Description
Dear Kathara Team,
I'm trying to set up a Kathara Lab that emulates a small SCION topology, where each SCION AS has an IP endhost that communicates with each other over SCION using the SCION IP gateway.
With the recent changes to the standard SCION image, by changing the permission of the container and adding the tunnel device to the container:
# Adjust scion-ip-gateway.service for compatibility with docker environment
RUN sed -i 's/^User=scion/User=root/' /usr/lib/systemd/system/scion-ip-gateway.service && \
sed -i 's/^Group=scion/Group=root/' /usr/lib/systemd/system/scion-ip-gateway.service && \
sed -i '/^AmbientCapabilities=cap_net_admin/d' /usr/lib/systemd/system/scion-ip-gateway.service && \
sed -i '/^\[Service\]/a ExecStartPre=\/bin\/bash -c '"'"'mkdir -p /dev/net; mknod /dev/net/tun c 10 200; chmod 600 /dev/net/tun'"'"'' /usr/lib/systemd/system/scion-ip-gateway.service
The SIG, and therefore the Lab, works fine on Docker. But as soon as you try to run the lab in Megalos (Kubernetes), the communication between the IP end hosts (e.g. pinging) does not work anymore.
I'm new to Kubernetes and hope you can help me find out why Megalos currently doesn't support this and how it could be fixed. At the moment, I think this issue is related to the fact that we need to change the way we set up the tunnel on Kubernetes due to the different networking in Kubernetes. Do you have ideas what we need to change ?
Thank you in advance for your reply!