Users can specify IPs with the annotation "allowed-location-ips".
It makes no difference which node of a location is annotated.
The IP should be routable from the particular location, e.g. a printer in
the same LAN.
This way these IPs become routable from other location.
Signed-off-by: leonnicolas <leonloechner@gmx.de>
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
This commit refactors the e2e tests in the following ways:
* bump the version of `bash_unit` to 1.7.2: the previous version was
from 2018;
* remove the unused `block` function;
* fix the order of `block_unitil_ready_by_name` and `check_ping`: we
should not attempt to interact with pods before they are considered
ready;
* extract the retry logic into a reusable function called `retry`; and
* retry the `check_adjacent` function for robustness.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit bumps the Golang toolchain version used to build Kilo to go
1.16 to support builing kgctl for the arm64 M1 macs.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
- upgrade from apiextension v1beta1 to v1
- generate yaml manifest for crd intead of applying it at runtime
- users will have to apply the manifest with kubectl
- kg and kgctl log an error if the crd is not present
- now validation should actually work
Signed-off-by: leonnicolas <leonloechner@gmx.de>
* docs/building.md: add docs for building Kilo and the website
Signed-off-by: leonnicolas <leonloechner@gmx.de>
Update docs/building_kilo.md
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
* Apply suggestions from code review
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
This commit fixes lint warnings produced by shellcheck. This simplifies
some of the `if`s and protects against variables with spaces. We may
want to consider shellchecking all scripts in the repo.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
Tests are using kind, adjacency and bash_unit.
A kind cluster is spun up and the previously build container image of
Kilo is loaded into it.
Adjacency and a curl container is started.
From the curl container a http request is send to the adjacency service.
The test fails if curl returns an unexpected result.
Two test are run. One with `mesh-granularity=full` and `location`.
The e2e test is only run for pull request because it is a bit flaky for
automatic nightly runs.
Signed-off-by: leonnicolas <leonloechner@gmx.de>
This commit cleans up some typos in the documentation, clarifies some
explanations, fixes a bash script that would not expand a variable, and
renames the API documentation generator command from gen-docs to
docs-gen to match the output binary name.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
The new make command `make gen-docs` is introduced.
It will build a markdown file from the CRD introduced by Kilo.
The generation of the docs is a requirement for building the website.
Signed-off-by: leonnicolas <leonloechner@gmx.de>
I had to run `make generate`.
Some API functions got additional parameters `Options` and `Context`.
I used empty options and `context.TODO()` for now.
Signed-off-by: leonnicolas <leonloechner@gmx.de>
This commit updates the instructions for installing Kilo. It also fixes
the title-casing of a section on the README and makes a visual change to
the userspace doc to try to make the note clearer.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
This commit ammends all of the Kilo manifests so that the DaemonSets
declare the port they expose.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
Currently, when the route controller processes updates from netlink, it
checks if the routes in the table are nil or have no destination.
However, we control this and can guarantee that it's never the case.
Instead, we should check if the routes from netlink are valid.
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
* wireguard: export an Endpoint comparison method
* Record discovered endpoints in node
* Synchronize DiscoveredEndpoints in k8s backend
* Add discoveredEndpointsAreEqual
* Handle discovered Endpoints in topology to enable NAT 2 NAT
* Refactor to use Endpoint.Equal
Compare IP first by default and compare DNS name first when we know the Endpoint was resolved.
* Drop the shallow copies of nodes and peers
Now that updateNATEndpoints was updated to discoverNATEndpoints and that
the endpoints are overridden by topology instead of mutating the nodes and
peers object, we can safely drop this copy.