
# **Mohammad Sada and Justas Balcas**

# **Sixth National Research Platform (6NRP) Workshop**

# **San Diego Supercomputer Center**

# **January 28th, 2025**


# Introduction

Network Experiment on `node-2-6`

### Step 1: Import Required Libraries

We begin by importing the necessary Python libraries. The `kubernetes` module provides the client for interacting with the Kubernetes API, and `yaml` helps with serializing and deserializing configurations.

In [12]:
!pip install kubernetes



In [13]:
# Import required libraries
from kubernetes import client, config
from kubernetes.client import ApiException
import yaml
from kubernetes.stream import stream

### Step 2: Define Kubernetes API Server and Token

In this step, we define the API server URL, the authentication token for the service account, and the namespace in which resources will be created.

- **KUBE_API_SERVER**: The Kubernetes API server URL.
- **KUBE_TOKEN**: The service account token used for authentication.
- **NAMESPACE**: The Kubernetes namespace where resources will be managed.


In [18]:
# Kubernetes API setup with token and server
KUBE_API_SERVER = "https://67.58.53.147:6443"
KUBE_TOKEN = "eyJhbGciOiJSUzI1NiIsImtpZCI6Illyc2M5bTg5czdZQlJYTFZjVTNNME5MRVBENEVFbWw2VHhoRXZZLWhkR3cifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNzQwMDMxODQ4LCJpYXQiOjE3NDAwMjgyNDgsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiI2bnJwIiwic2VydmljZWFjY291bnQiOnsibmFtZSI6InNtYXJ0bmljIiwidWlkIjoiOTI3N2YxN2MtZTYzMC00YmFlLTk0ZTQtODkyZTRiZTljZDAxIn19LCJuYmYiOjE3NDAwMjgyNDgsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDo2bnJwOnNtYXJ0bmljIn0.j9FIltvANV9aDjCh8hdGPntG0Azuplvc-fqDm9q6gaG4q834TMyBjla7gX3BmTNWibt0g07IFtpXyy3BKbrwJvPtxZgq-ROTrs0uZ5Jzv6FSbj607fxJDwPb1OUC13LRKw3zEYzmBgTYa9q7VAUrWATdw4rcpymskqg7o0u5uTHtnSPA3GMBp4BHuV8RYifFZZwU6_cPSh8xZsDjGmX7h_u3EZyWWX7fLTanAN0723f5q4g6uTU-hR1wgT6ztTW-qymC3qjjgah-w_yPisIqX2g8-lakpDLEovfdYeLGFbtt4CkwUCd5M8CxfLzwvVFnJmh1MglDTt8FOgeQnZca4w"
NAMESPACE = "6nrp"  

### Step 3: Configure the Kubernetes Client

Here, we configure the Kubernetes client with the provided API server URL and token. The `client.Configuration` object is used to set up the connection settings, such as:

- **host**: The URL of the Kubernetes API server.
- **verify_ssl**: Set to `False` to disable SSL verification (useful for testing or self-signed certificates).
- **api_key**: The authentication token for the service account.

Once configured, we initialize the `v1` and `networking_v1` API clients to interact with the core Kubernetes API and the custom networking API respectively.


In [19]:
# Configuration to use the embedded token and API server
configuration = client.Configuration()
configuration.host = KUBE_API_SERVER
configuration.verify_ssl = False
configuration.debug = False
configuration.api_key = {"authorization": f"Bearer {KUBE_TOKEN}"}
client.Configuration.set_default(configuration)

# Create the API clients
v1 = client.CoreV1Api()
networking_v1 = client.CustomObjectsApi()

print("Kubernetes API client configured successfully!")


Kubernetes API client configured successfully!


### Step 4: Create the Multus NADs

In [20]:
import json
nad_manifest = {
    "apiVersion": "k8s.cni.cncf.io/v1",
    "kind": "NetworkAttachmentDefinition",
    "metadata": {"name": "bridge-net", "namespace": NAMESPACE},
    "spec": {
        "config": json.dumps({
            "cniVersion": "0.3.1",
            "type": "bridge",
            "bridge": "br0",
            "isGateway": True,
            "ipam": {
                "type": "host-local",
                "subnet": "192.168.1.0/24",
                "rangeStart": "192.168.1.100",
                "rangeEnd": "192.168.1.200",
                "routes": [{"dst": "0.0.0.0/0"}],
                "gateway": "192.168.1.1"
            }
        })
    }
}

In [21]:
try:
    networking_v1.create_namespaced_custom_object(
        group="k8s.cni.cncf.io",
        version="v1",
        namespace=NAMESPACE,
        plural="network-attachment-definitions",
        body=nad_manifest
    )
    print("Multus NetworkAttachmentDefinition created successfully!")
except Exception as e:
    print(f"Error creating NAD: {e}")


Multus NetworkAttachmentDefinition created successfully!




### Step 5: Create the Experiment Pods

In [22]:
pod_manifest_template = {
    "apiVersion": "v1",
    "kind": "Pod",
    "metadata": {
        "name": "",
        "namespace": NAMESPACE,
        "annotations": {
            "k8s.v1.cni.cncf.io/networks": "bridge-net"
        }
    },
    "spec": {
        "serviceAccountName": "smartnic",
        "nodeSelector": {"kubernetes.io/hostname": "node-2-6.sdsc.optiputer.net"},
        "containers": [{
            "name": "ping-container",
            "image": "busybox",
            "command": ["sh", "-c", "sleep 3600"],
            "securityContext": {
                "privileged": True
            }
        }]
    }
}


In [23]:
pod_names = ["pod-a", "pod-b"]
for pod_name in pod_names:
    pod_manifest = pod_manifest_template.copy()
    pod_manifest["metadata"]["name"] = pod_name
    try:
        v1.create_namespaced_pod(namespace=NAMESPACE, body=pod_manifest)
        print(f"Pod {pod_name} created successfully!")
    except Exception as e:
        print(f"Error creating {pod_name}: {e}")



Pod pod-a created successfully!




Pod pod-b created successfully!


In [24]:
import time
def wait_for_pod_ready(pod_name):
    while True:
        pod = v1.read_namespaced_pod(name=pod_name, namespace=NAMESPACE)
        if pod.status.phase == "Running":
            print(f"{pod_name} is running!")
            break
        time.sleep(2)

for pod_name in pod_names:
    wait_for_pod_ready(pod_name)



pod-a is running!
pod-b is running!




In [25]:
def get_pod_ip(pod_name):
    pod = v1.read_namespaced_pod(name=pod_name, namespace=NAMESPACE)
    return pod.status.pod_ip

ip_a = get_pod_ip("pod-a")
ip_b = get_pod_ip("pod-b")
print(f"Pod A IP: {ip_a} \nPod B IP: {ip_b}")

Pod A IP: 10.244.57.212 
Pod B IP: 10.244.57.215




### Step 6: Ping from pods

In [26]:
def test_connectivity(source_pod, target_ip):
    exec_command = ["ping", "-c", "4", target_ip]
    try:
        response = stream(
            v1.connect_get_namespaced_pod_exec,
            name=source_pod,
            namespace=NAMESPACE,
            command=exec_command,
            stderr=True,
            stdin=False,
            stdout=True,
            tty=False,
        )
        print(f"Ping from {source_pod} to {target_ip} successful!")
        print(response)
    except ApiException as e:
        print(f"Exception when pinging {target_ip} from {source_pod}: {e}")

# Replace with your actual pod names and IPs
test_connectivity("pod-a", ip_b)  # Ping pod B from pod A

Ping from pod-a to 10.244.57.215 successful!
PING 10.244.57.215 (10.244.57.215): 56 data bytes
64 bytes from 10.244.57.215: seq=0 ttl=64 time=93.103 ms
64 bytes from 10.244.57.215: seq=1 ttl=64 time=0.093 ms
64 bytes from 10.244.57.215: seq=2 ttl=64 time=0.087 ms
64 bytes from 10.244.57.215: seq=3 ttl=64 time=0.342 ms

--- 10.244.57.215 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.087/23.406/93.103 ms

