summaryrefslogtreecommitdiff
path: root/test/system
diff options
context:
space:
mode:
Diffstat (limited to 'test/system')
-rw-r--r--test/system/001-basic.bats2
-rw-r--r--test/system/160-volumes.bats11
-rw-r--r--test/system/200-pod-top.bats40
-rw-r--r--test/system/200-pod.bats173
4 files changed, 180 insertions, 46 deletions
diff --git a/test/system/001-basic.bats b/test/system/001-basic.bats
index 5fc07acfb..71595f419 100644
--- a/test/system/001-basic.bats
+++ b/test/system/001-basic.bats
@@ -23,7 +23,7 @@ function setup() {
is "${lines[0]}" "Version:[ ]\+[1-9][0-9.]\+" "Version line 1"
is "$output" ".*Go Version: \+" "'Go Version' in output"
- is "$output" ".*RemoteAPI Version: \+" "API version in output"
+ is "$output" ".*API Version: \+" "API version in output"
}
diff --git a/test/system/160-volumes.bats b/test/system/160-volumes.bats
index 5d65a950f..3233e6f04 100644
--- a/test/system/160-volumes.bats
+++ b/test/system/160-volumes.bats
@@ -115,7 +115,8 @@ echo "got here -$rand-"
EOF
chmod 755 $mountpoint/myscript
- # By default, volumes are mounted noexec. This should fail.
+ # By default, volumes are mounted exec, but we have manually added the
+ # noexec option. This should fail.
# ARGH. Unfortunately, runc (used for cgroups v1) produces a different error
local expect_rc=126
local expect_msg='.* OCI runtime permission denied.*'
@@ -125,12 +126,12 @@ EOF
expect_msg='.* exec user process caused.*permission denied'
fi
- run_podman ${expect_rc} run --rm --volume $myvolume:/vol:z $IMAGE /vol/myscript
+ run_podman ${expect_rc} run --rm --volume $myvolume:/vol:noexec,z $IMAGE /vol/myscript
is "$output" "$expect_msg" "run on volume, noexec"
- # With exec, it should pass
- run_podman run --rm -v $myvolume:/vol:z,exec $IMAGE /vol/myscript
- is "$output" "got here -$rand-" "script in volume is runnable with exec"
+ # With the default, it should pass
+ run_podman run --rm -v $myvolume:/vol:z $IMAGE /vol/myscript
+ is "$output" "got here -$rand-" "script in volume is runnable with default (exec)"
# Clean up
run_podman volume rm $myvolume
diff --git a/test/system/200-pod-top.bats b/test/system/200-pod-top.bats
deleted file mode 100644
index bba1e8d14..000000000
--- a/test/system/200-pod-top.bats
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/usr/bin/env bats
-
-load helpers
-
-@test "podman pod top - containers in different PID namespaces" {
- skip_if_remote "podman-pod does not work with podman-remote"
-
- # With infra=false, we don't get a /pause container (we also
- # don't pull k8s.gcr.io/pause )
- no_infra='--infra=false'
- run_podman pod create $no_infra
- podid="$output"
-
- # Start two containers...
- run_podman run -d --pod $podid $IMAGE top -d 2
- cid1="$output"
- run_podman run -d --pod $podid $IMAGE top -d 2
- cid2="$output"
-
- # ...and wait for them to actually start.
- wait_for_output "PID \+PPID \+USER " $cid1
- wait_for_output "PID \+PPID \+USER " $cid2
-
- # Both containers have emitted at least one top-like line.
- # Now run 'pod top', and expect two 'top -d 2' processes running.
- run_podman pod top $podid
- is "$output" ".*root.*top -d 2.*root.*top -d 2" "two 'top' containers"
-
- # By default (podman pod create w/ default --infra) there should be
- # a /pause container.
- if [ -z "$no_infra" ]; then
- is "$output" ".*0 \+1 \+0 \+[0-9. ?s]\+/pause" "there is a /pause container"
- fi
-
- # Clean up
- run_podman pod rm -f $podid
-}
-
-
-# vim: filetype=sh
diff --git a/test/system/200-pod.bats b/test/system/200-pod.bats
new file mode 100644
index 000000000..e3643a3bd
--- /dev/null
+++ b/test/system/200-pod.bats
@@ -0,0 +1,173 @@
+#!/usr/bin/env bats
+
+load helpers
+
+# This is a long ugly way to clean up pods and remove the pause image
+function teardown() {
+ run_podman pod rm -f -a
+ run_podman rm -f -a
+ run_podman image list --format '{{.ID}} {{.Repository}}'
+ while read id name; do
+ if [[ "$name" =~ /pause ]]; then
+ run_podman rmi $id
+ fi
+ done <<<"$output"
+
+ basic_teardown
+}
+
+
+@test "podman pod top - containers in different PID namespaces" {
+ skip_if_remote "podman-pod does not work with podman-remote"
+
+ # With infra=false, we don't get a /pause container (we also
+ # don't pull k8s.gcr.io/pause )
+ no_infra='--infra=false'
+ run_podman pod create $no_infra
+ podid="$output"
+
+ # Start two containers...
+ run_podman run -d --pod $podid $IMAGE top -d 2
+ cid1="$output"
+ run_podman run -d --pod $podid $IMAGE top -d 2
+ cid2="$output"
+
+ # ...and wait for them to actually start.
+ wait_for_output "PID \+PPID \+USER " $cid1
+ wait_for_output "PID \+PPID \+USER " $cid2
+
+ # Both containers have emitted at least one top-like line.
+ # Now run 'pod top', and expect two 'top -d 2' processes running.
+ run_podman pod top $podid
+ is "$output" ".*root.*top -d 2.*root.*top -d 2" "two 'top' containers"
+
+ # By default (podman pod create w/ default --infra) there should be
+ # a /pause container.
+ if [ -z "$no_infra" ]; then
+ is "$output" ".*0 \+1 \+0 \+[0-9. ?s]\+/pause" "there is a /pause container"
+ fi
+
+ # Clean up
+ run_podman pod rm -f $podid
+}
+
+
+@test "podman pod - communicating between pods" {
+ skip_if_remote "podman-pod does not work with podman-remote"
+
+ podname=pod$(random_string)
+ run_podman pod create --infra=true --name=$podname
+
+ # Randomly-assigned port in the 5xxx range
+ for port in $(shuf -i 5000-5999);do
+ if ! { exec 3<> /dev/tcp/127.0.0.1/$port; } &>/dev/null; then
+ break
+ fi
+ done
+
+ # Listener. This will exit as soon as it receives a message.
+ run_podman run -d --pod $podname $IMAGE nc -l -p $port
+ cid1="$output"
+
+ # Talker: send the message via common port on localhost
+ message=$(random_string 15)
+ run_podman run --rm --pod $podname $IMAGE \
+ sh -c "echo $message | nc 127.0.0.1 $port"
+
+ # Back to the first (listener) container. Make sure message was received.
+ run_podman logs $cid1
+ is "$output" "$message" "message sent from one container to another"
+
+ # Clean up. First the nc -l container...
+ run_podman rm $cid1
+
+ # ...then, from pause container, find the image ID of the pause image...
+ # FIXME: if #6283 gets implemented, use 'inspect --format ...'
+ run_podman pod inspect $podname
+ pause_cid=$(jq -r '.Containers[0].Id' <<<"$output")
+ run_podman container inspect --format '{{.Image}}' $pause_cid
+ pause_iid="$output"
+
+ # ...then rm the pod, then rmi the pause image so we don't leave strays.
+ run_podman pod rm $podname
+ run_podman rmi $pause_iid
+}
+
+# Random byte
+function octet() {
+ echo $(( $RANDOM & 255 ))
+}
+
+# random MAC address: convention seems to be that 2nd lsb=1, lsb=0
+# (i.e. 0bxxxxxx10) in the first octet guarantees a private space.
+# FIXME: I can't find a definitive reference for this though
+# Generate the address IN CAPS (A-F), but we will test it in lowercase.
+function random_mac() {
+ local mac=$(printf "%02X" $(( $(octet) & 242 | 2 )) )
+ for i in $(seq 2 6); do
+ mac+=$(printf ":%02X" $(octet))
+ done
+
+ echo $mac
+}
+
+# Random RFC1918 IP address
+function random_ip() {
+ local ip="172.20"
+ for i in 1 2;do
+ ip+=$(printf ".%d" $(octet))
+ done
+ echo $ip
+}
+
+@test "podman pod create - hashtag AllTheOptions" {
+ mac=$(random_mac)
+ add_host_ip=$(random_ip)
+ add_host_n=$(random_string | tr A-Z a-z).$(random_string | tr A-Z a-z).xyz
+
+ dns_server=$(random_ip)
+ dns_opt="ndots:$(octet)"
+ dns_search=$(random_string 15 | tr A-Z a-z).abc
+
+ hostname=$(random_string | tr A-Z a-z).$(random_string | tr A-Z a-z).net
+
+ pod_id_file=${PODMAN_TMPDIR}/pod-id-file
+
+ # Create a pod with all the desired options
+ # FIXME: --ip=$ip fails:
+ # Error adding network: failed to allocate all requested IPs
+ run_podman pod create --name=mypod \
+ --pod-id-file=$pod_id_file \
+ --mac-address=$mac \
+ --hostname=$hostname \
+ --add-host "$add_host_n:$add_host_ip" \
+ --dns "$dns_server" \
+ --dns-search "$dns_search" \
+ --dns-opt "$dns_opt"
+ pod_id="$output"
+
+ # Check --pod-id-file
+ is "$(<$pod_id_file)" "$pod_id" "contents of pod-id-file"
+
+ # Check each of the options
+ if ! is_rootless; then
+ run_podman run --rm --pod mypod $IMAGE ip link show
+ # 'ip' outputs hex in lower-case, ${expr,,} converts UC to lc
+ is "$output" ".* link/ether ${mac,,} " "requested MAC address was set"
+ fi
+
+ run_podman run --rm --pod mypod $IMAGE hostname
+ is "$output" "$hostname" "--hostname set the hostname"
+
+ run_podman run --rm --pod $pod_id $IMAGE cat /etc/hosts
+ is "$output" ".*$add_host_ip $add_host_n" "--add-host was added"
+ is "$output" ".* $hostname" "--hostname is in /etc/hosts"
+ # ^^^^ this must be a tab, not a space
+
+ run_podman run --rm --pod mypod $IMAGE cat /etc/resolv.conf
+ is "$output" ".*nameserver $dns_server" "--dns [server] was added"
+ is "$output" ".*search $dns_search" "--dns-search was added"
+ is "$output" ".*options $dns_opt" "--dns-opt was added"
+}
+
+# vim: filetype=sh