 Škoda, že volné má nějaké intucije. Jelé, jelé. Jel interstaticky analyzátor. Jelé, to existuje. Ono to jde. Super, super. Vštějte nemysla být. Vrám, že je pilot, třeba. Toho děláme. Většin těch mi pokud neděláš nějakýmž prasárný. Prantájemu nějakým malý pečink. Taký tam jde. Myslíte, že je to právě nebo měl vůbec významené závět, že je pilot. Většin. Jelé, jen závět, jo. Jelé, jen to je to. Vládně to vodilává taky typy, že jemu se má nějakou, kdy se mám pořád nejde. Tak to mi třeba dře, že to cekná. Tak to mi třeba dře, že je to, že nejde, že nejde, že nejde, že nejde. Tak, to si se prachal. Tak to mi třeba dře, že nejde, že nejde, že nejde. Čukě, si připraven. Já myslí, že jo, tak je to do toho. Ale píš to nemůžete. No, píj. No, píj. Hello everybody. Welcome to the next session. A now, let's start with the next presentation about the automatic network stack, and please welcome Jan. Hello everybody, thank you. So, I'm Jan Tukov from Kernoglic Engineering working in Red Hat. I test several subsystems or parts of networking, that's IPsec, IPvS, some of the tunneling. And besides that, I'm also a contributor to LNST project, and this presentation will be about this too. So, let's start with what I was talking about. So, first of all, I will talk briefly or a bit about what it takes to write an automated test. What are the problems there, why we want to automate this. Then I will talk about the LNST project, that's a Linux network stack test project, how it deals with the problems when you write the test, how it deals with the portability of the tests. And then, in the abstract, I wrote that I will do a short live demo. It won't be short, I will have three demos, how to use LNST. So, yeah, that's another part. And then, any questions you might have, feel free to ask them after the session. Thanks. So, when we write a network test, so this is really a simple example. When we want to do a test, we start by doing it manually. So, simple paint test, you log into one machine, configure the device, configure the IP address, log into another machine, configure the device, set the remote address and then you paint from one machine to another. That's quite simple, right? So, the problem comes when you want to write a more complex setup. So, you want to bond two or more network devices, you want to add VLAN on top of bond or even you want to use a network namespace. So, doing this manually, you can get lost when you write such tests. So, and if you do this manually, it becomes a headache. So, what you can do about this, you write a script. So, you script the thing, it can have 100 lines, it can do a complex test. So, you can run it every day when you do regression checks for your changes in the kernel. But the next problem with this is when you find a bug. What will you do? So, you take your script and send it to developer. So, please run it. You, the developer might need to make the changes to the script because host names could differ. Also, when you have another machine to tell the developer has it in his lab, the network device names could differ. So, that could really be a problem or it becomes a headache also for the developer. So, what can you do next? You can use LMSD. The advantage here is that with developer, you share the same script that can run both you as a quality engineer and also developer on his setup. This looks really nice or it sounds nice, but so how we do this. So, let's have a look at the concepts that LMSD uses to overcome this problem. At first of all, I will just say a few informations about the project. So, LMSD, it's a testing framework written in Python and it does basically two things. It helps you with automation of the network configuration. So, the complex setup I was talking before, bonding, teaming, villians, namespaces. And it also solves the portability issue. So, you can share the same script, nothing needs to be changed. And that's it. It uses simple client server model. You have two Python scripts. One is LMSD CTL, that's the controller. So, that's what you use it as a quality engineer or developer. And it communicates with LMSD slaves. Each LMSD slave represents one test machine that you have in Tesla. I won't go too much into details, because I want to show you the demo. How LMSD deals with portability? So, on the first slide, you saw a simple test. To perform a network test, you need basically three things. You need to have test machines, the test lab where you want to test. You need to configure the network stack and then you run something over the wires. So, these are three things that LMSD somehow uses. To the first thing, test machine. LMSD uses concept of slave pool. Slave pool is basically a directory or set of files, where every file represents one test machine. And it contains information about how to connect to the test machine and which devices it has available. So, they are identified by mechanism. So, LMSD slave knows how to, which devices to use. So, slave pool basically describes your test bed topology. Then the second thing, which covers two remaining items for the network test, is LMSD recipe. LMSD recipe contains information about what you require for your test. So, you say, I need two hosts for testing. On the first host, I need two network devices. On the second one, one, two, or even more. And then there is information on how you want to configure the network stack. So, you want to bond the devices or configure VLANs on them. Or MacVLAN, whatever. Then there is information about IP addresses you want to use on the devices. And the last part is actual performing the test. So, the task you want to do on the configuration. Let's have a look at how to get everything done. So, LMSD controller program takes these two parts. That's LMSD recipe, your requirements for the test. And slave pool, so the representation of your test bed. It parses everything. It tries to match your requirements to the slave pool. The result is a filtered set of test machines that are capable of running your tests. So, with this set of machines, it will connect to the slaves in your test lab, to the stack according to the requirements in the recipe, and runs the test. So, that's how LMSD works. Instead of going too much into detail, I will show you actually how can you run LMSD. I have three demos here. The first one is basically how we use this in redhead for testing. So, we have a representation of your test lab, and do specify the requirements, run recipe on it. The second thing will be about the feature of LMSD, where you can use LMSD to dynamically create the whole network. This only works in a lib-work environment, so LMSD works with virtual guests. And based on your requirements, it will create the network topology you need. It will dynamically attach the network interfaces and wires down. And in the last one that will be showing packet capture ability, where LMSD will capture everything that's going over the configured devices. So, let's start with the first demo. First demo, the testbed looks like this. The recipe I want to use is I want to have two devices bonded together on one machine, on the second machine I require only one interface and then run, well, actually, I won't be running any tests, I will just show you the feature that you can check how the match will look like. So, let's go to the demo. So, demo one, matching, one set up. Well, when you are about to create the slave pool directory, they are XML files. To edit a XML file, it's easy, but it's not very efficient. So, LMSD provides LMSD pool wizard that you can run and it will connect to the LMSD slaves, check for the network devices that are available on the machine and based on this data, it will create the XML file and store it in the directory you want. So, in the interactive mode, it queries for the directory that you want to store it. So, yeah, I have already pretty fine directory on the command line. So, you basically enter the hostname, I have a, I'm using virtual guests right now in my laptop so, and I have a pre-configured resolving LMSD maps into certain address. You can go with the defaults. It will ask for the output XML file, so just confirm. And then it queries the machine what devices are available there. So, and you just confirm which device you want to add. So, I will go with, I want to add everything that is there. Do you want to add it? Yeah, so we want to host set up. I have LMSD2 machine there. Again, queries the devices. Yeah, so no more machines to add. So, it will create two XML files that represents your testbed. What's available for testing? I just show you briefly what's the content. So, basically, there's information how to connect to the machine. So, a hostname, I have local resolving set. And then there are two devices available for testing. So, just for the first machine, I won't show the second machine, it's basically the same. So, now let's run a LMSD controller where I will show you how it would match your requirements to the testbed. So, my requirements is, I want to have two devices on the first machine, one device on the second machine. And you can see that there's the multi-match option. What it does is it tries to create every possible match for the setup. So, if you have, for example, three hosts, it will try to match every combination of these hosts. And if you have devices on these machines, both machines have two devices, for example, it will try to switch it and connect every possible match. So, the question for you, how many matches do you think we will have? So, we want to match two devices to one device and the other hosts. How many matches there are possible? Two? Why do you think so? So, let's have a look. So, yeah, you are right. That's basically, yeah, I won't go too much into the log because it's boring, Alonsti will give you a summary at the end. Right now, it will only output the possible matches that it was able to do with your desktop. So, on the first machine, you match, first interface to ENS-8, second to ENS-9. On the second machine, there is no other possibility. And on the second match, you match, you face one to the other, so it's very right. You're right. That's for you. OK, so, well, that was multi-matching. This is really a simple example. When it comes to, for example, you want to do two devices to another two devices and you want to do a mirrored bonding setup, there are a lot of combinations there. So, that's one feature. Let's come to the second demo, where I will show you how you can use Alonsti in a virtualized environment. So, I will use two virtual guides that are also running on my machine. And, yeah, I will show you how Alonsti will create the network for testing. So, again, I will use Alonsti pool wizard. But now, if you run pool wizard in virtual mode, you just specify the liveward domain. So, yeah, let's create the pool directory where it will be stored. You enter the liveward domain, the pool wizard will use a liveward Python API. It will query the guest basically for its hostname or how to connect. So, all that you need is just to specify the liveward domain. We want to add another. Let's Alonsti to guest. That's it. And if we have a look at the directory, there are two XML files for two hosts again. And the last thing is that only thing that you need to specify there is just the liveward domain. The hostname that is there, Alonsti can fetch this information through liveward. Okay, so let's have a look. Let's run something. Another feature or another mode that you can use for the controller is just to configure the stack and don't run the task. Don't perform the test. That could be useful if you just, if you want to check the things by your own. So, let's have a look at this. It will again process the directory, process your requirements, try to match it. In summary, you, there is information that this setup is using virtual machines and the information how the match went. Let's have a look at the guests. So, you can get to the Alonsti one. Now, maybe one thing that I didn't mention is that Alonsti requires that the test machines have a dedicated interface for controller slave connection. So, that's the first device that controller uses. And then there is a second device that was created dynamically. And it also got the IP address. So, if you want to perform a test by your own, you just do, you ping the remote machine and it looks like it's working. Okay, so that's for the config only mode and also the, how you can use virtual machines for your testing. Let's get back to the third demo. So, that's basically a feature that you can specify. I'm interested in packet captures on the interfaces. So, let's have a look at this. For this test, I will just use a simple one interface on one host, one interface on another host so basically what was shown at the beginning and it will include the packet capture. So, you just specify the minus p option I'm interested in packet capture, run it. It will, maybe one more ping for this. If you do a config only mode, the configuration remains. So, when you run some another recipe again, you don't need to worry about what's configured previously because the controller keeps information about what has been configured and it will de-configure the previous configuration so you start with a clear setting. So, let's have a look at what we have here. So, actually, right now I ran two tests. ICMP6 ping and ICMP ping. It looks like it passed, so it's a simple test. So, let's have a look. In the log, you have information about where the packet capture files were stored. So, let's have a look at the content. So, in this directory, there will be pick up files for every testing interface that you had configured in the test. You can expect it through Vireshark or whatever tool you want. So, there will be nothing new. It's just proof that it works. So, some information about the auto configuration at the beginning when you bring the device up and from here you can see the ICMP6 ping request. It goes and here is where the second test starts. Again. So, that's for the demo. Let's get back to the presentation. So, I'll just give this. This is a summary of LST features that are currently in LST. So, as I showed you, we have a wizard for guide or ultimate tool creation. It really helps a lot when you need to write when you don't want to write the XML files. We have support for various devices, VLANs. We started with VLANs one team bridge. I think MacVLAN was one of the first. Then there is OBS support, VXLAN, VETH, virtual auto interface. And if you want, you can add support for anything else you need. The configuration of the stack, we support two modes, either using IP2 or through network manager. But when I say that we support network manager, we might very likely get rid of it. I'm not sure. We are just thinking about how to do this. So, we also support network manager based awareness. Currently how we use this is basically using it with a VETH just to check if, for example, myself I check whether IPsec stuff works within network manager spaces or not. So, then the dynamic network creation, it's very useful if you don't want to test on a real hardware. So, for example, for IPsec stuff, or IPvS stuff, I use it for this. Multi-matching, this can be really, if you have a lot of test machines in your test lab, you want to run just two set of machines. It can be really long test. Then there's bucket capturing, I showed you. It's using TCP dump. It's extendable. You can write test modules in Python, or you can use an LST test tools. It's simply wrapping anything, any language that you want. You can write a program in C, and LST uses a simple, I won't go too much into details. So, test tools in any other language. Before the presentation, we had a chair, cheering guys. So, actually we have support for NETAM, which is quite an interesting tool for simulating various aspects of real networks. So, adding delays, adding reordering of the packets in the network stack, or on network devices rather. So, that's for the features. Oh, what's the feature? Python 3 is becoming more and more, like default. So, we are about to check whether LST will work with this and tune it so that it works with Python 3. Then, currently we define the requirements in the LST recipe, which is an external file. So, editing this, it's really, external files are not what we want. So, we would like to do the network definition or definition of your requirements for the network in Python. So, basically joining the task, the test itself and the network configuration into one file, ideally. Then, securing the control slave communication, because when you run an LST slave on your machine, it's just a hole in your system. So, currently it's not secured, but Andre Lyftner, he's working on securing the communication between control and slave. Also, authentication. So, what's next? We are... Yeah, LST is available in Federa, in this room. So, you can just install it. So, the code is at GitHub. There's a bunch of documentation for various parts of LST. There's a quick start guide so that you can overcome a few things because we need to tweak a bit, for example, network manager to make it run in with LST. We are on RRC. You can email us. We are very open to any contributions. If we want to contribute, we will be very happy if you post patches and also to tell us what would you need from LST to make your life easier. OK, so now time for questions. I think I will ask Andre to answer his question because he recently introduced a lot of problems, especially when you think about the special and the other support and integration. If network manager doesn't support something and it's supposed to be and you don't have to configure a master or a slave interface, for example, and it supports one, but not the other, then it kind of gets hard by what do you want to configure and what, and the combinations kind of get out of the way and it doesn't get stuck. OK, I guess it can be used or something that the manager knows that he wants to do as well. That was original. We would like to keep it. We made the original intention and tried to keep it for the next one with everything else, so that we will have to see if it's working or not. No. But here, if we turn to this, it's because of the food manager and he is talking to you that you have to write the work rounds and stuff like just some years so that everything works. That's my business. Thanks for Andre and thanks for the question. We can try to talk to the manager. Yep, yep. OK, another question? Nezaprosto, že se mohou těžké těch dělávali kámovou dna, ale z takého vědětového vědětového nám proč nezaprosto? To je dobré idei. Když měli jsme mít všetky, když jdu zvukat v zvukatovém konfigurace, jsme musíme být většiné dátory, dropped files or the slade pool, which is their simple files. We might consider it, but it's not required. We can live with simple XML files in Slade Pool. Do you need to write anything on the Slade machine a než se které vysvědání někdy nebo vysvědání nebo rádní? Na testu vždyť se na země Slave závodní. To je výborný nejedný, že kde je zvědáná z konceptu a zvědáná, co se vysvědání, kde se zavodní, co se vysvědání, a kde se s ním svojím svět, kde se svoje zavodní, co se zavodní, co se světání, co se zavodní. Jsou nic nezap można poznávati. There are some dependencies like rpm package. We use the pattern py route module and bunch of other things. For example, if you want package cert, you need to have tcm installed. if you want to use a natform editor obviously we need a natform editor so if does it answer your question? Ye, and probably also the second could you configure other things as slaves and which are not Linux machines where definitely we want to configure of the switch in some how of the necessary which will be called configuring the middle devices? So the question, I repeat, je to, když chtěl bychom návat, by vzvědětá návšetce. To by být návšetce, kde je to završené. Aby to běžet, když jste tím, když vzvědětá na zvědět. Takže jsme cítili to v představě, ale jsme vždyžili to za velké představě, protože máte velké zvědě, velké stávy, že jste bychom těchto vystávým z výzvou, tak jak se v Pythonu těchto, když děláte, který se spoušlíte, jak to to děláte. To je neopvědně, že se vám zvědějí. Máli měni vám a mě děláte jeho výzvou, takže se jste zvědějí jezdu zvýzovánou křejů, takže je to vyjště prostě. Takže mám příjít jeho poslapitě se ještě můžete příjemnou tím, která chcete possessivit. My děláme něco z nejvědě. Očíme se, když jste milíš, kde zázvali Linnux, když zvědkáme lindus a závěláme to, které jsme vždy zvědět. Tak se nezávět. Moje návět, které se zvědět, určíme to z vědět. Bylo to všechno většině, že se vyvěděli nějaké opětěny, jakéto mětěny, co je většině, které se se většině nebo všechno, jakéto mětěny. Mám to podívat. Ale když bychom to většině hodil, musím se někdy zvukat. Je to nejdešná nemět většině? Je to většině, když jen jdešná? Ne, ne. Myslím, že nejde limitace, protože než jsme vždycky testovat, když jsme mluvili 1.000 konceptů. Ale dvou je nejlepší, které jsme vždycky testovat. Protože, když jsem vždycky testovat, když jsem vždycky testovat, když jsem vždycky testovat, když jsem vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat, když jsem vždycky testovat, když jsem vždycky testovat, když jsem vždycky testovat, když jsem vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat, které jsou vždycky testovat, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat, které jsou vždycky testovat, které jsou vždycky testovat, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Mám dvou klientů a dvou rilce, které jsou vždycky testovat. Alex bude dvou vždycky testovat, které jsou vždycky testovat. Které jsou vždycky testovat, které jsou vždycky testovat. Já jsem netfilter, 14-member a pracujem na dvou dvou dvou dvou dvou dvou dvou dvou dvou dvou dvou dvou dvou. Mám dvou vždycky testovat, které jsou vždycky testovat.