NSM v1.5.0

Release Schedule

• Feature Freeze - 2022-07-18
• Release Candidate - 2022-07-25
• Release - 2022-08-01

Planned Enhancements

Add support for VMs/Bare Metal external clients

Planned to develop an application to allow for non k8s clients to connect to NSM infrastructure from outside.

More Details

Public cluster testing via clusterctl

This makes our builds consistent and repeatable across a wide variety of infrastructure environments.

Planned to migrate next repos to the clusterctl

• integration-k8s-aws
• integration-k8s-gke
• integration-k8s-aks

Distributed DNS over vl3 network

When vl3 NSE starts it creates a new DNS server that knowns each connected to that vl3 NSE network service mesh clients. By default planned to use the next domain scheme: {{ .workloadName }}.{{ .networkService}}.{{ .clusterName }}. The domain scheme planned to be configurable via go-template. If the DNS server doesn’t know host then it fanouts the question to other vl3 NSE in the current vl3 network.

Re-usable workflows

Recently, GitHub added a new kind of workflow that can be reused from different repos. Planned to add this into sdk-.*/cmd-.* NSM repositories.

NSM+Application Service Mesh

Planned to add/consider next cases for meshes: Kuma, Linked, Istio, Consul:

• Run L7 mesh over vl3 network.
• Run L7 mesh as a service in NSM vl3 network (extension case).

That could simplify multi-cloud cases for the l7 service mesh and also could open new hybrid service mesh scenarios in the future.

vl3 Improvements

Planned to improve next aspects for the vl3 networks:

• Use uniform MTU for whole vl3 network. More Details
• Shift vL3 to using one Network Service for connecting clients and a separate one for vL3 NSEs to interconnect with each other
• Shift vL3 to using ClusterProperty for NSCs to select their candidates (including with scale from zero).

Webhook Improvements

Planned to improve NSM admission webhook and resolve tickets:

• Consider support for ‘kubectl annotate’ operation
• Added support for all container-based k8s resources
• Add support for annotated namespaces

OPA integration for connection monitor and registries services

Planned to add OPA policies for connection monitoring and registries services.

See more details:

• Integrate OPA with connection monitor service
• Integrate OPA with registry services

Improve stability and bug fixes

Planned to resolve next issues:

• https://github.com/networkservicemesh/cmd-forwarder-vpp/issues/656
• https://github.com/networkservicemesh/sdk/pull/1312
• https://github.com/networkservicemesh/sdk-vpp/issues/527

And all new stability issues that will be reported before the release!