kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Re-enable shared namespace tests for userns CI runs

Browse source 
Allow --net=container and --ipc=container tests to run when user
namespaces are enabled.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
This commit is contained in:
Phil Estes 2016-03-23 09:37:15 -04:00
parent 6ad9def11a
commit a1d8441117
3 changed files with 36 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
integration-cli/docker_cli_create_test.go
View file

@ -241,8 +241,7 @@ func (s *DockerSuite) TestCreateRM(c *check.C) {
func (s *DockerSuite) TestCreateModeIpcContainer(c *check.C) { func (s *DockerSuite) TestCreateModeIpcContainer(c *check.C) {
// Uses Linux specific functionality (--ipc) // Uses Linux specific functionality (--ipc)
testRequires(c, DaemonIsLinux) testRequires(c, DaemonIsLinux, SameHostDaemon)
testRequires(c, SameHostDaemon, NotUserNamespace)
out, _ := dockerCmd(c, "create", "busybox") out, _ := dockerCmd(c, "create", "busybox")
id := strings.TrimSpace(out) id := strings.TrimSpace(out)

36
integration-cli/docker_cli_netmode_test.go
View file

@ -21,13 +21,17 @@ func dockerCmdWithFail(c *check.C, args ...string) (string, int) {
return out, status return out, status
} }
func (s *DockerSuite) TestNetHostname(c *check.C) { func (s *DockerSuite) TestNetHostnameWithNetHost(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux, NotUserNamespace)
out, _ := dockerCmd(c, "run", "-h=name", "busybox", "ps") out, _ := dockerCmd(c, "run", "--net=host", "busybox", "ps")
c.Assert(out, checker.Contains, stringCheckPS) c.Assert(out, checker.Contains, stringCheckPS)
}
out, _ = dockerCmd(c, "run", "--net=host", "busybox", "ps") func (s *DockerSuite) TestNetHostname(c *check.C) {
testRequires(c, DaemonIsLinux)
out, _ := dockerCmd(c, "run", "-h=name", "busybox", "ps")
c.Assert(out, checker.Contains, stringCheckPS) c.Assert(out, checker.Contains, stringCheckPS)
out, _ = dockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps") out, _ = dockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps")
@ -47,32 +51,40 @@ func (s *DockerSuite) TestNetHostname(c *check.C) {
} }
func (s *DockerSuite) TestConflictContainerNetworkAndLinks(c *check.C) { func (s *DockerSuite) TestConflictContainerNetworkAndLinks(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps") out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndLinks.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndLinks.Error())
}
out, _ = dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps") func (s *DockerSuite) TestConflictContainerNetworkHostAndLinks(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace)
out, _ := dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetworkAndLinks.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetworkAndLinks.Error())
} }
func (s *DockerSuite) TestConflictNetworkModeAndOptions(c *check.C) { func (s *DockerSuite) TestConflictNetworkModeNetHostAndOptions(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux, NotUserNamespace)
out, _ := dockerCmdWithFail(c, "run", "--net=host", "--dns=8.8.8.8", "busybox", "ps") out, _ := dockerCmdWithFail(c, "run", "--net=host", "--dns=8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=host", "--add-host=name:8.8.8.8", "busybox", "ps") out, _ = dockerCmdWithFail(c, "run", "--net=host", "--add-host=name:8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps") out, _ = dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error())
}
func (s *DockerSuite) TestConflictNetworkModeAndOptions(c *check.C) {
testRequires(c, DaemonIsLinux)
out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error())
out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps") out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps")
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error()) c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error())

22
integration-cli/docker_cli_run_test.go
View file

@ -2390,7 +2390,7 @@ func (s *DockerSuite) TestRunModeIpcHost(c *check.C) {
func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) { func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) {
// Not applicable on Windows as uses Unix-specific capabilities // Not applicable on Windows as uses Unix-specific capabilities
testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) testRequires(c, SameHostDaemon, DaemonIsLinux)
out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "echo -n test > /dev/shm/test && touch /dev/mqueue/toto && top") out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "echo -n test > /dev/shm/test && touch /dev/mqueue/toto && top")
@ -2432,7 +2432,7 @@ func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) {
func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) { func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) {
// Not applicable on Windows as uses Unix-specific capabilities // Not applicable on Windows as uses Unix-specific capabilities
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
out, _, err := dockerCmdWithError("run", "-d", "--ipc", "container:abcd1234", "busybox", "top") out, _, err := dockerCmdWithError("run", "-d", "--ipc", "container:abcd1234", "busybox", "top")
if !strings.Contains(out, "abcd1234") || err == nil { if !strings.Contains(out, "abcd1234") || err == nil {
c.Fatalf("run IPC from a non exists container should with correct error out") c.Fatalf("run IPC from a non exists container should with correct error out")
@ -2441,7 +2441,7 @@ func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) {
func (s *DockerSuite) TestRunModeIpcContainerNotRunning(c *check.C) { func (s *DockerSuite) TestRunModeIpcContainerNotRunning(c *check.C) {
// Not applicable on Windows as uses Unix-specific capabilities // Not applicable on Windows as uses Unix-specific capabilities
testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) testRequires(c, SameHostDaemon, DaemonIsLinux)
out, _ := dockerCmd(c, "create", "busybox") out, _ := dockerCmd(c, "create", "busybox")
@ -2478,7 +2478,7 @@ func (s *DockerSuite) TestRunMountShmMqueueFromHost(c *check.C) {
func (s *DockerSuite) TestContainerNetworkMode(c *check.C) { func (s *DockerSuite) TestContainerNetworkMode(c *check.C) {
// Not applicable on Windows as uses Unix-specific capabilities // Not applicable on Windows as uses Unix-specific capabilities
testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) testRequires(c, SameHostDaemon, DaemonIsLinux)
out, _ := dockerCmd(c, "run", "-d", "busybox", "top") out, _ := dockerCmd(c, "run", "-d", "busybox", "top")
id := strings.TrimSpace(out) id := strings.TrimSpace(out)
@ -3614,7 +3614,7 @@ func (s *DockerSuite) TestRunContainerWithCgroupMountRO(c *check.C) {
func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) { func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) {
// Not applicable on Windows which does not support --net=container // Not applicable on Windows which does not support --net=container
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
out, _, err := dockerCmdWithError("run", "--name=me", "--net=container:me", "busybox", "true") out, _, err := dockerCmdWithError("run", "--name=me", "--net=container:me", "busybox", "true")
if err == nil || !strings.Contains(out, "cannot join own network") { if err == nil || !strings.Contains(out, "cannot join own network") {
c.Fatalf("using container net mode to self should result in an error\nerr: %q\nout: %s", err, out) c.Fatalf("using container net mode to self should result in an error\nerr: %q\nout: %s", err, out)
@ -3623,7 +3623,7 @@ func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) {
func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) { func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) {
// Not applicable on Windows which does not support --net=container // Not applicable on Windows which does not support --net=container
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
out, _, err := dockerCmdWithError("run", "-d", "--name", "parent", "busybox", "top") out, _, err := dockerCmdWithError("run", "-d", "--name", "parent", "busybox", "top")
if err != nil { if err != nil {
c.Fatalf("failed to run container: %v, output: %q", err, out) c.Fatalf("failed to run container: %v, output: %q", err, out)
@ -3647,7 +3647,7 @@ func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) {
func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) { func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) {
// Not applicable on Windows which does not support --net=container // Not applicable on Windows which does not support --net=container
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top") dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top")
out, _, err := dockerCmdWithError("run", "-p", "5000:5000", "--net=container:parent", "busybox") out, _, err := dockerCmdWithError("run", "-p", "5000:5000", "--net=container:parent", "busybox")
@ -3668,7 +3668,7 @@ func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) {
func (s *DockerSuite) TestRunLinkToContainerNetMode(c *check.C) { func (s *DockerSuite) TestRunLinkToContainerNetMode(c *check.C) {
// Not applicable on Windows which does not support --net=container or --link // Not applicable on Windows which does not support --net=container or --link
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
dockerCmd(c, "run", "--name", "test", "-d", "busybox", "top") dockerCmd(c, "run", "--name", "test", "-d", "busybox", "top")
dockerCmd(c, "run", "--name", "parent", "-d", "--net=container:test", "busybox", "top") dockerCmd(c, "run", "--name", "parent", "-d", "--net=container:test", "busybox", "top")
dockerCmd(c, "run", "-d", "--link=parent:parent", "busybox", "top") dockerCmd(c, "run", "-d", "--link=parent:parent", "busybox", "top")
@ -3712,7 +3712,7 @@ func (s *DockerSuite) TestRunLoopbackWhenNetworkDisabled(c *check.C) {
func (s *DockerSuite) TestRunModeNetContainerHostname(c *check.C) { func (s *DockerSuite) TestRunModeNetContainerHostname(c *check.C) {
// Windows does not support --net=container // Windows does not support --net=container
testRequires(c, DaemonIsLinux, ExecSupport, NotUserNamespace) testRequires(c, DaemonIsLinux, ExecSupport)
dockerCmd(c, "run", "-i", "-d", "--name", "parent", "busybox", "top") dockerCmd(c, "run", "-i", "-d", "--name", "parent", "busybox", "top")
out, _ := dockerCmd(c, "exec", "parent", "cat", "/etc/hostname") out, _ := dockerCmd(c, "exec", "parent", "cat", "/etc/hostname")
@ -3863,7 +3863,7 @@ func (s *DockerSuite) TestContainerWithConflictingHostNetworks(c *check.C) {
} }
func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) { func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
dockerCmd(c, "run", "-d", "--name=first", "busybox", "top") dockerCmd(c, "run", "-d", "--name=first", "busybox", "top")
c.Assert(waitRun("first"), check.IsNil) c.Assert(waitRun("first"), check.IsNil)
// Run second container in first container's network namespace // Run second container in first container's network namespace
@ -3880,7 +3880,7 @@ func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) {
} }
func (s *DockerSuite) TestContainerWithConflictingNoneNetwork(c *check.C) { func (s *DockerSuite) TestContainerWithConflictingNoneNetwork(c *check.C) {
testRequires(c, DaemonIsLinux, NotUserNamespace) testRequires(c, DaemonIsLinux)
dockerCmd(c, "run", "-d", "--net=none", "--name=first", "busybox", "top") dockerCmd(c, "run", "-d", "--net=none", "--name=first", "busybox", "top")
c.Assert(waitRun("first"), check.IsNil) c.Assert(waitRun("first"), check.IsNil)