More libnetwork windows test fixes

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2022-11-09 12:21:53 -05:00 · 2021-05-28 18:53:49 +00:00 · 2021-05-28 18:53:49 +00:00 · 7186fd8a95
commit 7186fd8a95
parent 4b981436fe
13 changed files with 116 additions and 170 deletions
--- a/libnetwork/cmd/ovrouter/ovrouter.go
+++ b/libnetwork/cmd/ovrouter/ovrouter.go
@ -1,3 +1,5 @@
+// +build linux
+
 package main

 import (
--- a/libnetwork/firewall_test.go
+++ b/libnetwork/firewall_test.go
@ -1,103 +0,0 @@
-package libnetwork
-
-import (
-	"fmt"
-	"strings"
-	"testing"
-
-	"github.com/docker/docker/libnetwork/iptables"
-	"github.com/docker/docker/libnetwork/netlabel"
-	"github.com/docker/docker/libnetwork/options"
-	"gotest.tools/v3/assert"
-)
-
-const (
-	fwdChainName = "FORWARD"
-	usrChainName = userChain
-)
-
-func TestUserChain(t *testing.T) {
-	iptable := iptables.GetIptable(iptables.IPv4)
-
-	nc, err := New()
-	assert.NilError(t, err)
-
-	tests := []struct {
-		iptables  bool
-		insert    bool // insert other rules to FORWARD
-		fwdChain  []string
-		userChain []string
-	}{
-		{
-			iptables: false,
-			insert:   false,
-			fwdChain: []string{"-P FORWARD ACCEPT"},
-		},
-		{
-			iptables:  true,
-			insert:    false,
-			fwdChain:  []string{"-P FORWARD ACCEPT", "-A FORWARD -j DOCKER-USER"},
-			userChain: []string{"-N DOCKER-USER", "-A DOCKER-USER -j RETURN"},
-		},
-		{
-			iptables:  true,
-			insert:    true,
-			fwdChain:  []string{"-P FORWARD ACCEPT", "-A FORWARD -j DOCKER-USER", "-A FORWARD -j DROP"},
-			userChain: []string{"-N DOCKER-USER", "-A DOCKER-USER -j RETURN"},
-		},
-	}
-
-	resetIptables(t)
-	for _, tc := range tests {
-		tc := tc
-		t.Run(fmt.Sprintf("iptables=%v,insert=%v", tc.iptables, tc.insert), func(t *testing.T) {
-			c := nc.(*controller)
-			c.cfg.Daemon.DriverCfg["bridge"] = map[string]interface{}{
-				netlabel.GenericData: options.Generic{
-					"EnableIPTables": tc.iptables,
-				},
-			}
-
-			// init. condition, FORWARD chain empty DOCKER-USER not exist
-			assert.DeepEqual(t, getRules(t, fwdChainName), []string{"-P FORWARD ACCEPT"})
-
-			if tc.insert {
-				_, err = iptable.Raw("-A", fwdChainName, "-j", "DROP")
-				assert.NilError(t, err)
-			}
-			arrangeUserFilterRule()
-
-			assert.DeepEqual(t, getRules(t, fwdChainName), tc.fwdChain)
-			if tc.userChain != nil {
-				assert.DeepEqual(t, getRules(t, usrChainName), tc.userChain)
-			} else {
-				_, err := iptable.Raw("-S", usrChainName)
-				assert.Assert(t, err != nil, "chain %v: created unexpectedly", usrChainName)
-			}
-		})
-		resetIptables(t)
-	}
-}
-
-func getRules(t *testing.T, chain string) []string {
-	iptable := iptables.GetIptable(iptables.IPv4)
-
-	t.Helper()
-	output, err := iptable.Raw("-S", chain)
-	assert.NilError(t, err, "chain %s: failed to get rules", chain)
-
-	rules := strings.Split(string(output), "\n")
-	if len(rules) > 0 {
-		rules = rules[:len(rules)-1]
-	}
-	return rules
-}
-
-func resetIptables(t *testing.T) {
-	iptable := iptables.GetIptable(iptables.IPv4)
-
-	t.Helper()
-	_, err := iptable.Raw("-F", fwdChainName)
-	assert.NilError(t, err)
-	_ = iptable.RemoveExistingChain(usrChainName, "")
-}
--- a/libnetwork/iptables/conntrack.go
+++ b/libnetwork/iptables/conntrack.go
@ -1,3 +1,5 @@
+// +build linux
+
 package iptables

 import (
--- a/libnetwork/iptables/firewalld.go
+++ b/libnetwork/iptables/firewalld.go
@ -1,3 +1,5 @@
+// +build linux
+
 package iptables

 import (
--- a/libnetwork/iptables/firewalld_test.go
+++ b/libnetwork/iptables/firewalld_test.go
@ -1,3 +1,5 @@
+// +build linux
+
 package iptables

 import (
--- a/libnetwork/iptables/iptables.go
+++ b/libnetwork/iptables/iptables.go
@ -1,3 +1,5 @@
+// +build linux
+
 package iptables

 import (
--- a/libnetwork/iptables/iptables_test.go
+++ b/libnetwork/iptables/iptables_test.go
@ -1,3 +1,5 @@
+// +build linux
+
 package iptables

 import (
--- a/libnetwork/libnetwork_linux_test.go
+++ b/libnetwork/libnetwork_linux_test.go
@ -27,6 +27,70 @@ import (
 	"github.com/vishvananda/netns"
 )

+var (
+	origins = netns.None()
+	testns  = netns.None()
+)
+
+func createGlobalInstance(t *testing.T) {
+	var err error
+	defer close(start)
+
+	origins, err = netns.Get()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if testutils.IsRunningInContainer() {
+		testns = origins
+	} else {
+		testns, err = netns.New()
+		if err != nil {
+			t.Fatal(err)
+		}
+	}
+
+	netOption := options.Generic{
+		netlabel.GenericData: options.Generic{
+			"BridgeName": "network",
+		},
+	}
+
+	net1, err := controller.NetworkByName("testhost")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	net2, err := createTestNetwork("bridge", "network2", netOption, nil, nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = net1.CreateEndpoint("pep1")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = net2.CreateEndpoint("pep2")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	_, err = net2.CreateEndpoint("pep3")
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if sboxes[first-1], err = controller.NewSandbox(fmt.Sprintf("%drace", first), libnetwork.OptionUseDefaultSandbox()); err != nil {
+		t.Fatal(err)
+	}
+	for thd := first + 1; thd <= last; thd++ {
+		if sboxes[thd-1], err = controller.NewSandbox(fmt.Sprintf("%drace", thd)); err != nil {
+			t.Fatal(err)
+		}
+	}
+}
+
 func TestHost(t *testing.T) {
 	sbx1, err := controller.NewSandbox("host_c1",
 		libnetwork.OptionHostname("test1"),
--- a/libnetwork/libnetwork_test.go
+++ b/libnetwork/libnetwork_test.go
@ -8,13 +8,13 @@ import (
 	"net/http/httptest"
 	"os"
 	"path/filepath"
+	"sync"
 	"testing"

 	"github.com/docker/docker/libnetwork"
 	"github.com/docker/docker/libnetwork/config"
 	"github.com/docker/docker/libnetwork/datastore"
 	"github.com/docker/docker/libnetwork/driverapi"
-	"github.com/docker/docker/libnetwork/drivers/bridge"
 	"github.com/docker/docker/libnetwork/ipamapi"
 	"github.com/docker/docker/libnetwork/netlabel"
 	"github.com/docker/docker/libnetwork/options"
@ -23,7 +23,6 @@ import (
 	"github.com/docker/docker/pkg/plugins"
 	"github.com/docker/docker/pkg/reexec"
 	"github.com/sirupsen/logrus"
-	"github.com/vishvananda/netns"
 )

 const (
@ -201,7 +200,7 @@ func TestBridge(t *testing.T) {
 		t.Fatalf("Unexpected format for port mapping in endpoint operational data")
 	}
 	expectedLen := 10
-	if !bridge.IsV6Listenable() {
+	if !isV6Listenable() {
 		expectedLen = 5
 	}
 	if len(pm) != expectedLen {
@ -209,6 +208,28 @@ func TestBridge(t *testing.T) {
 	}
 }

+var (
+	v6ListenableCached bool
+	v6ListenableOnce   sync.Once
+)
+
+// This is copied from the bridge driver package b/c the bridge driver is not platform agnostic.
+func isV6Listenable() bool {
+	v6ListenableOnce.Do(func() {
+		ln, err := net.Listen("tcp6", "[::1]:0")
+		if err != nil {
+			// When the kernel was booted with `ipv6.disable=1`,
+			// we get err "listen tcp6 [::1]:0: socket: address family not supported by protocol"
+			// https://github.com/moby/moby/issues/42288
+			logrus.Debugf("port_mapping: v6Listenable=false (%v)", err)
+		} else {
+			v6ListenableCached = true
+			ln.Close()
+		}
+	})
+	return v6ListenableCached
+}
+
 func TestUnknownDriver(t *testing.T) {
 	if !testutils.IsRunningInContainer() {
 		defer testutils.SetupTestOSContext(t)()
@ -1411,11 +1432,9 @@ func TestValidRemoteDriver(t *testing.T) {
 }

 var (
-	start   = make(chan struct{})
-	done    = make(chan chan struct{}, numThreads-1)
-	origins = netns.None()
-	testns  = netns.None()
-	sboxes  = make([]libnetwork.Sandbox, numThreads)
+	start  = make(chan struct{})
+	done   = make(chan chan struct{}, numThreads-1)
+	sboxes = make([]libnetwork.Sandbox, numThreads)
 )

 const (
@ -1426,65 +1445,6 @@ const (
 	debug      = false
 )

-func createGlobalInstance(t *testing.T) {
-	var err error
-	defer close(start)
-
-	origins, err = netns.Get()
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if testutils.IsRunningInContainer() {
-		testns = origins
-	} else {
-		testns, err = netns.New()
-		if err != nil {
-			t.Fatal(err)
-		}
-	}
-
-	netOption := options.Generic{
-		netlabel.GenericData: options.Generic{
-			"BridgeName": "network",
-		},
-	}
-
-	net1, err := controller.NetworkByName("testhost")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	net2, err := createTestNetwork("bridge", "network2", netOption, nil, nil)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	_, err = net1.CreateEndpoint("pep1")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	_, err = net2.CreateEndpoint("pep2")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	_, err = net2.CreateEndpoint("pep3")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if sboxes[first-1], err = controller.NewSandbox(fmt.Sprintf("%drace", first), libnetwork.OptionUseDefaultSandbox()); err != nil {
-		t.Fatal(err)
-	}
-	for thd := first + 1; thd <= last; thd++ {
-		if sboxes[thd-1], err = controller.NewSandbox(fmt.Sprintf("%drace", thd)); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
-
 func debugf(format string, a ...interface{}) {
 	if debug {
 		fmt.Printf(format, a...)
--- a/libnetwork/libnetwork_windows_test.go
+++ b/libnetwork/libnetwork_windows_test.go
@ -1,3 +1,8 @@
 package libnetwork_test

+import (
+	"os"
+	"path/filepath"
+)
+
 var specPath = filepath.Join(os.Getenv("programdata"), "docker", "plugins")
--- a/libnetwork/netutils/utils_linux_test.go
+++ b/libnetwork/netutils/utils_linux_test.go
--- a/libnetwork/portmapper/mapper_linux_test.go
+++ b/libnetwork/portmapper/mapper_linux_test.go
--- a/libnetwork/sandbox_dns_windows.go
+++ b/libnetwork/sandbox_dns_windows.go
@ -33,3 +33,11 @@ func (sb *sandbox) deleteHostsEntries(recs []etchosts.Record) {
 func (sb *sandbox) updateDNS(ipv6Enabled bool) error {
 	return nil
 }
+
+func (sb *sandbox) setupDNS() error {
+	return nil
+}
+
+func (sb *sandbox) rebuildDNS() error {
+	return nil
+}