow { 110 | box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); 111 | } 112 | 113 | /* embedded output for code blocks 114 | use as 115 | ``` 116 | echo test 117 | ``` 118 |
119 | ``` 120 | test 121 | ``` 122 |
123 | */ 124 | .md-typeset .embed-result { 125 | margin-top: -1.125em; 126 | } 127 | 128 | .md-header__button.md-logo img, .md-header__button.md-logo svg { 129 | height: 2rem; 130 | width: auto; 131 | } 132 | 133 | .md-typeset .emojione, .md-typeset .gemoji, .md-typeset .twemoji svg { 134 | height: 1.7em; 135 | max-height: 2em; 136 | width: auto; 137 | } -------------------------------------------------------------------------------- /mkdocs.yml: -------------------------------------------------------------------------------- 1 | site_name: kubenet 2 | nav: 3 | - Home: index.md 4 | - Getting Started: 5 | - Getting started: 01-getting-started/01_install.md 6 | - Prerequisites: 01-getting-started/02_prereq.md 7 | - Examples/Tutorials: 8 | - About: 02-examples/01_about.md 9 | - Discovery: 02-examples/02_discovery.md 10 | - Inventory: 02-examples/03_inventory.md 11 | - Network Config: 02-examples/04_networkconfig.md 12 | - Default Network: 02-examples/05_defaultnetwork.md 13 | - Bridged Network: 02-examples/06_bridgednetwork.md 14 | - Routed Network: 02-examples/07_routednetwork.md 15 | - IRB Network: 02-examples/08_irbnetwork.md 16 | - GitOps: 02-examples/09_gitops.md 17 | - Videos/Presentations/Articles: 03-videos/01_videos.md 18 | - Community: 19 | - Community: 04-community/01_about.md 20 | 21 | site_author: Wim Henderickx 22 | site_description: >- 23 | Kubenet is a community initiative to help network automation engineers understand kubernetes 24 | # repository 25 | repo_name: kubenet-dev/kubenet 26 | repo_url: https://github.com/kubenet-dev/kubenet 27 | site_url: "https://learn.kubenet.dev" 28 | theme: 29 | name: material 30 | custom_dir: docs/overrides 31 | 32 | # 404 page 33 | static_templates: 34 | - 404.html 35 | 36 | # Don't include MkDocs' JavaScript 37 | include_search_page: false 38 | search_index_only: true 39 | 40 | language: en 41 | features: 42 | - navigation.top 43 | - navigation.instant 44 | - navigation.tracking 45 | - navigation.tabs 46 | - navigation.expand 47 | - navigation.indexes 48 | - navigation.sections 49 | - navigation.tabs.sticky 50 | - search.suggest 51 | - content.code.annotate 52 | - content.code.copy 53 | - content.code.select 54 | - content.action.edit 55 | - content.tooltips 56 | #- header.autohide 57 | #- search.highlight 58 | #- search.share 59 | #- search.suggest 60 | #- toc.integrate 61 | - toc.follow 62 | 63 | palette: 64 | # Light mode 65 | - media: "(prefers-color-scheme: light)" 66 | scheme: default 67 | primary: white 68 | accent: cyan 69 | toggle: 70 | icon: material/toggle-switch-off-outline 71 | name: Switch to dark mode 72 | # Dark mode 73 | - media: "(prefers-color-scheme: dark)" 74 | scheme: slate 75 | primary: black 76 | accent: cyan 77 | toggle: 78 | icon: material/toggle-switch 79 | name: Switch to light mode 80 | font: 81 | text: Manrope 82 | code: Fira Mono 83 | icon: 84 | logo: kubenet_logo_only_final 85 | repo: fontawesome/brands/github 86 | edit: material/file-edit-outline 87 | favicon: docs/images/kubenet_logo_only_final.svg 88 | 89 | # Plugins 90 | plugins: 91 | - search 92 | - mermaid2 93 | - minify: 94 | minify_html: true 95 | 96 | # Customization 97 | extra: 98 | social: 99 | - icon: fontawesome/brands/github 100 | link: https://github.com/kubenet-dev 101 | - icon: fontawesome/brands/discord 102 | link: https://discord.gg/fH35bmcTU9 103 | 104 | extra_css: 105 | - stylesheets/extra.css 106 | 107 | # Extensions 108 | markdown_extensions: 109 | - markdown.extensions.admonition 110 | - markdown.extensions.attr_list 111 | - markdown.extensions.codehilite: 112 | guess_lang: false 113 | - markdown.extensions.def_list 114 | - markdown.extensions.footnotes 115 | - markdown.extensions.meta 116 | - md_in_html 117 | - toc: 118 | permalink: "#" 119 | - pymdownx.arithmatex 120 | - pymdownx.betterem: 121 | smart_enable: all 122 | - pymdownx.caret 123 | - pymdownx.critic 124 | - pymdownx.details 125 | - pymdownx.emoji: 126 | emoji_index: !!python/name:materialx.emoji.twemoji 127 | emoji_generator: !!python/name:materialx.emoji.to_svg 128 | - pymdownx.highlight: 129 | line_spans: __span 130 | anchor_linenums: true 131 | pygments_lang_class: true 132 | - pymdownx.inlinehilite 133 | - pymdownx.keys 134 | - pymdownx.magiclink: 135 | repo_url_shorthand: true 136 | user: kubenet 137 | repo: docs 138 | - pymdownx.mark 139 | - pymdownx.smartsymbols: 140 | fractions: false 141 | - pymdownx.snippets: 142 | check_paths: true 143 | #dedent_subsections: true 144 | base_path: 145 | - ./ 146 | url_download: true 147 | - pymdownx.superfences: 148 | custom_fences: 149 | - name: mermaid 150 | class: mermaid 151 | format: !!python/name:pymdownx.superfences.fence_code_format 152 | - pymdownx.tabbed: 153 | alternate_style: true 154 | - pymdownx.blocks.tab: 155 | alternate_style: true 156 | - pymdownx.blocks.admonition 157 | - pymdownx.blocks.definition 158 | - pymdownx.blocks.details 159 | - pymdownx.tasklist: 160 | custom_checkbox: true 161 | - pymdownx.tilde --------------------------------------------------------------------------------