In version 1.0, Kmesh introduced the IPsec feature and dropped some of the authorization capabilities into the OS kernel. However, there was a lack of testing to look after this part of the functionality. This led to hidden risks when the code went live and new versions were released. Therefore, there is a need to write e2e tests for these two features and to document their use.
1、IPsec
2、Offload Authorization
IPsec is a feature that ensures secure communication between nodes, requiring cross-node testing with a self-designed testing plan. Offload Authorization is unique to Kmesh, offloading IP and Port authentication capabilities to the Linux kernel's XDP. Therefore, it is necessary to test both the user-space programs for Authorization and the XDP programs in the kernel. And different tests are performed for complementary authentication scenarios