diff options
| -rw-r--r-- | libpod/runtime_ctr.go | 5 | ||||
| -rw-r--r-- | pkg/bindings/images/build.go | 2 | ||||
| -rw-r--r-- | pkg/checkpoint/checkpoint_restore.go | 7 | ||||
| -rw-r--r-- | test/e2e/checkpoint_test.go | 4 | ||||
| -rw-r--r-- | test/e2e/common_test.go | 14 | ||||
| -rw-r--r-- | test/e2e/network_create_test.go | 22 | ||||
| -rw-r--r-- | test/e2e/network_test.go | 57 | ||||
| -rw-r--r-- | test/e2e/run_networking_test.go | 91 | ||||
| -rw-r--r-- | test/system/070-build.bats | 28 |
9 files changed, 205 insertions, 25 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 3799b463f..44364100e 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -192,6 +192,11 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf } // Reset the log path to point to the default ctr.config.LogPath = "" + // Later in validate() the check is for nil. JSONDeepCopy sets it to an empty + // object. Resetting it to nil if it was nil before. + if config.StaticMAC == nil { + ctr.config.StaticMAC = nil + } } ctr.config.Spec = rSpec diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index a363f2c6e..c508cb767 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -352,11 +352,13 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO } c = tmpFile.Name() } + c = filepath.Clean(c) cfDir := filepath.Dir(c) if absDir, err := filepath.EvalSymlinks(cfDir); err == nil { name := filepath.ToSlash(strings.TrimPrefix(c, cfDir+string(filepath.Separator))) c = filepath.Join(absDir, name) } + containerfile, err := filepath.Abs(c) if err != nil { logrus.Errorf("Cannot find absolute path of %v: %v", c, err) diff --git a/pkg/checkpoint/checkpoint_restore.go b/pkg/checkpoint/checkpoint_restore.go index 1ebd6a455..270b5b6c4 100644 --- a/pkg/checkpoint/checkpoint_restore.go +++ b/pkg/checkpoint/checkpoint_restore.go @@ -140,6 +140,13 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt return nil, errors.Errorf("pod %s does not share the network namespace", ctrConfig.Pod) } ctrConfig.NetNsCtr = infraContainer.ID() + for net, opts := range ctrConfig.Networks { + opts.StaticIPs = nil + opts.StaticMAC = nil + ctrConfig.Networks[net] = opts + } + ctrConfig.StaticIP = nil + ctrConfig.StaticMAC = nil } if ctrConfig.PIDNsCtr != "" { diff --git a/test/e2e/checkpoint_test.go b/test/e2e/checkpoint_test.go index 5f1e4b1d1..5abc672e9 100644 --- a/test/e2e/checkpoint_test.go +++ b/test/e2e/checkpoint_test.go @@ -1081,10 +1081,6 @@ var _ = Describe("Podman checkpoint", func() { }) namespaceCombination := []string{ - "cgroup,ipc,net,uts,pid", - "cgroup,ipc,net,uts", - "cgroup,ipc,net", - "cgroup,ipc", "ipc,net,uts,pid", "ipc,net,uts", "ipc,net", diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go index f843a8984..b1cd76d27 100644 --- a/test/e2e/common_test.go +++ b/test/e2e/common_test.go @@ -771,15 +771,15 @@ func SkipIfNotActive(unit string, reason string) { } } -func SkipIfNetavark(p *PodmanTestIntegration) { - if p.NetworkBackend == Netavark { - Skip("This test is not compatible with the netavark network backend") +func SkipIfCNI(p *PodmanTestIntegration) { + if p.NetworkBackend == CNI { + Skip("this test is not compatible with the CNI network backend") } } -func SkipUntilAardvark(p *PodmanTestIntegration) { +func SkipIfNetavark(p *PodmanTestIntegration) { if p.NetworkBackend == Netavark { - Skip("Re-enable when aardvark is functional") + Skip("This test is not compatible with the netavark network backend") } } @@ -1038,3 +1038,7 @@ func ncz(port int) bool { } return false } + +func createNetworkName(name string) string { + return name + stringid.GenerateNonCryptoID()[:10] +} diff --git a/test/e2e/network_create_test.go b/test/e2e/network_create_test.go index 7589adaab..395759ee6 100644 --- a/test/e2e/network_create_test.go +++ b/test/e2e/network_create_test.go @@ -330,8 +330,8 @@ var _ = Describe("Podman network create", func() { Expect(nc).To(ExitWithError()) }) - It("podman network create with internal should not have dnsname", func() { - SkipUntilAardvark(podmanTest) + It("podman CNI network create with internal should not have dnsname", func() { + SkipIfNetavark(podmanTest) net := "internal-test" + stringid.GenerateNonCryptoID() nc := podmanTest.Podman([]string{"network", "create", "--internal", net}) nc.WaitWithDefaultTimeout() @@ -348,6 +348,24 @@ var _ = Describe("Podman network create", func() { Expect(nc.OutputToString()).ToNot(ContainSubstring("dnsname")) }) + It("podman Netavark network create with internal should have dnsname", func() { + SkipIfCNI(podmanTest) + net := "internal-test" + stringid.GenerateNonCryptoID() + nc := podmanTest.Podman([]string{"network", "create", "--internal", net}) + nc.WaitWithDefaultTimeout() + defer podmanTest.removeNetwork(net) + Expect(nc).Should(Exit(0)) + // Not performing this check on remote tests because it is a logrus error which does + // not come back via stderr on the remote client. + if !IsRemote() { + Expect(nc.ErrorToString()).To(BeEmpty()) + } + nc = podmanTest.Podman([]string{"network", "inspect", net}) + nc.WaitWithDefaultTimeout() + Expect(nc).Should(Exit(0)) + Expect(nc.OutputToString()).To(ContainSubstring(`"dns_enabled": true`)) + }) + It("podman network create with invalid name", func() { for _, name := range []string{"none", "host", "bridge", "private", "slirp4netns", "container", "ns"} { nc := podmanTest.Podman([]string{"network", "create", name}) diff --git a/test/e2e/network_test.go b/test/e2e/network_test.go index bd30a1f5d..89a9005f5 100644 --- a/test/e2e/network_test.go +++ b/test/e2e/network_test.go @@ -466,10 +466,61 @@ var _ = Describe("Podman network", func() { Expect(lines[1]).To(Equal(netName2)) }) - It("podman network with multiple aliases", func() { - SkipUntilAardvark(podmanTest) + It("podman CNI network with multiple aliases", func() { + SkipIfNetavark(podmanTest) + var worked bool + netName := createNetworkName("aliasTest") + session := podmanTest.Podman([]string{"network", "create", netName}) + session.WaitWithDefaultTimeout() + defer podmanTest.removeNetwork(netName) + Expect(session).Should(Exit(0)) + + interval := time.Duration(250 * time.Millisecond) + for i := 0; i < 6; i++ { + n := podmanTest.Podman([]string{"network", "exists", netName}) + n.WaitWithDefaultTimeout() + worked = n.ExitCode() == 0 + if worked { + break + } + time.Sleep(interval) + interval *= 2 + } + + top := podmanTest.Podman([]string{"run", "-dt", "--name=web", "--network=" + netName, "--network-alias=web1", "--network-alias=web2", nginx}) + top.WaitWithDefaultTimeout() + Expect(top).Should(Exit(0)) + interval = time.Duration(250 * time.Millisecond) + // Wait for the nginx service to be running + for i := 0; i < 6; i++ { + // Test curl against the container's name + c1 := podmanTest.Podman([]string{"run", "--dns-search", "dns.podman", "--network=" + netName, nginx, "curl", "web"}) + c1.WaitWithDefaultTimeout() + worked = c1.ExitCode() == 0 + if worked { + break + } + time.Sleep(interval) + interval *= 2 + } + Expect(worked).To(BeTrue()) + + // Nginx is now running so no need to do a loop + // Test against the first alias + c2 := podmanTest.Podman([]string{"run", "--dns-search", "dns.podman", "--network=" + netName, nginx, "curl", "web1"}) + c2.WaitWithDefaultTimeout() + Expect(c2).Should(Exit(0)) + + // Test against the second alias + c3 := podmanTest.Podman([]string{"run", "--dns-search", "dns.podman", "--network=" + netName, nginx, "curl", "web2"}) + c3.WaitWithDefaultTimeout() + Expect(c3).Should(Exit(0)) + }) + + It("podman Netavark network with multiple aliases", func() { + SkipIfCNI(podmanTest) var worked bool - netName := "aliasTest" + stringid.GenerateNonCryptoID() + netName := createNetworkName("aliasTest") session := podmanTest.Podman([]string{"network", "create", netName}) session.WaitWithDefaultTimeout() defer podmanTest.removeNetwork(netName) diff --git a/test/e2e/run_networking_test.go b/test/e2e/run_networking_test.go index 4c056df10..aa1887f84 100644 --- a/test/e2e/run_networking_test.go +++ b/test/e2e/run_networking_test.go @@ -715,8 +715,8 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(run.OutputToString()).To(ContainSubstring(ipAddr)) }) - It("podman cni network works across user ns", func() { - SkipUntilAardvark(podmanTest) + It("podman CNI network works across user ns", func() { + SkipIfNetavark(podmanTest) netName := stringid.GenerateNonCryptoID() create := podmanTest.Podman([]string{"network", "create", netName}) create.WaitWithDefaultTimeout() @@ -740,6 +740,31 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(log.OutputToString()).To(Equal("podman")) }) + It("podman Netavark network works across user ns", func() { + SkipIfCNI(podmanTest) + netName := createNetworkName("") + create := podmanTest.Podman([]string{"network", "create", netName}) + create.WaitWithDefaultTimeout() + Expect(create).Should(Exit(0)) + defer podmanTest.removeNetwork(netName) + + name := "nc-server" + run := podmanTest.Podman([]string{"run", "--log-driver", "k8s-file", "-d", "--name", name, "--net", netName, ALPINE, "nc", "-l", "-p", "9480"}) + run.WaitWithDefaultTimeout() + Expect(run).Should(Exit(0)) + + // NOTE: we force the k8s-file log driver to make sure the + // tests are passing inside a container. + run = podmanTest.Podman([]string{"run", "--log-driver", "k8s-file", "--rm", "--net", netName, "--uidmap", "0:1:4096", ALPINE, "sh", "-c", fmt.Sprintf("echo podman | nc -w 1 %s.dns.podman 9480", name)}) + run.WaitWithDefaultTimeout() + Expect(run).Should(Exit(0)) + + log := podmanTest.Podman([]string{"logs", name}) + log.WaitWithDefaultTimeout() + Expect(log).Should(Exit(0)) + Expect(log.OutputToString()).To(Equal("podman")) + }) + It("podman run with new:pod and static-ip", func() { netName := stringid.GenerateNonCryptoID() ipAddr := "10.25.40.128" @@ -814,14 +839,50 @@ EXPOSE 2004-2005/tcp`, ALPINE) pingTest("--net=private") }) - It("podman run check dnsname plugin", func() { - SkipUntilAardvark(podmanTest) + It("podman run check dnsname plugin with CNI", func() { + SkipIfNetavark(podmanTest) + pod := "testpod" + session := podmanTest.Podman([]string{"pod", "create", "--name", pod}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + net := createNetworkName("IntTest") + session = podmanTest.Podman([]string{"network", "create", net}) + session.WaitWithDefaultTimeout() + defer podmanTest.removeNetwork(net) + Expect(session).Should(Exit(0)) + + pod2 := "testpod2" + session = podmanTest.Podman([]string{"pod", "create", "--network", net, "--name", pod2}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"run", "--name", "con1", "--network", net, ALPINE, "nslookup", "con1"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"run", "--name", "con2", "--pod", pod, "--network", net, ALPINE, "nslookup", "con2"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"run", "--name", "con3", "--pod", pod2, ALPINE, "nslookup", "con1"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(1)) + Expect(session.ErrorToString()).To(ContainSubstring("can't resolve 'con1'")) + + session = podmanTest.Podman([]string{"run", "--name", "con4", "--network", net, ALPINE, "nslookup", pod2 + ".dns.podman"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + }) + + It("podman run check dnsname plugin with Netavark", func() { + SkipIfCNI(podmanTest) pod := "testpod" session := podmanTest.Podman([]string{"pod", "create", "--name", pod}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) - net := "IntTest" + stringid.GenerateNonCryptoID() + net := createNetworkName("IntTest") session = podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() defer podmanTest.removeNetwork(net) @@ -850,9 +911,23 @@ EXPOSE 2004-2005/tcp`, ALPINE) Expect(session).Should(Exit(0)) }) - It("podman run check dnsname adds dns search domain", func() { - SkipUntilAardvark(podmanTest) - net := "dnsname" + stringid.GenerateNonCryptoID() + It("podman run check dnsname adds dns search domain with CNI", func() { + SkipIfNetavark(podmanTest) + net := createNetworkName("dnsname") + session := podmanTest.Podman([]string{"network", "create", net}) + session.WaitWithDefaultTimeout() + defer podmanTest.removeNetwork(net) + Expect(session).Should(Exit(0)) + + session = podmanTest.Podman([]string{"run", "--network", net, ALPINE, "cat", "/etc/resolv.conf"}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + Expect(session.OutputToString()).To(ContainSubstring("search dns.podman")) + }) + + It("podman run check dnsname adds dns search domain with Netavark", func() { + SkipIfCNI(podmanTest) + net := createNetworkName("dnsname") session := podmanTest.Podman([]string{"network", "create", net}) session.WaitWithDefaultTimeout() defer podmanTest.removeNetwork(net) diff --git a/test/system/070-build.bats b/test/system/070-build.bats index d5f7365e8..a95acd986 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -88,12 +88,10 @@ EOF containerfile=$PODMAN_TMPDIR/Containerfile cat >$containerfile <<EOF FROM $IMAGE -RUN apk add nginx RUN echo $rand_content > /$rand_filename EOF - # The 'apk' command can take a long time to fetch files; bump timeout - PODMAN_TIMEOUT=240 run_podman build -t build_test -f - --format=docker $tmpdir < $containerfile + run_podman build -t build_test -f - --format=docker $tmpdir < $containerfile is "$output" ".*COMMIT" "COMMIT seen in log" run_podman run --rm build_test cat /$rand_filename @@ -188,6 +186,30 @@ EOF run_podman rmi -f build_test $iid } +@test "podman build test -f ./relative" { + rand_filename=$(random_string 20) + rand_content=$(random_string 50) + + tmpdir=$PODMAN_TMPDIR/build-test + mkdir -p $tmpdir + mkdir -p $PODMAN_TMPDIR/reldir + + containerfile=$PODMAN_TMPDIR/reldir/Containerfile + cat >$containerfile <<EOF +FROM $IMAGE +RUN echo $rand_content > /$rand_filename +EOF + + cd $PODMAN_TMPDIR + run_podman build -t build_test -f ./reldir/Containerfile --format=docker $tmpdir + is "$output" ".*COMMIT" "COMMIT seen in log" + + run_podman run --rm build_test cat /$rand_filename + is "$output" "$rand_content" "reading generated file in image" + + run_podman rmi -f build_test +} + @test "podman build - URLs" { tmpdir=$PODMAN_TMPDIR/build-test mkdir -p $tmpdir |