A CI service to test the ixy userspace network driver and its derivatives. The basic idea is spawn three independent VMs which take on the following roles:
pktgen
pushes network packets (with sequence numbers) into network 1fwd
forwards all packets from network 1 to network 2pcap
captures packets from network 2
With this setup we can simultaneously test three applications and make sure that the whole scenario
works correctly by inspecting the captured packets from pcap
.
Currently only tests the Virtio driver. Testing the ixgbe driver is planned but requires infrastructure changes.
While ixy-ci does make sure that the build finishes correctly, you still may want to use ixy-ci in conjunction with traditional CI services to check builds across a larger variety of OS environments or to check things like formatting/linting.
- Correct amount of packets captured
- Sanity check of the largest received sequence number (between
n_pcap
and2 * n_pcap
) - No duplicate packets received
To use ixy-ci you only need to follow these instructions:
- Create a GitHub webhook for your repository (in your repository settings)
- URL:
http://138.246.233.98:9999/github/webhook
- Content type:
application/json
- Secret (e.g.
openssl rand -base64 48
); make sure to save this somewhere - Events: Issue comments & Pushes
- URL:
- Securely send your webhook secret to your ixy-ci administrator
- Open a PR adding a
ixy-ci.toml
to your repository (seeixy-ci.toml.example
for reference) - Also make sure that your applications match the expected command line interface as described below
- Comment
@ixy-ci test
in your PR until the tests pass :)
pktgen <pci addr>
fwd <pci addr src> <pci addr dst>
pcap <pci addr> <pcap output file> <stop after n packets>
The packets that are generated by pktgen
are expected to follow the same structure and size as
in the ixy pktgen example.
These instructions are only needed when you want to deploy your own instance of ixy-ci.
- Network
pktgen-fwd
- Port
pktgen
- Port
fwd-in
- Port
- Network
fwd-pcap
- Port
fwd-out
- Port
pcap
- Port
- Network require a default subnet for port creation to succeed
- Disable "Port Security" on all ports
- Create a keypair for ixy-ci to SSH into the spawned VMs
See config.toml.example for the general format of the config.toml
. The OpenStack login information
can be extracted from a generated clouds.yaml
. The only additional information you have to
manually query is the project domain. You can do that like this:
# First retrieve the domain id
openstack --os-cloud openstack project show <project_name>
# Then retrieve the actual domain name
openstack --os-cloud openstack domain show <domain_id>
Currently you also need to keep a clouds.yaml
around as we sometimes have to use the OpenStack CLI
tool due to missing APIs in the openstack crate.
ixy-ci requires a GitHub account to post results and to interact with the GitHub API. Any account
should work though we advise to use a dedicated bot account. You need to create a personal access
token (GitHub / Setting / Developer settings) with access to the public_repo
scope.
cd runner && cargo build --release
ixy-ci will currently upload the compiled runner
binary to the spawned VMs (see remote.rs
for
reasons why this is needed). This should hopefully become obsolete in the future...
- Make logs available
- Only allow configured users to start tests (to prevent abuse)
- Do more stuff concurrently once async/await is ready (also trussh instead of libssh2)
- Fix issue where ixy-ci cannot be terminated via ctrl+c after a message has been posted on GitHub (related: graceful shutdown?)
- Code documentation
- Track down why OpenStack project domain is required (although OpenStack CLI doesn't need it)
- Test on master branch push (+ cronjob?) => endpoint for badges which redirect to shields.io
- Dashboard with status about current job, queue, past results
- Test ixgbe driver somehow (SR-IOV, pci passthrough?)
- Integration with GitHub checks API