2015-02-24 21:41:17 -05:00
|
|
|
package bridge
|
|
|
|
|
|
|
|
import (
|
2015-04-23 14:15:15 -04:00
|
|
|
"bytes"
|
2015-05-01 20:14:04 -04:00
|
|
|
"fmt"
|
2015-02-24 21:41:17 -05:00
|
|
|
"net"
|
2015-05-01 20:14:04 -04:00
|
|
|
"regexp"
|
2015-02-24 21:41:17 -05:00
|
|
|
"testing"
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
"github.com/docker/libnetwork/driverapi"
|
2015-10-05 17:53:25 -04:00
|
|
|
"github.com/docker/libnetwork/ipamutils"
|
2015-05-16 19:02:51 -04:00
|
|
|
"github.com/docker/libnetwork/iptables"
|
|
|
|
"github.com/docker/libnetwork/netlabel"
|
2015-09-07 13:33:28 -04:00
|
|
|
"github.com/docker/libnetwork/testutils"
|
2015-05-20 16:28:46 -04:00
|
|
|
"github.com/docker/libnetwork/types"
|
2015-04-23 14:15:15 -04:00
|
|
|
"github.com/vishvananda/netlink"
|
2015-02-24 21:41:17 -05:00
|
|
|
)
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
func getIPv4Data(t *testing.T) []driverapi.IPAMData {
|
|
|
|
ipd := driverapi.IPAMData{AddressSpace: "full"}
|
|
|
|
nw, _, err := ipamutils.ElectInterfaceAddresses("")
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
ipd.Pool = nw
|
|
|
|
// Set network gateway to X.X.X.1
|
|
|
|
ipd.Gateway = types.GetIPNetCopy(nw)
|
|
|
|
ipd.Gateway.IP[len(ipd.Gateway.IP)-1] = 1
|
|
|
|
return []driverapi.IPAMData{ipd}
|
|
|
|
}
|
|
|
|
|
2015-05-03 16:23:52 -04:00
|
|
|
func TestCreateFullOptions(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-02-24 21:41:17 -05:00
|
|
|
|
2015-05-22 13:56:36 -04:00
|
|
|
config := &configuration{
|
2015-05-03 16:23:52 -04:00
|
|
|
EnableIPForwarding: true,
|
2015-06-11 21:12:00 -04:00
|
|
|
EnableIPTables: true,
|
2015-05-03 16:23:52 -04:00
|
|
|
}
|
2015-05-06 01:51:26 -04:00
|
|
|
|
2015-06-12 02:21:50 -04:00
|
|
|
// Test this scenario: Default gw address does not belong to
|
|
|
|
// container network and it's greater than bridge address
|
2015-10-05 17:53:25 -04:00
|
|
|
cnw, _ := types.ParseCIDR("172.16.122.0/24")
|
|
|
|
bnw, _ := types.ParseCIDR("172.16.0.0/24")
|
|
|
|
br, _ := types.ParseCIDR("172.16.0.1/16")
|
|
|
|
defgw, _ := types.ParseCIDR("172.16.0.100/16")
|
2015-06-12 02:21:50 -04:00
|
|
|
|
2015-05-22 13:56:36 -04:00
|
|
|
netConfig := &networkConfiguration{
|
2015-10-05 17:53:25 -04:00
|
|
|
BridgeName: DefaultBridgeName,
|
|
|
|
EnableIPv6: true,
|
2015-05-06 01:51:26 -04:00
|
|
|
}
|
2015-04-30 20:57:06 -04:00
|
|
|
genericOption := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = config
|
2015-04-30 20:57:06 -04:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(genericOption); err != nil {
|
2015-04-15 01:25:42 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-05-06 01:51:26 -04:00
|
|
|
netOption := make(map[string]interface{})
|
|
|
|
netOption[netlabel.GenericData] = netConfig
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
ipdList := []driverapi.IPAMData{
|
|
|
|
driverapi.IPAMData{
|
|
|
|
Pool: bnw,
|
|
|
|
Gateway: br,
|
|
|
|
AuxAddresses: map[string]*net.IPNet{DefaultGatewayV4AuxKey: defgw},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
err := d.CreateNetwork("dummy", netOption, ipdList, nil)
|
2015-05-03 16:23:52 -04:00
|
|
|
if err != nil {
|
2015-02-24 21:41:17 -05:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
2015-07-27 19:48:30 -04:00
|
|
|
|
|
|
|
// Verify the IP address allocated for the endpoint belongs to the container network
|
|
|
|
epOptions := make(map[string]interface{})
|
2015-10-05 17:53:25 -04:00
|
|
|
te := newTestEndpoint(cnw, 10)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("dummy", "ep1", te.Interface(), epOptions)
|
2015-07-27 19:48:30 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create an endpoint : %s", err.Error())
|
|
|
|
}
|
2015-09-09 19:06:35 -04:00
|
|
|
|
|
|
|
if !cnw.Contains(te.Interface().Address().IP) {
|
|
|
|
t.Fatalf("endpoint got assigned address outside of container network(%s): %s", cnw.String(), te.Interface().Address())
|
2015-07-27 19:48:30 -04:00
|
|
|
}
|
2015-02-24 21:41:17 -05:00
|
|
|
}
|
|
|
|
|
2015-09-04 01:11:45 -04:00
|
|
|
func TestCreateNoConfig(t *testing.T) {
|
2015-09-07 22:35:39 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
2015-09-04 01:11:45 -04:00
|
|
|
d := newDriver()
|
|
|
|
|
|
|
|
netconfig := &networkConfiguration{BridgeName: DefaultBridgeName}
|
|
|
|
genericOption := make(map[string]interface{})
|
|
|
|
genericOption[netlabel.GenericData] = netconfig
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-09-04 01:11:45 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-10-06 15:08:54 -04:00
|
|
|
func TestCreateFullOptionsLabels(t *testing.T) {
|
|
|
|
defer testutils.SetupTestOSContext(t)()
|
|
|
|
d := newDriver()
|
|
|
|
|
|
|
|
config := &configuration{
|
|
|
|
EnableIPForwarding: true,
|
|
|
|
}
|
|
|
|
genericOption := make(map[string]interface{})
|
|
|
|
genericOption[netlabel.GenericData] = config
|
|
|
|
|
|
|
|
if err := d.configure(genericOption); err != nil {
|
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-11-06 02:50:10 -05:00
|
|
|
bndIPs := "127.0.0.1"
|
2015-11-15 12:28:53 -05:00
|
|
|
nwV6s := "2001:db8:2600:2700:2800::/80"
|
|
|
|
gwV6s := "2001:db8:2600:2700:2800::25/80"
|
2015-11-06 02:50:10 -05:00
|
|
|
nwV6, _ := types.ParseCIDR(nwV6s)
|
|
|
|
gwV6, _ := types.ParseCIDR(gwV6s)
|
|
|
|
|
2015-10-06 15:08:54 -04:00
|
|
|
labels := map[string]string{
|
2015-11-06 02:50:10 -05:00
|
|
|
BridgeName: DefaultBridgeName,
|
|
|
|
DefaultBridge: "true",
|
2015-10-06 15:08:54 -04:00
|
|
|
netlabel.EnableIPv6: "true",
|
|
|
|
EnableICC: "true",
|
|
|
|
EnableIPMasquerade: "true",
|
2015-11-06 02:50:10 -05:00
|
|
|
DefaultBindingIP: bndIPs,
|
2015-10-06 15:08:54 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
netOption := make(map[string]interface{})
|
|
|
|
netOption[netlabel.GenericData] = labels
|
|
|
|
|
2015-11-06 02:50:10 -05:00
|
|
|
ipdList := getIPv4Data(t)
|
|
|
|
ipd6List := []driverapi.IPAMData{
|
|
|
|
driverapi.IPAMData{
|
|
|
|
Pool: nwV6,
|
|
|
|
AuxAddresses: map[string]*net.IPNet{
|
|
|
|
DefaultGatewayV6AuxKey: gwV6,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
err := d.CreateNetwork("dummy", netOption, ipdList, ipd6List)
|
2015-10-06 15:08:54 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
nw, ok := d.networks["dummy"]
|
|
|
|
if !ok {
|
|
|
|
t.Fatalf("Cannot find dummy network in bridge driver")
|
|
|
|
}
|
|
|
|
|
2015-11-06 02:50:10 -05:00
|
|
|
if nw.config.BridgeName != DefaultBridgeName {
|
2015-10-06 15:08:54 -04:00
|
|
|
t.Fatalf("incongruent name in bridge network")
|
|
|
|
}
|
|
|
|
|
|
|
|
if !nw.config.EnableIPv6 {
|
|
|
|
t.Fatalf("incongruent EnableIPv6 in bridge network")
|
|
|
|
}
|
|
|
|
|
|
|
|
if !nw.config.EnableICC {
|
|
|
|
t.Fatalf("incongruent EnableICC in bridge network")
|
|
|
|
}
|
|
|
|
|
|
|
|
if !nw.config.EnableIPMasquerade {
|
|
|
|
t.Fatalf("incongruent EnableIPMasquerade in bridge network")
|
|
|
|
}
|
2015-11-06 02:50:10 -05:00
|
|
|
|
|
|
|
bndIP := net.ParseIP(bndIPs)
|
|
|
|
if !bndIP.Equal(nw.config.DefaultBindingIP) {
|
|
|
|
t.Fatalf("Unexpected: %v", nw.config.DefaultBindingIP)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !types.CompareIPNet(nw.config.AddressIPv6, nwV6) {
|
|
|
|
t.Fatalf("Unexpected: %v", nw.config.AddressIPv6)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !gwV6.IP.Equal(nw.config.DefaultGatewayIPv6) {
|
|
|
|
t.Fatalf("Unexpected: %v", nw.config.DefaultGatewayIPv6)
|
|
|
|
}
|
|
|
|
|
|
|
|
// In short here we are testing --fixed-cidr-v6 daemon option
|
|
|
|
// plus --mac-address run option
|
|
|
|
mac, _ := net.ParseMAC("aa:bb:cc:dd:ee:ff")
|
|
|
|
epOptions := map[string]interface{}{netlabel.MacAddress: mac}
|
|
|
|
te := newTestEndpoint(ipdList[0].Pool, 20)
|
|
|
|
err = d.CreateEndpoint("dummy", "ep1", te.Interface(), epOptions)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !nwV6.Contains(te.Interface().AddressIPv6().IP) {
|
|
|
|
t.Fatalf("endpoint got assigned address outside of container network(%s): %s", nwV6.String(), te.Interface().AddressIPv6())
|
|
|
|
}
|
2015-11-15 12:28:53 -05:00
|
|
|
if te.Interface().AddressIPv6().IP.String() != "2001:db8:2600:2700:2800:aabb:ccdd:eeff" {
|
2015-11-06 02:50:10 -05:00
|
|
|
t.Fatalf("Unexpected endpoint IPv6 address: %v", te.Interface().AddressIPv6().IP)
|
|
|
|
}
|
2015-10-06 15:08:54 -04:00
|
|
|
}
|
|
|
|
|
2015-05-03 16:23:52 -04:00
|
|
|
func TestCreate(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-02-24 21:41:17 -05:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(nil); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
netconfig := &networkConfiguration{BridgeName: DefaultBridgeName}
|
2015-04-30 20:57:06 -04:00
|
|
|
genericOption := make(map[string]interface{})
|
2015-06-11 21:12:00 -04:00
|
|
|
genericOption[netlabel.GenericData] = netconfig
|
2015-04-30 20:57:06 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-05-03 16:23:52 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
2015-02-24 21:41:17 -05:00
|
|
|
}
|
2015-06-08 11:24:43 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil)
|
2015-06-08 11:24:43 -04:00
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Expected bridge driver to refuse creation of second network with default name")
|
|
|
|
}
|
|
|
|
if _, ok := err.(types.ForbiddenError); !ok {
|
|
|
|
t.Fatalf("Creation of second network with default name failed with unexpected error type")
|
|
|
|
}
|
2015-02-24 21:41:17 -05:00
|
|
|
}
|
|
|
|
|
2015-05-03 16:23:52 -04:00
|
|
|
func TestCreateFail(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-02-24 21:41:17 -05:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(nil); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-09-25 12:02:18 -04:00
|
|
|
netconfig := &networkConfiguration{BridgeName: "dummy0", DefaultBridge: true}
|
2015-04-30 20:57:06 -04:00
|
|
|
genericOption := make(map[string]interface{})
|
2015-06-11 21:12:00 -04:00
|
|
|
genericOption[netlabel.GenericData] = netconfig
|
2015-04-30 20:57:06 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err == nil {
|
2015-05-03 16:23:52 -04:00
|
|
|
t.Fatal("Bridge creation was expected to fail")
|
2015-02-24 21:41:17 -05:00
|
|
|
}
|
|
|
|
}
|
2015-05-04 14:49:53 -04:00
|
|
|
|
2015-06-02 21:40:55 -04:00
|
|
|
func TestCreateMultipleNetworks(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
2015-06-02 21:40:55 -04:00
|
|
|
d := newDriver()
|
|
|
|
|
2015-06-11 21:12:00 -04:00
|
|
|
config := &configuration{
|
|
|
|
EnableIPTables: true,
|
|
|
|
}
|
2015-06-02 21:40:55 -04:00
|
|
|
genericOption := make(map[string]interface{})
|
2015-06-11 21:12:00 -04:00
|
|
|
genericOption[netlabel.GenericData] = config
|
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(genericOption); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-09-23 21:01:04 -04:00
|
|
|
config1 := &networkConfiguration{BridgeName: "net_test_1"}
|
2015-06-11 21:12:00 -04:00
|
|
|
genericOption = make(map[string]interface{})
|
2015-06-02 21:40:55 -04:00
|
|
|
genericOption[netlabel.GenericData] = config1
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("1", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-06-02 21:40:55 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-09-23 21:01:04 -04:00
|
|
|
config2 := &networkConfiguration{BridgeName: "net_test_2"}
|
2015-06-02 21:40:55 -04:00
|
|
|
genericOption[netlabel.GenericData] = config2
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("2", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-06-02 21:40:55 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-10-16 01:16:40 -04:00
|
|
|
// Verify the network isolation rules are installed, each network subnet should appear 2 times
|
|
|
|
verifyV4INCEntries(d.networks, 2, t)
|
|
|
|
|
2015-09-23 21:01:04 -04:00
|
|
|
config3 := &networkConfiguration{BridgeName: "net_test_3"}
|
2015-06-02 21:40:55 -04:00
|
|
|
genericOption[netlabel.GenericData] = config3
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("3", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-06-02 21:40:55 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Verify the network isolation rules are installed, each network subnet should appear 4 times
|
2015-12-15 00:57:56 -05:00
|
|
|
verifyV4INCEntries(d.networks, 6, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
|
2015-09-23 21:01:04 -04:00
|
|
|
config4 := &networkConfiguration{BridgeName: "net_test_4"}
|
2015-06-02 21:40:55 -04:00
|
|
|
genericOption[netlabel.GenericData] = config4
|
2015-10-05 17:53:25 -04:00
|
|
|
if err := d.CreateNetwork("4", genericOption, getIPv4Data(t), nil); err != nil {
|
2015-06-02 21:40:55 -04:00
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now 6 times
|
2015-12-15 00:57:56 -05:00
|
|
|
verifyV4INCEntries(d.networks, 12, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
|
|
|
|
d.DeleteNetwork("1")
|
2015-12-15 00:57:56 -05:00
|
|
|
verifyV4INCEntries(d.networks, 6, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
|
|
|
|
d.DeleteNetwork("2")
|
2015-09-18 17:00:36 -04:00
|
|
|
verifyV4INCEntries(d.networks, 2, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
|
|
|
|
d.DeleteNetwork("3")
|
2015-09-18 17:00:36 -04:00
|
|
|
verifyV4INCEntries(d.networks, 0, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
|
|
|
|
d.DeleteNetwork("4")
|
2015-09-18 17:00:36 -04:00
|
|
|
verifyV4INCEntries(d.networks, 0, t)
|
2015-06-02 21:40:55 -04:00
|
|
|
}
|
|
|
|
|
2015-07-02 01:00:48 -04:00
|
|
|
func verifyV4INCEntries(networks map[string]*bridgeNetwork, numEntries int, t *testing.T) {
|
2015-12-15 00:57:56 -05:00
|
|
|
out, err := iptables.Raw("-nvL", IsolationChain)
|
2015-06-02 21:40:55 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
2015-12-15 00:57:56 -05:00
|
|
|
|
|
|
|
found := 0
|
|
|
|
for _, x := range networks {
|
|
|
|
for _, y := range networks {
|
|
|
|
if x == y {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
re := regexp.MustCompile(fmt.Sprintf("%s %s", x.config.BridgeName, y.config.BridgeName))
|
|
|
|
matches := re.FindAllString(string(out[:]), -1)
|
|
|
|
if len(matches) != 1 {
|
|
|
|
t.Fatalf("Cannot find expected inter-network isolation rules in IP Tables:\n%s", string(out[:]))
|
|
|
|
}
|
|
|
|
found++
|
2015-06-02 21:40:55 -04:00
|
|
|
}
|
|
|
|
}
|
2015-12-15 00:57:56 -05:00
|
|
|
|
|
|
|
if found != numEntries {
|
|
|
|
t.Fatalf("Cannot find expected number (%d) of inter-network isolation rules in IP Tables:\n%s\nFound %d", numEntries, string(out[:]), found)
|
|
|
|
}
|
2015-06-02 21:40:55 -04:00
|
|
|
}
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
type testInterface struct {
|
|
|
|
mac net.HardwareAddr
|
2015-10-03 19:11:50 -04:00
|
|
|
addr *net.IPNet
|
|
|
|
addrv6 *net.IPNet
|
2015-05-14 02:23:45 -04:00
|
|
|
srcName string
|
|
|
|
dstName string
|
|
|
|
}
|
|
|
|
|
|
|
|
type testEndpoint struct {
|
2015-09-09 19:06:35 -04:00
|
|
|
iface *testInterface
|
2015-05-14 02:23:45 -04:00
|
|
|
gw net.IP
|
|
|
|
gw6 net.IP
|
|
|
|
hostsPath string
|
|
|
|
resolvConfPath string
|
2015-05-19 20:08:56 -04:00
|
|
|
routes []types.StaticRoute
|
2015-05-14 02:23:45 -04:00
|
|
|
}
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
func newTestEndpoint(nw *net.IPNet, ordinal byte) *testEndpoint {
|
|
|
|
addr := types.GetIPNetCopy(nw)
|
|
|
|
addr.IP[len(addr.IP)-1] = ordinal
|
|
|
|
return &testEndpoint{iface: &testInterface{addr: addr}}
|
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
func (te *testEndpoint) Interface() driverapi.InterfaceInfo {
|
|
|
|
if te.iface != nil {
|
|
|
|
return te.iface
|
2015-05-14 02:23:45 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (i *testInterface) MacAddress() net.HardwareAddr {
|
|
|
|
return i.mac
|
|
|
|
}
|
|
|
|
|
2015-10-03 19:11:50 -04:00
|
|
|
func (i *testInterface) Address() *net.IPNet {
|
2015-05-14 02:23:45 -04:00
|
|
|
return i.addr
|
|
|
|
}
|
|
|
|
|
2015-10-03 19:11:50 -04:00
|
|
|
func (i *testInterface) AddressIPv6() *net.IPNet {
|
2015-05-14 02:23:45 -04:00
|
|
|
return i.addrv6
|
|
|
|
}
|
|
|
|
|
2015-10-03 19:11:50 -04:00
|
|
|
func (i *testInterface) SetMacAddress(mac net.HardwareAddr) error {
|
|
|
|
if i.mac != nil {
|
|
|
|
return types.ForbiddenErrorf("endpoint interface MAC address present (%s). Cannot be modified with %s.", i.mac, mac)
|
|
|
|
}
|
|
|
|
if mac == nil {
|
|
|
|
return types.BadRequestErrorf("tried to set nil MAC address to endpoint interface")
|
|
|
|
}
|
|
|
|
i.mac = types.GetMacCopy(mac)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (i *testInterface) SetIPAddress(address *net.IPNet) error {
|
|
|
|
if address.IP == nil {
|
|
|
|
return types.BadRequestErrorf("tried to set nil IP address to endpoint interface")
|
|
|
|
}
|
|
|
|
if address.IP.To4() == nil {
|
|
|
|
return setAddress(&i.addrv6, address)
|
|
|
|
}
|
|
|
|
return setAddress(&i.addr, address)
|
|
|
|
}
|
|
|
|
|
|
|
|
func setAddress(ifaceAddr **net.IPNet, address *net.IPNet) error {
|
|
|
|
if *ifaceAddr != nil {
|
|
|
|
return types.ForbiddenErrorf("endpoint interface IP present (%s). Cannot be modified with (%s).", *ifaceAddr, address)
|
|
|
|
}
|
|
|
|
*ifaceAddr = types.GetIPNetCopy(address)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
func (i *testInterface) SetNames(srcName string, dstName string) error {
|
|
|
|
i.srcName = srcName
|
|
|
|
i.dstName = dstName
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
func (te *testEndpoint) InterfaceName() driverapi.InterfaceNameInfo {
|
|
|
|
if te.iface != nil {
|
|
|
|
return te.iface
|
2015-05-14 02:23:45 -04:00
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
return nil
|
2015-05-14 02:23:45 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func (te *testEndpoint) SetGateway(gw net.IP) error {
|
|
|
|
te.gw = gw
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (te *testEndpoint) SetGatewayIPv6(gw6 net.IP) error {
|
|
|
|
te.gw6 = gw6
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
func (te *testEndpoint) AddStaticRoute(destination *net.IPNet, routeType int, nextHop net.IP) error {
|
|
|
|
te.routes = append(te.routes, types.StaticRoute{Destination: destination, RouteType: routeType, NextHop: nextHop})
|
2015-05-19 20:08:56 -04:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-12-02 21:07:44 -05:00
|
|
|
func (te *testEndpoint) DisableGatewayService() {}
|
|
|
|
|
2015-05-04 14:49:53 -04:00
|
|
|
func TestQueryEndpointInfo(t *testing.T) {
|
2015-05-18 19:49:12 -04:00
|
|
|
testQueryEndpointInfo(t, true)
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestQueryEndpointInfoHairpin(t *testing.T) {
|
|
|
|
testQueryEndpointInfo(t, false)
|
|
|
|
}
|
|
|
|
|
|
|
|
func testQueryEndpointInfo(t *testing.T, ulPxyEnabled bool) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-05-04 14:49:53 -04:00
|
|
|
|
2015-06-11 21:12:00 -04:00
|
|
|
config := &configuration{
|
2015-05-18 19:49:12 -04:00
|
|
|
EnableIPTables: true,
|
|
|
|
EnableUserlandProxy: ulPxyEnabled,
|
2015-05-04 14:49:53 -04:00
|
|
|
}
|
|
|
|
genericOption := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = config
|
2015-05-04 14:49:53 -04:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(genericOption); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
netconfig := &networkConfiguration{
|
|
|
|
BridgeName: DefaultBridgeName,
|
|
|
|
EnableICC: false,
|
|
|
|
}
|
|
|
|
genericOption = make(map[string]interface{})
|
|
|
|
genericOption[netlabel.GenericData] = netconfig
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
ipdList := getIPv4Data(t)
|
|
|
|
err := d.CreateNetwork("net1", genericOption, ipdList, nil)
|
2015-05-04 14:49:53 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
portMappings := getPortMapping()
|
|
|
|
epOptions := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
epOptions[netlabel.PortMap] = portMappings
|
2015-05-04 14:49:53 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
te := newTestEndpoint(ipdList[0].Pool, 11)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("net1", "ep1", te.Interface(), epOptions)
|
2015-05-04 14:49:53 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create an endpoint : %s", err.Error())
|
|
|
|
}
|
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
network, ok := d.networks["net1"]
|
2015-05-21 16:13:19 -04:00
|
|
|
if !ok {
|
|
|
|
t.Fatalf("Cannot find network %s inside driver", "net1")
|
|
|
|
}
|
|
|
|
ep, _ := network.endpoints["ep1"]
|
|
|
|
data, err := d.EndpointOperInfo(network.id, ep.id)
|
2015-05-04 14:49:53 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to ask for endpoint operational data: %v", err)
|
|
|
|
}
|
2015-05-06 00:19:57 -04:00
|
|
|
pmd, ok := data[netlabel.PortMap]
|
2015-05-04 14:49:53 -04:00
|
|
|
if !ok {
|
|
|
|
t.Fatalf("Endpoint operational data does not contain port mapping data")
|
|
|
|
}
|
2015-05-20 16:28:46 -04:00
|
|
|
pm, ok := pmd.([]types.PortBinding)
|
2015-05-04 14:49:53 -04:00
|
|
|
if !ok {
|
|
|
|
t.Fatalf("Unexpected format for port mapping in endpoint operational data")
|
|
|
|
}
|
|
|
|
if len(ep.portMapping) != len(pm) {
|
|
|
|
t.Fatalf("Incomplete data for port mapping in endpoint operational data")
|
|
|
|
}
|
|
|
|
for i, pb := range ep.portMapping {
|
|
|
|
if !pb.Equal(&pm[i]) {
|
|
|
|
t.Fatalf("Unexpected data for port mapping in endpoint operational data")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Cleanup as host ports are there
|
2015-06-01 16:14:29 -04:00
|
|
|
err = network.releasePorts(ep)
|
2015-05-04 14:49:53 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to release mapped ports: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-04-23 14:15:15 -04:00
|
|
|
func TestCreateLinkWithOptions(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-04-23 14:15:15 -04:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(nil); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
netconfig := &networkConfiguration{BridgeName: DefaultBridgeName}
|
2015-05-06 01:51:26 -04:00
|
|
|
netOptions := make(map[string]interface{})
|
2015-06-11 21:12:00 -04:00
|
|
|
netOptions[netlabel.GenericData] = netconfig
|
2015-04-23 14:15:15 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
ipdList := getIPv4Data(t)
|
|
|
|
err := d.CreateNetwork("net1", netOptions, ipdList, nil)
|
2015-04-23 14:15:15 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
mac := net.HardwareAddr([]byte{0x1e, 0x67, 0x66, 0x44, 0x55, 0x66})
|
2015-05-01 20:01:21 -04:00
|
|
|
epOptions := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
epOptions[netlabel.MacAddress] = mac
|
2015-04-23 14:15:15 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
te := newTestEndpoint(ipdList[0].Pool, 11)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("net1", "ep", te.Interface(), epOptions)
|
2015-05-14 02:23:45 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create an endpoint: %s", err.Error())
|
|
|
|
}
|
|
|
|
|
|
|
|
err = d.Join("net1", "ep", "sbox", te, nil)
|
2015-04-23 14:15:15 -04:00
|
|
|
if err != nil {
|
2015-05-14 02:23:45 -04:00
|
|
|
t.Fatalf("Failed to join the endpoint: %v", err)
|
2015-04-23 14:15:15 -04:00
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
ifaceName := te.iface.srcName
|
2015-04-23 14:15:15 -04:00
|
|
|
veth, err := netlink.LinkByName(ifaceName)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !bytes.Equal(mac, veth.Attrs().HardwareAddr) {
|
|
|
|
t.Fatalf("Failed to parse and program endpoint configuration")
|
|
|
|
}
|
|
|
|
}
|
2015-04-24 18:13:44 -04:00
|
|
|
|
2015-05-20 16:28:46 -04:00
|
|
|
func getExposedPorts() []types.TransportPort {
|
|
|
|
return []types.TransportPort{
|
|
|
|
types.TransportPort{Proto: types.TCP, Port: uint16(5000)},
|
|
|
|
types.TransportPort{Proto: types.UDP, Port: uint16(400)},
|
|
|
|
types.TransportPort{Proto: types.TCP, Port: uint16(600)},
|
2015-05-05 16:46:12 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-20 16:28:46 -04:00
|
|
|
func getPortMapping() []types.PortBinding {
|
|
|
|
return []types.PortBinding{
|
|
|
|
types.PortBinding{Proto: types.TCP, Port: uint16(230), HostPort: uint16(23000)},
|
|
|
|
types.PortBinding{Proto: types.UDP, Port: uint16(200), HostPort: uint16(22000)},
|
|
|
|
types.PortBinding{Proto: types.TCP, Port: uint16(120), HostPort: uint16(12000)},
|
2015-05-01 20:14:04 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestLinkContainers(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
2015-05-01 20:14:04 -04:00
|
|
|
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-05-01 20:14:04 -04:00
|
|
|
|
2015-06-11 21:12:00 -04:00
|
|
|
config := &configuration{
|
2015-05-01 20:14:04 -04:00
|
|
|
EnableIPTables: true,
|
|
|
|
}
|
|
|
|
genericOption := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = config
|
2015-05-01 20:14:04 -04:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(genericOption); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
netconfig := &networkConfiguration{
|
|
|
|
BridgeName: DefaultBridgeName,
|
|
|
|
EnableICC: false,
|
|
|
|
}
|
|
|
|
genericOption = make(map[string]interface{})
|
|
|
|
genericOption[netlabel.GenericData] = netconfig
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
ipdList := getIPv4Data(t)
|
|
|
|
err := d.CreateNetwork("net1", genericOption, ipdList, nil)
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-05-05 16:46:12 -04:00
|
|
|
exposedPorts := getExposedPorts()
|
2015-05-01 20:14:04 -04:00
|
|
|
epOptions := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
epOptions[netlabel.ExposedPorts] = exposedPorts
|
2015-05-01 20:14:04 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
te1 := newTestEndpoint(ipdList[0].Pool, 11)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("net1", "ep1", te1.Interface(), epOptions)
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create an endpoint : %s", err.Error())
|
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
addr1 := te1.iface.addr
|
2015-05-14 02:23:45 -04:00
|
|
|
if addr1.IP.To4() == nil {
|
2015-05-01 20:14:04 -04:00
|
|
|
t.Fatalf("No Ipv4 address assigned to the endpoint: ep1")
|
|
|
|
}
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
te2 := newTestEndpoint(ipdList[0].Pool, 22)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("net1", "ep2", te2.Interface(), nil)
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create an endpoint : %s", err.Error())
|
|
|
|
}
|
|
|
|
|
2015-09-09 19:06:35 -04:00
|
|
|
addr2 := te2.iface.addr
|
2015-05-14 02:23:45 -04:00
|
|
|
if addr2.IP.To4() == nil {
|
2015-05-01 20:14:04 -04:00
|
|
|
t.Fatalf("No Ipv4 address assigned to the endpoint: ep2")
|
|
|
|
}
|
|
|
|
|
2015-05-05 16:46:11 -04:00
|
|
|
ce := []string{"ep1"}
|
2015-05-22 13:56:36 -04:00
|
|
|
cConfig := &containerConfiguration{ChildEndpoints: ce}
|
2015-05-01 20:14:04 -04:00
|
|
|
genericOption = make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = cConfig
|
2015-05-01 20:14:04 -04:00
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
err = d.Join("net1", "ep2", "", te2, genericOption)
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to link ep1 and ep2")
|
|
|
|
}
|
|
|
|
|
2015-05-05 16:46:12 -04:00
|
|
|
out, err := iptables.Raw("-L", DockerChain)
|
|
|
|
for _, pm := range exposedPorts {
|
2015-05-01 20:14:04 -04:00
|
|
|
regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
re := regexp.MustCompile(regex)
|
|
|
|
matches := re.FindAllString(string(out[:]), -1)
|
2015-05-05 16:46:12 -04:00
|
|
|
if len(matches) != 1 {
|
2015-05-01 20:14:04 -04:00
|
|
|
t.Fatalf("IP Tables programming failed %s", string(out[:]))
|
|
|
|
}
|
|
|
|
|
|
|
|
regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
matched, _ := regexp.MatchString(regex, string(out[:]))
|
|
|
|
if !matched {
|
|
|
|
t.Fatalf("IP Tables programming failed %s", string(out[:]))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
err = d.Leave("net1", "ep2")
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to unlink ep1 and ep2")
|
|
|
|
}
|
|
|
|
|
2015-05-05 16:46:12 -04:00
|
|
|
out, err = iptables.Raw("-L", DockerChain)
|
|
|
|
for _, pm := range exposedPorts {
|
2015-05-01 20:14:04 -04:00
|
|
|
regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
re := regexp.MustCompile(regex)
|
|
|
|
matches := re.FindAllString(string(out[:]), -1)
|
2015-05-05 16:46:12 -04:00
|
|
|
if len(matches) != 0 {
|
2015-05-01 20:14:04 -04:00
|
|
|
t.Fatalf("Leave should have deleted relevant IPTables rules %s", string(out[:]))
|
|
|
|
}
|
|
|
|
|
|
|
|
regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
matched, _ := regexp.MatchString(regex, string(out[:]))
|
|
|
|
if matched {
|
|
|
|
t.Fatalf("Leave should have deleted relevant IPTables rules %s", string(out[:]))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Error condition test with an invalid endpoint-id "ep4"
|
2015-05-05 16:46:11 -04:00
|
|
|
ce = []string{"ep1", "ep4"}
|
2015-05-22 13:56:36 -04:00
|
|
|
cConfig = &containerConfiguration{ChildEndpoints: ce}
|
2015-05-01 20:14:04 -04:00
|
|
|
genericOption = make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = cConfig
|
2015-05-01 20:14:04 -04:00
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
err = d.Join("net1", "ep2", "", te2, genericOption)
|
2015-05-01 20:14:04 -04:00
|
|
|
if err != nil {
|
2015-05-05 16:46:12 -04:00
|
|
|
out, err = iptables.Raw("-L", DockerChain)
|
|
|
|
for _, pm := range exposedPorts {
|
2015-05-01 20:14:04 -04:00
|
|
|
regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
re := regexp.MustCompile(regex)
|
|
|
|
matches := re.FindAllString(string(out[:]), -1)
|
2015-05-05 16:46:12 -04:00
|
|
|
if len(matches) != 0 {
|
2015-05-01 20:14:04 -04:00
|
|
|
t.Fatalf("Error handling should rollback relevant IPTables rules %s", string(out[:]))
|
|
|
|
}
|
|
|
|
|
|
|
|
regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
|
|
|
|
matched, _ := regexp.MatchString(regex, string(out[:]))
|
|
|
|
if matched {
|
|
|
|
t.Fatalf("Error handling should rollback relevant IPTables rules %s", string(out[:]))
|
|
|
|
}
|
|
|
|
}
|
2015-05-05 16:46:12 -04:00
|
|
|
} else {
|
|
|
|
t.Fatalf("Expected Join to fail given link conditions are not satisfied")
|
2015-05-01 20:14:04 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-04-24 18:13:44 -04:00
|
|
|
func TestValidateConfig(t *testing.T) {
|
|
|
|
|
|
|
|
// Test mtu
|
2015-05-22 13:56:36 -04:00
|
|
|
c := networkConfiguration{Mtu: -2}
|
2015-04-24 18:13:44 -04:00
|
|
|
err := c.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Failed to detect invalid MTU number")
|
|
|
|
}
|
|
|
|
|
|
|
|
c.Mtu = 9000
|
|
|
|
err = c.Validate()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("unexpected validation error on MTU number")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Bridge network
|
|
|
|
_, network, _ := net.ParseCIDR("172.28.0.0/16")
|
2015-10-05 17:53:25 -04:00
|
|
|
c = networkConfiguration{
|
|
|
|
AddressIPv4: network,
|
|
|
|
}
|
|
|
|
|
|
|
|
err = c.Validate()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
2015-04-24 18:13:44 -04:00
|
|
|
|
|
|
|
// Test v4 gw
|
|
|
|
c.DefaultGatewayIPv4 = net.ParseIP("172.27.30.234")
|
|
|
|
err = c.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Failed to detect invalid default gateway")
|
|
|
|
}
|
|
|
|
|
|
|
|
c.DefaultGatewayIPv4 = net.ParseIP("172.28.30.234")
|
|
|
|
err = c.Validate()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Unexpected validation error on default gateway")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Test v6 gw
|
2015-11-15 12:28:53 -05:00
|
|
|
_, v6nw, _ := net.ParseCIDR("2001:db8:ae:b004::/64")
|
2015-05-22 13:56:36 -04:00
|
|
|
c = networkConfiguration{
|
2015-04-24 18:13:44 -04:00
|
|
|
EnableIPv6: true,
|
2015-10-05 17:53:25 -04:00
|
|
|
AddressIPv6: v6nw,
|
2015-11-15 12:28:53 -05:00
|
|
|
DefaultGatewayIPv6: net.ParseIP("2001:db8:ac:b004::bad:a55"),
|
2015-04-24 18:13:44 -04:00
|
|
|
}
|
|
|
|
err = c.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Failed to detect invalid v6 default gateway")
|
|
|
|
}
|
|
|
|
|
2015-11-15 12:28:53 -05:00
|
|
|
c.DefaultGatewayIPv6 = net.ParseIP("2001:db8:ae:b004::bad:a55")
|
2015-04-24 18:13:44 -04:00
|
|
|
err = c.Validate()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Unexpected validation error on v6 default gateway")
|
|
|
|
}
|
2015-10-05 17:53:25 -04:00
|
|
|
|
|
|
|
c.AddressIPv6 = nil
|
|
|
|
err = c.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Failed to detect invalid v6 default gateway")
|
|
|
|
}
|
|
|
|
|
|
|
|
c.AddressIPv6 = nil
|
|
|
|
err = c.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatalf("Failed to detect invalid v6 default gateway")
|
|
|
|
}
|
2015-04-24 18:13:44 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func TestSetDefaultGw(t *testing.T) {
|
2015-09-07 13:33:28 -04:00
|
|
|
defer testutils.SetupTestOSContext(t)()
|
Make driver packages register themselves via DriverCallback
In the present code, each driver package provides a `New()` method
which constructs a driver of its type, which is then registered with
the controller.
However, this is not suitable for the `drivers/remote` package, since
it does not provide a (singleton) driver, but a mechanism for drivers
to be added dynamically. As a result, the implementation is oddly
dual-purpose, and a spurious `"remote"` driver is added to the
controller's list of available drivers.
Instead, it is better to provide the registration callback to each
package and let it register its own driver or drivers. That way, the
singleton driver packages can construct one and register it, and the
remote package can hook the callback up with whatever the dynamic
driver mechanism turns out to be.
NB there are some method signature changes; in particular to
controller.New, which can return an error if the built-in driver
packages fail to initialise.
Signed-off-by: Michael Bridgen <mikeb@squaremobius.net>
2015-05-11 08:46:29 -04:00
|
|
|
d := newDriver()
|
2015-04-24 18:13:44 -04:00
|
|
|
|
2015-09-18 17:00:36 -04:00
|
|
|
if err := d.configure(nil); err != nil {
|
2015-06-11 21:12:00 -04:00
|
|
|
t.Fatalf("Failed to setup driver config: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-04-24 18:13:44 -04:00
|
|
|
_, subnetv6, _ := net.ParseCIDR("2001:db8:ea9:9abc:b0c4::/80")
|
2015-08-06 18:45:38 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
ipdList := getIPv4Data(t)
|
|
|
|
gw4 := types.GetIPCopy(ipdList[0].Pool.IP).To4()
|
2015-04-24 18:13:44 -04:00
|
|
|
gw4[3] = 254
|
|
|
|
gw6 := net.ParseIP("2001:db8:ea9:9abc:b0c4::254")
|
|
|
|
|
2015-05-22 13:56:36 -04:00
|
|
|
config := &networkConfiguration{
|
2015-04-24 18:13:44 -04:00
|
|
|
BridgeName: DefaultBridgeName,
|
|
|
|
EnableIPv6: true,
|
2015-10-05 17:53:25 -04:00
|
|
|
AddressIPv6: subnetv6,
|
2015-04-24 18:13:44 -04:00
|
|
|
DefaultGatewayIPv4: gw4,
|
|
|
|
DefaultGatewayIPv6: gw6,
|
|
|
|
}
|
|
|
|
|
2015-04-30 20:57:06 -04:00
|
|
|
genericOption := make(map[string]interface{})
|
2015-05-06 00:19:57 -04:00
|
|
|
genericOption[netlabel.GenericData] = config
|
2015-04-30 20:57:06 -04:00
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
err := d.CreateNetwork("dummy", genericOption, ipdList, nil)
|
2015-04-24 18:13:44 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create bridge: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-10-05 17:53:25 -04:00
|
|
|
te := newTestEndpoint(ipdList[0].Pool, 10)
|
2015-10-03 19:11:50 -04:00
|
|
|
err = d.CreateEndpoint("dummy", "ep", te.Interface(), nil)
|
2015-04-24 18:13:44 -04:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to create endpoint: %v", err)
|
|
|
|
}
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
err = d.Join("dummy", "ep", "sbox", te, nil)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Failed to join endpoint: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !gw4.Equal(te.gw) {
|
|
|
|
t.Fatalf("Failed to configure default gateway. Expected %v. Found %v", gw4, te.gw)
|
2015-04-24 18:13:44 -04:00
|
|
|
}
|
|
|
|
|
2015-05-14 02:23:45 -04:00
|
|
|
if !gw6.Equal(te.gw6) {
|
|
|
|
t.Fatalf("Failed to configure default gateway. Expected %v. Found %v", gw6, te.gw6)
|
2015-04-24 18:13:44 -04:00
|
|
|
}
|
|
|
|
}
|
2015-09-15 04:30:10 -04:00
|
|
|
|
|
|
|
func TestCleanupIptableRules(t *testing.T) {
|
|
|
|
defer testutils.SetupTestOSContext(t)()
|
|
|
|
bridgeChain := []iptables.ChainInfo{
|
|
|
|
iptables.ChainInfo{Name: DockerChain, Table: iptables.Nat},
|
|
|
|
iptables.ChainInfo{Name: DockerChain, Table: iptables.Filter},
|
|
|
|
iptables.ChainInfo{Name: IsolationChain, Table: iptables.Filter},
|
|
|
|
}
|
|
|
|
if _, _, _, err := setupIPChains(&configuration{EnableIPTables: true}); err != nil {
|
|
|
|
t.Fatalf("Error setting up ip chains: %v", err)
|
|
|
|
}
|
|
|
|
for _, chainInfo := range bridgeChain {
|
|
|
|
if !iptables.ExistChain(chainInfo.Name, chainInfo.Table) {
|
|
|
|
t.Fatalf("iptables chain %s of %s table should have been created", chainInfo.Name, chainInfo.Table)
|
|
|
|
}
|
|
|
|
}
|
2016-01-14 02:23:43 -05:00
|
|
|
removeIPChains()
|
2015-09-15 04:30:10 -04:00
|
|
|
for _, chainInfo := range bridgeChain {
|
|
|
|
if iptables.ExistChain(chainInfo.Name, chainInfo.Table) {
|
|
|
|
t.Fatalf("iptables chain %s of %s table should have been deleted", chainInfo.Name, chainInfo.Table)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|