Explore sandbox

.gitignore

@@ -0,0 +1,2 @@
+.DS_Store
+.$*

install-guide/ExploreSandbox-diagrams/ManagementCluster.drawio

@@ -0,0 +1 @@
+<mxfile host="Electron" modified="2023-06-22T12:25:49.107Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/19.0.2 Chrome/102.0.5005.63 Electron/19.0.3 Safari/537.36" etag="7d2UnTW6SoqoplCtlcv-" version="19.0.2" type="device"><diagram id="Z_jt6JilWowGq1wf4Nej" name="Page-1">7Vtdc6M2FP01nmkfktEHAvHoOLtp2mTHM2k36SMG2dYYIxfk2O6vrwBhAyJdr2MWh1nnAXT1AZxzdHUvIgM8Wm7vYm81fxQBCwcIBNsBvh0gBIlF1SG17LQFQDu3zGIeaNvB8MT/ZUVDbV3zgCWVhlKIUPJV1eiLKGK+rNi8OBabarOpCKtXXXkzZhiefC80rc88kPPcijC2DxW/MT6bF5e2iZXXLL2itX6UZO4FYlMy4U8DPIqFkPnZcjtiYQpfAUze7/Mbtfs7i1kkj+mAkuH9/A48v9An+fuSgo2M0JUe5dUL1/qJB8gO1Xg3U6GGVXctdxoL+5+1KCqukoypoWqA4ErRfXOoV2ez9Pj1sRhK3VM+Wl6h4dgPjGKxjgKW3iZQ1Zs5l+xp5flp7UbpStnmchmqElSnryyWXBE0DPksUjYp0gZTHoYjEYo4GxEHHqNTX9kTGYsFK9XYPmWT6f4uyvAVWKgLsG3JpOG8Y2LJZLxTTXSthTW1Wt12Ud4cpAKRrY3zkkxIoW9P63O2H/zAoDrRJH4Hocgg9Fb4Cxa/D/SUPj050dEkTKdT5DeSENgTm9jnIcGxaiRQkwQXN3BgWW1xgA0OHr1IOYoly6bUKFwnMmUE/LLgUfBrF9RQnzVTM6HEIuA81FBQpcZpmB+UNFCDnbaoKeZdiZsbL2HZCrJciUg9bJKOESXSC0PFAQLrhEczdfxj/GcGiL9QVCZdkEbSP927ZM9/jc4u+52JzJqzc5vIBA1kQtIWmZY5z5iiTZke3rnI1PmpLy+E0cBqQpyiCT4b4jXP5jpNy0sD4nZbgBMD8JF6GmXJ/duZF5lOQHcdcmGg2wbodwpGrwMH9GMYgBDQ0yiAoC0OHFP4+0V8NBzf90D4EF2cu6ENa7WKZaPg6n48fOwD5vtA52Iwd9/E/OvD8EsfMCfg0jCHZhb+tGI+n3L/Z2D67RWb1LKMhgSQWE3LBW6NUDMLH4vYn/dg+rg2qqBNkXPc7HFwW2Cb6fZIRFM+S3aR3wPEIXCtS4PczLy+sNWcizQcUpjFQrmo+MyuqKOoCNmXBr6Zhe3Bf2aTv3oRjGJCLwz24mIl2IMW3qx2ArdVC0NteiTalt0W2mZIlL4r7SHWDnG7xtqMVhbrCfNl2EO4KeocbjNeWaxkH6F2O/ciZpziR7yHULt251CbUYmBM4uCYbonr0p+6CUJz3egvFia5hLiVXrq+LMtly+6ZXr+d9rumujS7VZ3ywq7oqBC1N1LuZD3ggAVhkPHrFT0zO72M0+x0bVBtaRvDZKicdmQjTVmMVeYs1h3elMOiVjHPjsiJFGXmTH5fw3zdiyofOxgqqucMTftWmtbzEJP8ldWudsmRekrjAXPNj6LFBLVxFt/bZs/uO510KU5UN3h1HeacmCMgTKB7x/7HZo3X813qXl0ouiR9aFEX3wG9C3R44sSvUVrYZ8Dr8lpsnfcmuzr86dt2Zu7IR/A1V+BawBgVfr4Qwkf9UL41MKnCp/C2lAY1YdqW/rmltQHkH7N4X8sd4+PVH2hjQuVvYvOJHpjoJYlj803MWORyFncyVbTjTNybuzWXz9C6FRAh6DYZSgnWACZ8mnvo0LztcFMrki6AfjAo/VWHR9FsFZUtJneMqgSXKcJf5WCYu9c6W3tWzMIGvb0IG2Yva3t0eLO8ts3vLhD2nXjp6QYP8LNw4ty88Ste+cTc9n6x34QnC2qV8XDfxnkzQ//rYE//Qc=</diagram></mxfile>

install-guide/ExploreSandbox-diagrams/SandboxRepos.drawio

@@ -0,0 +1 @@
+<mxfile host="Electron" modified="2023-06-20T15:18:03.817Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/19.0.2 Chrome/102.0.5005.63 Electron/19.0.3 Safari/537.36" etag="9WKiv_G2cQgEP6DeYDo7" version="19.0.2" type="device"><diagram id="66tKOTB7JbLviRE-6tKT" name="Page-1">7Vhdc9soFP01nuk+NCOBvvyYOB/NzGabaR6afcQSlphg4SIc2/31e5FAloSycVMn6XT6ZLjABc45l3vlCZ4tt1eSrIobkVE+QV62neDzCUJ+gGL40ZadsXh+1FhyyTJj2xvu2HdqJxrrmmW06k1UQnDFVn1jKsqSpqpnI1KKTX/aQvD+riuSU8dwlxLuWr+yTBWNFWEc7Qc+UZYXdusoDJqRJbGzzVWqgmRi0zHhiwmeSSFU01puZ5Rr+CwwzbrLJ0bbk0laqkMW3J/xXXBxfbt4vKTy4vrKjxT6iBsvj4SvzY1vSAl3WmqnyJvxdaWohNaHB1Zmf5mbqJ3FR4p1mVG9gzfBZ5uCKXq3Iqke3YAkwFaoJYeeD82FKJWhGOn+I5WKAdannOUlGJXQCxaM85ngQtY74EWS0jQFe6WkeKCdkXkSBqHe1twBvNHtk+D4LeSgViqWVMkdTDELIis4K9TQ9Dd71uOpsRUdwrGllxil5a3vPRfQMHT8ADWxQ80VoEvegYIspEkWjFGQoDmOouNQMA37FCDPpaB9F7oUoPC1KPCRw8GtkGlxXA7eBe1WzBbtOHbQ9tEI2jF+LbDdt2gmygXLq12Z/gaI+yjqQ45jV+BvDHngQP4PXRVM6KcfMJOCcyqr3wD8CA/kjt4bezR1sJ+giCuDWA/w6Nta2IGPVY3lKUzww9W2hseOQys3v7WjuTXc5Evt8U6RnJU5tL7QlWhnyeE6uFC79LpkihF9nTmUKkAS8Iu8r0I+cEGyXo2Q1uG6lkQxUf6v9+aG1jxQFxRKK91MdxxqDirx8xqbN4L8e94aSPqQ1zL9vFbghhp7A955PKJDQpPFaJ0RpQmdL46U5OKBDoMRHcYjOpy+Vo6zgfGWOuyqr6s1VzPnu5IsWfpHcUdTHB6pbEcVl7ya4tyqymGEltmp/nzTpHBSVazBiUjlmjus9BNTJ/P4IfTplql7M1O3/9XzTuzI+dYsqzs724EsuLvvdppVKLT9/bq6ZxfWh71k3B4NbmTP0g4bw7QZ7kxu8KCZ83E6YB0wE2uZ0gNyPOyXU/VssevqqKOTcEQm1iYphyh87B94TDtmh1vB6telrY6G5f9Qf81NzbLud+7QE/YGnvDAUwOF46kWc3vxn9C3W8h+0amzLmOHT9QZPDh1Sn46AAQ4Gqrf2H5Y+t5LpO/3pf9y5ScD4SeO8GtPt1QyIIFK45CTOeVn7ftqH8pS6Ef2qLGCD4wV7E3eMVbiaChw9LJQSfxhzEUncfi2weJ+gvy6yeCn3vSnMkkQBs8E1GhQHFP26EDZx7+U6qPoZKDVg3U/yBDYC3VCP47uobv/U7eZvv9zHF/8Bw==</diagram></mxfile>

install-guide/ExploreSandbox.md

@@ -0,0 +1,186 @@
+Exploring the Nephio Sandbox
+============================
+
+You've installed the Nephio sandbox on your VM
+[using the installation instructions](https://github.com/nephio-project/test-infra/blob/main/e2e/provision/README.md). The installation has done a really good job of installing a pretty complex software stack without any fuss. Let's take a look around.
+
+![Software installed by the Nephio Sandbox installation](ExploreSandbox-diagrams/ManagementCLuster.png)
+
+# Components installed on the VM itself
+
+The following components are installed on the VM itself. These components are installed directly on the VM by the ansible install scripts.
+
+| Component | Purpose                                                                                  |
+| --------- | ---------------------------------------------------------------------------------------- |
+| docker    | Docker is used to host kubernetes clusters created by kind                               |
+| kind      | Used to create clusters in docker                                                        |
+| kubectl   | Used to control clusters created by kind                                                 |
+| kpt       | Used to install packages (software and metadata) on k8s clusters                         |
+| cni       | Used to implement the k8s network model for the kind clusters                            |
+| gtp5g     | A linux module that supports the 3GPP GPRS tunnelling protocol (required by free5gc NFs) |
+
+The ansible install scripts use kind to create the management cluster. Once the kind cluster is created, the install uses kpt packages to install the remainder of the software.
+
+# Components installed on the kind management cluster
+
+Everything is installed on the management kind cluster by ansible scripts using kpt packages.
+
+The install unpacks each kpt package in the */tmp* directory. It then applies kpt functions to the packages, and applies the packages to the kind management cluster. This is important because we can check the status of the kpt packages in the cluster using the *kpt live status* command on the unpacked packages in the */tmp* directory.
+
+The rendered kpt packages containing components are unpacked in the */tmp/kpt-pkg* directory. The rendered kpt packages that create the *mgmt* and *mgmt-staging* repos are unpacked in the */tmp/repository* directory and the rendered kpt package containing the rootsync configuration for the *mgmt* repository is unpacked in the */tmp/rootsync* directory. You can examine the contents of any rendered kpt packager by examining the contents of these directories.
+
+```
+/tmp/kpt-pkg/                           /tmp/repository     /tmp/rootsync/
+├── cert-manager                        ├── mgmt            └── mgmt
+├── cluster-capi                        └── mgmt-staging
+├── cluster-capi-infrastructure-docker
+├── cluster-capi-kind-docker-templates
+├── configsync
+├── gitea
+├── metallb
+├── metallb-sandbox-config
+├── nephio-controllers
+├── nephio-stock-repos
+├── nephio-webui
+├── porch-dev
+└── resource-backend
+
+```
+<details>
+ <summary>You can check the status of an applied kpt package using a "kpt live status package_dir" command.</summary>
+
+```
+kpt live status /tmp/kpt-pkg/nephio-controllers/
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-approval-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-bootstrap-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-controller-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-network-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-porch-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-repository-role is Current: Resource is current
+inventory-38069595/clusterrole.rbac.authorization.k8s.io//nephio-controller-token-role is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-approval-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-bootstrap-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-controller-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-network-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-porch-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-repository-role-binding is Current: Resource is current
+inventory-38069595/clusterrolebinding.rbac.authorization.k8s.io//nephio-controller-token-role-binding is Current: Resource is current
+inventory-38069595/deployment.apps/nephio-system/nephio-controller is Current: Deployment is available. Replicas: 1
+inventory-38069595/deployment.apps/nephio-system/token-controller is Current: Deployment is available. Replicas: 1
+inventory-38069595/role.rbac.authorization.k8s.io/nephio-system/nephio-controller-leader-election-role is Current: Resource is current
+inventory-38069595/rolebinding.rbac.authorization.k8s.io/nephio-system/nephio-controller-leader-election-role-binding is Current: Resource is current
+inventory-38069595/serviceaccount/nephio-system/nephio-controller is Current: Resource is current
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//networks.config.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//clustercontexts.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//networkconfigs.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//networks.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//repositories.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//tokens.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//workloadclusters.infra.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//capacities.req.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//datanetworknames.req.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//datanetworks.req.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//interfaces.req.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//amfdeployments.workload.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//smfdeployments.workload.nephio.org is Current: CRD is established
+inventory-38069595/customresourcedefinition.apiextensions.k8s.io//upfdeployments.workload.nephio.org is Current: CRD is established
+inventory-38069595/namespace//nephio-system is Current: Resource is current
+```
+</details>
+
+## Base Components
+
+The following base components are installed on the kind management cluster. Base components are the infrastructure components that are needed for the Nephio sandbox, which Nephio uses out of the box. In real-world installations, alternative components that provide the same functionality may be used.
+
+| Component    | Purpose                                                            |
+| ------------ | -------------------------------------------------------------------|
+| Metal LB     | Load balances requests to the cluster                              |
+| Cert Manager | Used for certificate management                                    |
+| Gitea        | Used to allow creation and management of local git repos by Nephio |
+| Postgres     | Used by Gitea to store repositories                                |
+| Cluster CAPI | Used deploy kind workload clusters                                 |
+| IPAM         | A reference backend system to allocate and manage IP addresses     |
+| VLAN         | A reference backend system used to allocate and manage VLANs       |
+
+## Specific Components
+
+The following specific components are installed on the kind management cluster. Specific components are Nephio components and components from
+[Google Container Tools](https://github.com/GoogleContainerTools) that Nephio uses heavily and interacts closely with.
+
+| Component          | Purpose                                                                                                                                                           |
+| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Porch              | Google Container Tools Package Orchestration Server, provides an API that is used by Nephio to work with packages in git repos                                    |
+| Configsync         | Google Container Tools configuration synchronization, used by Nephio to deploy configurations from repos on the management cluster out to workload clusters       |
+| Nephio Controllers | The Nephio controllers, which implement the Nephio functionality to fetch, manipulate, and deploy NFs                                                             |
+| Nephio WebUI       | The Nephio web client                                                                                                                                             |
+
+# Some useful commands
+
+<details>
+<summary>
+You can query docker to see the docker images running kind clusters:
+</summary>
+
+```console
+$ docker ps
+CONTAINER ID   IMAGE                  COMMAND                  CREATED      STATUS      PORTS                       NAMES
+350b4a7e29f8   kindest/node:v1.27.1   "/usr/local/bin/entr…"   4 days ago   Up 4 days   127.0.0.1:44695->6443/tcp   kind-control-plane
+```
+</details>
+
+<details>
+<summary>Querying kind clusters running after the install produces output similar to:</summary>
+
+```
+$ kind get clusters
+kind
+```
+</details>
+
+<details>
+<summary>Querying the k8s pods running after the install produces output similar to:</summary>
+
+```
+$ kubectl get pods -A --field-selector=metadata.namespace!=kube-system
+NAMESPACE                           NAME                                                            READY   STATUS    RESTARTS       AGE
+backend-system                      resource-backend-controller-6c7cc59945-sv59w                    2/2     Running   6 (105m ago)   41h
+capd-system                         capd-controller-manager-c479754b7-dwmps                         1/1     Running   6 (105m ago)   41h
+capi-kubeadm-bootstrap-system       capi-kubeadm-bootstrap-controller-manager-bcdfbf4c5-8xnz6       1/1     Running   6 (105m ago)   41h
+capi-kubeadm-control-plane-system   capi-kubeadm-control-plane-controller-manager-b9485b857-7hr6x   1/1     Running   0              41h
+capi-system                         capi-controller-manager-9d9548dc8-cs6dv                         1/1     Running   6 (105m ago)   41h
+cert-manager                        cert-manager-7476c8fcf4-ctfbp                                   1/1     Running   0              41h
+cert-manager                        cert-manager-cainjector-bdd866bd4-vlgx2                         1/1     Running   0              41h
+cert-manager                        cert-manager-webhook-5655dcfb4b-k5p2z                           1/1     Running   0              41h
+config-management-monitoring        otel-collector-798c8784bd-79bd8                                 1/1     Running   0              41h
+config-management-system            config-management-operator-6946b77565-s8sm7                     1/1     Running   0              41h
+config-management-system            reconciler-manager-5b5d8557-prsfm                               2/2     Running   0              41h
+config-management-system            root-reconciler-mgmt-6fdf94dfd4-6cngg                           4/4     Running   0              40h
+gitea                               gitea-0                                                         1/1     Running   0              41h
+gitea                               gitea-memcached-6777864fbd-q7c78                                1/1     Running   0              41h
+gitea                               gitea-postgresql-0                                              1/1     Running   0              41h
+local-path-storage                  local-path-provisioner-6bc4bddd6b-zl78t                         1/1     Running   0              41h
+metallb-system                      controller-7948676b95-l554z                                     1/1     Running   0              41h
+metallb-system                      speaker-v6lml                                                   1/1     Running   0              41h
+nephio-system                       nephio-controller-76db4b45b7-g44w6                              2/2     Running   0              41h
+nephio-system                       token-controller-75c98bd77-7kl4k                                2/2     Running   0              41h
+nephio-webui                        nephio-webui-7df7bb7c45-9xmcx                                   1/1     Running   0              41h
+porch-system                        function-runner-5d4f65476d-hjn6v                                1/1     Running   0              41h
+porch-system                        function-runner-5d4f65476d-jvlm7                                1/1     Running   0              41h
+porch-system                        porch-controllers-646dfb5f6-lxthk                               1/1     Running   0              41h
+porch-system                        porch-server-69445b4d58-mkqqt                                   1/1     Running   28 (41m ago)   41h
+resource-group-system               resource-group-controller-manager-6c9d56d88-njjr6               3/3     Running   6 (105m ago)   41h
+```
+</details>
+
+<details>
+<summary>Querying the repositories that exist after the install produces output similar to:</summary>
+
+```
+$ kubectl get repositories
+NAME                      TYPE   CONTENT   DEPLOYMENT   READY   ADDRESS
+free5gc-packages          git    Package   false        True    https://github.com/nephio-project/free5gc-packages.git
+mgmt                      git    Package   true         True    http://172.18.0.200:3000/nephio/mgmt.git
+mgmt-staging              git    Package   false        True    http://172.18.0.200:3000/nephio/mgmt-staging.git
+nephio-example-packages   git    Package   false        True    https://github.com/nephio-project/nephio-example-packages.git
+```
+</details>