Testing SCTP Services¶
In this example, we will use the kuryr-sctp-demo image. This image implements a SCTP server that listens on port 9090, and responds to client when a packet is received.
We first create a deployment named sctp-demo using the deployment manifest (deploy.yml) below:
apiVersion: apps/v1
kind: Deployment
metadata:
name: sctp-demo
labels:
app: server
spec:
replicas: 2
selector:
matchLabels:
app: server
template:
metadata:
labels:
app: server
spec:
containers:
- name: sctp-demo
image: tabbie/kuryr-sctp-demo:v2.1
ports:
- containerPort: 9090
$ kubectl apply -f deploy.yml
deployment.apps/sctp-demo created
At this point we should have two pods running the kuryr-sctp-demo image:
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
sctp-demo-65fcf85ddb-8vnrq 1/1 Running 0 40s
sctp-demo-65fcf85ddb-zg7nq 1/1 Running 0 109s
Next, we expose the deployment as a service, setting SCTP port to 90:
Note
In order to successfully expose the deployment as a service, ensure that the Octavia provider in use by Kuryr has SCTP support.
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.129 <none> 443/TCP 36h
$ kubectl expose deploy/sctp-demo --protocol=SCTP --port=90 --target-port=9090
service/sctp-demo exposed
$ kubectl get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.0.0.129 <none> 443/TCP 36h
sctp-demo ClusterIP 10.0.0.158 <none> 90/SCTP 42s
Now, let’s check the OpenStack load balancer created by Kuryr for sctp-demo service.
$ openstack loadbalancer list
+--------------------------------------+--------------------+----------------------------------+-------------+---------------------+----------+
| id | name | project_id | vip_address | provisioning_status | provider |
+--------------------------------------+--------------------+----------------------------------+-------------+---------------------+----------+
| 4d219ac7-2592-4d33-8afa-12994c5d82ec | default/kubernetes | 2e89a9e0a50d42d1be8054a80530b836 | 10.0.0.129 | ACTIVE | amphora |
| 96b38be3-1183-41c5-a0db-d246ef1d07cb | default/sctp-demo | 2e89a9e0a50d42d1be8054a80530b836 | 10.0.0.158 | ACTIVE | amphora |
+--------------------------------------+--------------------+----------------------------------+-------------+---------------------+----------+
$ openstack loadbalancer show default/sctp-demo
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone | None |
| created_at | 2021-01-11T10:01:15 |
| description | |
| flavor_id | None |
| id | 96b38be3-1183-41c5-a0db-d246ef1d07cb |
| listeners | eda5caa0-083a-4c45-a2e5-38c243b2c970 |
| name | default/sctp-demo |
| operating_status | ONLINE |
| pools | 0935f099-d901-4f39-8090-392a527cbc35 |
| project_id | 2e89a9e0a50d42d1be8054a80530b836 |
| provider | amphora |
| provisioning_status | ACTIVE |
| updated_at | 2021-01-11T10:05:30 |
| vip_address | 10.0.0.158 |
| vip_network_id | 13190422-869c-4259-ba3b-6a41be79a671 |
| vip_port_id | 64da8e72-8469-4ac6-a0e6-ec60ca02b96a |
| vip_qos_policy_id | None |
| vip_subnet_id | 0041469e-371c-417f-83df-94ca8f202eab |
+---------------------+--------------------------------------+
Checking the load balancer’s details, we can see that the load balancer is listening on SCTP port 90:
$ openstack loadbalancer listener show eda5caa0-083a-4c45-a2e5-38c243b2c970
+-----------------------------+--------------------------------------+
| Field | Value |
+-----------------------------+--------------------------------------+
| admin_state_up | True |
| connection_limit | -1 |
| created_at | 2021-01-11T10:04:31 |
| default_pool_id | 0935f099-d901-4f39-8090-392a527cbc35 |
| default_tls_container_ref | None |
| description | |
| id | eda5caa0-083a-4c45-a2e5-38c243b2c970 |
| insert_headers | None |
| l7policies | |
| loadbalancers | 96b38be3-1183-41c5-a0db-d246ef1d07cb |
| name | default/sctp-demo:SCTP:90 |
| operating_status | ONLINE |
| project_id | 2e89a9e0a50d42d1be8054a80530b836 |
| protocol | SCTP |
| protocol_port | 90 |
| provisioning_status | ACTIVE |
| sni_container_refs | [] |
| timeout_client_data | 50000 |
| timeout_member_connect | 5000 |
| timeout_member_data | 50000 |
| timeout_tcp_inspect | 0 |
| updated_at | 2021-01-11T10:05:30 |
| client_ca_tls_container_ref | None |
| client_authentication | NONE |
| client_crl_container_ref | None |
| allowed_cidrs | None |
| tls_ciphers | None |
| tls_versions | None |
| alpn_protocols | None |
+-----------------------------+--------------------------------------+
And the load balancer has a pool with two members listening on SCTP port 9090:
$ openstack loadbalancer pool list
+--------------------------------------+---------------------------+----------------------------------+---------------------+----------+--------------+----------------+
| id | name | project_id | provisioning_status | protocol | lb_algorithm | admin_state_up |
+--------------------------------------+---------------------------+----------------------------------+---------------------+----------+--------------+----------------+
| c69a87a5-078e-4c2b-84d4-0a2691c58f07 | default/kubernetes:443 | 2e89a9e0a50d42d1be8054a80530b836 | ACTIVE | HTTPS | ROUND_ROBIN | True |
| 0935f099-d901-4f39-8090-392a527cbc35 | default/sctp-demo:SCTP:90 | 2e89a9e0a50d42d1be8054a80530b836 | ACTIVE | SCTP | ROUND_ROBIN | True |
+--------------------------------------+---------------------------+----------------------------------+---------------------+----------+--------------+----------------+
$ openstack loadbalancer member list default/sctp-demo:SCTP:90
+--------------------------------------+-----------------------------------------+----------------------------------+---------------------+-----------+---------------+------------------+--------+
| id | name | project_id | provisioning_status | address | protocol_port | operating_status | weight |
+--------------------------------------+-----------------------------------------+----------------------------------+---------------------+-----------+---------------+------------------+--------+
| abeec334-56b1-4535-a238-71424d78590e | default/sctp-demo-65fcf85ddb-zg7nq:9090 | 2e89a9e0a50d42d1be8054a80530b836 | ACTIVE | 10.0.0.75 | 9090 | NO_MONITOR | 1 |
| 826345b0-1264-421d-b9e0-8756f7bc0d21 | default/sctp-demo-65fcf85ddb-8vnrq:9090 | 2e89a9e0a50d42d1be8054a80530b836 | ACTIVE | 10.0.0.88 | 9090 | NO_MONITOR | 1 |
+--------------------------------------+-----------------------------------------+----------------------------------+---------------------+-----------+---------------+------------------+--------+
At this point, we have both the kubernetes service and corresponding OpenStack load balancer running, and we are ready to run the client application.
For the client application we will use the sctp_client python script. The SCTP client script sends SCTP message towards specific IP and port, and waits for a response from the server. The client application communicates with the server by leveraging OpenStack load balancer functionality.
For the client application to work, python SCTP module needs to be installed in our environment. We need a SCTP-aware kernel (most are). First we install the following packages: libsctp-dev, libsctp1, lksctp-tools and then install the module.
$ sudo apt-get install libsctp-dev libsctp1 lksctp-tools
$ pip3 install pysctp
And we need the SCTP server service IP and port:
$ kubectl get svc sctp-demo
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
sctp-demo ClusterIP 10.0.0.158 <none> 90/SCTP 67m
Last step will be to connect to the SCTP server service:
$ python3 sctp_client.py 10.0.0.158 90
Sending Message
sctp-demo-65fcf85ddb-zg7nq: HELLO, I AM ALIVE!!!
$ python3 sctp_client.py 10.0.0.158 90
Sending Message
sctp-demo-65fcf85ddb-8vnrq: HELLO, I AM ALIVE!!!