In version 1.0, Kmesh introduced the IPsec feature and dropped some of the authorization capabilities into the OS kernel. However, there was a lack of testing to look after this part of the functionality. This led to hidden risks when the code went live and new versions were released. Therefore, there is a need to write e2e tests for these two features and to document their use.
1、IPsec
2、Offload Authorization
IPsec is a feature that ensures secure communication between nodes, requiring cross-node testing with a self-designed testing plan. Offload Authorization is unique to Kmesh, offloading IP and Port authentication capabilities to the Linux kernel's XDP. Therefore, it is necessary to test both the user-space programs for Authorization and the XDP programs in the kernel. And different tests are performed for complementary authentication scenarios
In version 1.0, Kmesh introduced the IPsec feature and dropped some of the authorization capabilities into the OS kernel. However, there was a lack of testing to look after this part of the functionality. This led to hidden risks when the code went live and new versions were released. Therefore, there is a need to write e2e tests for these two features and to document their use.
1、IPsec
2、Offload Authorization
IPsec is a feature that ensures secure communication between nodes, requiring cross-node testing with a self-designed testing plan. Offload Authorization is unique to Kmesh, offloading IP and Port authentication capabilities to the Linux kernel's XDP. Therefore, it is necessary to test both the user-space programs for Authorization and the XDP programs in the kernel. And different tests are performed for complementary authentication scenarios