From 78efaa516a4e59c89536a0eab8692904c8ac6cdc Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Wed, 29 Jun 2022 15:50:40 +0700
Subject: [PATCH 01/11] Add nsm example with consul-k8s

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/nsm_consul/.gitignore                |  2 +
 examples/nsm_consul/README.md                 | 75 ++++++++++++++++++
 examples/nsm_consul/client/client.yaml        | 16 ++++
 examples/nsm_consul/helm-consul-values.yaml   | 10 +++
 examples/nsm_consul/kind-cluster-config.yaml  |  6 ++
 examples/nsm_consul/networkservice.yaml       | 18 +++++
 .../nse-auto-scale/iptables-map.yaml          |  1 +
 .../nse-auto-scale/kustomization.yaml         | 20 +++++
 .../nse-auto-scale/patch-supplier.yaml        | 32 ++++++++
 .../nse-auto-scale/pod-template.yaml          | 76 +++++++++++++++++++
 examples/nsm_consul/server/static-server.yaml | 49 ++++++++++++
 examples/nsm_consul/service.yaml              | 17 +++++
 .../nsm_istio/nse-auto-scale/iptables-map     |  9 +++
 .../nse-auto-scale/kustomization.yaml         |  3 +
 .../nse-auto-scale/pod-template.yaml          |  9 ++-
 15 files changed, 342 insertions(+), 1 deletion(-)
 create mode 100644 examples/nsm_consul/.gitignore
 create mode 100644 examples/nsm_consul/README.md
 create mode 100644 examples/nsm_consul/client/client.yaml
 create mode 100644 examples/nsm_consul/helm-consul-values.yaml
 create mode 100644 examples/nsm_consul/kind-cluster-config.yaml
 create mode 100644 examples/nsm_consul/networkservice.yaml
 create mode 100644 examples/nsm_consul/nse-auto-scale/iptables-map.yaml
 create mode 100644 examples/nsm_consul/nse-auto-scale/kustomization.yaml
 create mode 100644 examples/nsm_consul/nse-auto-scale/patch-supplier.yaml
 create mode 100644 examples/nsm_consul/nse-auto-scale/pod-template.yaml
 create mode 100644 examples/nsm_consul/server/static-server.yaml
 create mode 100644 examples/nsm_consul/service.yaml
 create mode 100644 examples/nsm_istio/nse-auto-scale/iptables-map

diff --git a/examples/nsm_consul/.gitignore b/examples/nsm_consul/.gitignore
new file mode 100644
index 000000000000..bc946ca4e91d
--- /dev/null
+++ b/examples/nsm_consul/.gitignore
@@ -0,0 +1,2 @@
+!**/kustomization.yaml
+!**/patch-*.yaml
\ No newline at end of file
diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
new file mode 100644
index 000000000000..53e1940a89af
--- /dev/null
+++ b/examples/nsm_consul/README.md
@@ -0,0 +1,75 @@
+# NSM + Consul interdomain example over kind clusters
+
+This example show how Consul can be used over nsm 
+
+
+## Requires
+
+- [Load balancer](../nsm_istio/loadbalancer)
+- [Interdomain DNS](../nsm_istio/dns)
+- [Interdomain spire](../nsm_istio/spire)
+- [Interdomain nsm](../nsm_istio/nsm)
+
+
+## Run
+
+Install Consul
+```bash
+brew tap hashicorp/tap
+brew install hashicorp/tap/consul-k8s
+```
+
+Install Consul for the second cluster:
+```bash
+consul-k8s install -config-file=https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/helm-consul-values.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a -set global.image=hashicorp/consul:1.12.0 --kubeconfig=$KUBECONFIG2
+```
+
+### Verify NSM+CONSUL
+
+Install networkservice for the second cluster::
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/networkservice.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+```
+
+Start `alpine` networkservicemesh client for the first cluster:
+
+```bash
+kubectl --kubeconfig=$KUBECONFIG1 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/client/client.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+```
+
+Create kubernetes service for the networkservicemesh endpoint:
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/service.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+```
+
+Start `auto-scale` networkservicemesh endpoint:
+```bash
+
+kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/nse-auto-scale?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+```
+
+Install `static-server` Consul workload on the second cluster:
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/server/static-server.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a  
+```
+
+Verify connection from networkservicemesh client to consul server:
+```bash
+kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- apk add curl
+kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- curl 172.16.1.2:8080
+```
+
+You should see "hello world" answer.
+
+## Cleanup
+
+
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 delete deployment static-server
+kubectl --kubeconfig=$KUBECONFIG2 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/nse-auto-scale?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+kubectl --kubeconfig=$KUBECONFIG1 delete -f client/client.yaml
+kubectl --kubeconfig=$KUBECONFIG2 delete -f networkservice.yaml
+consul-k8s uninstall --kubeconfig=$KUBECONFIG2 -auto-approve=true -wipe-data=true
+kubectl --kubeconfig=$KUBECONFIG2 delete pods --all
+kind delete clusters cluster-1 cluster-2
+```
diff --git a/examples/nsm_consul/client/client.yaml b/examples/nsm_consul/client/client.yaml
new file mode 100644
index 000000000000..06723b6a6093
--- /dev/null
+++ b/examples/nsm_consul/client/client.yaml
@@ -0,0 +1,16 @@
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: alpine-nsc
+  labels:
+    app: alpine-nsc
+  annotations:
+    networkservicemesh.io: kernel://autoscale-consul-proxy@my.cluster2/nsm-1?app=alpine-nsc
+spec:
+  containers:
+  - name: alpine-nsc
+    image: alpine:3.15.0
+    imagePullPolicy: IfNotPresent
+    stdin: true
+    tty: true
diff --git a/examples/nsm_consul/helm-consul-values.yaml b/examples/nsm_consul/helm-consul-values.yaml
new file mode 100644
index 000000000000..b0b8be1b6db3
--- /dev/null
+++ b/examples/nsm_consul/helm-consul-values.yaml
@@ -0,0 +1,10 @@
+---
+global:
+  name: consul
+  datacenter: dc1
+server:
+  replicas: 1
+connectInject:
+  enabled: true
+  transparentProxy:
+    defaultEnabled: false
diff --git a/examples/nsm_consul/kind-cluster-config.yaml b/examples/nsm_consul/kind-cluster-config.yaml
new file mode 100644
index 000000000000..f57c67e5b02b
--- /dev/null
+++ b/examples/nsm_consul/kind-cluster-config.yaml
@@ -0,0 +1,6 @@
+---
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+nodes:
+  - role: control-plane
+  - role: worker
diff --git a/examples/nsm_consul/networkservice.yaml b/examples/nsm_consul/networkservice.yaml
new file mode 100644
index 000000000000..72f6d769eb30
--- /dev/null
+++ b/examples/nsm_consul/networkservice.yaml
@@ -0,0 +1,18 @@
+---
+apiVersion: networkservicemesh.io/v1
+kind: NetworkService
+metadata:
+  name: autoscale-consul-proxy
+  namespace: nsm-system
+spec:
+  payload: IP
+  matches:
+    - source_selector:
+      fallthrough: true
+      routes:
+        - destination_selector:
+            podName: "{{ .podName }}"
+    - source_selector:
+      routes:
+        - destination_selector:
+            any: "true"
diff --git a/examples/nsm_consul/nse-auto-scale/iptables-map.yaml b/examples/nsm_consul/nse-auto-scale/iptables-map.yaml
new file mode 100644
index 000000000000..f596088c29fe
--- /dev/null
+++ b/examples/nsm_consul/nse-auto-scale/iptables-map.yaml
@@ -0,0 +1 @@
+- -I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j DNAT --to-destination 127.0.0.1
\ No newline at end of file
diff --git a/examples/nsm_consul/nse-auto-scale/kustomization.yaml b/examples/nsm_consul/nse-auto-scale/kustomization.yaml
new file mode 100644
index 000000000000..9e53ffb53398
--- /dev/null
+++ b/examples/nsm_consul/nse-auto-scale/kustomization.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+bases:
+- https://github.com/networkservicemesh/deployments-k8s/apps/nse-supplier-k8s?ref=b4bddacfa45fafb7c15a769a1fc0f319e63d6a8d
+
+patchesStrategicMerge:
+- patch-supplier.yaml
+
+configMapGenerator:
+  - name: supplier-pod-template-configmap
+    files:
+      - pod-template.yaml
+  - name: iptables-map.yaml
+    files:
+      - iptables-map.yaml
+
+generatorOptions:
+  disableNameSuffixHash: true
diff --git a/examples/nsm_consul/nse-auto-scale/patch-supplier.yaml b/examples/nsm_consul/nse-auto-scale/patch-supplier.yaml
new file mode 100644
index 000000000000..eab4bae2a9bf
--- /dev/null
+++ b/examples/nsm_consul/nse-auto-scale/patch-supplier.yaml
@@ -0,0 +1,32 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nse-supplier-k8s
+spec:
+  template:
+    metadata:
+      annotations:
+        'consul.hashicorp.com/connect-inject': 'false'
+    spec:
+      containers:
+        - name: nse-supplier
+          env:
+            - name: NSM_SERVICE_NAME
+              value: autoscale-consul-proxy
+            - name: NSM_LABELS
+              value: any:true
+            - name: NSM_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: NSM_POD_DESCRIPTION_FILE
+              value: /run/supplier/pod-template.yaml
+          volumeMounts:
+            - name: pod-file
+              mountPath: /run/supplier
+              readOnly: true
+      volumes:
+        - name: pod-file
+          configMap:
+            name: supplier-pod-template-configmap
diff --git a/examples/nsm_consul/nse-auto-scale/pod-template.yaml b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
new file mode 100644
index 000000000000..e4f2ac46de00
--- /dev/null
+++ b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
@@ -0,0 +1,76 @@
+---
+apiVersion: apps/v1
+kind: Pod
+metadata:
+  name: proxy-{{ index .Labels "podName" }}
+  labels:
+    app: proxy-{{ index .Labels "podName" }}
+    "spiffe.io/spiffe-id": "true"
+  annotations:
+    'consul.hashicorp.com/connect-inject': 'true'
+    'consul.hashicorp.com/connect-service-upstreams': 'static-server:8080'
+spec:
+  restartPolicy: Never
+  containers:
+    - name: nse
+      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:32fbf26
+      imagePullPolicy: IfNotPresent
+      securityContext:
+        privileged: true
+      env:
+        - name: SPIFFE_ENDPOINT_SOCKET
+          value: unix:///run/spire/sockets/agent.sock
+        - name: NSM_NAME
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.name
+        - name: POD_NAME
+          value: {{ index .Labels "podName" }}
+        - name: NSM_CONNECT_TO
+          value: unix:///var/lib/networkservicemesh/nsm.io.sock
+        - name: NSM_CIDR_PREFIX
+          value: 172.16.1.2/31
+        - name: NSM_SERVICE_NAMES
+          value: autoscale-consul-proxy
+        - name: NSM_LABELS
+          value: app:{{ index .Labels "app" }}
+        - name: NSM_IDLE_TIMEOUT
+          value: 240s
+        - name: NSM_LOG_LEVEL
+          value: TRACE
+        - name: NSM_RULES_CONFIG
+          value: iptables-map.yaml
+      volumeMounts:
+        - name: spire-agent-socket
+          mountPath: /run/spire/sockets
+          readOnly: true
+        - name: nsm-socket
+          mountPath: /var/lib/networkservicemesh
+          readOnly: true
+        - name: iptables-config-map
+          mountPath: /iptables-map.yaml
+      resources:
+        limits:
+          memory: 40Mi
+          cpu: 150m
+    - name: proxy-alpine-nsc
+      image: hashicorp/http-echo:latest
+      args:
+        - -text="hello world from nse"
+        - -listen=:9090
+      ports:
+        - containerPort: 9090
+          name: http
+  serviceAccountName: proxy-alpine-nsc
+  volumes:
+    - name: spire-agent-socket
+      hostPath:
+        path: /run/spire/sockets
+        type: Directory
+    - name: nsm-socket
+      hostPath:
+        path: /var/lib/networkservicemesh
+        type: DirectoryOrCreate
+    - name: iptables-config-map
+      configMap:
+        name: iptables-map.yaml
diff --git a/examples/nsm_consul/server/static-server.yaml b/examples/nsm_consul/server/static-server.yaml
new file mode 100644
index 000000000000..861d04e7b44b
--- /dev/null
+++ b/examples/nsm_consul/server/static-server.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  # This name will be the service name in Consul.
+  name: static-server
+spec:
+  selector:
+    app: static-server
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: static-server
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: static-server
+  namespace: nsm-consul
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: static-server
+  template:
+    metadata:
+      name: static-server
+      labels:
+        app: static-server
+      annotations:
+        'consul.hashicorp.com/connect-inject': 'true'
+        'consul.hashicorp.com/connect-service-upstreams': 'proxy-alpine-nsc:9090'
+    spec:
+      containers:
+        - name: static-server
+          image: hashicorp/http-echo:latest
+          args:
+            - -text="hello world"
+            - -listen=:8080
+          ports:
+            - containerPort: 8080
+              name: http
+      # If ACLs are enabled, the serviceAccountName must match the Consul service name.
+      serviceAccountName: static-server
diff --git a/examples/nsm_consul/service.yaml b/examples/nsm_consul/service.yaml
new file mode 100644
index 000000000000..51d89d1d3c7e
--- /dev/null
+++ b/examples/nsm_consul/service.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: proxy-alpine-nsc
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: proxy-alpine-nsc
+spec:
+  selector:
+    app: proxy-alpine-nsc
+  ports:
+    - protocol: TCP
+      port: 9090
+      targetPort: 9090
diff --git a/examples/nsm_istio/nse-auto-scale/iptables-map b/examples/nsm_istio/nse-auto-scale/iptables-map
new file mode 100644
index 000000000000..3951201dbfc7
--- /dev/null
+++ b/examples/nsm_istio/nse-auto-scale/iptables-map
@@ -0,0 +1,9 @@
+-N NSM_PREROUTE,
+-A NSM_PREROUTE -j ISTIO_REDIRECT,
+-I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j NSM_PREROUTE,
+-N NSM_OUTPUT,
+-A NSM_OUTPUT -j DNAT --to-destination {{ index .NsmSrcIPs 0 }},
+-A OUTPUT -p tcp -s 127.0.0.6 -j NSM_OUTPUT,
+-N NSM_POSTROUTING,
+-A NSM_POSTROUTING -j SNAT --to-source {{ index .NsmDstIPs 0 }},
+-A POSTROUTING -p tcp -o {{ .NsmInterfaceName }} -j NSM_POSTROUTING
\ No newline at end of file
diff --git a/examples/nsm_istio/nse-auto-scale/kustomization.yaml b/examples/nsm_istio/nse-auto-scale/kustomization.yaml
index a5ef0131ae4e..a37a4afed1d8 100644
--- a/examples/nsm_istio/nse-auto-scale/kustomization.yaml
+++ b/examples/nsm_istio/nse-auto-scale/kustomization.yaml
@@ -12,6 +12,9 @@ configMapGenerator:
   - name: supplier-pod-template-configmap
     files:
       - pod-template.yaml
+  - name: iptables-map
+    files:
+      - iptables-map.yaml.yaml
 
 generatorOptions:
   disableNameSuffixHash: true
diff --git a/examples/nsm_istio/nse-auto-scale/pod-template.yaml b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
index 63ade4e9e55d..49f229164df4 100644
--- a/examples/nsm_istio/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
@@ -11,7 +11,7 @@ spec:
   restartPolicy: Never
   containers:
     - name: nse
-      image: ghcr.io/networkservicemesh/ci/cmd-nse-istio-proxy:c26db55
+      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:32fbf26
       imagePullPolicy: IfNotPresent
       env:
         - name: SPIFFE_ENDPOINT_SOCKET
@@ -34,6 +34,8 @@ spec:
           value: 240s
         - name: NSM_LOG_LEVEL
           value: TRACE
+        - name: NSM_RULES_CONFIG_PATH
+          value: iptables-map.yaml/iptables-map.yaml.yaml
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets
@@ -41,6 +43,8 @@ spec:
         - name: nsm-socket
           mountPath: /var/lib/networkservicemesh
           readOnly: true
+        - name: iptables-config-map
+          mountPath: /iptables-map.yaml
       resources:
         limits:
           memory: 40Mi
@@ -54,3 +58,6 @@ spec:
       hostPath:
         path: /var/lib/networkservicemesh
         type: DirectoryOrCreate
+    - name: iptables-config-map
+      configMap:
+        name: iptables-map.yaml

From dc881c6e89c35545cba401719ba8222a69916a1a Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Wed, 29 Jun 2022 16:19:29 +0700
Subject: [PATCH 02/11] move basic interdomain installation from nsm_consul and
 nsm_istio examples to the example directory; replaced path to the absoluter
 references

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 .../dns/README.md                             |  0
 .../loadbalancer/README.md                    |  0
 examples/basic_interdomain/nsm/README.md      | 26 +++++++++++++++++++
 .../nsm/cluster1/kustomization.yaml           |  0
 .../nsm/cluster1/namespace.yaml               |  0
 .../nsm/cluster2/kustomization.yaml           |  0
 .../nsm/cluster2/namespace.yaml               |  0
 .../spire/README.md                           |  4 +--
 .../spire/cluster1/agent.conf                 |  0
 .../cluster1/k8s-workload-registrar.conf      |  0
 .../spire/cluster1/kustomization.yaml         |  0
 .../spire/cluster1/server.conf                |  0
 .../spire/cluster2/agent.conf                 |  0
 .../cluster2/k8s-workload-registrar.conf      |  0
 .../spire/cluster2/kustomization.yaml         |  0
 .../spire/cluster2/server.conf                |  0
 examples/nsm_consul/README.md                 | 14 +++++-----
 examples/nsm_istio/README.md                  |  8 +++---
 examples/nsm_istio/nsm/README.md              | 26 -------------------
 .../nsm/cluster1/patch-nsmgr-proxy.yaml       | 10 -------
 .../cluster1/patch-registry-proxy-dns.yaml    | 10 -------
 .../nsm/cluster1/patch-registry.yaml          | 10 -------
 .../nsm/cluster2/patch-nsmgr-proxy.yaml       | 10 -------
 .../cluster2/patch-registry-proxy-dns.yaml    | 10 -------
 .../nsm/cluster2/patch-registry.yaml          | 10 -------
 25 files changed, 38 insertions(+), 100 deletions(-)
 rename examples/{nsm_istio => basic_interdomain}/dns/README.md (100%)
 rename examples/{nsm_istio => basic_interdomain}/loadbalancer/README.md (100%)
 create mode 100644 examples/basic_interdomain/nsm/README.md
 rename examples/{nsm_istio => basic_interdomain}/nsm/cluster1/kustomization.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/nsm/cluster1/namespace.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/nsm/cluster2/kustomization.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/nsm/cluster2/namespace.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/README.md (78%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster1/agent.conf (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster1/k8s-workload-registrar.conf (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster1/kustomization.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster1/server.conf (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster2/agent.conf (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster2/k8s-workload-registrar.conf (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster2/kustomization.yaml (100%)
 rename examples/{nsm_istio => basic_interdomain}/spire/cluster2/server.conf (100%)
 delete mode 100644 examples/nsm_istio/nsm/README.md
 delete mode 100644 examples/nsm_istio/nsm/cluster1/patch-nsmgr-proxy.yaml
 delete mode 100644 examples/nsm_istio/nsm/cluster1/patch-registry-proxy-dns.yaml
 delete mode 100644 examples/nsm_istio/nsm/cluster1/patch-registry.yaml
 delete mode 100644 examples/nsm_istio/nsm/cluster2/patch-nsmgr-proxy.yaml
 delete mode 100644 examples/nsm_istio/nsm/cluster2/patch-registry-proxy-dns.yaml
 delete mode 100644 examples/nsm_istio/nsm/cluster2/patch-registry.yaml

diff --git a/examples/nsm_istio/dns/README.md b/examples/basic_interdomain/dns/README.md
similarity index 100%
rename from examples/nsm_istio/dns/README.md
rename to examples/basic_interdomain/dns/README.md
diff --git a/examples/nsm_istio/loadbalancer/README.md b/examples/basic_interdomain/loadbalancer/README.md
similarity index 100%
rename from examples/nsm_istio/loadbalancer/README.md
rename to examples/basic_interdomain/loadbalancer/README.md
diff --git a/examples/basic_interdomain/nsm/README.md b/examples/basic_interdomain/nsm/README.md
new file mode 100644
index 000000000000..7eeb626eaf9f
--- /dev/null
+++ b/examples/basic_interdomain/nsm/README.md
@@ -0,0 +1,26 @@
+# NSM interdomain setup
+
+
+This example simply show how can be deployed and configured two NSM on different clusters
+
+## Run
+
+Install NSM
+```bash
+kubectl --kubeconfig=$KUBECONFIG1 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+```
+
+## Cleanup
+
+Cleanup NSM
+```bash
+WH=$(kubectl --kubeconfig=$KUBECONFIG1 get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl --kubeconfig=$KUBECONFIG1 delete mutatingwebhookconfiguration ${WH}
+
+WH=$(kubectl --kubeconfig=$KUBECONFIG2 get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl --kubeconfig=$KUBECONFIG2 delete mutatingwebhookconfiguration ${WH}
+
+kubectl --kubeconfig=$KUBECONFIG1 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+```
\ No newline at end of file
diff --git a/examples/nsm_istio/nsm/cluster1/kustomization.yaml b/examples/basic_interdomain/nsm/cluster1/kustomization.yaml
similarity index 100%
rename from examples/nsm_istio/nsm/cluster1/kustomization.yaml
rename to examples/basic_interdomain/nsm/cluster1/kustomization.yaml
diff --git a/examples/nsm_istio/nsm/cluster1/namespace.yaml b/examples/basic_interdomain/nsm/cluster1/namespace.yaml
similarity index 100%
rename from examples/nsm_istio/nsm/cluster1/namespace.yaml
rename to examples/basic_interdomain/nsm/cluster1/namespace.yaml
diff --git a/examples/nsm_istio/nsm/cluster2/kustomization.yaml b/examples/basic_interdomain/nsm/cluster2/kustomization.yaml
similarity index 100%
rename from examples/nsm_istio/nsm/cluster2/kustomization.yaml
rename to examples/basic_interdomain/nsm/cluster2/kustomization.yaml
diff --git a/examples/nsm_istio/nsm/cluster2/namespace.yaml b/examples/basic_interdomain/nsm/cluster2/namespace.yaml
similarity index 100%
rename from examples/nsm_istio/nsm/cluster2/namespace.yaml
rename to examples/basic_interdomain/nsm/cluster2/namespace.yaml
diff --git a/examples/nsm_istio/spire/README.md b/examples/basic_interdomain/spire/README.md
similarity index 78%
rename from examples/nsm_istio/spire/README.md
rename to examples/basic_interdomain/spire/README.md
index ddee788ed03f..ac4b99e50bb2 100644
--- a/examples/nsm_istio/spire/README.md
+++ b/examples/basic_interdomain/spire/README.md
@@ -6,8 +6,8 @@ This example shows how to simply configure two spire servers from different clus
 
 Install spire
 ```bash
-kubectl --kubeconfig=$KUBECONFIG1 apply -k ./cluster1
-kubectl --kubeconfig=$KUBECONFIG2 apply -k ./cluster2
+kubectl --kubeconfig=$KUBECONFIG1 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/spire/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/spire/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
 ```
 
 Wait for spire ready
diff --git a/examples/nsm_istio/spire/cluster1/agent.conf b/examples/basic_interdomain/spire/cluster1/agent.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster1/agent.conf
rename to examples/basic_interdomain/spire/cluster1/agent.conf
diff --git a/examples/nsm_istio/spire/cluster1/k8s-workload-registrar.conf b/examples/basic_interdomain/spire/cluster1/k8s-workload-registrar.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster1/k8s-workload-registrar.conf
rename to examples/basic_interdomain/spire/cluster1/k8s-workload-registrar.conf
diff --git a/examples/nsm_istio/spire/cluster1/kustomization.yaml b/examples/basic_interdomain/spire/cluster1/kustomization.yaml
similarity index 100%
rename from examples/nsm_istio/spire/cluster1/kustomization.yaml
rename to examples/basic_interdomain/spire/cluster1/kustomization.yaml
diff --git a/examples/nsm_istio/spire/cluster1/server.conf b/examples/basic_interdomain/spire/cluster1/server.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster1/server.conf
rename to examples/basic_interdomain/spire/cluster1/server.conf
diff --git a/examples/nsm_istio/spire/cluster2/agent.conf b/examples/basic_interdomain/spire/cluster2/agent.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster2/agent.conf
rename to examples/basic_interdomain/spire/cluster2/agent.conf
diff --git a/examples/nsm_istio/spire/cluster2/k8s-workload-registrar.conf b/examples/basic_interdomain/spire/cluster2/k8s-workload-registrar.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster2/k8s-workload-registrar.conf
rename to examples/basic_interdomain/spire/cluster2/k8s-workload-registrar.conf
diff --git a/examples/nsm_istio/spire/cluster2/kustomization.yaml b/examples/basic_interdomain/spire/cluster2/kustomization.yaml
similarity index 100%
rename from examples/nsm_istio/spire/cluster2/kustomization.yaml
rename to examples/basic_interdomain/spire/cluster2/kustomization.yaml
diff --git a/examples/nsm_istio/spire/cluster2/server.conf b/examples/basic_interdomain/spire/cluster2/server.conf
similarity index 100%
rename from examples/nsm_istio/spire/cluster2/server.conf
rename to examples/basic_interdomain/spire/cluster2/server.conf
diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index 53e1940a89af..eb82125d09cc 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -5,10 +5,10 @@ This example show how Consul can be used over nsm
 
 ## Requires
 
-- [Load balancer](../nsm_istio/loadbalancer)
-- [Interdomain DNS](../nsm_istio/dns)
-- [Interdomain spire](../nsm_istio/spire)
-- [Interdomain nsm](../nsm_istio/nsm)
+- [Load balancer](../basic_interdomain/loadbalancer)
+- [Interdomain DNS](../basic_interdomain/dns)
+- [Interdomain spire](../basic_interdomain/spire)
+- [Interdomain nsm](../basic_interdomain/nsm)
 
 
 ## Run
@@ -67,9 +67,7 @@ You should see "hello world" answer.
 ```bash
 kubectl --kubeconfig=$KUBECONFIG2 delete deployment static-server
 kubectl --kubeconfig=$KUBECONFIG2 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/nse-auto-scale?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
-kubectl --kubeconfig=$KUBECONFIG1 delete -f client/client.yaml
-kubectl --kubeconfig=$KUBECONFIG2 delete -f networkservice.yaml
+kubectl --kubeconfig=$KUBECONFIG1 delete -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/client/client.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 delete -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/networkservice.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
 consul-k8s uninstall --kubeconfig=$KUBECONFIG2 -auto-approve=true -wipe-data=true
-kubectl --kubeconfig=$KUBECONFIG2 delete pods --all
-kind delete clusters cluster-1 cluster-2
 ```
diff --git a/examples/nsm_istio/README.md b/examples/nsm_istio/README.md
index 88dd394c4230..31e9e707f974 100644
--- a/examples/nsm_istio/README.md
+++ b/examples/nsm_istio/README.md
@@ -7,10 +7,10 @@ This example show how can be used nsm over
 
 ## Requires
 
-- [Load balancer](./loadbalancer)
-- [Interdomain DNS](./dns)
-- [Interdomain spire](./spire)
-- [Interdomain nsm](./nsm)
+- [Load balancer](../basic_interdomain/loadbalancer)
+- [Interdomain DNS](../basic_interdomain/dns)
+- [Interdomain spire](../basic_interdomain/spire)
+- [Interdomain nsm](../basic_interdomain/nsm)
 
 
 ## Run
diff --git a/examples/nsm_istio/nsm/README.md b/examples/nsm_istio/nsm/README.md
deleted file mode 100644
index e2d50996f117..000000000000
--- a/examples/nsm_istio/nsm/README.md
+++ /dev/null
@@ -1,26 +0,0 @@
-# NSM interdomain setup
-
-
-This example simply show how can be deployed and configured two NSM on different clusters
-
-## Run
-
-Install NSM
-```bash
-kubectl --kubeconfig=$KUBECONFIG1 apply -k ./cluster1
-kubectl --kubeconfig=$KUBECONFIG2 apply -k ./cluster2
-```
-
-## Cleanup
-
-Cleanup NSM
-```bash
-WH=$(kubectl --kubeconfig=$KUBECONFIG1 get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
-kubectl --kubeconfig=$KUBECONFIG1 delete mutatingwebhookconfiguration ${WH}
-
-WH=$(kubectl --kubeconfig=$KUBECONFIG2 get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
-kubectl --kubeconfig=$KUBECONFIG2 delete mutatingwebhookconfiguration ${WH}
-
-kubectl --kubeconfig=$KUBECONFIG1 delete -k ./cluster1
-kubectl --kubeconfig=$KUBECONFIG2 delete -k ./cluster2
-```
\ No newline at end of file
diff --git a/examples/nsm_istio/nsm/cluster1/patch-nsmgr-proxy.yaml b/examples/nsm_istio/nsm/cluster1/patch-nsmgr-proxy.yaml
deleted file mode 100644
index 9fb07692f30f..000000000000
--- a/examples/nsm_istio/nsm/cluster1/patch-nsmgr-proxy.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nsmgr-proxy
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/nsm_istio/nsm/cluster1/patch-registry-proxy-dns.yaml b/examples/nsm_istio/nsm/cluster1/patch-registry-proxy-dns.yaml
deleted file mode 100644
index 182decd8a73d..000000000000
--- a/examples/nsm_istio/nsm/cluster1/patch-registry-proxy-dns.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: registry-proxy
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/nsm_istio/nsm/cluster1/patch-registry.yaml b/examples/nsm_istio/nsm/cluster1/patch-registry.yaml
deleted file mode 100644
index e53f70e7786b..000000000000
--- a/examples/nsm_istio/nsm/cluster1/patch-registry.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: registry-k8s
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/nsm_istio/nsm/cluster2/patch-nsmgr-proxy.yaml b/examples/nsm_istio/nsm/cluster2/patch-nsmgr-proxy.yaml
deleted file mode 100644
index e0e5104dd5f7..000000000000
--- a/examples/nsm_istio/nsm/cluster2/patch-nsmgr-proxy.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: nsmgr-proxy
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster1
diff --git a/examples/nsm_istio/nsm/cluster2/patch-registry-proxy-dns.yaml b/examples/nsm_istio/nsm/cluster2/patch-registry-proxy-dns.yaml
deleted file mode 100644
index 9ae00b6e0476..000000000000
--- a/examples/nsm_istio/nsm/cluster2/patch-registry-proxy-dns.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: registry-proxy
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster1
diff --git a/examples/nsm_istio/nsm/cluster2/patch-registry.yaml b/examples/nsm_istio/nsm/cluster2/patch-registry.yaml
deleted file mode 100644
index 2f1468c93b80..000000000000
--- a/examples/nsm_istio/nsm/cluster2/patch-registry.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: registry-k8s
-spec:
-  template:
-    metadata:
-      annotations:
-        spiffe.io/federatesWith: nsm.cluster1

From 6ed2b841a376d152e6f8fae8fa26787d2aac6db9 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Wed, 29 Jun 2022 18:17:42 +0700
Subject: [PATCH 03/11] fixes

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/nsm_consul/nse-auto-scale/iptables-map.yaml  |  3 ++-
 examples/nsm_consul/nse-auto-scale/kustomization.yaml |  2 +-
 examples/nsm_consul/nse-auto-scale/pod-template.yaml  |  6 +++---
 examples/nsm_istio/nse-auto-scale/iptables-map        |  9 ---------
 examples/nsm_istio/nse-auto-scale/iptables-map.yaml   | 10 ++++++++++
 examples/nsm_istio/nse-auto-scale/kustomization.yaml  |  2 +-
 examples/nsm_istio/nse-auto-scale/pod-template.yaml   |  6 +++---
 7 files changed, 20 insertions(+), 18 deletions(-)
 delete mode 100644 examples/nsm_istio/nse-auto-scale/iptables-map
 create mode 100644 examples/nsm_istio/nse-auto-scale/iptables-map.yaml

diff --git a/examples/nsm_consul/nse-auto-scale/iptables-map.yaml b/examples/nsm_consul/nse-auto-scale/iptables-map.yaml
index f596088c29fe..5a19fc53fa7d 100644
--- a/examples/nsm_consul/nse-auto-scale/iptables-map.yaml
+++ b/examples/nsm_consul/nse-auto-scale/iptables-map.yaml
@@ -1 +1,2 @@
-- -I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j DNAT --to-destination 127.0.0.1
\ No newline at end of file
+---
+- -I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j DNAT --to-destination 127.0.0.1
diff --git a/examples/nsm_consul/nse-auto-scale/kustomization.yaml b/examples/nsm_consul/nse-auto-scale/kustomization.yaml
index 9e53ffb53398..a4820096fc2b 100644
--- a/examples/nsm_consul/nse-auto-scale/kustomization.yaml
+++ b/examples/nsm_consul/nse-auto-scale/kustomization.yaml
@@ -12,7 +12,7 @@ configMapGenerator:
   - name: supplier-pod-template-configmap
     files:
       - pod-template.yaml
-  - name: iptables-map.yaml
+  - name: iptables-map
     files:
       - iptables-map.yaml
 
diff --git a/examples/nsm_consul/nse-auto-scale/pod-template.yaml b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
index e4f2ac46de00..58c7a10da3fe 100644
--- a/examples/nsm_consul/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
@@ -38,7 +38,7 @@ spec:
           value: 240s
         - name: NSM_LOG_LEVEL
           value: TRACE
-        - name: NSM_RULES_CONFIG
+        - name: NSM_RULES_CONFIG_PATH
           value: iptables-map.yaml
       volumeMounts:
         - name: spire-agent-socket
@@ -48,7 +48,7 @@ spec:
           mountPath: /var/lib/networkservicemesh
           readOnly: true
         - name: iptables-config-map
-          mountPath: /iptables-map.yaml
+          mountPath: /iptables-map
       resources:
         limits:
           memory: 40Mi
@@ -73,4 +73,4 @@ spec:
         type: DirectoryOrCreate
     - name: iptables-config-map
       configMap:
-        name: iptables-map.yaml
+        name: iptables-map
diff --git a/examples/nsm_istio/nse-auto-scale/iptables-map b/examples/nsm_istio/nse-auto-scale/iptables-map
deleted file mode 100644
index 3951201dbfc7..000000000000
--- a/examples/nsm_istio/nse-auto-scale/iptables-map
+++ /dev/null
@@ -1,9 +0,0 @@
--N NSM_PREROUTE,
--A NSM_PREROUTE -j ISTIO_REDIRECT,
--I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j NSM_PREROUTE,
--N NSM_OUTPUT,
--A NSM_OUTPUT -j DNAT --to-destination {{ index .NsmSrcIPs 0 }},
--A OUTPUT -p tcp -s 127.0.0.6 -j NSM_OUTPUT,
--N NSM_POSTROUTING,
--A NSM_POSTROUTING -j SNAT --to-source {{ index .NsmDstIPs 0 }},
--A POSTROUTING -p tcp -o {{ .NsmInterfaceName }} -j NSM_POSTROUTING
\ No newline at end of file
diff --git a/examples/nsm_istio/nse-auto-scale/iptables-map.yaml b/examples/nsm_istio/nse-auto-scale/iptables-map.yaml
new file mode 100644
index 000000000000..6c9772137714
--- /dev/null
+++ b/examples/nsm_istio/nse-auto-scale/iptables-map.yaml
@@ -0,0 +1,10 @@
+---
+- -N NSM_PREROUTE
+- -A NSM_PREROUTE -j ISTIO_REDIRECT
+- -I PREROUTING 1 -p tcp -i {{ .NsmInterfaceName }} -j NSM_PREROUTE
+- -N NSM_OUTPUT
+- -A NSM_OUTPUT -j DNAT --to-destination {{ index .NsmSrcIPs 0 }}
+- -A OUTPUT -p tcp -s 127.0.0.6 -j NSM_OUTPUT
+- -N NSM_POSTROUTING
+- -A NSM_POSTROUTING -j SNAT --to-source {{ index .NsmDstIPs 0 }}
+- -A POSTROUTING -p tcp -o {{ .NsmInterfaceName }} -j NSM_POSTROUTING
diff --git a/examples/nsm_istio/nse-auto-scale/kustomization.yaml b/examples/nsm_istio/nse-auto-scale/kustomization.yaml
index a37a4afed1d8..e0a76b3bb322 100644
--- a/examples/nsm_istio/nse-auto-scale/kustomization.yaml
+++ b/examples/nsm_istio/nse-auto-scale/kustomization.yaml
@@ -14,7 +14,7 @@ configMapGenerator:
       - pod-template.yaml
   - name: iptables-map
     files:
-      - iptables-map.yaml.yaml
+      - iptables-map.yaml
 
 generatorOptions:
   disableNameSuffixHash: true
diff --git a/examples/nsm_istio/nse-auto-scale/pod-template.yaml b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
index 49f229164df4..30926a5d3f94 100644
--- a/examples/nsm_istio/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
@@ -35,7 +35,7 @@ spec:
         - name: NSM_LOG_LEVEL
           value: TRACE
         - name: NSM_RULES_CONFIG_PATH
-          value: iptables-map.yaml/iptables-map.yaml.yaml
+          value: iptables-map/iptables-map.yaml
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets
@@ -44,7 +44,7 @@ spec:
           mountPath: /var/lib/networkservicemesh
           readOnly: true
         - name: iptables-config-map
-          mountPath: /iptables-map.yaml
+          mountPath: /iptables-map
       resources:
         limits:
           memory: 40Mi
@@ -60,4 +60,4 @@ spec:
         type: DirectoryOrCreate
     - name: iptables-config-map
       configMap:
-        name: iptables-map.yaml
+        name: iptables-map

From bc2ba4eb1b80f01163aabe204580ee59c16c7f49 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 14:09:35 +0700
Subject: [PATCH 04/11] add readme for basic interdomain

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/basic_interdomain/README.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 examples/basic_interdomain/README.md

diff --git a/examples/basic_interdomain/README.md b/examples/basic_interdomain/README.md
new file mode 100644
index 000000000000..068bb6fd3cf8
--- /dev/null
+++ b/examples/basic_interdomain/README.md
@@ -0,0 +1,16 @@
+# Basic examples
+
+Contain basic setup for NSM that includes `nsmgr`, `forwarder-vpp`, `registry-k8s`. This setup can be used to check mechanisms combination or some kind of NSM [features](../features).
+
+## Requires
+
+- [Load balancer](/examples/basic_interdomain/loadbalancer)
+- [Interdomain DNS](/examples/basic_interdomain/dns)
+- [Interdomain spire](/examples/basic_interdomain/spire)
+- [Interdomain nsm](/examples/basic_interdomain/nsm)
+
+
+## Includes
+
+- [NSM Istio](../nsm_istio)
+- [Kernel to Kernel Connection](../nsm_consul)

From c90a49e532c99bffac19807aafaaed852cf90ad5 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 14:57:46 +0700
Subject: [PATCH 05/11] fix references

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/basic_interdomain/README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/examples/basic_interdomain/README.md b/examples/basic_interdomain/README.md
index 068bb6fd3cf8..e5bdae99944b 100644
--- a/examples/basic_interdomain/README.md
+++ b/examples/basic_interdomain/README.md
@@ -4,10 +4,10 @@ Contain basic setup for NSM that includes `nsmgr`, `forwarder-vpp`, `registry-k8
 
 ## Requires
 
-- [Load balancer](/examples/basic_interdomain/loadbalancer)
-- [Interdomain DNS](/examples/basic_interdomain/dns)
-- [Interdomain spire](/examples/basic_interdomain/spire)
-- [Interdomain nsm](/examples/basic_interdomain/nsm)
+- [Load balancer](./loadbalancer)
+- [Interdomain DNS](./dns)
+- [Interdomain spire](./spire)
+- [Interdomain nsm](./nsm)
 
 
 ## Includes

From 2586ed29fe297daa47227534d3db2ba0cc1f9e24 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 15:57:27 +0700
Subject: [PATCH 06/11] replace references with export version

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/basic_interdomain/nsm/README.md   |  8 ++++----
 examples/basic_interdomain/spire/README.md |  4 ++--
 examples/nsm_consul/README.md              | 18 +++++++++---------
 3 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/examples/basic_interdomain/nsm/README.md b/examples/basic_interdomain/nsm/README.md
index 7eeb626eaf9f..e2d50996f117 100644
--- a/examples/basic_interdomain/nsm/README.md
+++ b/examples/basic_interdomain/nsm/README.md
@@ -7,8 +7,8 @@ This example simply show how can be deployed and configured two NSM on different
 
 Install NSM
 ```bash
-kubectl --kubeconfig=$KUBECONFIG1 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
-kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG1 apply -k ./cluster1
+kubectl --kubeconfig=$KUBECONFIG2 apply -k ./cluster2
 ```
 
 ## Cleanup
@@ -21,6 +21,6 @@ kubectl --kubeconfig=$KUBECONFIG1 delete mutatingwebhookconfiguration ${WH}
 WH=$(kubectl --kubeconfig=$KUBECONFIG2 get pods -l app=admission-webhook-k8s -n nsm-system --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
 kubectl --kubeconfig=$KUBECONFIG2 delete mutatingwebhookconfiguration ${WH}
 
-kubectl --kubeconfig=$KUBECONFIG1 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
-kubectl --kubeconfig=$KUBECONFIG2 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/nsm/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG1 delete -k ./cluster1
+kubectl --kubeconfig=$KUBECONFIG2 delete -k ./cluster2
 ```
\ No newline at end of file
diff --git a/examples/basic_interdomain/spire/README.md b/examples/basic_interdomain/spire/README.md
index ac4b99e50bb2..ddee788ed03f 100644
--- a/examples/basic_interdomain/spire/README.md
+++ b/examples/basic_interdomain/spire/README.md
@@ -6,8 +6,8 @@ This example shows how to simply configure two spire servers from different clus
 
 Install spire
 ```bash
-kubectl --kubeconfig=$KUBECONFIG1 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/spire/cluster1?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
-kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/basic_interdomain/spire/cluster2?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG1 apply -k ./cluster1
+kubectl --kubeconfig=$KUBECONFIG2 apply -k ./cluster2
 ```
 
 Wait for spire ready
diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index eb82125d09cc..292b1632e03d 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -21,36 +21,36 @@ brew install hashicorp/tap/consul-k8s
 
 Install Consul for the second cluster:
 ```bash
-consul-k8s install -config-file=https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/helm-consul-values.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a -set global.image=hashicorp/consul:1.12.0 --kubeconfig=$KUBECONFIG2
+consul-k8s install -config-file=helm-consul-values.yaml -set global.image=hashicorp/consul:1.12.0 --kubeconfig=$KUBECONFIG2
 ```
 
 ### Verify NSM+CONSUL
 
 Install networkservice for the second cluster::
 ```bash
-kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/networkservice.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+kubectl --kubeconfig=$KUBECONFIG2 apply -f networkservice.yaml 
 ```
 
 Start `alpine` networkservicemesh client for the first cluster:
 
 ```bash
-kubectl --kubeconfig=$KUBECONFIG1 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/client/client.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+kubectl --kubeconfig=$KUBECONFIG1 apply -f client/client.yaml 
 ```
 
 Create kubernetes service for the networkservicemesh endpoint:
 ```bash
-kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/service.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
+kubectl --kubeconfig=$KUBECONFIG2 apply -f service.yaml 
 ```
 
 Start `auto-scale` networkservicemesh endpoint:
 ```bash
 
-kubectl --kubeconfig=$KUBECONFIG2 apply -k https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/nse-auto-scale?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 apply -k nse-auto-scale
 ```
 
 Install `static-server` Consul workload on the second cluster:
 ```bash
-kubectl --kubeconfig=$KUBECONFIG2 apply -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/server/static-server.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a  
+kubectl --kubeconfig=$KUBECONFIG2 apply -f server/static-server.yaml
 ```
 
 Verify connection from networkservicemesh client to consul server:
@@ -66,8 +66,8 @@ You should see "hello world" answer.
 
 ```bash
 kubectl --kubeconfig=$KUBECONFIG2 delete deployment static-server
-kubectl --kubeconfig=$KUBECONFIG2 delete -k https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/nse-auto-scale?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a 
-kubectl --kubeconfig=$KUBECONFIG1 delete -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/client/client.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
-kubectl --kubeconfig=$KUBECONFIG2 delete -f https://github.com/networkservicemesh/deployments-k8s/examples/nsm_consul/networkservice.yaml?ref=9b2e8e76fbc7505da8e87ea24bf90ac39f4b6c1a
+kubectl --kubeconfig=$KUBECONFIG2 delete -k nse-auto-scale
+kubectl --kubeconfig=$KUBECONFIG1 delete -f client/client.yaml
+kubectl --kubeconfig=$KUBECONFIG2 delete -f networkservice.yaml
 consul-k8s uninstall --kubeconfig=$KUBECONFIG2 -auto-approve=true -wipe-data=true
 ```

From c5350a88f57f00e5c54ffc3387b961ab646bbb84 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 16:21:38 +0700
Subject: [PATCH 07/11] add missed files

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 .../nsm/cluster1/patch-nsmgr-proxy.yaml                | 10 ++++++++++
 .../nsm/cluster1/patch-registry-proxy-dns.yaml         | 10 ++++++++++
 .../basic_interdomain/nsm/cluster1/patch-registry.yaml | 10 ++++++++++
 .../nsm/cluster2/patch-nsmgr-proxy.yaml                | 10 ++++++++++
 .../nsm/cluster2/patch-registry-proxy-dns.yaml         | 10 ++++++++++
 .../basic_interdomain/nsm/cluster2/patch-registry.yaml | 10 ++++++++++
 6 files changed, 60 insertions(+)
 create mode 100644 examples/basic_interdomain/nsm/cluster1/patch-nsmgr-proxy.yaml
 create mode 100644 examples/basic_interdomain/nsm/cluster1/patch-registry-proxy-dns.yaml
 create mode 100644 examples/basic_interdomain/nsm/cluster1/patch-registry.yaml
 create mode 100644 examples/basic_interdomain/nsm/cluster2/patch-nsmgr-proxy.yaml
 create mode 100644 examples/basic_interdomain/nsm/cluster2/patch-registry-proxy-dns.yaml
 create mode 100644 examples/basic_interdomain/nsm/cluster2/patch-registry.yaml

diff --git a/examples/basic_interdomain/nsm/cluster1/patch-nsmgr-proxy.yaml b/examples/basic_interdomain/nsm/cluster1/patch-nsmgr-proxy.yaml
new file mode 100644
index 000000000000..9fb07692f30f
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster1/patch-nsmgr-proxy.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nsmgr-proxy
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/basic_interdomain/nsm/cluster1/patch-registry-proxy-dns.yaml b/examples/basic_interdomain/nsm/cluster1/patch-registry-proxy-dns.yaml
new file mode 100644
index 000000000000..182decd8a73d
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster1/patch-registry-proxy-dns.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: registry-proxy
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/basic_interdomain/nsm/cluster1/patch-registry.yaml b/examples/basic_interdomain/nsm/cluster1/patch-registry.yaml
new file mode 100644
index 000000000000..e53f70e7786b
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster1/patch-registry.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: registry-k8s
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster2
diff --git a/examples/basic_interdomain/nsm/cluster2/patch-nsmgr-proxy.yaml b/examples/basic_interdomain/nsm/cluster2/patch-nsmgr-proxy.yaml
new file mode 100644
index 000000000000..e0e5104dd5f7
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster2/patch-nsmgr-proxy.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nsmgr-proxy
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster1
diff --git a/examples/basic_interdomain/nsm/cluster2/patch-registry-proxy-dns.yaml b/examples/basic_interdomain/nsm/cluster2/patch-registry-proxy-dns.yaml
new file mode 100644
index 000000000000..9ae00b6e0476
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster2/patch-registry-proxy-dns.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: registry-proxy
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster1
diff --git a/examples/basic_interdomain/nsm/cluster2/patch-registry.yaml b/examples/basic_interdomain/nsm/cluster2/patch-registry.yaml
new file mode 100644
index 000000000000..2f1468c93b80
--- /dev/null
+++ b/examples/basic_interdomain/nsm/cluster2/patch-registry.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: registry-k8s
+spec:
+  template:
+    metadata:
+      annotations:
+        spiffe.io/federatesWith: nsm.cluster1

From 0eb379de1706eae6981649613e5a4f1b4aa0e2ea Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 20:04:06 +0700
Subject: [PATCH 08/11] add fixes

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/basic_interdomain/spire/README.md           | 3 +--
 examples/nsm_consul/README.md                        | 6 +++---
 examples/nsm_consul/nse-auto-scale/pod-template.yaml | 2 +-
 examples/nsm_consul/server/static-server.yaml        | 1 -
 4 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/examples/basic_interdomain/spire/README.md b/examples/basic_interdomain/spire/README.md
index ddee788ed03f..0cc79457336c 100644
--- a/examples/basic_interdomain/spire/README.md
+++ b/examples/basic_interdomain/spire/README.md
@@ -23,9 +23,8 @@ bundle2=$(kubectl --kubeconfig=$KUBECONFIG2 exec spire-server-0 -n spire -- bin/
 ```
 
 Setup bundle federation for each cluster
-```
+```bash
 echo $bundle2 | kubectl --kubeconfig=$KUBECONFIG1 exec -i spire-server-0 -n spire -- bin/spire-server bundle set -format spiffe -id "spiffe://nsm.cluster2"
-
 echo $bundle1 | kubectl --kubeconfig=$KUBECONFIG2 exec -i spire-server-0 -n spire -- bin/spire-server bundle set -format spiffe -id "spiffe://nsm.cluster1"
 ```
 
diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index 292b1632e03d..66c3ef34307c 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -44,7 +44,6 @@ kubectl --kubeconfig=$KUBECONFIG2 apply -f service.yaml
 
 Start `auto-scale` networkservicemesh endpoint:
 ```bash
-
 kubectl --kubeconfig=$KUBECONFIG2 apply -k nse-auto-scale
 ```
 
@@ -56,10 +55,11 @@ kubectl --kubeconfig=$KUBECONFIG2 apply -f server/static-server.yaml
 Verify connection from networkservicemesh client to consul server:
 ```bash
 kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- apk add curl
-kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- curl 172.16.1.2:8080
+```
+```bash
+kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- curl 172.16.1.2:8080 | grep -o "hello world"
 ```
 
-You should see "hello world" answer.
 
 ## Cleanup
 
diff --git a/examples/nsm_consul/nse-auto-scale/pod-template.yaml b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
index 58c7a10da3fe..a7ef1d7b424b 100644
--- a/examples/nsm_consul/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
@@ -39,7 +39,7 @@ spec:
         - name: NSM_LOG_LEVEL
           value: TRACE
         - name: NSM_RULES_CONFIG_PATH
-          value: iptables-map.yaml
+          value: iptables-map/iptables-map.yaml
       volumeMounts:
         - name: spire-agent-socket
           mountPath: /run/spire/sockets
diff --git a/examples/nsm_consul/server/static-server.yaml b/examples/nsm_consul/server/static-server.yaml
index 861d04e7b44b..efa7878ff8c7 100644
--- a/examples/nsm_consul/server/static-server.yaml
+++ b/examples/nsm_consul/server/static-server.yaml
@@ -21,7 +21,6 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: static-server
-  namespace: nsm-consul
 spec:
   replicas: 1
   selector:

From 16de6c71ad62d25abe76ff6c106edc409e72559c Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Fri, 1 Jul 2022 21:54:22 +0700
Subject: [PATCH 09/11] add fixes, to run all example

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/nsm_consul/README.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index 66c3ef34307c..0fe236c7b1fd 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -24,8 +24,6 @@ Install Consul for the second cluster:
 consul-k8s install -config-file=helm-consul-values.yaml -set global.image=hashicorp/consul:1.12.0 --kubeconfig=$KUBECONFIG2
 ```
 
-### Verify NSM+CONSUL
-
 Install networkservice for the second cluster::
 ```bash
 kubectl --kubeconfig=$KUBECONFIG2 apply -f networkservice.yaml 
@@ -66,8 +64,16 @@ kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- curl 172.16.1.2:8080 |
 
 ```bash
 kubectl --kubeconfig=$KUBECONFIG2 delete deployment static-server
+```
+```bash
 kubectl --kubeconfig=$KUBECONFIG2 delete -k nse-auto-scale
+```
+```bash
 kubectl --kubeconfig=$KUBECONFIG1 delete -f client/client.yaml
+```
+```bash
 kubectl --kubeconfig=$KUBECONFIG2 delete -f networkservice.yaml
+```
+```bash
 consul-k8s uninstall --kubeconfig=$KUBECONFIG2 -auto-approve=true -wipe-data=true
 ```

From 2a3be6cfbb7f66467ef5f9cf27015e0c5c3d3ef7 Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Mon, 4 Jul 2022 13:37:05 +0700
Subject: [PATCH 10/11] add fix to install consul and update cmd-nse-l7-image

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/nsm_consul/README.md                        | 2 +-
 examples/nsm_consul/nse-auto-scale/pod-template.yaml | 2 +-
 examples/nsm_istio/nse-auto-scale/pod-template.yaml  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index 0fe236c7b1fd..25d8f8051d1f 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -21,7 +21,7 @@ brew install hashicorp/tap/consul-k8s
 
 Install Consul for the second cluster:
 ```bash
-consul-k8s install -config-file=helm-consul-values.yaml -set global.image=hashicorp/consul:1.12.0 --kubeconfig=$KUBECONFIG2
+consul-k8s install -config-file=helm-consul-values.yaml -set global.image=hashicorp/consul:1.12.0 -auto-approve --kubeconfig=$KUBECONFIG2
 ```
 
 Install networkservice for the second cluster::
diff --git a/examples/nsm_consul/nse-auto-scale/pod-template.yaml b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
index a7ef1d7b424b..7a6220074d59 100644
--- a/examples/nsm_consul/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_consul/nse-auto-scale/pod-template.yaml
@@ -13,7 +13,7 @@ spec:
   restartPolicy: Never
   containers:
     - name: nse
-      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:32fbf26
+      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:08328f3
       imagePullPolicy: IfNotPresent
       securityContext:
         privileged: true
diff --git a/examples/nsm_istio/nse-auto-scale/pod-template.yaml b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
index 30926a5d3f94..df62e3bf08bd 100644
--- a/examples/nsm_istio/nse-auto-scale/pod-template.yaml
+++ b/examples/nsm_istio/nse-auto-scale/pod-template.yaml
@@ -11,7 +11,7 @@ spec:
   restartPolicy: Never
   containers:
     - name: nse
-      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:32fbf26
+      image: ghcr.io/networkservicemesh/ci/cmd-nse-l7-proxy:08328f3
       imagePullPolicy: IfNotPresent
       env:
         - name: SPIFFE_ENDPOINT_SOCKET

From 489368d15553cce9438a8b7b91ede90b6940b7ac Mon Sep 17 00:00:00 2001
From: "anastasia.malysheva" <anastasia.malysheva@xored.com>
Date: Mon, 4 Jul 2022 17:13:51 +0700
Subject: [PATCH 11/11] Add commands to get more info about pods condition

Signed-off-by: anastasia.malysheva <anastasia.malysheva@xored.com>
---
 examples/nsm_consul/README.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/examples/nsm_consul/README.md b/examples/nsm_consul/README.md
index 25d8f8051d1f..25454026543f 100644
--- a/examples/nsm_consul/README.md
+++ b/examples/nsm_consul/README.md
@@ -50,6 +50,33 @@ Install `static-server` Consul workload on the second cluster:
 kubectl --kubeconfig=$KUBECONFIG2 apply -f server/static-server.yaml
 ```
 
+Wait for proxy-alpine-nsc to be ready:
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 wait --for=condition=ready --timeout=3m pod proxy-alpine-nsc
+kubectl --kubeconfig=$KUBECONFIG2 describe pods proxy-alpine-nsc
+kubectl --kubeconfig=$KUBECONFIG2 exec -it proxy-alpine-nsc -- bash -c ls
+```
+
+Wait for static-server to be ready:
+```bash
+stsrv=$(kubectl get pods -l app=static-server --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl --kubeconfig=$KUBECONFIG2 wait --for=condition=ready --timeout=3m pod $stsrv
+kubectl --kubeconfig=$KUBECONFIG2 describe pods $stsrv
+```
+
+Wait for nse-supplier to be ready:
+```bash
+supplier=$(kubectl get pods -l app=nse-supplier-k8s --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}')
+kubectl --kubeconfig=$KUBECONFIG2 wait --for=condition=ready --timeout=3m pod $supplier
+kubectl --kubeconfig=$KUBECONFIG2 describe pods $supplier
+```
+
+Wait for nse-supplier to be ready:
+```bash
+kubectl --kubeconfig=$KUBECONFIG2 describe pods alpine-nsc
+kubectl --kubeconfig=$KUBECONFIG2 wait --for=condition=ready --timeout=10m pod alpine-nsc
+```
+
 Verify connection from networkservicemesh client to consul server:
 ```bash
 kubectl --kubeconfig=$KUBECONFIG1 exec -it alpine-nsc -- apk add curl