github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/engine/integration/network/network_test.go (about) 1 package network // import "github.com/docker/docker/integration/network" 2 3 import ( 4 "bytes" 5 "context" 6 "encoding/json" 7 "net/http" 8 "os/exec" 9 "strings" 10 "testing" 11 12 "github.com/docker/docker/api/types" 13 "github.com/docker/docker/integration/internal/container" 14 "github.com/docker/docker/integration/internal/network" 15 "github.com/docker/docker/testutil/daemon" 16 "github.com/docker/docker/testutil/request" 17 "gotest.tools/v3/assert" 18 is "gotest.tools/v3/assert/cmp" 19 "gotest.tools/v3/icmd" 20 "gotest.tools/v3/skip" 21 ) 22 23 func TestRunContainerWithBridgeNone(t *testing.T) { 24 skip.If(t, testEnv.IsRemoteDaemon, "cannot start daemon on remote test run") 25 skip.If(t, testEnv.DaemonInfo.OSType != "linux") 26 skip.If(t, IsUserNamespace()) 27 skip.If(t, testEnv.IsRootless, "rootless mode has different view of network") 28 29 d := daemon.New(t) 30 d.StartWithBusybox(t, "-b", "none") 31 defer d.Stop(t) 32 33 c := d.NewClientT(t) 34 ctx := context.Background() 35 36 id1 := container.Run(ctx, t, c) 37 defer c.ContainerRemove(ctx, id1, types.ContainerRemoveOptions{Force: true}) 38 39 result, err := container.Exec(ctx, c, id1, []string{"ip", "l"}) 40 assert.NilError(t, err) 41 assert.Check(t, is.Equal(false, strings.Contains(result.Combined(), "eth0")), "There shouldn't be eth0 in container in default(bridge) mode when bridge network is disabled") 42 43 id2 := container.Run(ctx, t, c, container.WithNetworkMode("bridge")) 44 defer c.ContainerRemove(ctx, id2, types.ContainerRemoveOptions{Force: true}) 45 46 result, err = container.Exec(ctx, c, id2, []string{"ip", "l"}) 47 assert.NilError(t, err) 48 assert.Check(t, is.Equal(false, strings.Contains(result.Combined(), "eth0")), "There shouldn't be eth0 in container in bridge mode when bridge network is disabled") 49 50 nsCommand := "ls -l /proc/self/ns/net | awk -F '->' '{print $2}'" 51 cmd := exec.Command("sh", "-c", nsCommand) 52 stdout := bytes.NewBuffer(nil) 53 cmd.Stdout = stdout 54 err = cmd.Run() 55 assert.NilError(t, err, "Failed to get current process network namespace: %+v", err) 56 57 id3 := container.Run(ctx, t, c, container.WithNetworkMode("host")) 58 defer c.ContainerRemove(ctx, id3, types.ContainerRemoveOptions{Force: true}) 59 60 result, err = container.Exec(ctx, c, id3, []string{"sh", "-c", nsCommand}) 61 assert.NilError(t, err) 62 assert.Check(t, is.Equal(stdout.String(), result.Combined()), "The network namespace of container should be the same with host when --net=host and bridge network is disabled") 63 } 64 65 func TestNetworkInvalidJSON(t *testing.T) { 66 defer setupTest(t)() 67 68 endpoints := []string{ 69 "/networks/create", 70 "/networks/bridge/connect", 71 "/networks/bridge/disconnect", 72 } 73 74 for _, ep := range endpoints { 75 t.Run(ep, func(t *testing.T) { 76 t.Parallel() 77 78 res, body, err := request.Post(ep, request.RawString("{invalid json"), request.JSON) 79 assert.NilError(t, err) 80 assert.Equal(t, res.StatusCode, http.StatusBadRequest) 81 82 buf, err := request.ReadBody(body) 83 assert.NilError(t, err) 84 assert.Check(t, is.Contains(string(buf), "invalid character 'i' looking for beginning of object key string")) 85 86 res, body, err = request.Post(ep, request.JSON) 87 assert.NilError(t, err) 88 assert.Equal(t, res.StatusCode, http.StatusBadRequest) 89 90 buf, err = request.ReadBody(body) 91 assert.NilError(t, err) 92 assert.Check(t, is.Contains(string(buf), "got EOF while reading request body")) 93 }) 94 } 95 } 96 97 // TestNetworkList verifies that /networks returns a list of networks either 98 // with, or without a trailing slash (/networks/). Regression test for https://github.com/moby/moby/issues/24595 99 func TestNetworkList(t *testing.T) { 100 defer setupTest(t)() 101 102 endpoints := []string{ 103 "/networks", 104 "/networks/", 105 } 106 107 for _, ep := range endpoints { 108 t.Run(ep, func(t *testing.T) { 109 t.Parallel() 110 111 res, body, err := request.Get(ep, request.JSON) 112 assert.NilError(t, err) 113 assert.Equal(t, res.StatusCode, http.StatusOK) 114 115 buf, err := request.ReadBody(body) 116 assert.NilError(t, err) 117 var nws []types.NetworkResource 118 err = json.Unmarshal(buf, &nws) 119 assert.NilError(t, err) 120 assert.Assert(t, len(nws) > 0) 121 }) 122 } 123 } 124 125 func TestHostIPv4BridgeLabel(t *testing.T) { 126 skip.If(t, testEnv.OSType == "windows") 127 skip.If(t, testEnv.IsRemoteDaemon) 128 skip.If(t, testEnv.IsRootless, "rootless mode has different view of network") 129 d := daemon.New(t) 130 d.Start(t) 131 defer d.Stop(t) 132 c := d.NewClientT(t) 133 defer c.Close() 134 ctx := context.Background() 135 136 ipv4SNATAddr := "172.0.0.172" 137 // Create a bridge network with --opt com.docker.network.host_ipv4=172.0.0.172 138 bridgeName := "hostIPv4Bridge" 139 network.CreateNoError(ctx, t, c, bridgeName, 140 network.WithDriver("bridge"), 141 network.WithOption("com.docker.network.host_ipv4", ipv4SNATAddr), 142 network.WithOption("com.docker.network.bridge.name", bridgeName), 143 ) 144 out, err := c.NetworkInspect(ctx, bridgeName, types.NetworkInspectOptions{Verbose: true}) 145 assert.NilError(t, err) 146 assert.Assert(t, len(out.IPAM.Config) > 0) 147 // Make sure the SNAT rule exists 148 icmd.RunCommand("iptables", "-t", "nat", "-C", "POSTROUTING", "-s", out.IPAM.Config[0].Subnet, "!", "-o", bridgeName, "-j", "SNAT", "--to-source", ipv4SNATAddr).Assert(t, icmd.Success) 149 }