2014-04-07 14:34:07 -04:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2014-05-10 13:27:24 -04:00
|
|
|
"github.com/dotcloud/docker/pkg/iptables"
|
2014-05-21 18:07:40 -04:00
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
2014-04-07 14:34:07 -04:00
|
|
|
"os/exec"
|
2014-05-21 18:07:40 -04:00
|
|
|
"strings"
|
2014-04-07 14:34:07 -04:00
|
|
|
"testing"
|
|
|
|
)
|
|
|
|
|
2014-05-21 18:07:40 -04:00
|
|
|
func TestEtcHostsRegularFile(t *testing.T) {
|
|
|
|
runCmd := exec.Command(dockerBinary, "run", "--net=host", "busybox", "ls", "-la", "/etc/hosts")
|
|
|
|
out, _, _, err := runCommandWithStdoutStderr(runCmd)
|
|
|
|
errorOut(err, t, out)
|
|
|
|
|
|
|
|
if !strings.HasPrefix(out, "-") {
|
|
|
|
t.Errorf("/etc/hosts should be a regular file")
|
|
|
|
}
|
|
|
|
|
|
|
|
deleteAllContainers()
|
|
|
|
|
|
|
|
logDone("link - /etc/hosts is a regular file")
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestEtcHostsContentMatch(t *testing.T) {
|
|
|
|
runCmd := exec.Command(dockerBinary, "run", "--net=host", "busybox", "cat", "/etc/hosts")
|
|
|
|
out, _, _, err := runCommandWithStdoutStderr(runCmd)
|
|
|
|
errorOut(err, t, out)
|
|
|
|
|
|
|
|
hosts, err := ioutil.ReadFile("/etc/hosts")
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
t.Skip("/etc/hosts does not exist, skip this test")
|
|
|
|
}
|
|
|
|
|
|
|
|
if out != string(hosts) {
|
|
|
|
t.Errorf("container")
|
|
|
|
}
|
|
|
|
|
|
|
|
deleteAllContainers()
|
|
|
|
|
|
|
|
logDone("link - /etc/hosts matches hosts copy")
|
|
|
|
}
|
|
|
|
|
2014-04-07 14:34:07 -04:00
|
|
|
func TestPingUnlinkedContainers(t *testing.T) {
|
|
|
|
runCmd := exec.Command(dockerBinary, "run", "--rm", "busybox", "sh", "-c", "ping -c 1 alias1 -W 1 && ping -c 1 alias2 -W 1")
|
|
|
|
exitCode, err := runCommand(runCmd)
|
|
|
|
|
|
|
|
if exitCode == 0 {
|
|
|
|
t.Fatal("run ping did not fail")
|
|
|
|
} else if exitCode != 1 {
|
|
|
|
errorOut(err, t, fmt.Sprintf("run ping failed with errors: %v", err))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestPingLinkedContainers(t *testing.T) {
|
2014-05-05 22:51:03 -04:00
|
|
|
var out string
|
|
|
|
out, _, _ = cmd(t, "run", "-d", "--name", "container1", "busybox", "sleep", "10")
|
2014-04-07 14:34:07 -04:00
|
|
|
idA := stripTrailingCharacters(out)
|
2014-05-06 11:05:15 -04:00
|
|
|
out, _, _ = cmd(t, "run", "-d", "--name", "container2", "busybox", "sleep", "10")
|
2014-04-07 14:34:07 -04:00
|
|
|
idB := stripTrailingCharacters(out)
|
2014-05-06 11:05:15 -04:00
|
|
|
cmd(t, "run", "--rm", "--link", "container1:alias1", "--link", "container2:alias2", "busybox", "sh", "-c", "ping -c 1 alias1 -W 1 && ping -c 1 alias2 -W 1")
|
|
|
|
cmd(t, "kill", idA)
|
|
|
|
cmd(t, "kill", idB)
|
2014-04-07 14:34:07 -04:00
|
|
|
deleteAllContainers()
|
|
|
|
}
|
2014-05-10 13:27:24 -04:00
|
|
|
|
|
|
|
func TestIpTablesRulesWhenLinkAndUnlink(t *testing.T) {
|
|
|
|
cmd(t, "run", "-d", "--name", "child", "--publish", "8080:80", "busybox", "sleep", "10")
|
|
|
|
cmd(t, "run", "-d", "--name", "parent", "--link", "child:http", "busybox", "sleep", "10")
|
|
|
|
|
|
|
|
childIp := findContainerIp(t, "child")
|
|
|
|
parentIp := findContainerIp(t, "parent")
|
|
|
|
|
|
|
|
sourceRule := []string{"FORWARD", "-i", "docker0", "-o", "docker0", "-p", "tcp", "-s", childIp, "--sport", "80", "-d", parentIp, "-j", "ACCEPT"}
|
|
|
|
destinationRule := []string{"FORWARD", "-i", "docker0", "-o", "docker0", "-p", "tcp", "-s", parentIp, "--dport", "80", "-d", childIp, "-j", "ACCEPT"}
|
|
|
|
if !iptables.Exists(sourceRule...) || !iptables.Exists(destinationRule...) {
|
|
|
|
t.Fatal("Iptables rules not found")
|
|
|
|
}
|
|
|
|
|
|
|
|
cmd(t, "rm", "--link", "parent/http")
|
|
|
|
if iptables.Exists(sourceRule...) || iptables.Exists(destinationRule...) {
|
|
|
|
t.Fatal("Iptables rules should be removed when unlink")
|
|
|
|
}
|
|
|
|
|
|
|
|
cmd(t, "kill", "child")
|
|
|
|
cmd(t, "kill", "parent")
|
|
|
|
deleteAllContainers()
|
|
|
|
|
|
|
|
logDone("link - verify iptables when link and unlink")
|
|
|
|
}
|