From owner-freebsd-hackers@freebsd.org Sun Jul 16 21:11:36 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9F368C7A81B; Sun, 16 Jul 2017 21:11:36 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-yw0-x229.google.com (mail-yw0-x229.google.com [IPv6:2607:f8b0:4002:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5A7B967752; Sun, 16 Jul 2017 21:11:36 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-yw0-x229.google.com with SMTP id l21so41043093ywb.1; Sun, 16 Jul 2017 14:11:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=rW467UFheZzv3rA94JqxvNtt+Y5jCshdQYimeHa9uGs=; b=VADE4jpJy+Lnc5wKePp1PJgeKLVFDV6tdTxitO1AowhvOG6QuUayKQTOIBQpxNGANG Z9XSBJbkEw81CVuB49GaBZ7thtMHTAlAbWt3jqE0zzt/7OwuKewhUDKfylvRlPLWrm0e O9AejIHf6Oae9kSi0bGmtv6PjoRpFtcNTMEcwtWtml4KBZr/sQZ3pq1aJMGSdYhsUnsY UV35Rm3LPvbz290Ma9SdXbwhlaZHfSSZu+LZFyMIV9rrt9PLFMaVwbRK7XNNdg+/iKMa JklJeW4BesSQmA6AuNBPEAGBsbJi6RJr2yDHLM12nIfVjipR8VpO5Vdgmw3FiS7fpu7t 1FIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=rW467UFheZzv3rA94JqxvNtt+Y5jCshdQYimeHa9uGs=; b=n6opFYrBQMVeV0262WhRlpn/4nfuUlGYBjg3FQdvhlxu5i5lhONbB25cuW/AqjEXU7 0+ba8k8FL+U/nV1yLW+MISYo4y2hki5z2r55tIyw1dKuPSGrq9gkQh5SUy0X91BPCFwJ 7tSmtQXjKEVlE/3nmWiM6mQ1Xugt0ipDQMXpB7S/vEWOVouzW6ZxvYJbnt4LfnlKZHGK z/iSsxXT5NrHQ7mV3+Socop4gQ7sSf3ZP4RaZLHpTmtr9IA2x+tl5QVtG4L5V9HBlB5C vbNjxkHztTPrC7Oo+qqjtuF4wcm95srXlrdGpKqpPVNxqx4xNdpTrrukgbRKITiBmfbN XYFw== X-Gm-Message-State: AIVw111zU2GKzf1vNlXVfyfdHj6jmku7MXfNN57F1Ei3KzUX5nwg9xFU 2F8p5aFnRcOBGpJfjWLUBNSuEtw1gw== X-Received: by 10.13.255.69 with SMTP id p66mr13794874ywf.233.1500239495482; Sun, 16 Jul 2017 14:11:35 -0700 (PDT) MIME-Version: 1.0 Sender: asomers@gmail.com Received: by 10.13.243.135 with HTTP; Sun, 16 Jul 2017 14:11:34 -0700 (PDT) In-Reply-To: <871d6043-0c56-2c9b-1e3e-5db33898c24a@yandex.com> References: <871d6043-0c56-2c9b-1e3e-5db33898c24a@yandex.com> From: Alan Somers Date: Sun, 16 Jul 2017 15:11:34 -0600 X-Google-Sender-Auth: BGR4n-R1eTNU4byTJVhOwFksjXM Message-ID: Subject: Re: Attn: CI/Jenkins people; Run bhyve instance for testing pf To: Panagiotes Mousikides Cc: FreeBSD Current , "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 Jul 2017 21:11:36 -0000 On Sun, Jul 16, 2017 at 2:44 PM, Panagiotes Mousikides wrote: > Hello everybody! > > I am working on adding tests to the FreeBSD test suite for testing pf, the > network packet filter. > > These tests need at least two machines running and connected to each other, > with one machine generating network traffic and the other running pf and > filtering the traffic. I am looking for a way to fire off a bhyve instance > to serve as the second machine, the first being the actual machine I am > running the tests on. This should be done completely automatically, with > scripts to configure all network interfaces and to preferably also set up an > SSH server on the bhyve instance. > > This bhyve instance could start off as running the latest stable version of > FreeBSD, or it could be configured to run a snapshot of the development > tree. The aim is to have the desired version of FreeBSD that we want to > test running on it. Ideally this would be done in such a way that we can > reuse the machine for further tests, instead of rebuilding everything from > scratch for each test. > > What I am looking for is the best way to do this, preferably so that it can > be easily integrated into the CI work being done at Jenkins. What do you > think? Any input is welcome! > > All the best, > Panagiotes It's possible to setup CI systems that involve multiple machines networked together. I've done it. But it's complicated, fragile, and slow. I advise you to consider very carefully whether you truly need multiple VMs. What about creating an epair(4)? You could run pf on epair0b and generate traffic from epair0a. That would be faster than spinning up VMs, and would be very easy to integrate into any other CI system. Would that work? -Alan