### DNS Provider Setup Example Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Example of how to configure a DNS provider to point wildcard subdomains to your ingress controller's IP address. ```text *.tunnel.example.com → your-ingress-controller-ip ``` -------------------------------- ### Setup Ephemeral K3s Cluster Source: https://github.com/interlink-hq/interlink/blob/main/scripts/README.md Downloads and starts K3s, builds Docker images, and launches interLink API, SLURM plugin, and Virtual Kubelet. Requires sudo access, Docker, Go, git, curl, and kubectl. ```bash sudo ./scripts/k3s-test-setup.sh ``` -------------------------------- ### Install InterLink on Remote Server Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Copy the generated installation script to a remote server, make it executable, and then run the install and start commands. ```bash # Copy the script to the remote server scp /path/to/output/interlink-remote.sh user@remote-server:~/ # On the remote server chmod +x interlink-remote.sh ./interlink-remote.sh install ./interlink-remote.sh start ``` -------------------------------- ### Start Remote Plugin Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Example command to start the interLink plugin on the remote server, listening on a specific port. This must be done before starting the SSH tunnel. ```bash # Example: Start SLURM plugin on remote HPC system cd /path/to/plugin python3 slurm_plugin.py --port 4000 ``` -------------------------------- ### Install and Start interLink Remote Services Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Installs and starts the interLink API server and OAuth2 Proxy services on the edge node. Ensure the `interlink-remote.sh` script is executable. ```bash chmod +x $HOME/.interlink/manifests/interlink-remote.sh $HOME/.interlink/manifests/interlink-remote.sh install $HOME/.interlink/manifests/interlink-remote.sh start ``` -------------------------------- ### Enable and Start interLink Services Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Commands to enable and start the interLink services, including local Virtual Kubelet components and remote plugin services. Services are started in dependency order. ```bash # Local services (where Virtual Kubelet runs) sudo systemctl daemon-reload sudo systemctl enable interlink-tunnel interlink-api interlink-virtual-kubelet # Start services in dependency order sudo systemctl start interlink-tunnel sudo systemctl start interlink-api sudo systemctl start interlink-virtual-kubelet # Remote services (on the plugin server) sudo systemctl daemon-reload sudo systemctl enable interlink-remote-plugin sudo systemctl start interlink-remote-plugin # Check service status sudo systemctl status interlink-tunnel sudo systemctl status interlink-api sudo systemctl status interlink-virtual-kubelet ``` -------------------------------- ### InterLink Installer Configuration - Virtual Kubelet Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Example configuration for Virtual Kubelet, specifying node name, Kubernetes namespace, and resource limits. ```yaml kubelet_node_name: my-vk-node kubernetes_namespace: interlink node_limits: cpu: "10" memory: "256" pods: "10" ``` -------------------------------- ### InterLink Installer Configuration - API Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Example configuration for the interLink API, including IP address, port, version, and HTTP settings. ```yaml interlink_ip: PUBLIC_IP_HERE interlink_port: 8443 interlink_version: 0.3.3 insecure_http: true ``` -------------------------------- ### Start Virtual Kubelet Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Starts the Virtual Kubelet with Interlink as the provider. The KUBECONFIG environment variable must be set, and the --config flag should point to the Virtual Kubelet configuration file. ```bash export KUBECONFIG=~/.kube/config ./bin/virtual-kubelet \ --provider interlink \ --nodename interlink-node \ --config /path/to/VirtualKubeletConfig.yaml ``` -------------------------------- ### Initialize interLink Configuration Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Creates necessary directories and initializes the interLink configuration file using the downloaded installer. ```bash mkdir -p $HOME/.interlink/logs mkdir -p $HOME/.interlink/bin mkdir -p $HOME/.interlink/config $HOME/.interlink/interlink-installer --init --config $HOME/.interlink/installer.yaml ``` -------------------------------- ### Install Dependencies and Run in Development Mode Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Install project dependencies using pip and run the application with auto-reloading for development. ```bash # Install dependencies pip install -r requirements.txt # Run with auto-reload uvicorn main:app --reload --host 0.0.0.0 --port 8000 ``` -------------------------------- ### Example Generated Hostnames Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Shows concrete examples of generated hostnames for pods named 'web-server' and 'api-gateway'. ```text ws-web-server-wstunnel.tunnel.example.com ws-api-gateway-wstunnel.tunnel.example.com ``` -------------------------------- ### Download interLink Installer Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Downloads the latest interLink installer script for Linux x86_64 and makes it executable. Ensure you have `curl`, `wget`, and `jq` installed. ```bash mkdir -p $HOME/.interlink export VERSION=$(curl -s https://api.github.com/repos/interlink-hq/interlink/releases/latest | jq -r .name) wget -O $HOME/interlink-installer https://github.com/interlink-hq/interLink/releases/download/$VERSION/interlink-installer_Linux_x86_64 chmod +x $HOME/.interlink/interlink-installer ``` -------------------------------- ### Wstunnel Client Connection Command Example Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx An example of a complete client command annotation generated by InterLink for connecting to a pod's services via wstunnel. ```bash curl -L https://github.com/erebe/wstunnel/releases/latest/download/wstunnel-linux-x64 -o wstunnel && chmod +x wstunnel ./wstunnel client --http-upgrade-path-prefix a1b2c3d4e5f6 -R tcp://[::]:8080:localhost:8080 -R tcp://[::]:9090:localhost:9090 ws://ws-my-pod-wstunnel.tunnel.example.com:80 ``` -------------------------------- ### Install Project Dependencies Source: https://github.com/interlink-hq/interlink/blob/main/docs/README.md Run this command to install the necessary Node.js dependencies for the project using Yarn. ```bash $ yarn ``` -------------------------------- ### Install System Dependencies Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Installs necessary system packages like curl using apt-get. ```dockerfile RUN apt-get update && apt-get install -y \ curl \ && rm -rf /var/lib/apt/lists/* ``` -------------------------------- ### Build the InterLink Installer Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Build the interlink-installer executable from the root of the interLink repository. ```bash # From the root of the interLink repository go build -o interlink-installer ./cmd/installer ``` -------------------------------- ### Configure Pod VPN with Annotation Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/09-pod-annotations.mdx This example demonstrates enabling VPN for a pod using the `interlink.eu/pod-vpn` annotation. ```yaml apiVersion: v1 kind: Pod metadata: name: vpn-enabled-pod annotations: interlink.eu/pod-vpn: "true" spec: containers: - name: app image: nginx:latest ports: - containerPort: 80 restartPolicy: Never ``` -------------------------------- ### Environment-Specific Binary Downloads Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx This Go template example illustrates conditional binary downloads, specifically for WireGuard, based on the `UnshareMode`. It checks for pre-installed binaries before downloading. ```go {{if eq .UnshareMode "none"}} # HPC environment - binaries might be pre-installed if [ -f "/opt/wireguard/wg" ]; then echo "Using pre-installed WireGuard" ln -s /opt/wireguard/wg ./wg else wget -q {{.WgToolURL}} -O wg chmod +x wg fi {{end}} ``` -------------------------------- ### Enable and Start InterLink Services Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/08-systemd-deployment.mdx Enable InterLink services to start automatically on boot and start them in the correct order. Reloads the systemd daemon to recognize new service files. ```bash # Enable services to start on boot sudo systemctl daemon-reload sudo systemctl enable interlink-oauth2-proxy interlink-api interlink-docker-plugin # Start services in order sudo systemctl start interlink-oauth2-proxy sudo systemctl start interlink-api sudo systemctl start interlink-docker-plugin # Check service status sudo systemctl status interlink-oauth2-proxy sudo systemctl status interlink-api sudo systemctl status interlink-docker-plugin ``` -------------------------------- ### Dockerfile Example for Python Plugin Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md A basic Dockerfile to set up a Python environment for your plugin. ```dockerfile FROM python:3.11-slim WORKDIR /app ``` -------------------------------- ### Install Monitoring System Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/05-monitoring.md Install or upgrade the monitoring system using Helm. Ensure to specify the namespace and use the debug flag for detailed output. ```bash helm upgrade --install helm-vk-monitoring-release interlink-monitoring-stack/ -n interlink-mon --debug ``` -------------------------------- ### Install interLink Python SDK Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Installs the interLink Python SDK using pip. Ensure the VERSION environment variable is set to the desired release, or omit it to install the latest version. ```bash #export VERSION=X.X.X #pip install "uvicorn[standard]" "git+https://github.com/interlink-hq/interlink-plugin-sdk@${VERSION}" # Or download the latest one with pip install "uvicorn[standard]" "git+https://github.com/interlink-hq/interlink-plugin-sdk" ``` -------------------------------- ### Start Kubernetes Service with Dagger Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/Developers.md Initiates the Kubernetes service using Dagger, preparing the environment for debugging from the host machine. ```bash dagger call \ --name my-tests \ build-images \ new-interlink \ --plugin-endpoint tcp://localhost:4000 \ kube up ``` -------------------------------- ### InterLink Installer Configuration - OAuth OIDC Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Example OAuth configuration for OIDC providers, including grant type, client credentials, scopes, and token/device URLs. ```yaml oauth: provider: oidc # or github grant_type: authorization_code # or client_credentials client_id: OIDC_CLIENT_ID_HERE client_secret: OIDC_CLIENT_SECRET_HERE scopes: - openid - email - offline_access - profile token_url: https://my_oidc_idp.com/token device_code_url: https://my_oidc_idp/auth/device issuer: https://my_oidc_idp.com/ audience: OIDC_AUDIENCE_HERE # Required for OIDC providers # For GitHub provider # github_user: username ``` -------------------------------- ### Install Python Dependencies Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Copies the requirements.txt file and installs Python dependencies using pip. ```dockerfile COPY requirements.txt . RUN pip install --no-cache-dir -r requirements.txt ``` -------------------------------- ### Custom DNS Configuration Example Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx This Go template snippet demonstrates how to conditionally configure DNS settings by writing to `/etc/resolv.conf` if a `DNSServiceIP` is provided. ```go # In your custom template {{if .DNSServiceIP}} echo "Configuring DNS..." echo "nameserver {{.DNSServiceIP}}" > /etc/resolv.conf echo "search default.svc.cluster.local svc.cluster.local cluster.local" >> /etc/resolv.conf {{end}} ``` -------------------------------- ### Download and Prepare Binaries Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Downloads and makes executable essential binaries for the mesh network setup: wstunnel, wireguard-go, wg tool, and slirp4netns. It also checks for the 'ip' command from iproute2. ```bash echo "Downloading wstunnel..." if ! curl -L -f -k {{.WSTunnelExecutableURL}} -o wstunnel; then echo "ERROR: Failed to download wstunnel" exit 1 fi chmod +x wstunnel # Download wireguard-go echo "Downloading wireguard-go..." if ! curl -L -f -k {{.WireguardGoURL}} -o wireguard-go; then echo "ERROR: Failed to download wireguard-go" exit 1 fi chmod +x wireguard-go # Download and build wg tool echo "Downloading wg tool..." if ! curl -L -f -k {{.WgToolURL}} -o wg; then echo "ERROR: Failed to download wg tools" exit 1 fi chmod +x wg # Download slirp4netns echo "Downloading slirp4netns..." if ! curl -L -f -k {{.Slirp4netnsURL}} -o slirp4netns; then echo "ERROR: Failed to download slirp4netns" exit 1 fi chmod +x slirp4netns # Check if iproute2 is available if ! command -v ip &> /dev/null; then echo "ERROR: 'ip' command not found. Please install iproute2 package" exit 1 fi # Copy ip command to tmpdir for use in namespace IP_CMD=$(command -v ip) cp $IP_CMD $TMPDIR/ || echo "Warning: could not copy ip command" echo "=== All binaries downloaded successfully ===" ``` -------------------------------- ### Custom Wstunnel Deployment Template Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Example of a custom Deployment template file for Wstunnel, allowing for user-defined configurations. ```yaml # /etc/templates/custom-wstunnel.yaml apiVersion: apps/v1 kind: Deployment metadata: name: {{.Name}} namespace: {{.Namespace}} spec: # Your custom configuration... ``` -------------------------------- ### Download and Install SLURM Plugin Binary Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Downloads the latest SLURM plugin binary from GitHub releases using curl and jq to get the version, then saves it to the specified path. ```bash export PLUGIN_VERSION=$(curl -s https://api.github.com/repos/interlink-hq/interlink-slurm-plugin/releases/latest | jq -r .name) wget -O $HOME/.interlink/bin/plugin https://github.com/interlink-hq/interlink-slurm-plugin/releases/download/${PLUGIN_VERSION}/interlink-sidecar-slurm_Linux_x86_64 ``` -------------------------------- ### Start Local Development Server Source: https://github.com/interlink-hq/interlink/blob/main/docs/README.md This command starts a local development server for Docusaurus. Changes are reflected live without a server restart. Use a local configuration file. ```bash $ yarn start --config docusaurus.config.local.ts ``` -------------------------------- ### Example Test Output Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/Developers.md This is an example of a successful test run output, showing collected items, passed tests, and deselected items. ```text cachedir: .pytest_cache rootdir: /opt/vk-test-set configfile: pyproject.toml collecting ... collected 12 items / 1 deselected / 11 selected vktestset/basic_test.py::test_namespace_exists[default] PASSED [ 9%] vktestset/basic_test.py::test_namespace_exists[kube-system] PASSED [ 18%] vktestset/basic_test.py::test_namespace_exists[interlink] PASSED [ 27%] vktestset/basic_test.py::test_node_exists[virtual-kubelet] PASSED [ 36%] vktestset/basic_test.py::test_manifest[virtual-kubelet-000-hello-world.yaml] PASSED [ 45%] vktestset/basic_test.py::test_manifest[virtual-kubelet-010-simple-python.yaml] PASSED [ 54%] vktestset/basic_test.py::test_manifest[virtual-kubelet-020-python-env.yaml] PASSED [ 63%] vktestset/basic_test.py::test_manifest[virtual-kubelet-030-simple-shared-volume.yaml] PASSED [ 72%] vktestset/basic_test.py::test_manifest[virtual-kubelet-040-config-volumes.yaml] PASSED [ 81%] vktestset/basic_test.py::test_manifest[virtual-kubelet-050-limits.yaml] PASSED [ 90%] vktestset/basic_test.py::test_manifest[virtual-kubelet-060-init-container.yaml] PASSED [100%] ====================== 11 passed, 1 deselected in 41.71s ======================= ``` -------------------------------- ### Mesh Script Template Variable Usage Examples Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Provides examples of how to access and use variables within the Go template syntax for generating bash scripts. ```bash # Access variables in template using Go template syntax {{.WGInterfaceName}} # => "wg5f3b9c2d3a4e" {{.WSTunnelExecutableURL}} # => "https://github.com/.../wstunnel" {{.DNSServiceIP}} # => "10.244.0.99" {{.WGMTU}} # => 1280 {{.IngressEndpoint}} # => "pod-namespace.example.com" ``` -------------------------------- ### Start Docker Plugin Service Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Starts the Docker plugin service and logs its process ID. Ensure the INTERLINKCONFIGPATH environment variable is set. ```bash export INTERLINKCONFIGPATH=$HOME/.interlink/config/plugin-config.yaml $HOME/.interlink/bin/plugin &> $HOME/.interlink/logs/plugin.log & echo $! > $HOME/.interlink/plugin.pid ``` -------------------------------- ### Start InterLink API Server Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Launches the Interlink API server. Ensure the INTERLINKCONFIGPATH environment variable is set to the correct configuration file path before execution. ```bash export INTERLINKCONFIGPATH=/path/to/InterLinkConfig.yaml ./bin/interlink ``` -------------------------------- ### Wstunnel Command with Pre-installed Binary Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Use this command when wstunnel is already installed and available in the system's PATH. It assumes the 'wstunnel' executable can be found directly. ```yaml WstunnelCommand: "wstunnel client --http-upgrade-path-prefix %s %s ws://%s:80" ``` -------------------------------- ### Pod Annotations for Mesh Networking Setup Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx These annotations are added to a pod to facilitate mesh networking. The `slurm-job.vk.io/pre-exec` annotation contains the generated bash script for network setup, while `interlink.eu/wireguard-client-snippet` provides the WireGuard client configuration. ```yaml annotations: # Pre-execution script that sets up the mesh slurm-job.vk.io/pre-exec: "" # WireGuard client configuration snippet interlink.eu/wireguard-client-snippet: | [Interface] Address = 10.7.0.2/32 PrivateKey = DNS = 1.1.1.1 MTU = 1280 [Peer] PublicKey = AllowedIPs = 10.7.0.1/32, 10.0.0.0/8 Endpoint = 127.0.0.1:51821 PersistentKeepalive = 25 ``` -------------------------------- ### Start Network Namespace Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Initiates the network namespace, preparing the environment for the mesh network configuration. The strategy for unsharing is determined by configuration settings. ```bash echo "=== Starting network namespace ===" # Detect best unshare strategy for this environment # Priority: 1) Config file setting, 2) Environment variable, 3) Default (auto) ``` -------------------------------- ### Verify Interlink Setup in Kubernetes Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx A set of kubectl commands to verify the Interlink setup. This includes checking node status, deploying a test pod, checking its status, and testing logging functionality (which may require CSR approval). ```bash # Check if node appears in Kubernetes kubectl get nodes # Deploy a test pod kubectl apply -f - < None: # Convert to cloud-native format task_definition = self.pod_to_task_definition(pod) # Submit to cloud provider response = self.cloud_client.run_task( taskDefinition=task_definition, cluster=self.cluster_name ) task_arn = response['tasks'][0]['taskArn'] self.task_pod_map[pod.pod.metadata.uid] = task_arn ``` -------------------------------- ### Custom MTU Detection Example Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx This Go template snippet shows how to auto-detect an optimal MTU for a WireGuard interface by querying the base MTU and subtracting overhead. ```go # Auto-detect optimal MTU echo "Detecting optimal MTU..." BASE_MTU=$(ip route get {{.IngressEndpoint}} | grep -oP 'mtu \K[0-9]+' || echo 1500) WG_MTU=$((BASE_MTU - 80)) # Account for WireGuard overhead echo "Using MTU: $WG_MTU" ip link set {{.WGInterfaceName}} mtu $WG_MTU ``` -------------------------------- ### Initialize Docker Client and FastAPI App Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Sets up the necessary clients for Docker and FastAPI. This is a prerequisite for most plugin operations. ```python docker_client = docker.DockerClient() app = FastAPI() ``` -------------------------------- ### SLURM Provider Plugin Implementation Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Implement a SLURM provider to manage HPC workloads. This example shows how to convert a pod spec to a SLURM job script and submit it using `sbatch`. ```python class SLURMProvider(interlink.provider.Provider): def create(self, pod: interlink.Pod) -> None: # Convert pod spec to SLURM job script job_script = self.generate_slurm_script(pod) # Submit to SLURM result = subprocess.run( ["sbatch", "--parsable"], input=job_script, capture_output=True, text=True ) job_id = result.stdout.strip() self.job_pod_map[pod.pod.metadata.uid] = job_id def generate_slurm_script(self, pod): container = pod.pod.spec.containers[0] return f"#!/bin/bash #SBATCH --job-name={pod.pod.metadata.name} #SBATCH --output=job_%j.out #SBATCH --error=job_%j.err # Run container with Singularity/Apptainer singularity exec {container.image} {' '.join(container.command or [])} " ``` -------------------------------- ### Initialize InterLink Configuration Source: https://github.com/interlink-hq/interlink/blob/main/cmd/installer/README.md Create a default configuration file with placeholder values. If --config is not provided, the default location is $HOME/.interlink.yaml. ```bash ./interlink-installer --init --config /path/to/config.yaml ``` -------------------------------- ### Start SLURM Plugin Service Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/1-edge.mdx Starts the SLURM plugin service and logs its process ID. Ensure the SLURMCONFIGPATH environment variable is set. ```bash export SLURMCONFIGPATH=$HOME/.interlink/manifests/plugin-config.yaml $HOME/.interlink/bin/plugin &> $HOME/.interlink/logs/plugin.log & echo $! > $HOME/.interlink/plugin.pid ``` -------------------------------- ### Enable and Start Health Check Timer Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/08-systemd-deployment.mdx Commands to enable and start the systemd timer for health checks, ensuring regular execution of the health check script. ```bash sudo systemctl daemon-reload sudo systemctl enable interlink-health-check.timer sudo systemctl start interlink-health-check.timer ``` -------------------------------- ### Create System User and Directories Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/08-systemd-deployment.mdx Creates a dedicated system user 'interlink' and sets up necessary directories for InterLink services. Ensures correct ownership and permissions. ```bash sudo useradd --system --create-home --home-dir /opt/interlink --shell /bin/bash interlink sudo mkdir -p /opt/interlink/{bin,config,logs} sudo chown -R interlink:interlink /opt/interlink ``` -------------------------------- ### Download and Run Local Docker Plugin Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/Developers.md Download the Interlink Docker plugin, make it executable, and set the configuration path. This is useful for local demonstrations and testing. ```bash wget https://github.com/interlink-hq/interlink-docker-plugin/releases/download/0.0.24-no-gpu/docker-plugin_Linux_x86_64 -O docker-plugin \ && chmod +x docker-plugin \ && docker ps \ && export INTERLINKCONFIGPATH=$PWD/ci/manifests/plugin-config.yaml \ && ./docker-plugin ``` -------------------------------- ### Start InterLink API Server with mTLS Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/07-mtls-deployment.mdx Starts the InterLink API server in the background using the specified configuration path and logs output to a file. The process ID is stored. ```bash # Start InterLink API server with mTLS export INTERLINKCONFIGPATH=$HOME/.interlink/config/InterLinkConfig.yaml $HOME/.interlink/bin/interlink &> $HOME/.interlink/logs/interlink.log & echo $! > $HOME/.interlink/interlink.pid ``` -------------------------------- ### Build, Test, and Generate OpenAPI Specs with Make Source: https://github.com/interlink-hq/interlink/blob/main/README.md Standard make targets for building all components, running containerized tests with Dagger, generating OpenAPI specifications, and cleaning build artifacts. ```bash make all make test make openapi make clean ``` -------------------------------- ### Local Integration Test Source: https://github.com/interlink-hq/interlink/blob/main/scripts/README.md Performs a quick local integration test using an existing Kubernetes cluster. Builds Docker images, starts SLURM plugin and interLink API containers, and provides instructions for starting Virtual Kubelet. Requires a configured KUBECONFIG, Docker, Go, and git. ```bash make test-local # or ./scripts/local-test.sh ``` -------------------------------- ### Create Monitoring Namespace Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/05-monitoring.md Create a Kubernetes namespace specifically for the monitoring system. ```bash kubectl create namespace interlink-mon ``` -------------------------------- ### Download and Configure InterLink Binary Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/07-mtls-deployment.mdx Downloads the latest InterLink binary for Linux x86_64 and makes it executable. Requires `jq` and `wget`. ```bash export VERSION=$(curl -s https://api.github.com/repos/interlink-hq/interlink/releases/latest | jq -r .name) wget -O $HOME/.interlink/bin/interlink https://github.com/interlink-hq/interLink/releases/download/$VERSION/interlink_Linux_x86_64 chmod +x $HOME/.interlink/bin/interlink ``` -------------------------------- ### Run Full e2e Suite Locally with K3s Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/Developers.md Clone the repository, set up the K3s environment, build images, deploy interlink and the SLURM plugin, run the pytest suite, and collect logs. This sequence can be executed with individual scripts or a single make target. ```bash # Clone the repo and enter it git clone https://github.com/interlink-hq/interLink.git cd interLink # (Optional) enable unprivileged user namespaces if your kernel restricts them sudo sysctl -w kernel.unprivileged_userns_clone=1 # 1. Build images, start K3s, deploy interLink and the SLURM plugin bash scripts/k3s-test-setup.sh # 2. Run the pytest test suite against the live cluster bash scripts/k3s-test-run.sh # 3. Collect logs and tear down all resources bash scripts/k3s-test-cleanup.sh ``` ```bash make test-k3s ``` ```bash make test-k3s-setup # setup only make test-k3s-run # run only (requires setup to have completed) make test-k3s-cleanup # cleanup only ``` -------------------------------- ### Handle Projected Volumes in Plugin Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Shows how to process projected volumes, such as ServiceAccount tokens and CA certificates, by writing their content to files. ```python def handle_projected_volumes(self, projected_volumes): """Handle ServiceAccount tokens and projected volumes""" for pv_map in projected_volumes: for filename, content in pv_map.data.items(): # Write ServiceAccount tokens, CA certificates, etc. self.write_projected_file(filename, content) ``` -------------------------------- ### Disabling Wstunnel with VPN Fallback Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Example of disabling Wstunnel for a Pod and opting for VPN instead, using the 'interlink.eu/pod-vpn' annotation. ```yaml apiVersion: v1 kind: Pod metadata: name: web-server namespace: default annotations: interlink.eu/pod-vpn: "true" # Use VPN instead of wstunnel spec: containers: - name: nginx image: nginx:latest ports: - containerPort: 80 name: http restartPolicy: Never ``` -------------------------------- ### Start SSH Tunnel (Basic) Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Establishes a basic SSH tunnel from a local Unix socket to a remote port. Requires SSH server address, user, private key, local socket path, and remote port. ```bash # Start SSH tunnel ./bin/ssh-tunnel \ -addr "remote-server:22" \ -user "username" \ -keyfile "~/.ssh/interlink_rsa" \ -lsock "/tmp/interlink.sock" \ -rport "4000" ``` -------------------------------- ### Test Remote Plugin Connectivity Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/cookbook/3-tunneled.mdx Sends a GET request to the status endpoint of the remote plugin API running on localhost:4000. ```bash curl -X GET http://localhost:4000/status ``` -------------------------------- ### Manage InterLink Services Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/08-systemd-deployment.mdx Common systemd operations for managing InterLink services, including restarting, stopping, starting, and viewing configurations. ```bash # Restart a service sudo systemctl restart interlink-api # Stop all InterLink services sudo systemctl stop interlink-docker-plugin interlink-api interlink-oauth2-proxy # Start all InterLink services sudo systemctl start interlink-oauth2-proxy interlink-api interlink-docker-plugin # View service configuration sudo systemctl cat interlink-api # Check service dependencies sudo systemctl list-dependencies interlink-api ``` -------------------------------- ### Integration Testing Plugin with Docker and Make Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/02-develop-a-plugin.md Provides bash commands to build the plugin's Docker image, set environment variables for configuration, and run integration tests using `make test`. ```bash # Build your plugin image docker build -t my-plugin:latest . # Update plugin configuration export PLUGIN_IMAGE=my-plugin:latest export PLUGIN_PORT=8000 # Run integration tests make test ``` -------------------------------- ### HPC Pod to MySQL Service Packet Flow Example Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Illustrates the step-by-step packet flow for a connection originating from an HPC pod to a MySQL service within the Kubernetes cluster. Covers DNS resolution, TCP connection establishment, and the return path. ```text PACKET FLOW EXAMPLE: HPC Pod → MySQL Service ═════════════════════════════════════════════ Step 1: DNS Resolution ────────────────────── HPC Pod: "What is mysql.default.svc.cluster.local?" │ └──▶ Query sent to 10.244.0.99 (kube-dns) │ ├─▶ Routed via wg* interface (matches 10.244.0.0/16) │ ├─▶ Encrypted by WireGuard client (10.7.0.2) │ ├─▶ Sent via wstunnel → Ingress → wstunnel server │ ├─▶ Decrypted by WireGuard server (10.7.0.1) │ └─▶ Reaches kube-dns pod at 10.244.0.99 │ └─▶ Response: 10.105.123.45 (mysql service ClusterIP) Step 2: TCP Connection to Service ────────────────────────────────── HPC Pod: TCP SYN to 10.105.123.45:3306 │ ├─▶ Packet: [Src: 10.7.0.2:random] [Dst: 10.105.123.45:3306] │ ├─▶ Routing decision: matches 10.105.0.0/16 → via wg* interface │ ├─▶ WireGuard client encrypts packet │ │ │ └─▶ Encrypted packet: [Src: 10.7.0.2] [Dst: 10.7.0.1] │ ├─▶ wstunnel client on HPC (127.0.0.1:51821) │ │ │ └─▶ Forwards to WireGuard (127.0.0.1:51820) │ ├─▶ Encapsulated in WebSocket frame │ │ │ └─▶ WSS connection: HPC → pod-ns.example.com:443 │ ├─▶ Ingress controller routes to wstunnel server service │ ├─▶ wstunnel server (in cluster) extracts WebSocket payload │ │ │ └─▶ Forwards UDP to local WireGuard (127.0.0.1:51820) │ ├─▶ WireGuard server (10.7.0.1) decrypts packet │ │ │ └─▶ Original packet: [Src: 10.7.0.2:random] [Dst: 10.105.123.45:3306] │ ├─▶ Kernel routing: 10.105.123.45 is a service IP │ │ │ └─▶ kube-proxy/iptables/IPVS handles service load balancing │ └─▶ Traffic reaches MySQL pod at 10.244.1.15:3306 Step 3: Return Path ─────────────────── MySQL Pod: TCP SYN-ACK from 10.244.1.15:3306 │ ├─▶ Packet: [Src: 10.244.1.15:3306] [Dst: 10.7.0.2:random] │ ├─▶ Routing: destination is in WireGuard network │ ├─▶ WireGuard server encrypts and sends to peer 10.7.0.2 │ ├─▶ Reverse path through wstunnel │ └─▶ Arrives at HPC pod: [Src: 10.105.123.45:3306] [Dst: 10.7.0.2:random] │ └─▶ Application receives response ``` -------------------------------- ### Generate mTLS Certificates with OpenSSL Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/07-mtls-deployment.mdx Generates CA, server, and client certificates and keys required for mTLS authentication. Ensure you have OpenSSL installed. ```bash # Generate CA private key openssl genrsa -out ca-key.pem 4096 # Generate CA certificate openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem -subj "/C=US/ST=CA/L=San Francisco/O=InterLink/CN=InterLink CA" # Generate server private key openssl genrsa -out server-key.pem 4096 # Generate server certificate signing request openssl req -subj "/C=US/ST=CA/L=San Francisco/O=InterLink/CN=interlink-server" -sha256 -new -key server-key.pem -out server.csr # Generate server certificate signed by CA openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -out server-cert.pem -extensions v3_req # Generate client private key openssl genrsa -out client-key.pem 4096 # Generate client certificate signing request openssl req -subj "/C=US/ST=CA/L=San Francisco/O=InterLink/CN=interlink-client" -sha256 -new -key client-key.pem -out client.csr # Generate client certificate signed by CA openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -out client-cert.pem -extensions v3_req # Clean up CSR files rm server.csr client.csr ``` -------------------------------- ### Full Integration Test Workflow Source: https://github.com/interlink-hq/interlink/blob/main/scripts/README.md A three-step workflow for performing a full integration test: setting up the ephemeral cluster, running the tests, and then cleaning up resources. ```bash # 1. Setup ephemeral cluster sudo ./scripts/k3s-test-setup.sh # 2. Run tests ./scripts/k3s-test-run.sh # 3. Cleanup sudo ./scripts/k3s-test-cleanup.sh ``` -------------------------------- ### Check File Permissions for Kubelet Certificates Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/12-kubelet-certificate-management.mdx Verify and set appropriate file permissions for Kubelet certificate and key files. Ensure the Virtual Kubelet process can read these files. ```bash ls -la /path/to/cert.crt chmod 644 /path/to/cert.crt chmod 600 /path/to/key.key ``` -------------------------------- ### Build Static Website Content Source: https://github.com/interlink-hq/interlink/blob/main/docs/README.md This command generates the static content for the website into the 'build' directory, ready for hosting. ```bash $ yarn build ``` -------------------------------- ### Default Mesh Script Template Initialization Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx The beginning of the default mesh script template, setting up the environment and preparing a temporary directory. ```bash #!/bin/bash set -e set -m export PATH=$PATH:$PWD:/usr/sbin:/sbin # Prepare the temporary directory TMPDIR=${SLIRP_TMPDIR:-/tmp/.slirp.$RANDOM$RANDOM} mkdir -p $TMPDIR cd $TMPDIR # Set WireGuard interface name WG_IFACE="{{.WGInterfaceName}}" echo "=== Downloading binaries (outside namespace) ===" ``` -------------------------------- ### Get Pod with Full Details Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Retrieve a pod's complete configuration and status in YAML format. This provides comprehensive information for debugging. ```bash # Get pod with full details kubectl get pod my-pod -o yaml ``` -------------------------------- ### Heredoc Script Transmission Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx This example shows how a generated script is wrapped in a heredoc for transmission, then extracted, made executable, and finally executed by the SLURM plugin. ```bash cat <<'EOFMESH' > $TMPDIR/mesh.sh EOFMESH chmod +x $TMPDIR/mesh.sh $TMPDIR/mesh.sh ``` -------------------------------- ### Check Wstunnel Deployment Details Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/10-wstunnel-configuration.mdx Describe the details of a wstunnel deployment, including its status, replicas, and associated pods. This is useful for understanding the deployment's health. ```bash # Check wstunnel deployment kubectl describe deployment my-pod-wstunnel ``` -------------------------------- ### Mounting Custom Mesh Script Template Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Illustrates how to mount a custom mesh script template into the Virtual Kubelet container using extra volumes and volume mounts. ```yaml extraVolumes: - name: mesh-template configMap: name: custom-mesh-template extraVolumeMounts: - name: mesh-template mountPath: /etc/custom readOnly: true ``` -------------------------------- ### Retrieve Pod Annotations for Configuration Source: https://github.com/interlink-hq/interlink/blob/main/docs/docs/guides/13-mesh-network-configuration.mdx Use kubectl to get pod details and inspect annotations, which may contain generated configuration for mesh networking. ```bash kubectl get pod -o yaml | grep -A 50 annotations ```