Laszlo Kiraly
Laszlo Kiraly
Based on latest test result the example security settings applied in forwarder-vpp image and test manifest file works with SR-IOV configuration also: https://github.com/networkservicemesh/integration-k8s-packet/actions/runs/2705228841
Capability settings for binaries added to Dockerfiles used to build NSM images: [cmd-forwarder-vpp/681](https://github.com/networkservicemesh/cmd-forwarder-vpp/pull/681) [cmd-nsmgr/547](https://github.com/networkservicemesh/cmd-nsmgr/pull/547) Example manifests (forwarder-vpp, nsmgr) extended with security context settings to run as non-root user, with minimal...
I checked the[ l2bridgedomain](https://github.com/networkservicemesh/sdk-vpp/tree/main/pkg/networkservice/xconnect/l2bridgedomain) chain element and seems that is easy to modify for generic usage. @MarkMckessock I can help understanding/using this part if needed and do the refactor if...
Seems that NSM_MAX_TOKEN_LIFETIME default setting is 24h instead of 10 minutes lifetime used in vpp forwarder. I am to repeat the test with the NSM_MAX_TOKEN_LIFETIME=10min setting.
Same result with NSM_MAX_TOKEN_LIFETIME=10min setting.
@denis-tingaikin Just realized that I missed to add the logs to the zip file. I updated the attachment and I adding the nsc logs here as well. BTW seems to...
@denis-tingaikin , @edwarnicke 'cmd-ipam-one-point' is OK. I will detail the use case in the README.md
> > NSM Version: v1.13.0-rc1 > > The issue can be seen with NSM v1.12.1-rc.1 also. > > Hm, as far as I know, we fixed something similar in v1.13.0....
Ah, I missed the version, sorry: the logs are from a test run with NSM v1.13.0-rc2. Fixing in description.
Should I ask by vpp mailing list or you want to check this? Other question popped up: can the internal packet capture have traffic impact in vpp?