diff options
| author | cdoern <cdoern@redhat.com> | 2022-01-10 20:25:08 -0500 |
|---|---|---|
| committer | cdoern <cdoern@redhat.com> | 2022-01-12 20:49:04 -0500 |
| commit | f257d983943d6ec2253d50a245cd4810cab45e4b (patch) | |
| tree | 0033ace566bfd2a4e977d85b11f87d6e43b43c65 /test | |
| parent | 7a839f7a745ed5171e2a469f6ebec34b5084c3d8 (diff) | |
| download | podman-f257d983943d6ec2253d50a245cd4810cab45e4b.tar.gz podman-f257d983943d6ec2253d50a245cd4810cab45e4b.tar.bz2 podman-f257d983943d6ec2253d50a245cd4810cab45e4b.zip | |
Podman Pod Create --sysctl support
added support for pod wide sysctls. The sysctls supported are the same as the continer run controls.
These controls are only valid if the proper namespaces are shared within the pod, otherwise only the infra ctr gets the sysctl
resolves #12747
Signed-off-by: cdoern <cdoern@redhat.com>
Diffstat (limited to 'test')
| -rw-r--r-- | test/e2e/pod_create_test.go | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go index fab107af8..623377ea1 100644 --- a/test/e2e/pod_create_test.go +++ b/test/e2e/pod_create_test.go @@ -1029,4 +1029,43 @@ ENTRYPOINT ["sleep","99999"] Expect(inspect[0].AppArmorProfile).To(Equal(apparmor.Profile)) }) + + It("podman pod create --sysctl test", func() { + SkipIfRootless("Network sysctls are not available root rootless") + podCreate := podmanTest.Podman([]string{"pod", "create", "--sysctl", "net.core.somaxconn=65535"}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + session := podmanTest.Podman([]string{"run", "--pod", podCreate.OutputToString(), "--rm", ALPINE, "sysctl", "net.core.somaxconn"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("net.core.somaxconn = 65535")) + + // if not sharing the net NS, nothing should fail, but the sysctl should not be passed + podCreate = podmanTest.Podman([]string{"pod", "create", "--share", "pid", "--sysctl", "net.core.somaxconn=65535"}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + session = podmanTest.Podman([]string{"run", "--pod", podCreate.OutputToString(), "--rm", ALPINE, "sysctl", "net.core.somaxconn"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).NotTo(ContainSubstring("net.core.somaxconn = 65535")) + + // one other misc option + podCreate = podmanTest.Podman([]string{"pod", "create", "--sysctl", "kernel.msgmax=65535"}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + session = podmanTest.Podman([]string{"run", "--pod", podCreate.OutputToString(), "--rm", ALPINE, "sysctl", "kernel.msgmax"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("kernel.msgmax = 65535")) + + podCreate = podmanTest.Podman([]string{"pod", "create", "--share", "pid", "--sysctl", "kernel.msgmax=65535"}) + podCreate.WaitWithDefaultTimeout() + Expect(podCreate).Should(Exit(0)) + session = podmanTest.Podman([]string{"run", "--pod", podCreate.OutputToString(), "--rm", ALPINE, "sysctl", "kernel.msgmax"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).NotTo(ContainSubstring("kernel.msgmax = 65535")) + + }) + }) |