A common challenge for OpenStack and K8S deployments is debugging the network when things go awry. The aim of DPHAT is to provide operators of cloud infrastructure with tooling that can analyze the environment and supply the following:

  • Feedback that the environment is in a healthy operational state
  • Identification of and guidance about where something in the network fabric is broken
  • Guidance on remediation steps
  • A pluggable interface to enable support for various cloud platforms, their respective networking backends, and any hardware devices (ie switches/routers) present in the deployment
  • RESTful API, CLI, and UI

This involves:

  • Gathering information from any relevant SDN controller, representing the network topology for the cloud, and developing an algorithm for analyzing the topology
  • Probing of VM's and containers via ARP, ICMP (ping), port scan, ofproto trace, etc. to asses forwarding and security policy instantiation
  • Reading pod / compute node state and identifying missing namespaces, tap devices, iptables chains, etc.
  • Building a database of remediation actions that can be correlated with issues flagged by DPHAT

If you want to help alleviate the headache of debugging networking issues in the cloud, let's work together!

Looking for hackers with the skills:

openstack kubernetes networking sdn openvswitch

This project is part of:

Hack Week 18

Activity

  • over 5 years ago: nicolasbock started this project.
  • over 5 years ago: nicolasbock liked this project.
  • over 5 years ago: rtidwell added keyword "openstack" to this project.
  • over 5 years ago: rtidwell added keyword "kubernetes" to this project.
  • over 5 years ago: rtidwell added keyword "networking" to this project.
  • over 5 years ago: rtidwell added keyword "sdn" to this project.
  • over 5 years ago: rtidwell added keyword "openvswitch" to this project.
  • over 5 years ago: rtidwell originated this project.

  • Comments

    Be the first to comment!

    Similar Projects

    Introducing "Bottles": A Proof of Concept for Multi-Version CRD Management in Kubernetes by aruiz

    Description

    As we delve deeper into the complexities of managing multiple CRD versions within a single Kubernetes cluster, I want to introduce "Bottles" - a proof of concept that aims to address these challenges.

    Bottles propose a novel approach to isolating and deploying different CRD versions in a self-contained environment. This would allow for greater flexibility and efficiency in managing diverse workloads.

    Goals

    • Evaluate Feasibility: determine if this approach is technically viable, as well as identifying possible obstacles and limitations.
    • Reuse existing technology: leverage existing products whenever possible, e.g. build on top of Kubewarden as admission controller.
    • Focus on Rancher's use case: the ultimate goal is to be able to use this approach to solve Rancher users' needs.

    Resources

    Core concepts:

    • ConfigMaps: Bottles could be defined and configured using ConfigMaps.
    • Admission Controller: An admission controller will detect "bootled" CRDs being installed and replace the resource name used to store them.
    • Aggregated API Server: By analyzing the author of a request, the aggregated API server will determine the correct bottle and route the request accordingly, making it transparent for the user.


    Setup Kanidm as OIDC provider on Kubernetes by jkuzilek

    Description

    I am planning to upgrade my homelab Kubernetes cluster to the next level and need an OIDC provider for my services, including K8s itself.

    Goals

    • Successfully configure and deploy Kanidm on homelab cluster
    • Integrate with K8s auth
    • Integrate with other services (Envoy Gateway, Container Registry, future deployment of Forgejo?)

    Resources


    Multi-pod, autoscalable Elixir application in Kubernetes using K8s resources by socon

    Description

    Elixir / Erlang use their own solutions to create clusters that work together. Kubernetes provide its own orchestration. Due to the nature of the BEAM, it looks a very promising technology for applications that run in Kubernetes and requite to be always on, specifically if they are created as web pages using Phoenix.

    Goals

    • Investigate and provide solutions that work in Phoenix LiveView using Kubernetes resources, so a multi-pod application can be used
    • Provide an end to end example that creates and deploy a container from source code.

    Resources

    https://github.com/dwyl/phoenix-liveview-counter-tutorial https://github.com/propedeutica/elixir-k8s-counter


    Extending KubeVirtBMC's capability by adding Redfish support by zchang

    Description

    In Hack Week 23, we delivered a project called KubeBMC (renamed to KubeVirtBMC now), which brings the good old-fashioned IPMI ways to manage virtual machines running on KubeVirt-powered clusters. This opens the possibility of integrating existing bare-metal provisioning solutions like Tinkerbell with virtualized environments. We even received an inquiry about transferring the project to the KubeVirt organization. So, a proposal was filed, which was accepted by the KubeVirt community, and the project was renamed after that. We have many tasks on our to-do list. Some of them are administrative tasks; some are feature-related. One of the most requested features is Redfish support.

    Goals

    Extend the capability of KubeVirtBMC by adding Redfish support. Currently, the virtbmc component only exposes IPMI endpoints. We need to implement another simulator to expose Redfish endpoints, as we did with the IPMI module. We aim at a basic set of functionalities:

    • Power management
    • Boot device selection
    • Virtual media mount (this one is not so basic add-emoji )

    Resources


    ddflare: (Dynamic)DNS management via Cloudflare API in Kubernetes by fgiudici

    Description

    ddflare is a project started a couple of weeks ago to provide DDNS management using v4 Cloudflare APIs: Cloudflare offers management via APIs and access tokens, so it is possible to register a domain and implement a DynDNS client without any other external service but their API.

    Since ddflare allows to set any IP to any domain name, one could manage multiple A and ALIAS domain records. Wouldn't be cool to allow full DNS control from the project and integrate it with your Kubernetes cluster?

    Goals

    Main goals are:

    1. add containerized image for ddflare
    2. extend ddflare to be able to add and remove DNS records (and not just update existing ones)
    3. add documentation, covering also a sample pod deployment for Kubernetes
    4. write a ddflare Kubernetes operator to enable domain management via Kubernetes resources (using kubebuilder)

    Available tasks and improvements tracked on ddflare github.

    Resources

    • https://github.com/fgiudici/ddflare
    • https://developers.cloudflare.com/api/
    • https://book.kubebuilder.io


    Remote control for Adam Audio active monitor speakers by dmach

    Description

    I own a pair of Adam Audio A7V active studio monitor speakers. They have ethernet connectors that allow changing their settings remotely using the A Control software. From Windows :-( I couldn't find any open source alternative for Linux besides AES70.js library.

    Goals

    • Create a command-line tool for controlling the speakers.
    • Python is the language of choice.
    • Implement only a simple tool with the desired functionality rather than a full coverage of AES70 standard.

    TODO

    • ✅ discover the device
    • ❌ get device manufacturer and model
    • ✅ get serial number
    • ✅ get description
    • ✅ set description
    • ✅ set mute
    • ✅ set sleep
    • ✅ set input (XRL (balanced), RCA (unbalanced))
    • ✅ set room adaptation
      • bass (1, 0, -1, -2)
      • desk (0, -1, -2)
      • presence (1, 0, -1)
      • treble (1, 0, -1)
    • ✅ set voicing (Pure, UNR, Ext)
    • ❌ the Ext voicing enables the following extended functionality:
      • gain
      • equalizer bands
      • on/off
      • type
      • freq
      • q
      • gain
    • ❌ udev rules to sleep/wakeup the speakers together with the sound card

    Resources

    • https://www.adam-audio.com/en/a-series/a7v/
    • https://www.adam-audio.com/en/technology/a-control-remote-software/
    • https://github.com/DeutscheSoft/AES70.js
    • https://www.aes.org/publications/standards/search.cfm?docID=101 - paid
    • https://www.aes.org/standards/webinars/AESStandardsWebinarSC0212L20220531.pdf
    • https://ocaalliance.github.io/downloads/AES143%20Network%20track%20NA10%20-%20AES70%20Controller.pdf

    Result