From 2a71cc5aaf89e39f477aacdffadde70497f08b13 Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Mon, 27 Apr 2015 13:16:33 -0700 Subject: [PATCH 1/6] Integration tests for --bridge daemon flag Signed-off-by: Madhu Venugopal Upstream-commit: f3f5ff9d837eecb97eeeb878f0bd416b6ab57cf2 Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 41 +++++++++++++++++++ .../engine/integration-cli/docker_utils.go | 9 +++- 2 files changed, 48 insertions(+), 2 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index e099995ad3..3ebc880a0c 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -6,6 +6,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "net" "os" "os/exec" "path/filepath" @@ -447,6 +448,46 @@ func (s *DockerDaemonSuite) TestDaemonExitOnFailure(c *check.C) { } } +func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { + d := s.d + err := d.Start("--bridge", "nosuchbridge") + c.Assert(err, check.Not(check.IsNil), check.Commentf("--bridge option with an invalid bridge should cause the daemon to fail")) + + bridgeName := "external-bridge" + bridgeIp := "192.169.1.1/24" + _, bridgeIPNet, _ := net.ParseCIDR(bridgeIp) + + args := []string{"link", "add", "name", bridgeName, "type", "bridge"} + ipLinkCmd := exec.Command("ip", args...) + _, _, _, err = runCommandWithStdoutStderr(ipLinkCmd) + c.Assert(err, check.IsNil) + + ifCfgCmd := exec.Command("ifconfig", bridgeName, bridgeIp, "up") + _, _, _, err = runCommandWithStdoutStderr(ifCfgCmd) + c.Assert(err, check.IsNil) + + err = d.StartWithBusybox("--bridge", bridgeName) + c.Assert(err, check.IsNil) + + ipTablesSearchString := bridgeIPNet.String() + ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL") + out, _, err := runCommandWithOutput(ipTablesCmd) + c.Assert(err, check.IsNil) + + c.Assert(strings.Contains(out, ipTablesSearchString), check.Equals, true, + check.Commentf("iptables output should have contained %q, but was %q", + ipTablesSearchString, out)) + + _, err = d.Cmd("run", "-d", "--name", "ExtContainer", "busybox", "top") + c.Assert(err, check.IsNil) + + containerIp := d.findContainerIP(c, "ExtContainer") + ip := net.ParseIP(containerIp) + c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, + check.Commentf("Container IP-Address must be in the same subnet range : %s", + containerIp)) +} + func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) { testRequires(c, NativeExecDriver) diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index 8386bb59ff..a29b6c5928 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -570,8 +570,9 @@ func dockerCmdInDirWithTimeout(timeout time.Duration, path string, args ...strin return out, status, err } -func findContainerIP(c *check.C, id string) string { - cmd := exec.Command(dockerBinary, "inspect", "--format='{{ .NetworkSettings.IPAddress }}'", id) +func findContainerIP(c *check.C, id string, vargs ...string) string { + args := append(vargs, "inspect", "--format='{{ .NetworkSettings.IPAddress }}'", id) + cmd := exec.Command(dockerBinary, args...) out, _, err := runCommandWithOutput(cmd) if err != nil { c.Fatal(err, out) @@ -580,6 +581,10 @@ func findContainerIP(c *check.C, id string) string { return strings.Trim(out, " \r\n'") } +func (d *Daemon) findContainerIP(c *check.C, id string) string { + return findContainerIP(c, id, "--host", d.sock()) +} + func getContainerCount() (int, error) { const containers = "Containers:" From e04b0559140775ce62ab48555c2b903f5c8cd95d Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Mon, 27 Apr 2015 20:36:40 -0700 Subject: [PATCH 2/6] Integration tests for --bip daemon flag Signed-off-by: Madhu Venugopal Upstream-commit: 9c325c3f54b24621b76dee530a855b37cb22abcc Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 78 +++++++++++++++++++ 1 file changed, 78 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 3ebc880a0c..7acbe4640f 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -488,6 +488,71 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { containerIp)) } +func deleteBridge(c *check.C, bridge string) { + ifCmd := exec.Command("ip", "link", "delete", bridge) + _, _, _, err := runCommandWithStdoutStderr(ifCmd) + c.Assert(err, check.IsNil) + + flushCmd := exec.Command("iptables", "-t", "nat", "--flush") + _, _, _, err = runCommandWithStdoutStderr(flushCmd) + c.Assert(err, check.IsNil) +} + +func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { + // TestDaemonBridgeIP Steps + // 1. Delete the existing docker0 Bridge + // 2. Set --bip daemon configuration and start the new Docker Daemon + // 3. Check if the bip config has taken effect using ifconfig and iptables commands + // 4. Launch a Container and make sure the IP-Address is in the expected subnet + // 5. Delete the docker0 Bridge + // 6. Restart the Docker Daemon (with no --bip settings) + // This Restart takes care of bringing docker0 interface back to auto-assigned IP + // 7. Stop the Docker Daemon (via defered action) + + defaultNetworkBridge := "docker0" + deleteBridge(c, defaultNetworkBridge) + + d := s.d + + bridgeIp := "192.169.1.1/24" + ip, bridgeIPNet, _ := net.ParseCIDR(bridgeIp) + + err := d.StartWithBusybox("--bip", bridgeIp) + c.Assert(err, check.IsNil) + + ifconfigSearchString := ip.String() + ifconfigCmd := exec.Command("ifconfig", defaultNetworkBridge) + out, _, _, err := runCommandWithStdoutStderr(ifconfigCmd) + c.Assert(err, check.IsNil) + + c.Assert(strings.Contains(out, ifconfigSearchString), check.Equals, true, + check.Commentf("ifconfig output should have contained %q, but was %q", + ifconfigSearchString, out)) + + ipTablesSearchString := bridgeIPNet.String() + ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL") + out, _, err = runCommandWithOutput(ipTablesCmd) + c.Assert(err, check.IsNil) + + c.Assert(strings.Contains(out, ipTablesSearchString), check.Equals, true, + check.Commentf("iptables output should have contained %q, but was %q", + ipTablesSearchString, out)) + + out, err = d.Cmd("run", "-d", "--name", "test", "busybox", "top") + c.Assert(err, check.IsNil) + + containerIp := d.findContainerIP(c, "test") + ip = net.ParseIP(containerIp) + c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, + check.Commentf("Container IP-Address must be in the same subnet range : %s", + containerIp)) + + // Reset to Defaults + deleteBridge(c, defaultNetworkBridge) + d.Restart() + pingContainers(c) +} + func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) { testRequires(c, NativeExecDriver) @@ -930,3 +995,16 @@ func (s *DockerDaemonSuite) TestHttpsInfoRogueServerCert(c *check.C) { c.Fatalf("Expected err: %s, got instead: %s and output: %s", errCaUnknown, err, out) } } + +func pingContainers(c *check.C) { + runCmd := exec.Command(dockerBinary, "run", "-d", "--name", "container1", + "--hostname", "fred", "busybox", "top") + _, err := runCommand(runCmd) + c.Assert(err, check.IsNil) + + runArgs := []string{"run", "--rm", "--link", "container1:alias1", "busybox", "sh", "-c"} + pingCmd := "ping -c 1 %s -W 1" + + dockerCmd(c, append(runArgs, fmt.Sprintf(pingCmd, "alias1"))...) + dockerCmd(c, "rm", "-f", "container1") +} From 73bcda784f362d3c6183a92b452e5f1254030d59 Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Tue, 28 Apr 2015 08:55:04 -0700 Subject: [PATCH 3/6] Integration tests for --fixed-cidr daemon config Signed-off-by: Madhu Venugopal Upstream-commit: 0e254411b1fe0b5024d4a8e5ade7ce12f4545d8e Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 7acbe4640f..3dfcdfdb34 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -10,6 +10,7 @@ import ( "os" "os/exec" "path/filepath" + "strconv" "strings" "time" @@ -486,6 +487,10 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, check.Commentf("Container IP-Address must be in the same subnet range : %s", containerIp)) + + // Reset to Defaults + deleteBridge(c, bridgeName) + d.Restart() } func deleteBridge(c *check.C, bridge string) { @@ -553,6 +558,37 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { pingContainers(c) } +func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { + d := s.d + + bridgeName := "external-bridge" + args := []string{"link", "add", "name", bridgeName, "type", "bridge"} + ipLinkCmd := exec.Command("ip", args...) + _, _, _, err := runCommandWithStdoutStderr(ipLinkCmd) + c.Assert(err, check.IsNil) + + ifCmd := exec.Command("ifconfig", bridgeName, "192.169.1.1/24", "up") + _, _, _, err = runCommandWithStdoutStderr(ifCmd) + c.Assert(err, check.IsNil) + + args = []string{"--bridge", bridgeName, "--fixed-cidr", "192.169.1.0/30"} + err = d.StartWithBusybox(args...) + c.Assert(err, check.IsNil) + + for i := 0; i < 4; i++ { + cName := "Container" + strconv.Itoa(i) + out, err := d.Cmd("run", "-d", "--name", cName, "busybox", "top") + if err != nil { + c.Assert(strings.Contains(out, "no available ip addresses"), check.Equals, true, + check.Commentf("Could not run a Container : %s %s", err.Error(), out)) + } + } + + // Reset to Defaults + deleteBridge(c, bridgeName) + d.Restart() +} + func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) { testRequires(c, NativeExecDriver) From febe54901d845df53e4fd503e05008e70fe4fb55 Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Tue, 28 Apr 2015 10:26:59 -0700 Subject: [PATCH 4/6] Integration tests for --ip daemon option Signed-off-by: Madhu Venugopal Upstream-commit: ba11929ebdf4cf7798cddc98c4dcfc000b154264 Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 52 +++++++++++++++++-- 1 file changed, 47 insertions(+), 5 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 3dfcdfdb34..5c5fdbd571 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -10,6 +10,7 @@ import ( "os" "os/exec" "path/filepath" + "regexp" "strconv" "strings" "time" @@ -489,11 +490,11 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { containerIp)) // Reset to Defaults - deleteBridge(c, bridgeName) + deleteInterface(c, bridgeName) d.Restart() } -func deleteBridge(c *check.C, bridge string) { +func deleteInterface(c *check.C, bridge string) { ifCmd := exec.Command("ip", "link", "delete", bridge) _, _, _, err := runCommandWithStdoutStderr(ifCmd) c.Assert(err, check.IsNil) @@ -515,7 +516,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { // 7. Stop the Docker Daemon (via defered action) defaultNetworkBridge := "docker0" - deleteBridge(c, defaultNetworkBridge) + deleteInterface(c, defaultNetworkBridge) d := s.d @@ -553,7 +554,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { containerIp)) // Reset to Defaults - deleteBridge(c, defaultNetworkBridge) + deleteInterface(c, defaultNetworkBridge) d.Restart() pingContainers(c) } @@ -585,7 +586,48 @@ func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { } // Reset to Defaults - deleteBridge(c, bridgeName) + deleteInterface(c, bridgeName) + d.Restart() +} + +func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { + d := s.d + + ipStr := "192.170.1.1/24" + ip, _, _ := net.ParseCIDR(ipStr) + args := []string{"--ip", ip.String()} + err := d.StartWithBusybox(args...) + c.Assert(err, check.IsNil) + + out, err := d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") + c.Assert(err, check.Not(check.IsNil), + check.Commentf("Running a container must fail with an invalid --ip option")) + c.Assert(strings.Contains(out, "Error starting userland proxy"), check.Equals, true) + + ifName := "dummy" + args = []string{"link", "add", "name", ifName, "type", "dummy"} + ipLinkCmd := exec.Command("ip", args...) + _, _, _, err = runCommandWithStdoutStderr(ipLinkCmd) + c.Assert(err, check.IsNil) + + ifCmd := exec.Command("ifconfig", ifName, ipStr, "up") + _, _, _, err = runCommandWithStdoutStderr(ifCmd) + c.Assert(err, check.IsNil) + + _, err = d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") + c.Assert(err, check.IsNil) + + ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL") + out, _, err = runCommandWithOutput(ipTablesCmd) + c.Assert(err, check.IsNil) + + regex := fmt.Sprintf("DNAT.*%s.*dpt:8000", ip.String()) + matched, _ := regexp.MatchString(regex, out) + c.Assert(matched, check.Equals, true, + check.Commentf("iptables output should have contained %q, but was %q", regex, out)) + + // Reset to Defaults + deleteInterface(c, ifName) d.Restart() } From 0976611d8498a294e0985403cde920b1ed7a1dc7 Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Tue, 28 Apr 2015 16:17:00 -0700 Subject: [PATCH 5/6] Integration Tests for --icc=false & container Linking using --expose Signed-off-by: Madhu Venugopal Upstream-commit: dd0666e64f17329355c77aae1a2ac0fe2fe43402 Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 163 +++++++++++++----- .../engine/integration-cli/docker_utils.go | 4 +- 2 files changed, 124 insertions(+), 43 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 5c5fdbd571..738d9b0aa2 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -453,20 +453,13 @@ func (s *DockerDaemonSuite) TestDaemonExitOnFailure(c *check.C) { func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { d := s.d err := d.Start("--bridge", "nosuchbridge") - c.Assert(err, check.Not(check.IsNil), check.Commentf("--bridge option with an invalid bridge should cause the daemon to fail")) + c.Assert(err, check.NotNil, check.Commentf("--bridge option with an invalid bridge should cause the daemon to fail")) bridgeName := "external-bridge" bridgeIp := "192.169.1.1/24" _, bridgeIPNet, _ := net.ParseCIDR(bridgeIp) - args := []string{"link", "add", "name", bridgeName, "type", "bridge"} - ipLinkCmd := exec.Command("ip", args...) - _, _, _, err = runCommandWithStdoutStderr(ipLinkCmd) - c.Assert(err, check.IsNil) - - ifCfgCmd := exec.Command("ifconfig", bridgeName, bridgeIp, "up") - _, _, _, err = runCommandWithStdoutStderr(ifCfgCmd) - c.Assert(err, check.IsNil) + createInterface(c, "bridge", bridgeName, bridgeIp) err = d.StartWithBusybox("--bridge", bridgeName) c.Assert(err, check.IsNil) @@ -483,7 +476,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { _, err = d.Cmd("run", "-d", "--name", "ExtContainer", "busybox", "top") c.Assert(err, check.IsNil) - containerIp := d.findContainerIP(c, "ExtContainer") + containerIp := d.findContainerIP("ExtContainer") ip := net.ParseIP(containerIp) c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, check.Commentf("Container IP-Address must be in the same subnet range : %s", @@ -494,14 +487,29 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { d.Restart() } +func createInterface(c *check.C, ifType string, ifName string, ipNet string) { + args := []string{"link", "add", "name", ifName, "type", ifType} + ipLinkCmd := exec.Command("ip", args...) + out, _, err := runCommandWithOutput(ipLinkCmd) + c.Assert(err, check.IsNil, check.Commentf(out)) + + ifCfgCmd := exec.Command("ifconfig", ifName, ipNet, "up") + out, _, err = runCommandWithOutput(ifCfgCmd) + c.Assert(err, check.IsNil, check.Commentf(out)) +} + func deleteInterface(c *check.C, bridge string) { ifCmd := exec.Command("ip", "link", "delete", bridge) - _, _, _, err := runCommandWithStdoutStderr(ifCmd) - c.Assert(err, check.IsNil) + out, _, err := runCommandWithOutput(ifCmd) + c.Assert(err, check.IsNil, check.Commentf(out)) flushCmd := exec.Command("iptables", "-t", "nat", "--flush") - _, _, _, err = runCommandWithStdoutStderr(flushCmd) - c.Assert(err, check.IsNil) + out, _, err = runCommandWithOutput(flushCmd) + c.Assert(err, check.IsNil, check.Commentf(out)) + + flushCmd = exec.Command("iptables", "--flush") + out, _, err = runCommandWithOutput(flushCmd) + c.Assert(err, check.IsNil, check.Commentf(out)) } func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { @@ -547,7 +555,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { out, err = d.Cmd("run", "-d", "--name", "test", "busybox", "top") c.Assert(err, check.IsNil) - containerIp := d.findContainerIP(c, "test") + containerIp := d.findContainerIP("test") ip = net.ParseIP(containerIp) c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, check.Commentf("Container IP-Address must be in the same subnet range : %s", @@ -556,24 +564,19 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { // Reset to Defaults deleteInterface(c, defaultNetworkBridge) d.Restart() - pingContainers(c) + pingContainers(c, nil, false) } func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { d := s.d bridgeName := "external-bridge" - args := []string{"link", "add", "name", bridgeName, "type", "bridge"} - ipLinkCmd := exec.Command("ip", args...) - _, _, _, err := runCommandWithStdoutStderr(ipLinkCmd) - c.Assert(err, check.IsNil) + bridgeIp := "192.169.1.1/24" - ifCmd := exec.Command("ifconfig", bridgeName, "192.169.1.1/24", "up") - _, _, _, err = runCommandWithStdoutStderr(ifCmd) - c.Assert(err, check.IsNil) + createInterface(c, "bridge", bridgeName, bridgeIp) - args = []string{"--bridge", bridgeName, "--fixed-cidr", "192.169.1.0/30"} - err = d.StartWithBusybox(args...) + args := []string{"--bridge", bridgeName, "--fixed-cidr", "192.169.1.0/30"} + err := d.StartWithBusybox(args...) c.Assert(err, check.IsNil) for i := 0; i < 4; i++ { @@ -600,19 +603,12 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { c.Assert(err, check.IsNil) out, err := d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") - c.Assert(err, check.Not(check.IsNil), + c.Assert(err, check.NotNil, check.Commentf("Running a container must fail with an invalid --ip option")) c.Assert(strings.Contains(out, "Error starting userland proxy"), check.Equals, true) ifName := "dummy" - args = []string{"link", "add", "name", ifName, "type", "dummy"} - ipLinkCmd := exec.Command("ip", args...) - _, _, _, err = runCommandWithStdoutStderr(ipLinkCmd) - c.Assert(err, check.IsNil) - - ifCmd := exec.Command("ifconfig", ifName, ipStr, "up") - _, _, _, err = runCommandWithStdoutStderr(ifCmd) - c.Assert(err, check.IsNil) + createInterface(c, "dummy", ifName, ipStr) _, err = d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") c.Assert(err, check.IsNil) @@ -631,6 +627,79 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { d.Restart() } +func (s *DockerDaemonSuite) TestDaemonICCPing(c *check.C) { + d := s.d + + bridgeName := "external-bridge" + bridgeIp := "192.169.1.1/24" + + createInterface(c, "bridge", bridgeName, bridgeIp) + + args := []string{"--bridge", bridgeName, "--icc=false"} + err := d.StartWithBusybox(args...) + c.Assert(err, check.IsNil) + + ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD") + out, _, err := runCommandWithOutput(ipTablesCmd) + c.Assert(err, check.IsNil) + + regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName) + matched, _ := regexp.MatchString(regex, out) + c.Assert(matched, check.Equals, true, + check.Commentf("iptables output should have contained %q, but was %q", regex, out)) + + // Pinging another container must fail with --icc=false + pingContainers(c, d, true) + + ipStr := "192.171.1.1/24" + ip, _, _ := net.ParseCIDR(ipStr) + ifName := "icc-dummy" + + createInterface(c, "dummy", ifName, ipStr) + + // But, Pinging external or a Host interface must succeed + pingCmd := fmt.Sprintf("ping -c 1 %s -W 1", ip.String()) + runArgs := []string{"--rm", "busybox", "sh", "-c", pingCmd} + _, err = d.Cmd("run", runArgs...) + c.Assert(err, check.IsNil) + + // Reset to Defaults + deleteInterface(c, ifName) + d.Restart() +} + +func (s *DockerDaemonSuite) TestDaemonICCLinkExpose(c *check.C) { + d := s.d + + bridgeName := "external-bridge" + bridgeIp := "192.169.1.1/24" + + createInterface(c, "bridge", bridgeName, bridgeIp) + + args := []string{"--bridge", bridgeName, "--icc=false"} + err := d.StartWithBusybox(args...) + c.Assert(err, check.IsNil) + + ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD") + out, _, err := runCommandWithOutput(ipTablesCmd) + c.Assert(err, check.IsNil) + + regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName) + matched, _ := regexp.MatchString(regex, out) + c.Assert(matched, check.Equals, true, + check.Commentf("iptables output should have contained %q, but was %q", regex, out)) + + _, err = d.Cmd("run", "-d", "--expose", "4567", "--name", "icc1", "busybox", "nc", "-l", "-p", "4567") + c.Assert(err, check.IsNil) + + out, err = d.Cmd("run", "--link", "icc1:icc1", "busybox", "nc", "icc1", "4567") + c.Assert(err, check.IsNil, check.Commentf(out)) + + // Reset to Defaults + deleteInterface(c, bridgeName) + d.Restart() +} + func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) { testRequires(c, NativeExecDriver) @@ -1074,15 +1143,27 @@ func (s *DockerDaemonSuite) TestHttpsInfoRogueServerCert(c *check.C) { } } -func pingContainers(c *check.C) { - runCmd := exec.Command(dockerBinary, "run", "-d", "--name", "container1", - "--hostname", "fred", "busybox", "top") - _, err := runCommand(runCmd) +func pingContainers(c *check.C, d *Daemon, expectFailure bool) { + var dargs []string + if d != nil { + dargs = []string{"--host", d.sock()} + } + + args := append(dargs, "run", "-d", "--name", "container1", "busybox", "top") + _, err := runCommand(exec.Command(dockerBinary, args...)) c.Assert(err, check.IsNil) - runArgs := []string{"run", "--rm", "--link", "container1:alias1", "busybox", "sh", "-c"} + args = append(dargs, "run", "--rm", "--link", "container1:alias1", "busybox", "sh", "-c") pingCmd := "ping -c 1 %s -W 1" + args = append(args, fmt.Sprintf(pingCmd, "alias1")) + _, err = runCommand(exec.Command(dockerBinary, args...)) - dockerCmd(c, append(runArgs, fmt.Sprintf(pingCmd, "alias1"))...) - dockerCmd(c, "rm", "-f", "container1") + if expectFailure { + c.Assert(err, check.NotNil) + } else { + c.Assert(err, check.IsNil) + } + + args = append(dargs, "rm", "-f", "container1") + runCommand(exec.Command(dockerBinary, args...)) } diff --git a/components/engine/integration-cli/docker_utils.go b/components/engine/integration-cli/docker_utils.go index a29b6c5928..a1a845baff 100644 --- a/components/engine/integration-cli/docker_utils.go +++ b/components/engine/integration-cli/docker_utils.go @@ -581,8 +581,8 @@ func findContainerIP(c *check.C, id string, vargs ...string) string { return strings.Trim(out, " \r\n'") } -func (d *Daemon) findContainerIP(c *check.C, id string) string { - return findContainerIP(c, id, "--host", d.sock()) +func (d *Daemon) findContainerIP(id string) string { + return findContainerIP(d.c, id, "--host", d.sock()) } func getContainerCount() (int, error) { From 9d5c96c87513eb8e9aeec5f92117259f984b83a5 Mon Sep 17 00:00:00 2001 From: Madhu Venugopal Date: Wed, 29 Apr 2015 11:41:13 -0700 Subject: [PATCH 6/6] Moved explicit cleanups into defered action Signed-off-by: Madhu Venugopal Upstream-commit: 1c073ec1766e0f3cfe28d8f9c2e9a9a37154ece6 Component: engine --- .../integration-cli/docker_cli_daemon_test.go | 77 +++++++++---------- 1 file changed, 35 insertions(+), 42 deletions(-) diff --git a/components/engine/integration-cli/docker_cli_daemon_test.go b/components/engine/integration-cli/docker_cli_daemon_test.go index 738d9b0aa2..17141ddef0 100644 --- a/components/engine/integration-cli/docker_cli_daemon_test.go +++ b/components/engine/integration-cli/docker_cli_daemon_test.go @@ -454,19 +454,22 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { d := s.d err := d.Start("--bridge", "nosuchbridge") c.Assert(err, check.NotNil, check.Commentf("--bridge option with an invalid bridge should cause the daemon to fail")) + defer d.Restart() bridgeName := "external-bridge" bridgeIp := "192.169.1.1/24" _, bridgeIPNet, _ := net.ParseCIDR(bridgeIp) - createInterface(c, "bridge", bridgeName, bridgeIp) + out, err := createInterface(c, "bridge", bridgeName, bridgeIp) + c.Assert(err, check.IsNil, check.Commentf(out)) + defer deleteInterface(c, bridgeName) err = d.StartWithBusybox("--bridge", bridgeName) c.Assert(err, check.IsNil) ipTablesSearchString := bridgeIPNet.String() ipTablesCmd := exec.Command("iptables", "-t", "nat", "-nvL") - out, _, err := runCommandWithOutput(ipTablesCmd) + out, _, err = runCommandWithOutput(ipTablesCmd) c.Assert(err, check.IsNil) c.Assert(strings.Contains(out, ipTablesSearchString), check.Equals, true, @@ -481,25 +484,23 @@ func (s *DockerDaemonSuite) TestDaemonBridgeExternal(c *check.C) { c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, check.Commentf("Container IP-Address must be in the same subnet range : %s", containerIp)) - - // Reset to Defaults - deleteInterface(c, bridgeName) - d.Restart() } -func createInterface(c *check.C, ifType string, ifName string, ipNet string) { +func createInterface(c *check.C, ifType string, ifName string, ipNet string) (string, error) { args := []string{"link", "add", "name", ifName, "type", ifType} ipLinkCmd := exec.Command("ip", args...) out, _, err := runCommandWithOutput(ipLinkCmd) - c.Assert(err, check.IsNil, check.Commentf(out)) + if err != nil { + return out, err + } ifCfgCmd := exec.Command("ifconfig", ifName, ipNet, "up") out, _, err = runCommandWithOutput(ifCfgCmd) - c.Assert(err, check.IsNil, check.Commentf(out)) + return out, err } -func deleteInterface(c *check.C, bridge string) { - ifCmd := exec.Command("ip", "link", "delete", bridge) +func deleteInterface(c *check.C, ifName string) { + ifCmd := exec.Command("ip", "link", "delete", ifName) out, _, err := runCommandWithOutput(ifCmd) c.Assert(err, check.IsNil, check.Commentf(out)) @@ -519,9 +520,8 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { // 3. Check if the bip config has taken effect using ifconfig and iptables commands // 4. Launch a Container and make sure the IP-Address is in the expected subnet // 5. Delete the docker0 Bridge - // 6. Restart the Docker Daemon (with no --bip settings) + // 6. Restart the Docker Daemon (via defered action) // This Restart takes care of bringing docker0 interface back to auto-assigned IP - // 7. Stop the Docker Daemon (via defered action) defaultNetworkBridge := "docker0" deleteInterface(c, defaultNetworkBridge) @@ -533,6 +533,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { err := d.StartWithBusybox("--bip", bridgeIp) c.Assert(err, check.IsNil) + defer d.Restart() ifconfigSearchString := ip.String() ifconfigCmd := exec.Command("ifconfig", defaultNetworkBridge) @@ -560,11 +561,7 @@ func (s *DockerDaemonSuite) TestDaemonBridgeIP(c *check.C) { c.Assert(bridgeIPNet.Contains(ip), check.Equals, true, check.Commentf("Container IP-Address must be in the same subnet range : %s", containerIp)) - - // Reset to Defaults deleteInterface(c, defaultNetworkBridge) - d.Restart() - pingContainers(c, nil, false) } func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { @@ -573,11 +570,14 @@ func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { bridgeName := "external-bridge" bridgeIp := "192.169.1.1/24" - createInterface(c, "bridge", bridgeName, bridgeIp) + out, err := createInterface(c, "bridge", bridgeName, bridgeIp) + c.Assert(err, check.IsNil, check.Commentf(out)) + defer deleteInterface(c, bridgeName) args := []string{"--bridge", bridgeName, "--fixed-cidr", "192.169.1.0/30"} - err := d.StartWithBusybox(args...) + err = d.StartWithBusybox(args...) c.Assert(err, check.IsNil) + defer d.Restart() for i := 0; i < 4; i++ { cName := "Container" + strconv.Itoa(i) @@ -587,10 +587,6 @@ func (s *DockerDaemonSuite) TestDaemonBridgeFixedCidr(c *check.C) { check.Commentf("Could not run a Container : %s %s", err.Error(), out)) } } - - // Reset to Defaults - deleteInterface(c, bridgeName) - d.Restart() } func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { @@ -601,6 +597,7 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { args := []string{"--ip", ip.String()} err := d.StartWithBusybox(args...) c.Assert(err, check.IsNil) + defer d.Restart() out, err := d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") c.Assert(err, check.NotNil, @@ -608,7 +605,9 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { c.Assert(strings.Contains(out, "Error starting userland proxy"), check.Equals, true) ifName := "dummy" - createInterface(c, "dummy", ifName, ipStr) + out, err = createInterface(c, "dummy", ifName, ipStr) + c.Assert(err, check.IsNil, check.Commentf(out)) + defer deleteInterface(c, ifName) _, err = d.Cmd("run", "-d", "-p", "8000:8000", "busybox", "top") c.Assert(err, check.IsNil) @@ -621,10 +620,6 @@ func (s *DockerDaemonSuite) TestDaemonIP(c *check.C) { matched, _ := regexp.MatchString(regex, out) c.Assert(matched, check.Equals, true, check.Commentf("iptables output should have contained %q, but was %q", regex, out)) - - // Reset to Defaults - deleteInterface(c, ifName) - d.Restart() } func (s *DockerDaemonSuite) TestDaemonICCPing(c *check.C) { @@ -633,14 +628,17 @@ func (s *DockerDaemonSuite) TestDaemonICCPing(c *check.C) { bridgeName := "external-bridge" bridgeIp := "192.169.1.1/24" - createInterface(c, "bridge", bridgeName, bridgeIp) + out, err := createInterface(c, "bridge", bridgeName, bridgeIp) + c.Assert(err, check.IsNil, check.Commentf(out)) + defer deleteInterface(c, bridgeName) args := []string{"--bridge", bridgeName, "--icc=false"} - err := d.StartWithBusybox(args...) + err = d.StartWithBusybox(args...) c.Assert(err, check.IsNil) + defer d.Restart() ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD") - out, _, err := runCommandWithOutput(ipTablesCmd) + out, _, err = runCommandWithOutput(ipTablesCmd) c.Assert(err, check.IsNil) regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName) @@ -662,10 +660,6 @@ func (s *DockerDaemonSuite) TestDaemonICCPing(c *check.C) { runArgs := []string{"--rm", "busybox", "sh", "-c", pingCmd} _, err = d.Cmd("run", runArgs...) c.Assert(err, check.IsNil) - - // Reset to Defaults - deleteInterface(c, ifName) - d.Restart() } func (s *DockerDaemonSuite) TestDaemonICCLinkExpose(c *check.C) { @@ -674,14 +668,17 @@ func (s *DockerDaemonSuite) TestDaemonICCLinkExpose(c *check.C) { bridgeName := "external-bridge" bridgeIp := "192.169.1.1/24" - createInterface(c, "bridge", bridgeName, bridgeIp) + out, err := createInterface(c, "bridge", bridgeName, bridgeIp) + c.Assert(err, check.IsNil, check.Commentf(out)) + defer deleteInterface(c, bridgeName) args := []string{"--bridge", bridgeName, "--icc=false"} - err := d.StartWithBusybox(args...) + err = d.StartWithBusybox(args...) c.Assert(err, check.IsNil) + defer d.Restart() ipTablesCmd := exec.Command("iptables", "-nvL", "FORWARD") - out, _, err := runCommandWithOutput(ipTablesCmd) + out, _, err = runCommandWithOutput(ipTablesCmd) c.Assert(err, check.IsNil) regex := fmt.Sprintf("DROP.*all.*%s.*%s", bridgeName, bridgeName) @@ -694,10 +691,6 @@ func (s *DockerDaemonSuite) TestDaemonICCLinkExpose(c *check.C) { out, err = d.Cmd("run", "--link", "icc1:icc1", "busybox", "nc", "icc1", "4567") c.Assert(err, check.IsNil, check.Commentf(out)) - - // Reset to Defaults - deleteInterface(c, bridgeName) - d.Restart() } func (s *DockerDaemonSuite) TestDaemonUlimitDefaults(c *check.C) {