2019-08-29 16:52:40 -04:00
|
|
|
package daemon // import "github.com/docker/docker/testutil/daemon"
|
2018-04-10 10:29:48 -04:00
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"encoding/json"
|
|
|
|
"net/http"
|
|
|
|
"os"
|
|
|
|
"os/exec"
|
2020-03-13 09:37:09 -04:00
|
|
|
"os/user"
|
2018-04-10 10:29:48 -04:00
|
|
|
"path/filepath"
|
|
|
|
"strconv"
|
|
|
|
"strings"
|
2019-09-23 07:54:51 -04:00
|
|
|
"testing"
|
2018-04-10 10:29:48 -04:00
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/docker/docker/api/types"
|
|
|
|
"github.com/docker/docker/api/types/events"
|
|
|
|
"github.com/docker/docker/client"
|
|
|
|
"github.com/docker/docker/pkg/ioutils"
|
|
|
|
"github.com/docker/docker/pkg/stringid"
|
2019-08-29 16:52:40 -04:00
|
|
|
"github.com/docker/docker/testutil/request"
|
2018-04-10 10:29:48 -04:00
|
|
|
"github.com/docker/go-connections/sockets"
|
|
|
|
"github.com/docker/go-connections/tlsconfig"
|
|
|
|
"github.com/pkg/errors"
|
2020-02-07 08:39:24 -05:00
|
|
|
"gotest.tools/v3/assert"
|
2018-04-10 10:29:48 -04:00
|
|
|
)
|
|
|
|
|
2019-10-16 16:27:22 -04:00
|
|
|
// LogT is the subset of the testing.TB interface used by the daemon.
|
|
|
|
type LogT interface {
|
2018-04-10 10:29:48 -04:00
|
|
|
Logf(string, ...interface{})
|
|
|
|
}
|
|
|
|
|
2019-10-16 16:27:22 -04:00
|
|
|
// nopLog is a no-op implementation of LogT that is used in daemons created by
|
2019-09-23 08:23:01 -04:00
|
|
|
// NewDaemon (where no testing.TB is available).
|
2019-09-17 11:50:24 -04:00
|
|
|
type nopLog struct{}
|
|
|
|
|
|
|
|
func (nopLog) Logf(string, ...interface{}) {}
|
|
|
|
|
2019-11-05 16:40:27 -05:00
|
|
|
const (
|
2020-03-13 09:37:09 -04:00
|
|
|
defaultDockerdBinary = "dockerd"
|
|
|
|
defaultContainerdSocket = "/var/run/docker/containerd/containerd.sock"
|
|
|
|
defaultDockerdRootlessBinary = "dockerd-rootless.sh"
|
2021-08-18 08:28:00 -04:00
|
|
|
defaultUnixSocket = "/var/run/docker.sock"
|
|
|
|
defaultTLSHost = "localhost:2376"
|
2019-11-05 16:40:27 -05:00
|
|
|
)
|
2018-04-10 10:29:48 -04:00
|
|
|
|
|
|
|
var errDaemonNotStarted = errors.New("daemon not started")
|
|
|
|
|
|
|
|
// SockRoot holds the path of the default docker integration daemon socket
|
|
|
|
var SockRoot = filepath.Join(os.TempDir(), "docker-integration")
|
|
|
|
|
|
|
|
type clientConfig struct {
|
|
|
|
transport *http.Transport
|
|
|
|
scheme string
|
|
|
|
addr string
|
|
|
|
}
|
|
|
|
|
|
|
|
// Daemon represents a Docker daemon for the testing framework
|
|
|
|
type Daemon struct {
|
|
|
|
Root string
|
|
|
|
Folder string
|
|
|
|
Wait chan error
|
|
|
|
UseDefaultHost bool
|
|
|
|
UseDefaultTLSHost bool
|
|
|
|
|
2019-03-14 23:44:18 -04:00
|
|
|
id string
|
|
|
|
logFile *os.File
|
|
|
|
cmd *exec.Cmd
|
|
|
|
storageDriver string
|
|
|
|
userlandProxy bool
|
|
|
|
defaultCgroupNamespaceMode string
|
|
|
|
execRoot string
|
|
|
|
experimental bool
|
|
|
|
init bool
|
|
|
|
dockerdBinary string
|
2019-10-16 16:27:22 -04:00
|
|
|
log LogT
|
2019-10-09 07:22:59 -04:00
|
|
|
pidFile string
|
2019-10-09 07:25:21 -04:00
|
|
|
args []string
|
daemon: support other containerd runtimes (MVP)
Contrary to popular belief, the OCI Runtime specification does not
specify the command-line API for runtimes. Looking at containerd's
architecture from the lens of the OCI Runtime spec, the _shim_ is the
OCI Runtime and runC is "just" an implementation detail of the
io.containerd.runc.v2 runtime. When one configures a non-default runtime
in Docker, what they're really doing is instructing Docker to create
containers using the io.containerd.runc.v2 runtime with a configuration
option telling the runtime that the runC binary is at some non-default
path. Consequently, only OCI runtimes which are compatible with the
io.containerd.runc.v2 shim, such as crun, can be used in this manner.
Other OCI runtimes, including kata-containers v2, come with their own
containerd shim and are not compatible with io.containerd.runc.v2.
As Docker has not historically provided a way to select a non-default
runtime which requires its own shim, runtimes such as kata-containers v2
could not be used with Docker.
Allow other containerd shims to be used with Docker; no daemon
configuration required. If the daemon is instructed to create a
container with a runtime name which does not match any of the configured
or stock runtimes, it passes the name along to containerd verbatim. A
user can start a container with the kata-containers runtime, for
example, simply by calling
docker run --runtime io.containerd.kata.v2
Runtime names which containerd would interpret as a path to an arbitrary
binary are disallowed. While handy for development and testing it is not
strictly necessary and would allow anyone with Engine API access to
trivially execute any binary on the host as root, so we have decided it
would be safest for our users if it was not allowed.
It is not yet possible to set an alternative containerd shim as the
default runtime; it can only be configured per-container.
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-07-20 16:12:01 -04:00
|
|
|
extraEnv []string
|
2019-11-05 16:40:27 -05:00
|
|
|
containerdSocket string
|
2020-03-13 09:37:09 -04:00
|
|
|
rootlessUser *user.User
|
|
|
|
rootlessXDGRuntimeDir string
|
2018-04-11 06:10:17 -04:00
|
|
|
|
|
|
|
// swarm related field
|
|
|
|
swarmListenAddr string
|
|
|
|
SwarmPort int // FIXME(vdemeester) should probably not be exported
|
2018-07-30 11:25:02 -04:00
|
|
|
DefaultAddrPool []string
|
|
|
|
SubnetSize uint32
|
2018-11-20 16:44:40 -05:00
|
|
|
DataPathPort uint32
|
2020-10-05 14:04:52 -04:00
|
|
|
OOMScoreAdjust int
|
2018-04-11 06:10:17 -04:00
|
|
|
// cached information
|
|
|
|
CachedInfo types.Info
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
// NewDaemon returns a Daemon instance to be used for testing.
|
2018-04-10 10:29:48 -04:00
|
|
|
// The daemon will not automatically start.
|
2019-09-17 11:50:24 -04:00
|
|
|
// The daemon will modify and create files under workingDir.
|
|
|
|
func NewDaemon(workingDir string, ops ...Option) (*Daemon, error) {
|
2018-04-10 10:29:48 -04:00
|
|
|
storageDriver := os.Getenv("DOCKER_GRAPHDRIVER")
|
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
if err := os.MkdirAll(SockRoot, 0700); err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return nil, errors.Wrapf(err, "failed to create daemon socket root %q", SockRoot)
|
2019-09-17 11:50:24 -04:00
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
|
2022-02-15 06:49:35 -05:00
|
|
|
id := "d" + stringid.TruncateID(stringid.GenerateRandomID())
|
2019-09-17 11:50:24 -04:00
|
|
|
dir := filepath.Join(workingDir, id)
|
2018-04-10 10:29:48 -04:00
|
|
|
daemonFolder, err := filepath.Abs(dir)
|
2019-09-17 11:50:24 -04:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
daemonRoot := filepath.Join(daemonFolder, "root")
|
2019-09-17 11:50:24 -04:00
|
|
|
if err := os.MkdirAll(daemonRoot, 0755); err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return nil, errors.Wrapf(err, "failed to create daemon root %q", daemonRoot)
|
2019-09-17 11:50:24 -04:00
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
|
|
|
|
userlandProxy := true
|
|
|
|
if env := os.Getenv("DOCKER_USERLANDPROXY"); env != "" {
|
|
|
|
if val, err := strconv.ParseBool(env); err != nil {
|
|
|
|
userlandProxy = val
|
|
|
|
}
|
|
|
|
}
|
|
|
|
d := &Daemon{
|
2018-09-14 11:21:43 -04:00
|
|
|
id: id,
|
|
|
|
Folder: daemonFolder,
|
|
|
|
Root: daemonRoot,
|
|
|
|
storageDriver: storageDriver,
|
|
|
|
userlandProxy: userlandProxy,
|
|
|
|
// dxr stands for docker-execroot (shortened for avoiding unix(7) path length limitation)
|
2019-11-05 16:40:27 -05:00
|
|
|
execRoot: filepath.Join(os.TempDir(), "dxr", id),
|
|
|
|
dockerdBinary: defaultDockerdBinary,
|
|
|
|
swarmListenAddr: defaultSwarmListenAddr,
|
|
|
|
SwarmPort: DefaultSwarmPort,
|
|
|
|
log: nopLog{},
|
|
|
|
containerdSocket: defaultContainerdSocket,
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
for _, op := range ops {
|
|
|
|
op(d)
|
|
|
|
}
|
|
|
|
|
2020-03-13 09:37:09 -04:00
|
|
|
if d.rootlessUser != nil {
|
|
|
|
if err := os.Chmod(SockRoot, 0777); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
uid, err := strconv.Atoi(d.rootlessUser.Uid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
gid, err := strconv.Atoi(d.rootlessUser.Gid)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.Chown(d.Folder, uid, gid); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.Chown(d.Root, uid, gid); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.MkdirAll(filepath.Dir(d.execRoot), 0700); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.Chown(filepath.Dir(d.execRoot), uid, gid); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.MkdirAll(d.execRoot, 0700); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.Chown(d.execRoot, uid, gid); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
d.rootlessXDGRuntimeDir = filepath.Join(d.Folder, "xdgrun")
|
|
|
|
if err := os.MkdirAll(d.rootlessXDGRuntimeDir, 0700); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if err := os.Chown(d.rootlessXDGRuntimeDir, uid, gid); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
d.containerdSocket = ""
|
|
|
|
}
|
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
return d, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// New returns a Daemon instance to be used for testing.
|
|
|
|
// This will create a directory such as d123456789 in the folder specified by
|
|
|
|
// $DOCKER_INTEGRATION_DAEMON_DEST or $DEST.
|
|
|
|
// The daemon will not automatically start.
|
2019-09-23 07:54:51 -04:00
|
|
|
func New(t testing.TB, ops ...Option) *Daemon {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2019-09-17 11:50:24 -04:00
|
|
|
dest := os.Getenv("DOCKER_INTEGRATION_DAEMON_DEST")
|
|
|
|
if dest == "" {
|
|
|
|
dest = os.Getenv("DEST")
|
|
|
|
}
|
2019-09-23 07:41:45 -04:00
|
|
|
dest = filepath.Join(dest, t.Name())
|
2019-09-17 11:50:24 -04:00
|
|
|
|
|
|
|
assert.Check(t, dest != "", "Please set the DOCKER_INTEGRATION_DAEMON_DEST or the DEST environment variable")
|
|
|
|
|
2020-02-18 04:43:56 -05:00
|
|
|
if os.Getenv("DOCKER_ROOTLESS") != "" {
|
2020-03-13 09:37:09 -04:00
|
|
|
if os.Getenv("DOCKER_REMAP_ROOT") != "" {
|
|
|
|
t.Skip("DOCKER_ROOTLESS doesn't support DOCKER_REMAP_ROOT currently")
|
|
|
|
}
|
|
|
|
if env := os.Getenv("DOCKER_USERLANDPROXY"); env != "" {
|
|
|
|
if val, err := strconv.ParseBool(env); err == nil && !val {
|
|
|
|
t.Skip("DOCKER_ROOTLESS doesn't support DOCKER_USERLANDPROXY=false")
|
|
|
|
}
|
|
|
|
}
|
2020-03-09 22:36:30 -04:00
|
|
|
ops = append(ops, WithRootlessUser("unprivilegeduser"))
|
2020-02-18 04:43:56 -05:00
|
|
|
}
|
2020-10-05 14:04:52 -04:00
|
|
|
ops = append(ops, WithOOMScoreAdjust(-500))
|
2020-02-18 04:43:56 -05:00
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
d, err := NewDaemon(dest, ops...)
|
2019-10-21 06:41:39 -04:00
|
|
|
assert.NilError(t, err, "could not create daemon at %q", dest)
|
2020-03-13 09:37:09 -04:00
|
|
|
if d.rootlessUser != nil && d.dockerdBinary != defaultDockerdBinary {
|
|
|
|
t.Skipf("DOCKER_ROOTLESS doesn't support specifying non-default dockerd binary path %q", d.dockerdBinary)
|
|
|
|
}
|
2019-09-17 11:50:24 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
return d
|
|
|
|
}
|
|
|
|
|
2018-11-04 19:52:26 -05:00
|
|
|
// BinaryPath returns the binary and its arguments.
|
|
|
|
func (d *Daemon) BinaryPath() (string, error) {
|
|
|
|
dockerdBinary, err := exec.LookPath(d.dockerdBinary)
|
|
|
|
if err != nil {
|
|
|
|
return "", errors.Wrapf(err, "[%s] could not find docker binary in $PATH", d.id)
|
|
|
|
}
|
|
|
|
return dockerdBinary, nil
|
|
|
|
}
|
|
|
|
|
2019-07-11 19:42:16 -04:00
|
|
|
// ContainersNamespace returns the containerd namespace used for containers.
|
|
|
|
func (d *Daemon) ContainersNamespace() string {
|
|
|
|
return d.id
|
|
|
|
}
|
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
// RootDir returns the root directory of the daemon.
|
|
|
|
func (d *Daemon) RootDir() string {
|
|
|
|
return d.Root
|
|
|
|
}
|
|
|
|
|
|
|
|
// ID returns the generated id of the daemon
|
|
|
|
func (d *Daemon) ID() string {
|
|
|
|
return d.id
|
|
|
|
}
|
|
|
|
|
|
|
|
// StorageDriver returns the configured storage driver of the daemon
|
|
|
|
func (d *Daemon) StorageDriver() string {
|
|
|
|
return d.storageDriver
|
|
|
|
}
|
|
|
|
|
|
|
|
// Sock returns the socket path of the daemon
|
|
|
|
func (d *Daemon) Sock() string {
|
2022-02-15 06:49:35 -05:00
|
|
|
return "unix://" + d.sockPath()
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
func (d *Daemon) sockPath() string {
|
|
|
|
return filepath.Join(SockRoot, d.id+".sock")
|
|
|
|
}
|
|
|
|
|
|
|
|
// LogFileName returns the path the daemon's log file
|
|
|
|
func (d *Daemon) LogFileName() string {
|
|
|
|
return d.logFile.Name()
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReadLogFile returns the content of the daemon log file
|
|
|
|
func (d *Daemon) ReadLogFile() ([]byte, error) {
|
2021-09-21 08:33:01 -04:00
|
|
|
_ = d.logFile.Sync()
|
2021-08-24 06:10:50 -04:00
|
|
|
return os.ReadFile(d.logFile.Name())
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
2018-04-11 06:10:17 -04:00
|
|
|
// NewClientT creates new client based on daemon's socket path
|
2019-09-23 08:23:01 -04:00
|
|
|
func (d *Daemon) NewClientT(t testing.TB, extraOpts ...client.Opt) *client.Client {
|
|
|
|
t.Helper()
|
2019-03-14 23:44:18 -04:00
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
c, err := d.NewClient(extraOpts...)
|
2019-10-09 07:17:52 -04:00
|
|
|
assert.NilError(t, err, "[%s] could not create daemon client", d.id)
|
2019-09-17 11:50:24 -04:00
|
|
|
return c
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewClient creates new client based on daemon's socket path
|
|
|
|
func (d *Daemon) NewClient(extraOpts ...client.Opt) (*client.Client, error) {
|
2019-03-14 23:44:18 -04:00
|
|
|
clientOpts := []client.Opt{
|
2018-04-11 06:10:17 -04:00
|
|
|
client.FromEnv,
|
2019-03-14 23:44:18 -04:00
|
|
|
client.WithHost(d.Sock()),
|
|
|
|
}
|
|
|
|
clientOpts = append(clientOpts, extraOpts...)
|
|
|
|
|
2019-09-17 11:50:24 -04:00
|
|
|
return client.NewClientWithOpts(clientOpts...)
|
2018-04-11 06:10:17 -04:00
|
|
|
}
|
|
|
|
|
2018-04-17 06:00:38 -04:00
|
|
|
// Cleanup cleans the daemon files : exec root (network namespaces, ...), swarmkit files
|
2019-09-23 07:54:51 -04:00
|
|
|
func (d *Daemon) Cleanup(t testing.TB) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2019-10-09 07:00:21 -04:00
|
|
|
cleanupMount(t, d)
|
2019-10-09 07:17:52 -04:00
|
|
|
cleanupRaftDir(t, d)
|
2021-11-09 10:49:42 -05:00
|
|
|
cleanupDaemonStorage(t, d)
|
2019-10-09 07:17:52 -04:00
|
|
|
cleanupNetworkNamespace(t, d)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Start starts the daemon and return once it is ready to receive requests.
|
2019-09-23 07:54:51 -04:00
|
|
|
func (d *Daemon) Start(t testing.TB, args ...string) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2018-04-10 10:29:48 -04:00
|
|
|
if err := d.StartWithError(args...); err != nil {
|
2020-12-19 17:04:06 -05:00
|
|
|
d.DumpStackAndQuit() // in case the daemon is stuck
|
2019-10-09 07:25:21 -04:00
|
|
|
t.Fatalf("[%s] failed to start daemon with arguments %v : %v", d.id, d.args, err)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// StartWithError starts the daemon and return once it is ready to receive requests.
|
|
|
|
// It returns an error in case it couldn't start.
|
|
|
|
func (d *Daemon) StartWithError(args ...string) error {
|
|
|
|
logFile, err := os.OpenFile(filepath.Join(d.Folder, "docker.log"), os.O_RDWR|os.O_CREATE|os.O_APPEND, 0600)
|
|
|
|
if err != nil {
|
2019-10-09 07:17:52 -04:00
|
|
|
return errors.Wrapf(err, "[%s] failed to create logfile", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
return d.StartWithLogFile(logFile, args...)
|
|
|
|
}
|
|
|
|
|
|
|
|
// StartWithLogFile will start the daemon and attach its streams to a given file.
|
|
|
|
func (d *Daemon) StartWithLogFile(out *os.File, providedArgs ...string) error {
|
2018-04-17 06:00:38 -04:00
|
|
|
d.handleUserns()
|
2018-11-04 19:52:26 -05:00
|
|
|
dockerdBinary, err := d.BinaryPath()
|
2018-04-10 10:29:48 -04:00
|
|
|
if err != nil {
|
2018-11-04 19:52:26 -05:00
|
|
|
return err
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
2019-07-11 19:42:16 -04:00
|
|
|
|
2019-10-09 07:22:59 -04:00
|
|
|
if d.pidFile == "" {
|
|
|
|
d.pidFile = filepath.Join(d.Folder, "docker.pid")
|
|
|
|
}
|
|
|
|
|
2020-03-13 09:37:09 -04:00
|
|
|
d.args = []string{}
|
|
|
|
if d.rootlessUser != nil {
|
|
|
|
if d.dockerdBinary != defaultDockerdBinary {
|
|
|
|
return errors.Errorf("[%s] DOCKER_ROOTLESS doesn't support non-default dockerd binary path %q", d.id, d.dockerdBinary)
|
|
|
|
}
|
|
|
|
dockerdBinary = "sudo"
|
|
|
|
d.args = append(d.args,
|
|
|
|
"-u", d.rootlessUser.Username,
|
daemon: support other containerd runtimes (MVP)
Contrary to popular belief, the OCI Runtime specification does not
specify the command-line API for runtimes. Looking at containerd's
architecture from the lens of the OCI Runtime spec, the _shim_ is the
OCI Runtime and runC is "just" an implementation detail of the
io.containerd.runc.v2 runtime. When one configures a non-default runtime
in Docker, what they're really doing is instructing Docker to create
containers using the io.containerd.runc.v2 runtime with a configuration
option telling the runtime that the runC binary is at some non-default
path. Consequently, only OCI runtimes which are compatible with the
io.containerd.runc.v2 shim, such as crun, can be used in this manner.
Other OCI runtimes, including kata-containers v2, come with their own
containerd shim and are not compatible with io.containerd.runc.v2.
As Docker has not historically provided a way to select a non-default
runtime which requires its own shim, runtimes such as kata-containers v2
could not be used with Docker.
Allow other containerd shims to be used with Docker; no daemon
configuration required. If the daemon is instructed to create a
container with a runtime name which does not match any of the configured
or stock runtimes, it passes the name along to containerd verbatim. A
user can start a container with the kata-containers runtime, for
example, simply by calling
docker run --runtime io.containerd.kata.v2
Runtime names which containerd would interpret as a path to an arbitrary
binary are disallowed. While handy for development and testing it is not
strictly necessary and would allow anyone with Engine API access to
trivially execute any binary on the host as root, so we have decided it
would be safest for our users if it was not allowed.
It is not yet possible to set an alternative containerd shim as the
default runtime; it can only be configured per-container.
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-07-20 16:12:01 -04:00
|
|
|
"--preserve-env",
|
|
|
|
"--preserve-env=PATH", // Pass through PATH, overriding secure_path.
|
|
|
|
"XDG_RUNTIME_DIR="+d.rootlessXDGRuntimeDir,
|
|
|
|
"HOME="+d.rootlessUser.HomeDir,
|
2020-03-13 09:37:09 -04:00
|
|
|
"--",
|
|
|
|
defaultDockerdRootlessBinary,
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
d.args = append(d.args,
|
2019-11-06 18:29:17 -05:00
|
|
|
"--data-root", d.Root,
|
2018-04-10 10:29:48 -04:00
|
|
|
"--exec-root", d.execRoot,
|
2019-10-09 07:22:59 -04:00
|
|
|
"--pidfile", d.pidFile,
|
2022-02-15 06:49:35 -05:00
|
|
|
"--userland-proxy="+strconv.FormatBool(d.userlandProxy),
|
2019-07-11 19:42:16 -04:00
|
|
|
"--containerd-namespace", d.id,
|
2020-03-13 09:37:09 -04:00
|
|
|
"--containerd-plugins-namespace", d.id+"p",
|
|
|
|
)
|
2019-11-06 18:29:17 -05:00
|
|
|
if d.containerdSocket != "" {
|
|
|
|
d.args = append(d.args, "--containerd", d.containerdSocket)
|
|
|
|
}
|
2019-11-05 16:40:27 -05:00
|
|
|
|
2019-03-14 23:44:18 -04:00
|
|
|
if d.defaultCgroupNamespaceMode != "" {
|
2019-11-05 16:40:27 -05:00
|
|
|
d.args = append(d.args, "--default-cgroupns-mode", d.defaultCgroupNamespaceMode)
|
2019-03-14 23:44:18 -04:00
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
if d.experimental {
|
2019-10-09 07:25:21 -04:00
|
|
|
d.args = append(d.args, "--experimental")
|
2018-06-01 06:47:38 -04:00
|
|
|
}
|
|
|
|
if d.init {
|
2019-10-09 07:25:21 -04:00
|
|
|
d.args = append(d.args, "--init")
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
if !(d.UseDefaultHost || d.UseDefaultTLSHost) {
|
2019-11-05 16:40:27 -05:00
|
|
|
d.args = append(d.args, "--host", d.Sock())
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
if root := os.Getenv("DOCKER_REMAP_ROOT"); root != "" {
|
2019-11-05 16:40:27 -05:00
|
|
|
d.args = append(d.args, "--userns-remap", root)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// If we don't explicitly set the log-level or debug flag(-D) then
|
|
|
|
// turn on debug mode
|
|
|
|
foundLog := false
|
|
|
|
foundSd := false
|
|
|
|
for _, a := range providedArgs {
|
|
|
|
if strings.Contains(a, "--log-level") || strings.Contains(a, "-D") || strings.Contains(a, "--debug") {
|
|
|
|
foundLog = true
|
|
|
|
}
|
|
|
|
if strings.Contains(a, "--storage-driver") {
|
|
|
|
foundSd = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !foundLog {
|
2019-10-09 07:25:21 -04:00
|
|
|
d.args = append(d.args, "--debug")
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
if d.storageDriver != "" && !foundSd {
|
2019-10-09 07:25:21 -04:00
|
|
|
d.args = append(d.args, "--storage-driver", d.storageDriver)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
2019-10-09 07:25:21 -04:00
|
|
|
d.args = append(d.args, providedArgs...)
|
|
|
|
d.cmd = exec.Command(dockerdBinary, d.args...)
|
2018-04-10 10:29:48 -04:00
|
|
|
d.cmd.Env = append(os.Environ(), "DOCKER_SERVICE_PREFER_OFFLINE_IMAGE=1")
|
daemon: support other containerd runtimes (MVP)
Contrary to popular belief, the OCI Runtime specification does not
specify the command-line API for runtimes. Looking at containerd's
architecture from the lens of the OCI Runtime spec, the _shim_ is the
OCI Runtime and runC is "just" an implementation detail of the
io.containerd.runc.v2 runtime. When one configures a non-default runtime
in Docker, what they're really doing is instructing Docker to create
containers using the io.containerd.runc.v2 runtime with a configuration
option telling the runtime that the runC binary is at some non-default
path. Consequently, only OCI runtimes which are compatible with the
io.containerd.runc.v2 shim, such as crun, can be used in this manner.
Other OCI runtimes, including kata-containers v2, come with their own
containerd shim and are not compatible with io.containerd.runc.v2.
As Docker has not historically provided a way to select a non-default
runtime which requires its own shim, runtimes such as kata-containers v2
could not be used with Docker.
Allow other containerd shims to be used with Docker; no daemon
configuration required. If the daemon is instructed to create a
container with a runtime name which does not match any of the configured
or stock runtimes, it passes the name along to containerd verbatim. A
user can start a container with the kata-containers runtime, for
example, simply by calling
docker run --runtime io.containerd.kata.v2
Runtime names which containerd would interpret as a path to an arbitrary
binary are disallowed. While handy for development and testing it is not
strictly necessary and would allow anyone with Engine API access to
trivially execute any binary on the host as root, so we have decided it
would be safest for our users if it was not allowed.
It is not yet possible to set an alternative containerd shim as the
default runtime; it can only be configured per-container.
Signed-off-by: Cory Snider <csnider@mirantis.com>
2022-07-20 16:12:01 -04:00
|
|
|
d.cmd.Env = append(d.cmd.Env, d.extraEnv...)
|
2018-04-10 10:29:48 -04:00
|
|
|
d.cmd.Stdout = out
|
|
|
|
d.cmd.Stderr = out
|
|
|
|
d.logFile = out
|
2020-03-13 09:37:09 -04:00
|
|
|
if d.rootlessUser != nil {
|
|
|
|
// sudo requires this for propagating signals
|
|
|
|
setsid(d.cmd)
|
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
|
|
|
|
if err := d.cmd.Start(); err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] could not start daemon container", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
2019-07-02 16:16:33 -04:00
|
|
|
wait := make(chan error, 1)
|
2018-04-10 10:29:48 -04:00
|
|
|
|
|
|
|
go func() {
|
2019-05-09 13:14:20 -04:00
|
|
|
ret := d.cmd.Wait()
|
2018-04-10 10:29:48 -04:00
|
|
|
d.log.Logf("[%s] exiting daemon", d.id)
|
2019-05-09 13:14:20 -04:00
|
|
|
// If we send before logging, we might accidentally log _after_ the test is done.
|
|
|
|
// As of Go 1.12, this incurs a panic instead of silently being dropped.
|
|
|
|
wait <- ret
|
2018-04-10 10:29:48 -04:00
|
|
|
close(wait)
|
|
|
|
}()
|
|
|
|
|
|
|
|
d.Wait = wait
|
|
|
|
|
2019-04-17 19:04:25 -04:00
|
|
|
clientConfig, err := d.getClientConfig()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
client := &http.Client{
|
|
|
|
Transport: clientConfig.transport,
|
|
|
|
}
|
|
|
|
|
2019-10-12 14:43:17 -04:00
|
|
|
req, err := http.NewRequest(http.MethodGet, "/_ping", nil)
|
2019-04-17 19:04:25 -04:00
|
|
|
if err != nil {
|
|
|
|
return errors.Wrapf(err, "[%s] could not create new request", d.id)
|
|
|
|
}
|
|
|
|
req.URL.Host = clientConfig.addr
|
|
|
|
req.URL.Scheme = clientConfig.scheme
|
|
|
|
|
2019-07-02 16:16:33 -04:00
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
|
|
|
|
defer cancel()
|
2019-04-17 19:04:25 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
// make sure daemon is ready to receive requests
|
2019-07-12 12:51:32 -04:00
|
|
|
for i := 0; ; i++ {
|
2018-04-10 10:29:48 -04:00
|
|
|
d.log.Logf("[%s] waiting for daemon to start", d.id)
|
2019-04-17 19:04:25 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
select {
|
2019-07-02 16:16:33 -04:00
|
|
|
case <-ctx.Done():
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(ctx.Err(), "[%s] daemon exited and never started", d.id)
|
2019-07-02 16:16:33 -04:00
|
|
|
case err := <-d.Wait:
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] daemon exited during startup", d.id)
|
2019-07-02 16:16:33 -04:00
|
|
|
default:
|
|
|
|
rctx, rcancel := context.WithTimeout(context.TODO(), 2*time.Second)
|
|
|
|
defer rcancel()
|
|
|
|
|
|
|
|
resp, err := client.Do(req.WithContext(rctx))
|
2018-04-10 10:29:48 -04:00
|
|
|
if err != nil {
|
2019-07-12 12:51:32 -04:00
|
|
|
if i > 2 { // don't log the first couple, this ends up just being noise
|
|
|
|
d.log.Logf("[%s] error pinging daemon on start: %v", d.id, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
2019-07-12 21:41:08 -04:00
|
|
|
case <-time.After(500 * time.Millisecond):
|
2019-07-12 12:51:32 -04:00
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
continue
|
|
|
|
}
|
2019-04-17 19:04:25 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
resp.Body.Close()
|
|
|
|
if resp.StatusCode != http.StatusOK {
|
|
|
|
d.log.Logf("[%s] received status != 200 OK: %s\n", d.id, resp.Status)
|
|
|
|
}
|
|
|
|
d.log.Logf("[%s] daemon started\n", d.id)
|
|
|
|
d.Root, err = d.queryRootDir()
|
|
|
|
if err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] error querying daemon for root directory", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// StartWithBusybox will first start the daemon with Daemon.Start()
|
|
|
|
// then save the busybox image from the main daemon and load it into this Daemon instance.
|
2019-09-23 07:54:51 -04:00
|
|
|
func (d *Daemon) StartWithBusybox(t testing.TB, arg ...string) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2018-04-10 10:29:48 -04:00
|
|
|
d.Start(t, arg...)
|
|
|
|
d.LoadBusybox(t)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Kill will send a SIGKILL to the daemon
|
|
|
|
func (d *Daemon) Kill() error {
|
|
|
|
if d.cmd == nil || d.Wait == nil {
|
|
|
|
return errDaemonNotStarted
|
|
|
|
}
|
|
|
|
|
|
|
|
defer func() {
|
|
|
|
d.logFile.Close()
|
|
|
|
d.cmd = nil
|
|
|
|
}()
|
|
|
|
|
|
|
|
if err := d.cmd.Process.Kill(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-10-09 07:22:59 -04:00
|
|
|
if d.pidFile != "" {
|
|
|
|
_ = os.Remove(d.pidFile)
|
|
|
|
}
|
|
|
|
return nil
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Pid returns the pid of the daemon
|
|
|
|
func (d *Daemon) Pid() int {
|
|
|
|
return d.cmd.Process.Pid
|
|
|
|
}
|
|
|
|
|
|
|
|
// Interrupt stops the daemon by sending it an Interrupt signal
|
|
|
|
func (d *Daemon) Interrupt() error {
|
|
|
|
return d.Signal(os.Interrupt)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Signal sends the specified signal to the daemon if running
|
|
|
|
func (d *Daemon) Signal(signal os.Signal) error {
|
|
|
|
if d.cmd == nil || d.Wait == nil {
|
|
|
|
return errDaemonNotStarted
|
|
|
|
}
|
|
|
|
return d.cmd.Process.Signal(signal)
|
|
|
|
}
|
|
|
|
|
|
|
|
// DumpStackAndQuit sends SIGQUIT to the daemon, which triggers it to dump its
|
|
|
|
// stack to its log file and exit
|
|
|
|
// This is used primarily for gathering debug information on test timeout
|
|
|
|
func (d *Daemon) DumpStackAndQuit() {
|
|
|
|
if d.cmd == nil || d.cmd.Process == nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
SignalDaemonDump(d.cmd.Process.Pid)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Stop will send a SIGINT every second and wait for the daemon to stop.
|
|
|
|
// If it times out, a SIGKILL is sent.
|
|
|
|
// Stop will not delete the daemon directory. If a purged daemon is needed,
|
|
|
|
// instantiate a new one with NewDaemon.
|
|
|
|
// If an error occurs while starting the daemon, the test will fail.
|
2019-09-23 07:54:51 -04:00
|
|
|
func (d *Daemon) Stop(t testing.TB) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2018-04-10 10:29:48 -04:00
|
|
|
err := d.StopWithError()
|
|
|
|
if err != nil {
|
|
|
|
if err != errDaemonNotStarted {
|
2019-10-09 07:17:52 -04:00
|
|
|
t.Fatalf("[%s] error while stopping the daemon: %v", d.id, err)
|
2018-04-10 10:29:48 -04:00
|
|
|
} else {
|
2019-10-09 07:17:52 -04:00
|
|
|
t.Logf("[%s] daemon is not started", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// StopWithError will send a SIGINT every second and wait for the daemon to stop.
|
|
|
|
// If it timeouts, a SIGKILL is sent.
|
|
|
|
// Stop will not delete the daemon directory. If a purged daemon is needed,
|
|
|
|
// instantiate a new one with NewDaemon.
|
2019-04-19 12:06:59 -04:00
|
|
|
func (d *Daemon) StopWithError() (err error) {
|
2018-04-10 10:29:48 -04:00
|
|
|
if d.cmd == nil || d.Wait == nil {
|
|
|
|
return errDaemonNotStarted
|
|
|
|
}
|
|
|
|
defer func() {
|
2019-10-09 07:17:52 -04:00
|
|
|
if err != nil {
|
|
|
|
d.log.Logf("[%s] error while stopping daemon: %v", d.id, err)
|
2019-04-19 12:06:59 -04:00
|
|
|
} else {
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%s] daemon stopped", d.id)
|
2019-10-09 08:45:37 -04:00
|
|
|
if d.pidFile != "" {
|
|
|
|
_ = os.Remove(d.pidFile)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if err := d.logFile.Close(); err != nil {
|
|
|
|
d.log.Logf("[%s] failed to close daemon logfile: %v", d.id, err)
|
2019-04-19 12:06:59 -04:00
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
d.cmd = nil
|
|
|
|
}()
|
|
|
|
|
|
|
|
i := 1
|
2018-10-25 04:08:45 -04:00
|
|
|
ticker := time.NewTicker(time.Second)
|
|
|
|
defer ticker.Stop()
|
|
|
|
tick := ticker.C
|
2018-04-10 10:29:48 -04:00
|
|
|
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%s] stopping daemon", d.id)
|
2019-04-17 19:04:25 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
if err := d.cmd.Process.Signal(os.Interrupt); err != nil {
|
|
|
|
if strings.Contains(err.Error(), "os: process already finished") {
|
|
|
|
return errDaemonNotStarted
|
|
|
|
}
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] could not send signal", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
2019-04-17 19:04:25 -04:00
|
|
|
|
2018-04-10 10:29:48 -04:00
|
|
|
out1:
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case err := <-d.Wait:
|
|
|
|
return err
|
|
|
|
case <-time.After(20 * time.Second):
|
|
|
|
// time for stopping jobs and run onShutdown hooks
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%s] daemon stop timed out after 20 seconds", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
break out1
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
out2:
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case err := <-d.Wait:
|
|
|
|
return err
|
|
|
|
case <-tick:
|
|
|
|
i++
|
|
|
|
if i > 5 {
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%s] tried to interrupt daemon for %d times, now try to kill it", d.id, i)
|
2018-04-10 10:29:48 -04:00
|
|
|
break out2
|
|
|
|
}
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%d] attempt #%d/5: daemon is still running with pid %d", i, d.cmd.Process.Pid)
|
2018-04-10 10:29:48 -04:00
|
|
|
if err := d.cmd.Process.Signal(os.Interrupt); err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] attempt #%d/5 could not send signal", d.id, i)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := d.cmd.Process.Kill(); err != nil {
|
2019-10-09 07:17:52 -04:00
|
|
|
d.log.Logf("[%s] failed to kill daemon: %v", d.id, err)
|
2018-04-10 10:29:48 -04:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2019-10-09 16:20:08 -04:00
|
|
|
return nil
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Restart will restart the daemon by first stopping it and the starting it.
|
|
|
|
// If an error occurs while starting the daemon, the test will fail.
|
2019-09-23 07:54:51 -04:00
|
|
|
func (d *Daemon) Restart(t testing.TB, args ...string) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2018-04-10 10:29:48 -04:00
|
|
|
d.Stop(t)
|
|
|
|
d.Start(t, args...)
|
|
|
|
}
|
|
|
|
|
|
|
|
// RestartWithError will restart the daemon by first stopping it and then starting it.
|
|
|
|
func (d *Daemon) RestartWithError(arg ...string) error {
|
|
|
|
if err := d.StopWithError(); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return d.StartWithError(arg...)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *Daemon) handleUserns() {
|
|
|
|
// in the case of tests running a user namespace-enabled daemon, we have resolved
|
|
|
|
// d.Root to be the actual final path of the graph dir after the "uid.gid" of
|
|
|
|
// remapped root is added--we need to subtract it from the path before calling
|
|
|
|
// start or else we will continue making subdirectories rather than truly restarting
|
|
|
|
// with the same location/root:
|
|
|
|
if root := os.Getenv("DOCKER_REMAP_ROOT"); root != "" {
|
|
|
|
d.Root = filepath.Dir(d.Root)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// ReloadConfig asks the daemon to reload its configuration
|
|
|
|
func (d *Daemon) ReloadConfig() error {
|
|
|
|
if d.cmd == nil || d.cmd.Process == nil {
|
|
|
|
return errors.New("daemon is not running")
|
|
|
|
}
|
|
|
|
|
2020-02-25 17:13:25 -05:00
|
|
|
errCh := make(chan error, 1)
|
2018-04-10 10:29:48 -04:00
|
|
|
started := make(chan struct{})
|
|
|
|
go func() {
|
2018-04-17 04:22:04 -04:00
|
|
|
_, body, err := request.Get("/events", request.Host(d.Sock()))
|
2018-04-10 10:29:48 -04:00
|
|
|
close(started)
|
|
|
|
if err != nil {
|
|
|
|
errCh <- err
|
2020-02-25 17:13:25 -05:00
|
|
|
return
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
defer body.Close()
|
|
|
|
dec := json.NewDecoder(body)
|
|
|
|
for {
|
|
|
|
var e events.Message
|
|
|
|
if err := dec.Decode(&e); err != nil {
|
|
|
|
errCh <- err
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if e.Type != events.DaemonEventType {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if e.Action != "reload" {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
close(errCh) // notify that we are done
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
<-started
|
|
|
|
if err := signalDaemonReload(d.cmd.Process.Pid); err != nil {
|
2019-10-09 07:20:47 -04:00
|
|
|
return errors.Wrapf(err, "[%s] error signaling daemon reload", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
select {
|
|
|
|
case err := <-errCh:
|
|
|
|
if err != nil {
|
2019-10-09 07:17:52 -04:00
|
|
|
return errors.Wrapf(err, "[%s] error waiting for daemon reload event", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
case <-time.After(30 * time.Second):
|
2019-10-09 07:17:52 -04:00
|
|
|
return errors.Errorf("[%s] daemon reload event timed out after 30 seconds", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// LoadBusybox image into the daemon
|
2019-09-23 08:23:01 -04:00
|
|
|
func (d *Daemon) LoadBusybox(t testing.TB) {
|
|
|
|
t.Helper()
|
2019-01-03 16:49:00 -05:00
|
|
|
clientHost, err := client.NewClientWithOpts(client.FromEnv)
|
2019-10-09 07:17:52 -04:00
|
|
|
assert.NilError(t, err, "[%s] failed to create client", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
defer clientHost.Close()
|
|
|
|
|
|
|
|
ctx := context.Background()
|
|
|
|
reader, err := clientHost.ImageSave(ctx, []string{"busybox:latest"})
|
2019-10-09 07:17:52 -04:00
|
|
|
assert.NilError(t, err, "[%s] failed to download busybox", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
defer reader.Close()
|
|
|
|
|
2018-12-22 09:53:02 -05:00
|
|
|
c := d.NewClientT(t)
|
|
|
|
defer c.Close()
|
2018-04-10 10:29:48 -04:00
|
|
|
|
2018-12-22 09:53:02 -05:00
|
|
|
resp, err := c.ImageLoad(ctx, reader, true)
|
2019-10-09 07:17:52 -04:00
|
|
|
assert.NilError(t, err, "[%s] failed to load busybox", d.id)
|
2018-04-10 10:29:48 -04:00
|
|
|
defer resp.Body.Close()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *Daemon) getClientConfig() (*clientConfig, error) {
|
|
|
|
var (
|
|
|
|
transport *http.Transport
|
|
|
|
scheme string
|
|
|
|
addr string
|
|
|
|
proto string
|
|
|
|
)
|
|
|
|
if d.UseDefaultTLSHost {
|
|
|
|
option := &tlsconfig.Options{
|
|
|
|
CAFile: "fixtures/https/ca.pem",
|
|
|
|
CertFile: "fixtures/https/client-cert.pem",
|
|
|
|
KeyFile: "fixtures/https/client-key.pem",
|
|
|
|
}
|
|
|
|
tlsConfig, err := tlsconfig.Client(*option)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
transport = &http.Transport{
|
|
|
|
TLSClientConfig: tlsConfig,
|
|
|
|
}
|
2021-08-18 08:28:00 -04:00
|
|
|
addr = defaultTLSHost
|
2018-04-10 10:29:48 -04:00
|
|
|
scheme = "https"
|
|
|
|
proto = "tcp"
|
|
|
|
} else if d.UseDefaultHost {
|
2021-08-18 08:28:00 -04:00
|
|
|
addr = defaultUnixSocket
|
2018-04-10 10:29:48 -04:00
|
|
|
proto = "unix"
|
|
|
|
scheme = "http"
|
|
|
|
transport = &http.Transport{}
|
|
|
|
} else {
|
|
|
|
addr = d.sockPath()
|
|
|
|
proto = "unix"
|
|
|
|
scheme = "http"
|
|
|
|
transport = &http.Transport{}
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := sockets.ConfigureTransport(transport, proto, addr); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
transport.DisableKeepAlives = true
|
2019-07-12 08:22:11 -04:00
|
|
|
if proto == "unix" {
|
|
|
|
addr = filepath.Base(addr)
|
|
|
|
}
|
2018-04-10 10:29:48 -04:00
|
|
|
return &clientConfig{
|
|
|
|
transport: transport,
|
|
|
|
scheme: scheme,
|
|
|
|
addr: addr,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *Daemon) queryRootDir() (string, error) {
|
|
|
|
// update daemon root by asking /info endpoint (to support user
|
|
|
|
// namespaced daemon with root remapped uid.gid directory)
|
|
|
|
clientConfig, err := d.getClientConfig()
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
2018-12-22 09:53:02 -05:00
|
|
|
c := &http.Client{
|
2018-04-10 10:29:48 -04:00
|
|
|
Transport: clientConfig.transport,
|
|
|
|
}
|
|
|
|
|
2019-10-12 14:43:17 -04:00
|
|
|
req, err := http.NewRequest(http.MethodGet, "/info", nil)
|
2018-04-10 10:29:48 -04:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
req.URL.Host = clientConfig.addr
|
|
|
|
req.URL.Scheme = clientConfig.scheme
|
|
|
|
|
2018-12-22 09:53:02 -05:00
|
|
|
resp, err := c.Do(req)
|
2018-04-10 10:29:48 -04:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
body := ioutils.NewReadCloserWrapper(resp.Body, func() error {
|
|
|
|
return resp.Body.Close()
|
|
|
|
})
|
|
|
|
|
|
|
|
type Info struct {
|
|
|
|
DockerRootDir string
|
|
|
|
}
|
|
|
|
var b []byte
|
|
|
|
var i Info
|
|
|
|
b, err = request.ReadBody(body)
|
|
|
|
if err == nil && resp.StatusCode == http.StatusOK {
|
|
|
|
// read the docker root dir
|
|
|
|
if err = json.Unmarshal(b, &i); err == nil {
|
|
|
|
return i.DockerRootDir, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Info returns the info struct for this daemon
|
2019-09-23 08:23:01 -04:00
|
|
|
func (d *Daemon) Info(t testing.TB) types.Info {
|
|
|
|
t.Helper()
|
2018-12-22 09:53:02 -05:00
|
|
|
c := d.NewClientT(t)
|
|
|
|
info, err := c.Info(context.Background())
|
2018-04-10 10:29:48 -04:00
|
|
|
assert.NilError(t, err)
|
2019-10-18 12:09:41 -04:00
|
|
|
assert.NilError(t, c.Close())
|
2018-04-10 10:29:48 -04:00
|
|
|
return info
|
|
|
|
}
|
2018-04-18 10:45:55 -04:00
|
|
|
|
2019-10-09 07:17:52 -04:00
|
|
|
// cleanupRaftDir removes swarmkit wal files if present
|
|
|
|
func cleanupRaftDir(t testing.TB, d *Daemon) {
|
2019-09-23 08:06:27 -04:00
|
|
|
t.Helper()
|
2019-07-12 06:11:05 -04:00
|
|
|
for _, p := range []string{"wal", "wal-v3-encrypted", "snap-v3-encrypted"} {
|
2019-10-09 07:17:52 -04:00
|
|
|
dir := filepath.Join(d.Root, "swarm/raft", p)
|
2019-07-12 06:11:05 -04:00
|
|
|
if err := os.RemoveAll(dir); err != nil {
|
2019-10-09 07:17:52 -04:00
|
|
|
t.Logf("[%s] error removing %v: %v", d.id, dir, err)
|
2019-07-12 06:11:05 -04:00
|
|
|
}
|
2018-04-18 10:45:55 -04:00
|
|
|
}
|
|
|
|
}
|
2021-11-09 10:49:42 -05:00
|
|
|
|
|
|
|
// cleanupDaemonStorage removes the daemon's storage directory.
|
|
|
|
//
|
|
|
|
// Note that we don't delete the whole directory, as some files (e.g. daemon
|
|
|
|
// logs) are collected for inclusion in the "bundles" that are stored as Jenkins
|
|
|
|
// artifacts.
|
|
|
|
//
|
|
|
|
// We currently do not include container logs in the bundles, so this also
|
|
|
|
// removes the "containers" sub-directory.
|
|
|
|
func cleanupDaemonStorage(t testing.TB, d *Daemon) {
|
|
|
|
t.Helper()
|
|
|
|
dirs := []string{
|
|
|
|
"builder",
|
|
|
|
"buildkit",
|
|
|
|
"containers",
|
|
|
|
"image",
|
|
|
|
"network",
|
|
|
|
"plugins",
|
|
|
|
"tmp",
|
|
|
|
"trust",
|
|
|
|
"volumes",
|
|
|
|
// note: this assumes storage-driver name matches the subdirectory,
|
|
|
|
// which is currently true, but not guaranteed.
|
|
|
|
d.storageDriver,
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, p := range dirs {
|
|
|
|
dir := filepath.Join(d.Root, p)
|
|
|
|
if err := os.RemoveAll(dir); err != nil {
|
|
|
|
t.Logf("[%s] error removing %v: %v", d.id, dir, err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|