mirror of
synced 2022-11-09 12:21:53 -05:00

Rootlesskit doesn't currently handle IPv6 addresses, causing TestNetworkLoopbackNat and TestNetworkNat to fail; Error starting userland proxy: error while calling PortManager.AddPort(): listen tcp: address :::8080: too many colons in address This patch: - Updates `getExternalAddress()` to pick IPv4 address if both IPv6 and IPv4 are found - Update TestNetworkNat to net.JoinHostPort(), so that square brackets are used for IPv6 addresses (e.g. `[::]:8080`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
145 lines
3.8 KiB
145 lines
3.8 KiB
package container // import "github.com/docker/docker/integration/container"
import (
is "gotest.tools/v3/assert/cmp"
func TestNetworkNat(t *testing.T) {
skip.If(t, testEnv.OSType == "windows", "FIXME")
skip.If(t, testEnv.IsRemoteDaemon)
defer setupTest(t)()
msg := "it works"
startServerContainer(t, msg, 8080)
endpoint := getExternalAddress(t)
conn, err := net.Dial("tcp", net.JoinHostPort(endpoint.String(), "8080"))
assert.NilError(t, err)
defer conn.Close()
data, err := ioutil.ReadAll(conn)
assert.NilError(t, err)
assert.Check(t, is.Equal(msg, strings.TrimSpace(string(data))))
func TestNetworkLocalhostTCPNat(t *testing.T) {
skip.If(t, testEnv.IsRemoteDaemon)
defer setupTest(t)()
msg := "hi yall"
startServerContainer(t, msg, 8081)
conn, err := net.Dial("tcp", "localhost:8081")
assert.NilError(t, err)
defer conn.Close()
data, err := ioutil.ReadAll(conn)
assert.NilError(t, err)
assert.Check(t, is.Equal(msg, strings.TrimSpace(string(data))))
func TestNetworkLoopbackNat(t *testing.T) {
skip.If(t, testEnv.OSType == "windows", "FIXME")
skip.If(t, testEnv.IsRemoteDaemon)
defer setupTest(t)()
msg := "it works"
serverContainerID := startServerContainer(t, msg, 8080)
endpoint := getExternalAddress(t)
client := testEnv.APIClient()
ctx := context.Background()
cID := container.Run(ctx, t, client,
container.WithCmd("sh", "-c", fmt.Sprintf("stty raw && nc -w 1 %s 8080", endpoint.String())),
poll.WaitOn(t, container.IsStopped(ctx, client, cID), poll.WithDelay(100*time.Millisecond))
body, err := client.ContainerLogs(ctx, cID, types.ContainerLogsOptions{
ShowStdout: true,
assert.NilError(t, err)
defer body.Close()
var b bytes.Buffer
_, err = io.Copy(&b, body)
assert.NilError(t, err)
assert.Check(t, is.Equal(msg, strings.TrimSpace(b.String())))
func startServerContainer(t *testing.T, msg string, port int) string {
client := testEnv.APIClient()
ctx := context.Background()
cID := container.Run(ctx, t, client,
container.WithCmd("sh", "-c", fmt.Sprintf("echo %q | nc -lp %d", msg, port)),
container.WithExposedPorts(fmt.Sprintf("%d/tcp", port)),
func(c *container.TestContainerConfig) {
c.HostConfig.PortBindings = nat.PortMap{
nat.Port(fmt.Sprintf("%d/tcp", port)): []nat.PortBinding{
HostPort: fmt.Sprintf("%d", port),
poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond))
return cID
// getExternalAddress() returns the external IP-address from eth0. If eth0 has
// multiple IP-addresses, it returns the first IPv4 IP-address; if no IPv4
// address is present, it returns the first IP-address found.
func getExternalAddress(t *testing.T) net.IP {
iface, err := net.InterfaceByName("eth0")
skip.If(t, err != nil, "Test not running with `make test-integration`. Interface eth0 not found: %s", err)
ifaceAddrs, err := iface.Addrs()
assert.NilError(t, err)
assert.Check(t, 0 != len(ifaceAddrs))
if len(ifaceAddrs) > 1 {
// Prefer IPv4 address if multiple addresses found, as rootlesskit
// does not handle IPv6 currently https://github.com/moby/moby/pull/41908#issuecomment-774200001
for _, a := range ifaceAddrs {
ifaceIP, _, err := net.ParseCIDR(a.String())
assert.NilError(t, err)
if ifaceIP.To4() != nil {
return ifaceIP
ifaceIP, _, err := net.ParseCIDR(ifaceAddrs[0].String())
assert.NilError(t, err)
return ifaceIP