github.com/pwn-term/docker@v0.0.0-20210616085119-6e977cce2565/libnetwork/test/integration/dnet/bridge.bats (about) 1 # -*- mode: sh -*- 2 #!/usr/bin/env bats 3 4 load helpers 5 6 function test_single_network_connectivity() { 7 local nw_name start end 8 9 nw_name=${1} 10 start=1 11 end=${2} 12 13 # Create containers and connect them to the network 14 for i in `seq ${start} ${end}`; 15 do 16 dnet_cmd $(inst_id2port 1) container create container_${i} 17 net_connect 1 container_${i} ${nw_name} 18 done 19 20 # Now test connectivity between all the containers using service names 21 for i in `seq ${start} ${end}`; 22 do 23 if [ "${nw_name}" != "internal" ]; then 24 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_${i}) \ 25 "ping -c 1 www.google.com" 26 fi 27 for j in `seq ${start} ${end}`; 28 do 29 if [ "$i" -eq "$j" ]; then 30 continue 31 fi 32 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_${i}) \ 33 "ping -c 1 container_${j}" 34 done 35 done 36 37 if [ -n "$3" ]; then 38 return 39 fi 40 41 # Teardown the container connections and the network 42 for i in `seq ${start} ${end}`; 43 do 44 net_disconnect 1 container_${i} ${nw_name} 45 dnet_cmd $(inst_id2port 1) container rm container_${i} 46 done 47 } 48 49 @test "Test default bridge network" { 50 skip_for_circleci 51 52 echo $(docker ps) 53 test_single_network_connectivity bridge 3 54 } 55 56 57 @test "Test default network dnet restart" { 58 skip_for_circleci 59 60 echo $(docker ps) 61 62 for iter in `seq 1 2`; 63 do 64 test_single_network_connectivity bridge 3 65 if [ "$iter" -eq 1 ]; then 66 docker restart dnet-1-bridge 67 wait_for_dnet $(inst_id2port 1) dnet-1-bridge 68 fi 69 done 70 } 71 72 @test "Test default network dnet ungraceful restart" { 73 skip_for_circleci 74 75 echo $(docker ps) 76 77 for iter in `seq 1 2`; 78 do 79 if [ "$iter" -eq 1 ]; then 80 test_single_network_connectivity bridge 3 skip 81 docker restart dnet-1-bridge 82 wait_for_dnet $(inst_id2port 1) dnet-1-bridge 83 else 84 test_single_network_connectivity bridge 3 85 fi 86 done 87 } 88 89 @test "Test bridge network" { 90 skip_for_circleci 91 92 echo $(docker ps) 93 dnet_cmd $(inst_id2port 1) network create -d bridge singlehost 94 test_single_network_connectivity singlehost 3 95 dnet_cmd $(inst_id2port 1) network rm singlehost 96 } 97 98 @test "Test bridge network dnet restart" { 99 skip_for_circleci 100 101 echo $(docker ps) 102 dnet_cmd $(inst_id2port 1) network create -d bridge singlehost 103 104 for iter in `seq 1 2`; 105 do 106 test_single_network_connectivity singlehost 3 107 if [ "$iter" -eq 1 ]; then 108 docker restart dnet-1-bridge 109 wait_for_dnet $(inst_id2port 1) dnet-1-bridge 110 fi 111 done 112 113 dnet_cmd $(inst_id2port 1) network rm singlehost 114 } 115 116 @test "Test bridge network dnet ungraceful restart" { 117 skip_for_circleci 118 119 echo $(docker ps) 120 dnet_cmd $(inst_id2port 1) network create -d bridge singlehost 121 122 for iter in `seq 1 2`; 123 do 124 if [ "$iter" -eq 1 ]; then 125 test_single_network_connectivity singlehost 3 skip 126 docker restart dnet-1-bridge 127 wait_for_dnet $(inst_id2port 1) dnet-1-bridge 128 else 129 test_single_network_connectivity singlehost 3 130 fi 131 done 132 133 dnet_cmd $(inst_id2port 1) network rm singlehost 134 } 135 136 @test "Test multiple bridge networks" { 137 skip_for_circleci 138 139 echo $(docker ps) 140 141 start=1 142 end=3 143 144 for i in `seq ${start} ${end}`; 145 do 146 dnet_cmd $(inst_id2port 1) container create container_${i} 147 for j in `seq ${start} ${end}`; 148 do 149 if [ "$i" -eq "$j" ]; then 150 continue 151 fi 152 153 if [ "$i" -lt "$j" ]; then 154 dnet_cmd $(inst_id2port 1) network create -d bridge sh${i}${j} 155 nw=sh${i}${j} 156 else 157 nw=sh${j}${i} 158 fi 159 160 osvc="svc${i}${j}" 161 dnet_cmd $(inst_id2port 1) service publish ${osvc}.${nw} 162 dnet_cmd $(inst_id2port 1) service attach container_${i} ${osvc}.${nw} 163 done 164 done 165 166 for i in `seq ${start} ${end}`; 167 do 168 echo ${i1} 169 for j in `seq ${start} ${end}`; 170 do 171 echo ${j1} 172 if [ "$i" -eq "$j" ]; then 173 continue 174 fi 175 176 osvc="svc${j}${i}" 177 echo "pinging ${osvc}" 178 dnet_cmd $(inst_id2port 1) service ls 179 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_${i}) "cat /data/data/hilled.pwnterm/files/usr/etc/hosts" 180 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_${i}) "ping -c 1 ${osvc}" 181 done 182 done 183 184 svcs=( 185 0,0 186 2,3 187 1,3 188 1,2 189 ) 190 191 echo "Test connectivity failure" 192 for i in `seq ${start} ${end}`; 193 do 194 IFS=, read a b <<<"${svcs[$i]}" 195 osvc="svc${a}${b}" 196 echo "pinging ${osvc}" 197 runc_nofail $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_${i}) "ping -c 1 ${osvc}" 198 [ "${status}" -ne 0 ] 199 done 200 201 for i in `seq ${start} ${end}`; 202 do 203 for j in `seq ${start} ${end}`; 204 do 205 if [ "$i" -eq "$j" ]; then 206 continue 207 fi 208 209 if [ "$i" -lt "$j" ]; then 210 nw=sh${i}${j} 211 else 212 nw=sh${j}${i} 213 fi 214 215 osvc="svc${i}${j}" 216 dnet_cmd $(inst_id2port 1) service detach container_${i} ${osvc}.${nw} 217 dnet_cmd $(inst_id2port 1) service unpublish ${osvc}.${nw} 218 219 done 220 dnet_cmd $(inst_id2port 1) container rm container_${i} 221 done 222 223 for i in `seq ${start} ${end}`; 224 do 225 for j in `seq ${start} ${end}`; 226 do 227 if [ "$i" -eq "$j" ]; then 228 continue 229 fi 230 231 if [ "$i" -lt "$j" ]; then 232 dnet_cmd $(inst_id2port 1) network rm sh${i}${j} 233 fi 234 done 235 done 236 237 } 238 239 @test "Test bridge network alias support" { 240 skip_for_circleci 241 dnet_cmd $(inst_id2port 1) network create -d bridge br1 242 dnet_cmd $(inst_id2port 1) container create container_1 243 net_connect 1 container_1 br1 container_2:c2 244 dnet_cmd $(inst_id2port 1) container create container_2 245 net_connect 1 container_2 br1 246 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 container_2" 247 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 c2" 248 net_disconnect 1 container_1 br1 249 net_disconnect 1 container_2 br1 250 dnet_cmd $(inst_id2port 1) container rm container_1 251 dnet_cmd $(inst_id2port 1) container rm container_2 252 dnet_cmd $(inst_id2port 1) network rm br1 253 } 254 255 256 @test "Test bridge network global alias support" { 257 skip_for_circleci 258 dnet_cmd $(inst_id2port 1) network create -d bridge br1 259 dnet_cmd $(inst_id2port 1) network create -d bridge br2 260 dnet_cmd $(inst_id2port 1) container create container_1 261 net_connect 1 container_1 br1 : c1 262 dnet_cmd $(inst_id2port 1) container create container_2 263 net_connect 1 container_2 br1 : shared 264 dnet_cmd $(inst_id2port 1) container create container_3 265 net_connect 1 container_3 br1 : shared 266 267 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_2) "ping -c 1 container_1" 268 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_2) "ping -c 1 c1" 269 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 container_2" 270 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 shared" 271 272 net_disconnect 1 container_2 br1 273 dnet_cmd $(inst_id2port 1) container rm container_2 274 275 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 container_3" 276 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 shared" 277 278 net_disconnect 1 container_1 br1 279 dnet_cmd $(inst_id2port 1) container rm container_1 280 net_disconnect 1 container_3 br1 281 dnet_cmd $(inst_id2port 1) container rm container_3 282 283 dnet_cmd $(inst_id2port 1) network rm br1 284 } 285 286 @test "Test bridge network internal network" { 287 skip_for_circleci 288 289 echo $(docker ps) 290 dnet_cmd $(inst_id2port 1) network create -d bridge --internal internal 291 dnet_cmd $(inst_id2port 1) container create container_1 292 # connects to internal network, confirm it can't communicate with outside world 293 net_connect 1 container_1 internal 294 run runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 8.8.8.8" 295 [[ "$output" == *"1 packets transmitted, 0 packets received, 100% packet loss"* ]] 296 net_disconnect 1 container_1 internal 297 # connects to bridge network, confirm it can communicate with outside world 298 net_connect 1 container_1 bridge 299 runc $(dnet_container_name 1 bridge) $(get_sbox_id 1 container_1) "ping -c 1 8.8.8.8" 300 net_disconnect 1 container_1 bridge 301 dnet_cmd $(inst_id2port 1) container rm container_1 302 # test communications within internal network 303 test_single_network_connectivity internal 3 304 dnet_cmd $(inst_id2port 1) network rm internal 305 }