github.com/toplink-cn/moby@v0.0.0-20240305205811-460b4aebdf81/libnetwork/libnetwork_linux_test.go (about) 1 package libnetwork_test 2 3 import ( 4 "bytes" 5 "context" 6 "encoding/json" 7 "fmt" 8 "net" 9 "net/http" 10 "net/http/httptest" 11 "os" 12 "os/exec" 13 "path/filepath" 14 "regexp" 15 "strings" 16 "sync" 17 "testing" 18 19 "github.com/containerd/log" 20 "github.com/docker/docker/internal/testutils/netnsutils" 21 "github.com/docker/docker/libnetwork" 22 "github.com/docker/docker/libnetwork/config" 23 "github.com/docker/docker/libnetwork/datastore" 24 "github.com/docker/docker/libnetwork/driverapi" 25 "github.com/docker/docker/libnetwork/ipamapi" 26 "github.com/docker/docker/libnetwork/netlabel" 27 "github.com/docker/docker/libnetwork/options" 28 "github.com/docker/docker/libnetwork/osl" 29 "github.com/docker/docker/libnetwork/types" 30 "github.com/docker/docker/pkg/plugins" 31 "github.com/docker/docker/pkg/reexec" 32 "github.com/pkg/errors" 33 "github.com/vishvananda/netlink" 34 "github.com/vishvananda/netns" 35 "golang.org/x/sync/errgroup" 36 "gotest.tools/v3/assert" 37 is "gotest.tools/v3/assert/cmp" 38 ) 39 40 const ( 41 bridgeNetType = "bridge" 42 ) 43 44 func TestMain(m *testing.M) { 45 // Cleanup local datastore file 46 _ = os.Remove(datastore.DefaultScope("").Client.Address) 47 48 os.Exit(m.Run()) 49 } 50 51 func newController(t *testing.T) *libnetwork.Controller { 52 t.Helper() 53 c, err := libnetwork.New( 54 libnetwork.OptionBoltdbWithRandomDBFile(t), 55 config.OptionDriverConfig(bridgeNetType, map[string]interface{}{ 56 netlabel.GenericData: options.Generic{ 57 "EnableIPForwarding": true, 58 }, 59 }), 60 ) 61 if err != nil { 62 t.Fatal(err) 63 } 64 t.Cleanup(c.Stop) 65 return c 66 } 67 68 func createTestNetwork(c *libnetwork.Controller, networkType, networkName string, netOption options.Generic, ipamV4Configs, ipamV6Configs []*libnetwork.IpamConf) (*libnetwork.Network, error) { 69 return c.NewNetwork(networkType, networkName, "", 70 libnetwork.NetworkOptionGeneric(netOption), 71 libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", ipamV4Configs, ipamV6Configs, nil)) 72 } 73 74 func getEmptyGenericOption() map[string]interface{} { 75 return map[string]interface{}{netlabel.GenericData: map[string]string{}} 76 } 77 78 func getPortMapping() []types.PortBinding { 79 return []types.PortBinding{ 80 {Proto: types.TCP, Port: uint16(230), HostPort: uint16(23000)}, 81 {Proto: types.UDP, Port: uint16(200), HostPort: uint16(22000)}, 82 {Proto: types.TCP, Port: uint16(120), HostPort: uint16(12000)}, 83 {Proto: types.TCP, Port: uint16(320), HostPort: uint16(32000), HostPortEnd: uint16(32999)}, 84 {Proto: types.UDP, Port: uint16(420), HostPort: uint16(42000), HostPortEnd: uint16(42001)}, 85 } 86 } 87 88 func isNotFound(err error) bool { 89 _, ok := (err).(types.NotFoundError) 90 return ok 91 } 92 93 func TestNull(t *testing.T) { 94 defer netnsutils.SetupTestOSContext(t)() 95 controller := newController(t) 96 97 cnt, err := controller.NewSandbox("null_container", 98 libnetwork.OptionHostname("test"), 99 libnetwork.OptionDomainname("example.com"), 100 libnetwork.OptionExtraHost("web", "192.168.0.1")) 101 if err != nil { 102 t.Fatal(err) 103 } 104 105 network, err := createTestNetwork(controller, "null", "testnull", options.Generic{}, nil, nil) 106 if err != nil { 107 t.Fatal(err) 108 } 109 110 ep, err := network.CreateEndpoint("testep") 111 if err != nil { 112 t.Fatal(err) 113 } 114 115 err = ep.Join(cnt) 116 if err != nil { 117 t.Fatal(err) 118 } 119 120 err = ep.Leave(cnt) 121 if err != nil { 122 t.Fatal(err) 123 } 124 125 if err := ep.Delete(false); err != nil { 126 t.Fatal(err) 127 } 128 129 if err := cnt.Delete(); err != nil { 130 t.Fatal(err) 131 } 132 133 // host type is special network. Cannot be removed. 134 err = network.Delete() 135 if err == nil { 136 t.Fatal(err) 137 } 138 if _, ok := err.(types.ForbiddenError); !ok { 139 t.Fatalf("Unexpected error type") 140 } 141 } 142 143 func TestUnknownDriver(t *testing.T) { 144 defer netnsutils.SetupTestOSContext(t)() 145 controller := newController(t) 146 147 _, err := createTestNetwork(controller, "unknowndriver", "testnetwork", options.Generic{}, nil, nil) 148 if err == nil { 149 t.Fatal("Expected to fail. But instead succeeded") 150 } 151 152 if !isNotFound(err) { 153 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 154 } 155 } 156 157 func TestNilRemoteDriver(t *testing.T) { 158 defer netnsutils.SetupTestOSContext(t)() 159 controller := newController(t) 160 161 _, err := controller.NewNetwork("framerelay", "dummy", "", 162 libnetwork.NetworkOptionGeneric(getEmptyGenericOption())) 163 if err == nil { 164 t.Fatal("Expected to fail. But instead succeeded") 165 } 166 167 if !isNotFound(err) { 168 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 169 } 170 } 171 172 func TestNetworkName(t *testing.T) { 173 defer netnsutils.SetupTestOSContext(t)() 174 controller := newController(t) 175 176 netOption := options.Generic{ 177 netlabel.GenericData: options.Generic{ 178 "BridgeName": "testnetwork", 179 }, 180 } 181 182 _, err := createTestNetwork(controller, bridgeNetType, "", netOption, nil, nil) 183 if err == nil { 184 t.Fatal("Expected to fail. But instead succeeded") 185 } 186 187 if _, ok := err.(libnetwork.ErrInvalidName); !ok { 188 t.Fatalf("Expected to fail with ErrInvalidName error. Got %v", err) 189 } 190 191 networkName := "testnetwork" 192 n, err := createTestNetwork(controller, bridgeNetType, networkName, netOption, nil, nil) 193 if err != nil { 194 t.Fatal(err) 195 } 196 defer func() { 197 if err := n.Delete(); err != nil { 198 t.Fatal(err) 199 } 200 }() 201 202 if n.Name() != networkName { 203 t.Fatalf("Expected network name %s, got %s", networkName, n.Name()) 204 } 205 } 206 207 func TestNetworkType(t *testing.T) { 208 defer netnsutils.SetupTestOSContext(t)() 209 controller := newController(t) 210 211 netOption := options.Generic{ 212 netlabel.GenericData: options.Generic{ 213 "BridgeName": "testnetwork", 214 }, 215 } 216 217 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", netOption, nil, nil) 218 if err != nil { 219 t.Fatal(err) 220 } 221 defer func() { 222 if err := n.Delete(); err != nil { 223 t.Fatal(err) 224 } 225 }() 226 227 if n.Type() != bridgeNetType { 228 t.Fatalf("Expected network type %s, got %s", bridgeNetType, n.Type()) 229 } 230 } 231 232 func TestNetworkID(t *testing.T) { 233 defer netnsutils.SetupTestOSContext(t)() 234 controller := newController(t) 235 236 netOption := options.Generic{ 237 netlabel.GenericData: options.Generic{ 238 "BridgeName": "testnetwork", 239 }, 240 } 241 242 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", netOption, nil, nil) 243 if err != nil { 244 t.Fatal(err) 245 } 246 defer func() { 247 if err := n.Delete(); err != nil { 248 t.Fatal(err) 249 } 250 }() 251 252 if n.ID() == "" { 253 t.Fatal("Expected non-empty network id") 254 } 255 } 256 257 func TestDeleteNetworkWithActiveEndpoints(t *testing.T) { 258 defer netnsutils.SetupTestOSContext(t)() 259 controller := newController(t) 260 261 netOption := options.Generic{ 262 "BridgeName": "testnetwork", 263 } 264 option := options.Generic{ 265 netlabel.GenericData: netOption, 266 } 267 268 network, err := createTestNetwork(controller, bridgeNetType, "testnetwork", option, nil, nil) 269 if err != nil { 270 t.Fatal(err) 271 } 272 273 ep, err := network.CreateEndpoint("testep") 274 if err != nil { 275 t.Fatal(err) 276 } 277 278 err = network.Delete() 279 if err == nil { 280 t.Fatal("Expected to fail. But instead succeeded") 281 } 282 283 if _, ok := err.(*libnetwork.ActiveEndpointsError); !ok { 284 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 285 } 286 287 // Done testing. Now cleanup. 288 if err := ep.Delete(false); err != nil { 289 t.Fatal(err) 290 } 291 292 if err := network.Delete(); err != nil { 293 t.Fatal(err) 294 } 295 } 296 297 func TestNetworkConfig(t *testing.T) { 298 defer netnsutils.SetupTestOSContext(t)() 299 controller := newController(t) 300 301 // Verify config network cannot inherit another config network 302 _, err := controller.NewNetwork("bridge", "config_network0", "", 303 libnetwork.NetworkOptionConfigOnly(), 304 libnetwork.NetworkOptionConfigFrom("anotherConfigNw")) 305 306 if err == nil { 307 t.Fatal("Expected to fail. But instead succeeded") 308 } 309 if _, ok := err.(types.ForbiddenError); !ok { 310 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 311 } 312 313 // Create supported config network 314 netOption := options.Generic{ 315 "EnableICC": false, 316 } 317 option := options.Generic{ 318 netlabel.GenericData: netOption, 319 } 320 ipamV4ConfList := []*libnetwork.IpamConf{{PreferredPool: "192.168.100.0/24", SubPool: "192.168.100.128/25", Gateway: "192.168.100.1"}} 321 ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "2001:db8:abcd::/64", SubPool: "2001:db8:abcd::ef99/80", Gateway: "2001:db8:abcd::22"}} 322 323 netOptions := []libnetwork.NetworkOption{ 324 libnetwork.NetworkOptionConfigOnly(), 325 libnetwork.NetworkOptionEnableIPv6(true), 326 libnetwork.NetworkOptionGeneric(option), 327 libnetwork.NetworkOptionIpam("default", "", ipamV4ConfList, ipamV6ConfList, nil), 328 } 329 330 configNetwork, err := controller.NewNetwork(bridgeNetType, "config_network0", "", netOptions...) 331 if err != nil { 332 t.Fatal(err) 333 } 334 335 // Verify a config-only network cannot be created with network operator configurations 336 for i, opt := range []libnetwork.NetworkOption{ 337 libnetwork.NetworkOptionInternalNetwork(), 338 libnetwork.NetworkOptionAttachable(true), 339 libnetwork.NetworkOptionIngress(true), 340 } { 341 _, err = controller.NewNetwork(bridgeNetType, "testBR", "", 342 libnetwork.NetworkOptionConfigOnly(), opt) 343 if err == nil { 344 t.Fatalf("Expected to fail. But instead succeeded for option: %d", i) 345 } 346 if _, ok := err.(types.ForbiddenError); !ok { 347 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 348 } 349 } 350 351 // Verify a network cannot be created with both config-from and network specific configurations 352 for i, opt := range []libnetwork.NetworkOption{ 353 libnetwork.NetworkOptionEnableIPv6(true), 354 libnetwork.NetworkOptionIpam("my-ipam", "", nil, nil, nil), 355 libnetwork.NetworkOptionIpam("", "", ipamV4ConfList, nil, nil), 356 libnetwork.NetworkOptionIpam("", "", nil, ipamV6ConfList, nil), 357 libnetwork.NetworkOptionLabels(map[string]string{"number": "two"}), 358 libnetwork.NetworkOptionDriverOpts(map[string]string{"com.docker.network.driver.mtu": "1600"}), 359 } { 360 _, err = controller.NewNetwork(bridgeNetType, "testBR", "", 361 libnetwork.NetworkOptionConfigFrom("config_network0"), opt) 362 if err == nil { 363 t.Fatalf("Expected to fail. But instead succeeded for option: %d", i) 364 } 365 if _, ok := err.(types.ForbiddenError); !ok { 366 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 367 } 368 } 369 370 // Create a valid network 371 network, err := controller.NewNetwork(bridgeNetType, "testBR", "", 372 libnetwork.NetworkOptionConfigFrom("config_network0")) 373 if err != nil { 374 t.Fatal(err) 375 } 376 377 // Verify the config network cannot be removed 378 err = configNetwork.Delete() 379 if err == nil { 380 t.Fatal("Expected to fail. But instead succeeded") 381 } 382 383 if _, ok := err.(types.ForbiddenError); !ok { 384 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 385 } 386 387 // Delete network 388 if err := network.Delete(); err != nil { 389 t.Fatal(err) 390 } 391 392 // Verify the config network can now be removed 393 if err := configNetwork.Delete(); err != nil { 394 t.Fatal(err) 395 } 396 } 397 398 func TestUnknownNetwork(t *testing.T) { 399 defer netnsutils.SetupTestOSContext(t)() 400 controller := newController(t) 401 402 netOption := options.Generic{ 403 "BridgeName": "testnetwork", 404 } 405 option := options.Generic{ 406 netlabel.GenericData: netOption, 407 } 408 409 network, err := createTestNetwork(controller, bridgeNetType, "testnetwork", option, nil, nil) 410 if err != nil { 411 t.Fatal(err) 412 } 413 414 err = network.Delete() 415 if err != nil { 416 t.Fatal(err) 417 } 418 419 err = network.Delete() 420 if err == nil { 421 t.Fatal("Expected to fail. But instead succeeded") 422 } 423 424 if _, ok := err.(*libnetwork.UnknownNetworkError); !ok { 425 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 426 } 427 } 428 429 func TestUnknownEndpoint(t *testing.T) { 430 defer netnsutils.SetupTestOSContext(t)() 431 controller := newController(t) 432 433 netOption := options.Generic{ 434 "BridgeName": "testnetwork", 435 } 436 option := options.Generic{ 437 netlabel.GenericData: netOption, 438 } 439 ipamV4ConfList := []*libnetwork.IpamConf{{PreferredPool: "192.168.100.0/24"}} 440 441 network, err := createTestNetwork(controller, bridgeNetType, "testnetwork", option, ipamV4ConfList, nil) 442 if err != nil { 443 t.Fatal(err) 444 } 445 446 _, err = network.CreateEndpoint("") 447 if err == nil { 448 t.Fatal("Expected to fail. But instead succeeded") 449 } 450 if _, ok := err.(libnetwork.ErrInvalidName); !ok { 451 t.Fatalf("Expected to fail with ErrInvalidName error. Actual error: %v", err) 452 } 453 454 ep, err := network.CreateEndpoint("testep") 455 if err != nil { 456 t.Fatal(err) 457 } 458 459 err = ep.Delete(false) 460 if err != nil { 461 t.Fatal(err) 462 } 463 464 // Done testing. Now cleanup 465 if err := network.Delete(); err != nil { 466 t.Fatal(err) 467 } 468 } 469 470 func TestNetworkEndpointsWalkers(t *testing.T) { 471 defer netnsutils.SetupTestOSContext(t)() 472 controller := newController(t) 473 474 // Create network 1 and add 2 endpoint: ep11, ep12 475 netOption := options.Generic{ 476 netlabel.GenericData: options.Generic{ 477 "BridgeName": "network1", 478 }, 479 } 480 481 net1, err := createTestNetwork(controller, bridgeNetType, "network1", netOption, nil, nil) 482 if err != nil { 483 t.Fatal(err) 484 } 485 defer func() { 486 if err := net1.Delete(); err != nil { 487 t.Fatal(err) 488 } 489 }() 490 491 ep11, err := net1.CreateEndpoint("ep11") 492 if err != nil { 493 t.Fatal(err) 494 } 495 defer func() { 496 if err := ep11.Delete(false); err != nil { 497 t.Fatal(err) 498 } 499 }() 500 501 ep12, err := net1.CreateEndpoint("ep12") 502 if err != nil { 503 t.Fatal(err) 504 } 505 defer func() { 506 if err := ep12.Delete(false); err != nil { 507 t.Fatal(err) 508 } 509 }() 510 511 // Test list methods on net1 512 epList1 := net1.Endpoints() 513 if len(epList1) != 2 { 514 t.Fatalf("Endpoints() returned wrong number of elements: %d instead of 2", len(epList1)) 515 } 516 // endpoint order is not guaranteed 517 for _, e := range epList1 { 518 if e != ep11 && e != ep12 { 519 t.Fatal("Endpoints() did not return all the expected elements") 520 } 521 } 522 523 // Test Endpoint Walk method 524 var epName string 525 var epWanted *libnetwork.Endpoint 526 wlk := func(ep *libnetwork.Endpoint) bool { 527 if ep.Name() == epName { 528 epWanted = ep 529 return true 530 } 531 return false 532 } 533 534 // Look for ep1 on network1 535 epName = "ep11" 536 net1.WalkEndpoints(wlk) 537 if epWanted == nil { 538 t.Fatal(err) 539 } 540 if ep11 != epWanted { 541 t.Fatal(err) 542 } 543 544 ctx := context.TODO() 545 current := len(controller.Networks(ctx)) 546 547 // Create network 2 548 netOption = options.Generic{ 549 netlabel.GenericData: options.Generic{ 550 "BridgeName": "network2", 551 }, 552 } 553 554 net2, err := createTestNetwork(controller, bridgeNetType, "network2", netOption, nil, nil) 555 if err != nil { 556 t.Fatal(err) 557 } 558 defer func() { 559 if err := net2.Delete(); err != nil { 560 t.Fatal(err) 561 } 562 }() 563 564 // Test Networks method 565 if len(controller.Networks(ctx)) != current+1 { 566 t.Fatalf("Did not find the expected number of networks") 567 } 568 569 // Test Network Walk method 570 var netName string 571 var netWanted *libnetwork.Network 572 nwWlk := func(nw *libnetwork.Network) bool { 573 if nw.Name() == netName { 574 netWanted = nw 575 return true 576 } 577 return false 578 } 579 580 // Look for network named "network1" and "network2" 581 netName = "network1" 582 controller.WalkNetworks(nwWlk) 583 if netWanted == nil { 584 t.Fatal(err) 585 } 586 if net1.ID() != netWanted.ID() { 587 t.Fatal(err) 588 } 589 590 netName = "network2" 591 controller.WalkNetworks(nwWlk) 592 if netWanted == nil { 593 t.Fatal(err) 594 } 595 if net2.ID() != netWanted.ID() { 596 t.Fatal(err) 597 } 598 } 599 600 func TestDuplicateEndpoint(t *testing.T) { 601 defer netnsutils.SetupTestOSContext(t)() 602 controller := newController(t) 603 604 netOption := options.Generic{ 605 netlabel.GenericData: options.Generic{ 606 "BridgeName": "testnetwork", 607 }, 608 } 609 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", netOption, nil, nil) 610 if err != nil { 611 t.Fatal(err) 612 } 613 defer func() { 614 if err := n.Delete(); err != nil { 615 t.Fatal(err) 616 } 617 }() 618 619 ep, err := n.CreateEndpoint("ep1") 620 if err != nil { 621 t.Fatal(err) 622 } 623 defer func() { 624 if err := ep.Delete(false); err != nil { 625 t.Fatal(err) 626 } 627 }() 628 629 ep2, err := n.CreateEndpoint("ep1") 630 defer func() { 631 // Cleanup ep2 as well, else network cleanup might fail for failure cases 632 if ep2 != nil { 633 if err := ep2.Delete(false); err != nil { 634 t.Fatal(err) 635 } 636 } 637 }() 638 639 if err == nil { 640 t.Fatal("Expected to fail. But instead succeeded") 641 } 642 643 if _, ok := err.(types.ForbiddenError); !ok { 644 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 645 } 646 } 647 648 func TestControllerQuery(t *testing.T) { 649 defer netnsutils.SetupTestOSContext(t)() 650 controller := newController(t) 651 652 // Create network 1 653 netOption := options.Generic{ 654 netlabel.GenericData: options.Generic{ 655 "BridgeName": "network1", 656 }, 657 } 658 net1, err := createTestNetwork(controller, bridgeNetType, "network1", netOption, nil, nil) 659 if err != nil { 660 t.Fatal(err) 661 } 662 defer func() { 663 if err := net1.Delete(); err != nil { 664 t.Fatal(err) 665 } 666 }() 667 668 // Create network 2 669 netOption = options.Generic{ 670 netlabel.GenericData: options.Generic{ 671 "BridgeName": "network2", 672 }, 673 } 674 net2, err := createTestNetwork(controller, bridgeNetType, "network2", netOption, nil, nil) 675 if err != nil { 676 t.Fatal(err) 677 } 678 defer func() { 679 if err := net2.Delete(); err != nil { 680 t.Fatal(err) 681 } 682 }() 683 684 _, err = controller.NetworkByName("") 685 if err == nil { 686 t.Fatalf("NetworkByName() succeeded with invalid target name") 687 } 688 if _, ok := err.(libnetwork.ErrInvalidName); !ok { 689 t.Fatalf("Expected NetworkByName() to fail with ErrInvalidName error. Got: %v", err) 690 } 691 692 _, err = controller.NetworkByID("") 693 if err == nil { 694 t.Fatalf("NetworkByID() succeeded with invalid target id") 695 } 696 if _, ok := err.(libnetwork.ErrInvalidID); !ok { 697 t.Fatalf("NetworkByID() failed with unexpected error: %v", err) 698 } 699 700 g, err := controller.NetworkByID("network1") 701 if err == nil { 702 t.Fatalf("Unexpected success for NetworkByID(): %v", g) 703 } 704 if _, ok := err.(libnetwork.ErrNoSuchNetwork); !ok { 705 t.Fatalf("NetworkByID() failed with unexpected error: %v", err) 706 } 707 708 g, err = controller.NetworkByName("network1") 709 if err != nil { 710 t.Fatalf("Unexpected failure for NetworkByName(): %v", err) 711 } 712 if g == nil { 713 t.Fatalf("NetworkByName() did not find the network") 714 } 715 716 if g != net1 { 717 t.Fatalf("NetworkByName() returned the wrong network") 718 } 719 720 g, err = controller.NetworkByID(net1.ID()) 721 if err != nil { 722 t.Fatalf("Unexpected failure for NetworkByID(): %v", err) 723 } 724 if net1.ID() != g.ID() { 725 t.Fatalf("NetworkByID() returned unexpected element: %v", g) 726 } 727 728 g, err = controller.NetworkByName("network2") 729 if err != nil { 730 t.Fatalf("Unexpected failure for NetworkByName(): %v", err) 731 } 732 if g == nil { 733 t.Fatalf("NetworkByName() did not find the network") 734 } 735 736 if g != net2 { 737 t.Fatalf("NetworkByName() returned the wrong network") 738 } 739 740 g, err = controller.NetworkByID(net2.ID()) 741 if err != nil { 742 t.Fatalf("Unexpected failure for NetworkByID(): %v", err) 743 } 744 if net2.ID() != g.ID() { 745 t.Fatalf("NetworkByID() returned unexpected element: %v", g) 746 } 747 } 748 749 func TestNetworkQuery(t *testing.T) { 750 defer netnsutils.SetupTestOSContext(t)() 751 controller := newController(t) 752 753 // Create network 1 and add 2 endpoint: ep11, ep12 754 netOption := options.Generic{ 755 netlabel.GenericData: options.Generic{ 756 "BridgeName": "network1", 757 }, 758 } 759 net1, err := createTestNetwork(controller, bridgeNetType, "network1", netOption, nil, nil) 760 if err != nil { 761 t.Fatal(err) 762 } 763 defer func() { 764 if err := net1.Delete(); err != nil { 765 t.Fatal(err) 766 } 767 }() 768 769 ep11, err := net1.CreateEndpoint("ep11") 770 if err != nil { 771 t.Fatal(err) 772 } 773 defer func() { 774 if err := ep11.Delete(false); err != nil { 775 t.Fatal(err) 776 } 777 }() 778 779 ep12, err := net1.CreateEndpoint("ep12") 780 if err != nil { 781 t.Fatal(err) 782 } 783 defer func() { 784 if err := ep12.Delete(false); err != nil { 785 t.Fatal(err) 786 } 787 }() 788 789 e, err := net1.EndpointByName("ep11") 790 if err != nil { 791 t.Fatal(err) 792 } 793 if ep11 != e { 794 t.Fatalf("EndpointByName() returned %v instead of %v", e, ep11) 795 } 796 797 _, err = net1.EndpointByName("") 798 if err == nil { 799 t.Fatalf("EndpointByName() succeeded with invalid target name") 800 } 801 if _, ok := err.(libnetwork.ErrInvalidName); !ok { 802 t.Fatalf("Expected EndpointByName() to fail with ErrInvalidName error. Got: %v", err) 803 } 804 805 e, err = net1.EndpointByName("IamNotAnEndpoint") 806 if err == nil { 807 t.Fatalf("EndpointByName() succeeded with unknown target name") 808 } 809 if _, ok := err.(libnetwork.ErrNoSuchEndpoint); !ok { 810 t.Fatal(err) 811 } 812 if e != nil { 813 t.Fatalf("EndpointByName(): expected nil, got %v", e) 814 } 815 816 e, err = net1.EndpointByID(ep12.ID()) 817 if err != nil { 818 t.Fatal(err) 819 } 820 if ep12.ID() != e.ID() { 821 t.Fatalf("EndpointByID() returned %v instead of %v", e, ep12) 822 } 823 824 _, err = net1.EndpointByID("") 825 if err == nil { 826 t.Fatalf("EndpointByID() succeeded with invalid target id") 827 } 828 if _, ok := err.(libnetwork.ErrInvalidID); !ok { 829 t.Fatalf("EndpointByID() failed with unexpected error: %v", err) 830 } 831 } 832 833 const containerID = "valid_c" 834 835 func TestEndpointDeleteWithActiveContainer(t *testing.T) { 836 defer netnsutils.SetupTestOSContext(t)() 837 controller := newController(t) 838 839 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", options.Generic{ 840 netlabel.GenericData: options.Generic{ 841 "BridgeName": "testnetwork", 842 }, 843 }, nil, nil) 844 if err != nil { 845 t.Fatal(err) 846 } 847 defer func() { 848 if err := n.Delete(); err != nil { 849 t.Fatal(err) 850 } 851 }() 852 853 n2, err := createTestNetwork(controller, bridgeNetType, "testnetwork2", options.Generic{ 854 netlabel.GenericData: options.Generic{ 855 "BridgeName": "testnetwork2", 856 }, 857 }, nil, nil) 858 if err != nil { 859 t.Fatal(err) 860 } 861 defer func() { 862 if err := n2.Delete(); err != nil { 863 t.Fatal(err) 864 } 865 }() 866 867 ep, err := n.CreateEndpoint("ep1") 868 if err != nil { 869 t.Fatal(err) 870 } 871 defer func() { 872 err = ep.Delete(false) 873 if err != nil { 874 t.Fatal(err) 875 } 876 }() 877 878 cnt, err := controller.NewSandbox(containerID, 879 libnetwork.OptionHostname("test"), 880 libnetwork.OptionDomainname("example.com"), 881 libnetwork.OptionExtraHost("web", "192.168.0.1")) 882 defer func() { 883 if err := cnt.Delete(); err != nil { 884 t.Fatal(err) 885 } 886 }() 887 888 err = ep.Join(cnt) 889 if err != nil { 890 t.Fatal(err) 891 } 892 defer func() { 893 err = ep.Leave(cnt) 894 if err != nil { 895 t.Fatal(err) 896 } 897 }() 898 899 err = ep.Delete(false) 900 if err == nil { 901 t.Fatal("Expected to fail. But instead succeeded") 902 } 903 904 if _, ok := err.(*libnetwork.ActiveContainerError); !ok { 905 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 906 } 907 } 908 909 func TestEndpointMultipleJoins(t *testing.T) { 910 defer netnsutils.SetupTestOSContext(t)() 911 controller := newController(t) 912 913 n, err := createTestNetwork(controller, bridgeNetType, "testmultiple", options.Generic{ 914 netlabel.GenericData: options.Generic{ 915 "BridgeName": "testmultiple", 916 }, 917 }, nil, nil) 918 if err != nil { 919 t.Fatal(err) 920 } 921 defer func() { 922 if err := n.Delete(); err != nil { 923 t.Fatal(err) 924 } 925 }() 926 927 ep, err := n.CreateEndpoint("ep1") 928 if err != nil { 929 t.Fatal(err) 930 } 931 defer func() { 932 if err := ep.Delete(false); err != nil { 933 t.Fatal(err) 934 } 935 }() 936 937 sbx1, err := controller.NewSandbox(containerID, 938 libnetwork.OptionHostname("test"), 939 libnetwork.OptionDomainname("example.com"), 940 libnetwork.OptionExtraHost("web", "192.168.0.1"), 941 ) 942 if err != nil { 943 t.Fatal(err) 944 } 945 defer func() { 946 if err := sbx1.Delete(); err != nil { 947 t.Fatal(err) 948 } 949 }() 950 951 sbx2, err := controller.NewSandbox("c2") 952 if err != nil { 953 t.Fatal(err) 954 } 955 defer func() { 956 if err := sbx2.Delete(); err != nil { 957 t.Fatal(err) 958 } 959 }() 960 961 err = ep.Join(sbx1) 962 if err != nil { 963 t.Fatal(err) 964 } 965 defer func() { 966 err = ep.Leave(sbx1) 967 if err != nil { 968 t.Fatal(err) 969 } 970 }() 971 972 err = ep.Join(sbx2) 973 if err == nil { 974 t.Fatal("Expected to fail multiple joins for the same endpoint") 975 } 976 977 if _, ok := err.(types.ForbiddenError); !ok { 978 t.Fatalf("Failed with unexpected error type: %T. Desc: %s", err, err.Error()) 979 } 980 } 981 982 func TestLeaveAll(t *testing.T) { 983 defer netnsutils.SetupTestOSContext(t)() 984 controller := newController(t) 985 986 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", options.Generic{ 987 netlabel.GenericData: options.Generic{ 988 "BridgeName": "testnetwork", 989 }, 990 }, nil, nil) 991 if err != nil { 992 t.Fatal(err) 993 } 994 defer func() { 995 // If this goes through, it means cnt.Delete() effectively detached from all the endpoints 996 if err := n.Delete(); err != nil { 997 t.Fatal(err) 998 } 999 }() 1000 1001 n2, err := createTestNetwork(controller, bridgeNetType, "testnetwork2", options.Generic{ 1002 netlabel.GenericData: options.Generic{ 1003 "BridgeName": "testnetwork2", 1004 }, 1005 }, nil, nil) 1006 if err != nil { 1007 t.Fatal(err) 1008 } 1009 defer func() { 1010 if err := n2.Delete(); err != nil { 1011 t.Fatal(err) 1012 } 1013 }() 1014 1015 ep1, err := n.CreateEndpoint("ep1") 1016 if err != nil { 1017 t.Fatal(err) 1018 } 1019 1020 ep2, err := n2.CreateEndpoint("ep2") 1021 if err != nil { 1022 t.Fatal(err) 1023 } 1024 1025 cnt, err := controller.NewSandbox("leaveall") 1026 if err != nil { 1027 t.Fatal(err) 1028 } 1029 1030 err = ep1.Join(cnt) 1031 if err != nil { 1032 t.Fatalf("Failed to join ep1: %v", err) 1033 } 1034 1035 err = ep2.Join(cnt) 1036 if err != nil { 1037 t.Fatalf("Failed to join ep2: %v", err) 1038 } 1039 1040 err = cnt.Delete() 1041 if err != nil { 1042 t.Fatal(err) 1043 } 1044 } 1045 1046 func TestContainerInvalidLeave(t *testing.T) { 1047 defer netnsutils.SetupTestOSContext(t)() 1048 controller := newController(t) 1049 1050 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", options.Generic{ 1051 netlabel.GenericData: options.Generic{ 1052 "BridgeName": "testnetwork", 1053 }, 1054 }, nil, nil) 1055 if err != nil { 1056 t.Fatal(err) 1057 } 1058 defer func() { 1059 if err := n.Delete(); err != nil { 1060 t.Fatal(err) 1061 } 1062 }() 1063 1064 ep, err := n.CreateEndpoint("ep1") 1065 if err != nil { 1066 t.Fatal(err) 1067 } 1068 defer func() { 1069 if err := ep.Delete(false); err != nil { 1070 t.Fatal(err) 1071 } 1072 }() 1073 1074 cnt, err := controller.NewSandbox(containerID, 1075 libnetwork.OptionHostname("test"), 1076 libnetwork.OptionDomainname("example.com"), 1077 libnetwork.OptionExtraHost("web", "192.168.0.1")) 1078 if err != nil { 1079 t.Fatal(err) 1080 } 1081 defer func() { 1082 if err := cnt.Delete(); err != nil { 1083 t.Fatal(err) 1084 } 1085 }() 1086 1087 err = ep.Leave(cnt) 1088 if err == nil { 1089 t.Fatal("Expected to fail leave from an endpoint which has no active join") 1090 } 1091 if _, ok := err.(types.ForbiddenError); !ok { 1092 t.Fatalf("Failed with unexpected error type: %T. Desc: %s", err, err.Error()) 1093 } 1094 1095 if err = ep.Leave(nil); err == nil { 1096 t.Fatalf("Expected to fail leave nil Sandbox") 1097 } 1098 if _, ok := err.(types.InvalidParameterError); !ok { 1099 t.Fatalf("Unexpected error type returned: %T. Desc: %s", err, err.Error()) 1100 } 1101 1102 fsbx := &libnetwork.Sandbox{} 1103 if err = ep.Leave(fsbx); err == nil { 1104 t.Fatalf("Expected to fail leave with invalid Sandbox") 1105 } 1106 if _, ok := err.(types.InvalidParameterError); !ok { 1107 t.Fatalf("Unexpected error type returned: %T. Desc: %s", err, err.Error()) 1108 } 1109 } 1110 1111 func TestEndpointUpdateParent(t *testing.T) { 1112 defer netnsutils.SetupTestOSContext(t)() 1113 controller := newController(t) 1114 1115 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", options.Generic{ 1116 netlabel.GenericData: options.Generic{ 1117 "BridgeName": "testnetwork", 1118 }, 1119 }, nil, nil) 1120 if err != nil { 1121 t.Fatal(err) 1122 } 1123 defer func() { 1124 if err := n.Delete(); err != nil { 1125 t.Fatal(err) 1126 } 1127 }() 1128 1129 ep1, err := n.CreateEndpoint("ep1") 1130 if err != nil { 1131 t.Fatal(err) 1132 } 1133 1134 ep2, err := n.CreateEndpoint("ep2") 1135 if err != nil { 1136 t.Fatal(err) 1137 } 1138 1139 sbx1, err := controller.NewSandbox(containerID, 1140 libnetwork.OptionHostname("test"), 1141 libnetwork.OptionDomainname("example.com"), 1142 libnetwork.OptionExtraHost("web", "192.168.0.1")) 1143 if err != nil { 1144 t.Fatal(err) 1145 } 1146 defer func() { 1147 if err := sbx1.Delete(); err != nil { 1148 t.Fatal(err) 1149 } 1150 }() 1151 1152 sbx2, err := controller.NewSandbox("c2", 1153 libnetwork.OptionHostname("test2"), 1154 libnetwork.OptionDomainname("example.com"), 1155 libnetwork.OptionHostsPath("/var/lib/docker/test_network/container2/hosts"), 1156 libnetwork.OptionExtraHost("web", "192.168.0.2")) 1157 if err != nil { 1158 t.Fatal(err) 1159 } 1160 defer func() { 1161 if err := sbx2.Delete(); err != nil { 1162 t.Fatal(err) 1163 } 1164 }() 1165 1166 err = ep1.Join(sbx1) 1167 if err != nil { 1168 t.Fatal(err) 1169 } 1170 1171 err = ep2.Join(sbx2) 1172 if err != nil { 1173 t.Fatal(err) 1174 } 1175 } 1176 1177 func TestInvalidRemoteDriver(t *testing.T) { 1178 mux := http.NewServeMux() 1179 server := httptest.NewServer(mux) 1180 if server == nil { 1181 t.Fatal("Failed to start an HTTP Server") 1182 } 1183 defer server.Close() 1184 1185 mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) { 1186 w.Header().Set("Content-Type", plugins.VersionMimetype) 1187 fmt.Fprintln(w, `{"Implements": ["InvalidDriver"]}`) 1188 }) 1189 1190 if err := os.MkdirAll(specPath, 0o755); err != nil { 1191 t.Fatal(err) 1192 } 1193 defer func() { 1194 if err := os.RemoveAll(specPath); err != nil { 1195 t.Fatal(err) 1196 } 1197 }() 1198 1199 if err := os.WriteFile(filepath.Join(specPath, "invalid-network-driver.spec"), []byte(server.URL), 0o644); err != nil { 1200 t.Fatal(err) 1201 } 1202 1203 ctrlr, err := libnetwork.New(libnetwork.OptionBoltdbWithRandomDBFile(t)) 1204 if err != nil { 1205 t.Fatal(err) 1206 } 1207 defer ctrlr.Stop() 1208 1209 _, err = ctrlr.NewNetwork("invalid-network-driver", "dummy", "", 1210 libnetwork.NetworkOptionGeneric(getEmptyGenericOption())) 1211 if err == nil { 1212 t.Fatal("Expected to fail. But instead succeeded") 1213 } 1214 1215 if !errors.Is(err, plugins.ErrNotImplements) { 1216 t.Fatalf("Did not fail with expected error. Actual error: %v", err) 1217 } 1218 } 1219 1220 func TestValidRemoteDriver(t *testing.T) { 1221 mux := http.NewServeMux() 1222 server := httptest.NewServer(mux) 1223 if server == nil { 1224 t.Fatal("Failed to start an HTTP Server") 1225 } 1226 defer server.Close() 1227 1228 mux.HandleFunc("/Plugin.Activate", func(w http.ResponseWriter, r *http.Request) { 1229 w.Header().Set("Content-Type", plugins.VersionMimetype) 1230 fmt.Fprintf(w, `{"Implements": ["%s"]}`, driverapi.NetworkPluginEndpointType) 1231 }) 1232 mux.HandleFunc(fmt.Sprintf("/%s.GetCapabilities", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) { 1233 w.Header().Set("Content-Type", plugins.VersionMimetype) 1234 fmt.Fprintf(w, `{"Scope":"local"}`) 1235 }) 1236 mux.HandleFunc(fmt.Sprintf("/%s.CreateNetwork", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) { 1237 w.Header().Set("Content-Type", plugins.VersionMimetype) 1238 fmt.Fprintf(w, "null") 1239 }) 1240 mux.HandleFunc(fmt.Sprintf("/%s.DeleteNetwork", driverapi.NetworkPluginEndpointType), func(w http.ResponseWriter, r *http.Request) { 1241 w.Header().Set("Content-Type", plugins.VersionMimetype) 1242 fmt.Fprintf(w, "null") 1243 }) 1244 1245 if err := os.MkdirAll(specPath, 0o755); err != nil { 1246 t.Fatal(err) 1247 } 1248 defer func() { 1249 if err := os.RemoveAll(specPath); err != nil { 1250 t.Fatal(err) 1251 } 1252 }() 1253 1254 if err := os.WriteFile(filepath.Join(specPath, "valid-network-driver.spec"), []byte(server.URL), 0o644); err != nil { 1255 t.Fatal(err) 1256 } 1257 1258 controller := newController(t) 1259 n, err := controller.NewNetwork("valid-network-driver", "dummy", "", 1260 libnetwork.NetworkOptionGeneric(getEmptyGenericOption())) 1261 if err != nil { 1262 // Only fail if we could not find the plugin driver 1263 if isNotFound(err) { 1264 t.Fatal(err) 1265 } 1266 return 1267 } 1268 defer func() { 1269 if err := n.Delete(); err != nil { 1270 t.Fatal(err) 1271 } 1272 }() 1273 } 1274 1275 func makeTesthostNetwork(t *testing.T, c *libnetwork.Controller) *libnetwork.Network { 1276 t.Helper() 1277 n, err := createTestNetwork(c, "host", "testhost", options.Generic{}, nil, nil) 1278 if err != nil { 1279 t.Fatal(err) 1280 } 1281 return n 1282 } 1283 1284 func makeTestIPv6Network(t *testing.T, c *libnetwork.Controller) *libnetwork.Network { 1285 t.Helper() 1286 netOptions := options.Generic{ 1287 netlabel.EnableIPv6: true, 1288 netlabel.GenericData: options.Generic{ 1289 "BridgeName": "testnetwork", 1290 }, 1291 } 1292 ipamV6ConfList := []*libnetwork.IpamConf{ 1293 {PreferredPool: "fd81:fb6e:38ba:abcd::/64", Gateway: "fd81:fb6e:38ba:abcd::9"}, 1294 } 1295 n, err := createTestNetwork(c, 1296 "bridge", 1297 "testnetwork", 1298 netOptions, 1299 nil, 1300 ipamV6ConfList, 1301 ) 1302 assert.NilError(t, err) 1303 return n 1304 } 1305 1306 func TestHost(t *testing.T) { 1307 defer netnsutils.SetupTestOSContext(t)() 1308 controller := newController(t) 1309 1310 sbx1, err := controller.NewSandbox("host_c1", 1311 libnetwork.OptionHostname("test1"), 1312 libnetwork.OptionDomainname("example.com"), 1313 libnetwork.OptionExtraHost("web", "192.168.0.1"), 1314 libnetwork.OptionUseDefaultSandbox()) 1315 if err != nil { 1316 t.Fatal(err) 1317 } 1318 defer func() { 1319 if err := sbx1.Delete(); err != nil { 1320 t.Fatal(err) 1321 } 1322 }() 1323 1324 sbx2, err := controller.NewSandbox("host_c2", 1325 libnetwork.OptionHostname("test2"), 1326 libnetwork.OptionDomainname("example.com"), 1327 libnetwork.OptionExtraHost("web", "192.168.0.1"), 1328 libnetwork.OptionUseDefaultSandbox()) 1329 if err != nil { 1330 t.Fatal(err) 1331 } 1332 defer func() { 1333 if err := sbx2.Delete(); err != nil { 1334 t.Fatal(err) 1335 } 1336 }() 1337 1338 network := makeTesthostNetwork(t, controller) 1339 ep1, err := network.CreateEndpoint("testep1") 1340 if err != nil { 1341 t.Fatal(err) 1342 } 1343 1344 if err := ep1.Join(sbx1); err != nil { 1345 t.Fatal(err) 1346 } 1347 1348 ep2, err := network.CreateEndpoint("testep2") 1349 if err != nil { 1350 t.Fatal(err) 1351 } 1352 1353 if err := ep2.Join(sbx2); err != nil { 1354 t.Fatal(err) 1355 } 1356 1357 if err := ep1.Leave(sbx1); err != nil { 1358 t.Fatal(err) 1359 } 1360 1361 if err := ep2.Leave(sbx2); err != nil { 1362 t.Fatal(err) 1363 } 1364 1365 if err := ep1.Delete(false); err != nil { 1366 t.Fatal(err) 1367 } 1368 1369 if err := ep2.Delete(false); err != nil { 1370 t.Fatal(err) 1371 } 1372 1373 // Try to create another host endpoint and join/leave that. 1374 cnt3, err := controller.NewSandbox("host_c3", 1375 libnetwork.OptionHostname("test3"), 1376 libnetwork.OptionDomainname("example.com"), 1377 libnetwork.OptionExtraHost("web", "192.168.0.1"), 1378 libnetwork.OptionUseDefaultSandbox()) 1379 if err != nil { 1380 t.Fatal(err) 1381 } 1382 defer func() { 1383 if err := cnt3.Delete(); err != nil { 1384 t.Fatal(err) 1385 } 1386 }() 1387 1388 ep3, err := network.CreateEndpoint("testep3") 1389 if err != nil { 1390 t.Fatal(err) 1391 } 1392 1393 if err := ep3.Join(sbx2); err != nil { 1394 t.Fatal(err) 1395 } 1396 1397 if err := ep3.Leave(sbx2); err != nil { 1398 t.Fatal(err) 1399 } 1400 1401 if err := ep3.Delete(false); err != nil { 1402 t.Fatal(err) 1403 } 1404 } 1405 1406 // Testing IPV6 from MAC address 1407 func TestBridgeIpv6FromMac(t *testing.T) { 1408 defer netnsutils.SetupTestOSContext(t)() 1409 controller := newController(t) 1410 1411 netOption := options.Generic{ 1412 netlabel.GenericData: options.Generic{ 1413 "BridgeName": "testipv6mac", 1414 "EnableICC": true, 1415 "EnableIPMasquerade": true, 1416 }, 1417 } 1418 ipamV4ConfList := []*libnetwork.IpamConf{{PreferredPool: "192.168.100.0/24", Gateway: "192.168.100.1"}} 1419 ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "fe90::/64", Gateway: "fe90::22"}} 1420 1421 network, err := controller.NewNetwork(bridgeNetType, "testipv6mac", "", 1422 libnetwork.NetworkOptionGeneric(netOption), 1423 libnetwork.NetworkOptionEnableIPv6(true), 1424 libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", ipamV4ConfList, ipamV6ConfList, nil), 1425 libnetwork.NetworkOptionDeferIPv6Alloc(true)) 1426 if err != nil { 1427 t.Fatal(err) 1428 } 1429 1430 mac := net.HardwareAddr{0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff} 1431 epOption := options.Generic{netlabel.MacAddress: mac} 1432 1433 ep, err := network.CreateEndpoint("testep", libnetwork.EndpointOptionGeneric(epOption)) 1434 if err != nil { 1435 t.Fatal(err) 1436 } 1437 1438 iface := ep.Info().Iface() 1439 if !bytes.Equal(iface.MacAddress(), mac) { 1440 t.Fatalf("Unexpected mac address: %v", iface.MacAddress()) 1441 } 1442 1443 ip, expIP, _ := net.ParseCIDR("fe90::aabb:ccdd:eeff/64") 1444 expIP.IP = ip 1445 if !types.CompareIPNet(expIP, iface.AddressIPv6()) { 1446 t.Fatalf("Expected %v. Got: %v", expIP, iface.AddressIPv6()) 1447 } 1448 1449 if err := ep.Delete(false); err != nil { 1450 t.Fatal(err) 1451 } 1452 1453 if err := network.Delete(); err != nil { 1454 t.Fatal(err) 1455 } 1456 } 1457 1458 func checkSandbox(t *testing.T, info libnetwork.EndpointInfo) { 1459 key := info.Sandbox().Key() 1460 sbNs, err := netns.GetFromPath(key) 1461 if err != nil { 1462 t.Fatalf("Failed to get network namespace path %q: %v", key, err) 1463 } 1464 defer sbNs.Close() 1465 1466 nh, err := netlink.NewHandleAt(sbNs) 1467 if err != nil { 1468 t.Fatal(err) 1469 } 1470 1471 _, err = nh.LinkByName("eth0") 1472 if err != nil { 1473 t.Fatalf("Could not find the interface eth0 inside the sandbox: %v", err) 1474 } 1475 1476 _, err = nh.LinkByName("eth1") 1477 if err != nil { 1478 t.Fatalf("Could not find the interface eth1 inside the sandbox: %v", err) 1479 } 1480 } 1481 1482 func TestEndpointJoin(t *testing.T) { 1483 defer netnsutils.SetupTestOSContext(t)() 1484 controller := newController(t) 1485 1486 // Create network 1 and add 2 endpoint: ep11, ep12 1487 netOption := options.Generic{ 1488 netlabel.GenericData: options.Generic{ 1489 "BridgeName": "testnetwork1", 1490 "EnableICC": true, 1491 "EnableIPMasquerade": true, 1492 }, 1493 } 1494 ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "fe90::/64", Gateway: "fe90::22"}} 1495 n1, err := controller.NewNetwork(bridgeNetType, "testnetwork1", "", 1496 libnetwork.NetworkOptionGeneric(netOption), 1497 libnetwork.NetworkOptionEnableIPv6(true), 1498 libnetwork.NetworkOptionIpam(ipamapi.DefaultIPAM, "", nil, ipamV6ConfList, nil), 1499 libnetwork.NetworkOptionDeferIPv6Alloc(true)) 1500 if err != nil { 1501 t.Fatal(err) 1502 } 1503 defer func() { 1504 if err := n1.Delete(); err != nil { 1505 t.Fatal(err) 1506 } 1507 }() 1508 1509 ep1, err := n1.CreateEndpoint("ep1") 1510 if err != nil { 1511 t.Fatal(err) 1512 } 1513 defer func() { 1514 if err := ep1.Delete(false); err != nil { 1515 t.Fatal(err) 1516 } 1517 }() 1518 1519 // Validate if ep.Info() only gives me IP address info and not names and gateway during CreateEndpoint() 1520 info := ep1.Info() 1521 iface := info.Iface() 1522 if iface.Address() != nil && iface.Address().IP.To4() == nil { 1523 t.Fatalf("Invalid IP address returned: %v", iface.Address()) 1524 } 1525 if iface.AddressIPv6() != nil && iface.AddressIPv6().IP == nil { 1526 t.Fatalf("Invalid IPv6 address returned: %v", iface.Address()) 1527 } 1528 1529 if len(info.Gateway()) != 0 { 1530 t.Fatalf("Expected empty gateway for an empty endpoint. Instead found a gateway: %v", info.Gateway()) 1531 } 1532 if len(info.GatewayIPv6()) != 0 { 1533 t.Fatalf("Expected empty gateway for an empty ipv6 endpoint. Instead found a gateway: %v", info.GatewayIPv6()) 1534 } 1535 1536 if info.Sandbox() != nil { 1537 t.Fatalf("Expected an empty sandbox key for an empty endpoint. Instead found a non-empty sandbox key: %s", info.Sandbox().Key()) 1538 } 1539 1540 // test invalid joins 1541 err = ep1.Join(nil) 1542 if err == nil { 1543 t.Fatalf("Expected to fail join with nil Sandbox") 1544 } 1545 if _, ok := err.(types.InvalidParameterError); !ok { 1546 t.Fatalf("Unexpected error type returned: %T", err) 1547 } 1548 1549 fsbx := &libnetwork.Sandbox{} 1550 if err = ep1.Join(fsbx); err == nil { 1551 t.Fatalf("Expected to fail join with invalid Sandbox") 1552 } 1553 if _, ok := err.(types.InvalidParameterError); !ok { 1554 t.Fatalf("Unexpected error type returned: %T", err) 1555 } 1556 1557 sb, err := controller.NewSandbox(containerID, 1558 libnetwork.OptionHostname("test"), 1559 libnetwork.OptionDomainname("example.com"), 1560 libnetwork.OptionExtraHost("web", "192.168.0.1")) 1561 if err != nil { 1562 t.Fatal(err) 1563 } 1564 1565 defer func() { 1566 if err := sb.Delete(); err != nil { 1567 t.Fatal(err) 1568 } 1569 }() 1570 1571 err = ep1.Join(sb) 1572 if err != nil { 1573 t.Fatal(err) 1574 } 1575 defer func() { 1576 err = ep1.Leave(sb) 1577 if err != nil { 1578 t.Fatal(err) 1579 } 1580 }() 1581 1582 // Validate if ep.Info() only gives valid gateway and sandbox key after has container has joined. 1583 info = ep1.Info() 1584 if len(info.Gateway()) == 0 { 1585 t.Fatalf("Expected a valid gateway for a joined endpoint. Instead found an invalid gateway: %v", info.Gateway()) 1586 } 1587 if len(info.GatewayIPv6()) == 0 { 1588 t.Fatalf("Expected a valid ipv6 gateway for a joined endpoint. Instead found an invalid gateway: %v", info.GatewayIPv6()) 1589 } 1590 1591 if info.Sandbox() == nil { 1592 t.Fatalf("Expected an non-empty sandbox key for a joined endpoint. Instead found an empty sandbox key") 1593 } 1594 1595 // Check endpoint provided container information 1596 if ep1.Info().Sandbox().Key() != sb.Key() { 1597 t.Fatalf("Endpoint Info returned unexpected sandbox key: %s", sb.Key()) 1598 } 1599 1600 // Attempt retrieval of endpoint interfaces statistics 1601 stats, err := sb.Statistics() 1602 if err != nil { 1603 t.Fatal(err) 1604 } 1605 if _, ok := stats["eth0"]; !ok { 1606 t.Fatalf("Did not find eth0 statistics") 1607 } 1608 1609 // Now test the container joining another network 1610 n2, err := createTestNetwork(controller, bridgeNetType, "testnetwork2", 1611 options.Generic{ 1612 netlabel.GenericData: options.Generic{ 1613 "BridgeName": "testnetwork2", 1614 }, 1615 }, nil, nil) 1616 if err != nil { 1617 t.Fatal(err) 1618 } 1619 defer func() { 1620 if err := n2.Delete(); err != nil { 1621 t.Fatal(err) 1622 } 1623 }() 1624 1625 ep2, err := n2.CreateEndpoint("ep2") 1626 if err != nil { 1627 t.Fatal(err) 1628 } 1629 defer func() { 1630 if err := ep2.Delete(false); err != nil { 1631 t.Fatal(err) 1632 } 1633 }() 1634 1635 err = ep2.Join(sb) 1636 if err != nil { 1637 t.Fatal(err) 1638 } 1639 defer func() { 1640 err = ep2.Leave(sb) 1641 if err != nil { 1642 t.Fatal(err) 1643 } 1644 }() 1645 1646 if ep1.Info().Sandbox().Key() != ep2.Info().Sandbox().Key() { 1647 t.Fatalf("ep1 and ep2 returned different container sandbox key") 1648 } 1649 1650 checkSandbox(t, info) 1651 } 1652 1653 func TestExternalKey(t *testing.T) { 1654 externalKeyTest(t, false) 1655 } 1656 1657 func externalKeyTest(t *testing.T, reexec bool) { 1658 defer netnsutils.SetupTestOSContext(t)() 1659 controller := newController(t) 1660 1661 n, err := createTestNetwork(controller, bridgeNetType, "testnetwork", options.Generic{ 1662 netlabel.GenericData: options.Generic{ 1663 "BridgeName": "testnetwork", 1664 }, 1665 }, nil, nil) 1666 if err != nil { 1667 t.Fatal(err) 1668 } 1669 defer func() { 1670 if err := n.Delete(); err != nil { 1671 t.Fatal(err) 1672 } 1673 }() 1674 1675 n2, err := createTestNetwork(controller, bridgeNetType, "testnetwork2", options.Generic{ 1676 netlabel.GenericData: options.Generic{ 1677 "BridgeName": "testnetwork2", 1678 }, 1679 }, nil, nil) 1680 if err != nil { 1681 t.Fatal(err) 1682 } 1683 defer func() { 1684 if err := n2.Delete(); err != nil { 1685 t.Fatal(err) 1686 } 1687 }() 1688 1689 ep, err := n.CreateEndpoint("ep1") 1690 if err != nil { 1691 t.Fatal(err) 1692 } 1693 defer func() { 1694 err = ep.Delete(false) 1695 if err != nil { 1696 t.Fatal(err) 1697 } 1698 }() 1699 1700 ep2, err := n2.CreateEndpoint("ep2") 1701 if err != nil { 1702 t.Fatal(err) 1703 } 1704 defer func() { 1705 err = ep2.Delete(false) 1706 if err != nil { 1707 t.Fatal(err) 1708 } 1709 }() 1710 1711 cnt, err := controller.NewSandbox(containerID, 1712 libnetwork.OptionHostname("test"), 1713 libnetwork.OptionDomainname("example.com"), 1714 libnetwork.OptionUseExternalKey(), 1715 libnetwork.OptionExtraHost("web", "192.168.0.1")) 1716 defer func() { 1717 if err := cnt.Delete(); err != nil { 1718 t.Fatal(err) 1719 } 1720 osl.GC() 1721 }() 1722 1723 // Join endpoint to sandbox before SetKey 1724 err = ep.Join(cnt) 1725 if err != nil { 1726 t.Fatal(err) 1727 } 1728 defer func() { 1729 err = ep.Leave(cnt) 1730 if err != nil { 1731 t.Fatal(err) 1732 } 1733 }() 1734 1735 sbox := ep.Info().Sandbox() 1736 if sbox == nil { 1737 t.Fatalf("Expected to have a valid Sandbox") 1738 } 1739 1740 if reexec { 1741 err := reexecSetKey("this-must-fail", containerID, controller.ID()) 1742 if err == nil { 1743 t.Fatalf("libnetwork-setkey must fail if the corresponding namespace is not created") 1744 } 1745 } else { 1746 // Setting an non-existing key (namespace) must fail 1747 if err := sbox.SetKey("this-must-fail"); err == nil { 1748 t.Fatalf("Setkey must fail if the corresponding namespace is not created") 1749 } 1750 } 1751 1752 // Create a new OS sandbox using the osl API before using it in SetKey 1753 if extOsBox, err := osl.NewSandbox("ValidKey", true, false); err != nil { 1754 t.Fatalf("Failed to create new osl sandbox") 1755 } else { 1756 defer func() { 1757 if err := extOsBox.Destroy(); err != nil { 1758 log.G(context.TODO()).Warnf("Failed to remove os sandbox: %v", err) 1759 } 1760 }() 1761 } 1762 1763 if reexec { 1764 err := reexecSetKey("ValidKey", containerID, controller.ID()) 1765 if err != nil { 1766 t.Fatalf("libnetwork-setkey failed with %v", err) 1767 } 1768 } else { 1769 if err := sbox.SetKey("ValidKey"); err != nil { 1770 t.Fatalf("Setkey failed with %v", err) 1771 } 1772 } 1773 1774 // Join endpoint to sandbox after SetKey 1775 err = ep2.Join(sbox) 1776 if err != nil { 1777 t.Fatal(err) 1778 } 1779 defer func() { 1780 err = ep2.Leave(sbox) 1781 if err != nil { 1782 t.Fatal(err) 1783 } 1784 }() 1785 1786 if ep.Info().Sandbox().Key() != ep2.Info().Sandbox().Key() { 1787 t.Fatalf("ep1 and ep2 returned different container sandbox key") 1788 } 1789 1790 checkSandbox(t, ep.Info()) 1791 } 1792 1793 func reexecSetKey(key string, containerID string, controllerID string) error { 1794 type libcontainerState struct { 1795 NamespacePaths map[string]string 1796 } 1797 var ( 1798 state libcontainerState 1799 b []byte 1800 err error 1801 ) 1802 1803 state.NamespacePaths = make(map[string]string) 1804 state.NamespacePaths["NEWNET"] = key 1805 if b, err = json.Marshal(state); err != nil { 1806 return err 1807 } 1808 cmd := &exec.Cmd{ 1809 Path: reexec.Self(), 1810 Args: append([]string{"libnetwork-setkey"}, containerID, controllerID), 1811 Stdin: strings.NewReader(string(b)), 1812 Stdout: os.Stdout, 1813 Stderr: os.Stderr, 1814 } 1815 return cmd.Run() 1816 } 1817 1818 func TestResolvConf(t *testing.T) { 1819 tmpDir := t.TempDir() 1820 originResolvConfPath := filepath.Join(tmpDir, "origin_resolv.conf") 1821 resolvConfPath := filepath.Join(tmpDir, "resolv.conf") 1822 1823 // Strip comments that end in a newline (a comment with no newline at the end 1824 // of the file will not be stripped). 1825 stripCommentsRE := regexp.MustCompile(`(?m)^#.*\n`) 1826 1827 testcases := []struct { 1828 name string 1829 makeNet func(t *testing.T, c *libnetwork.Controller) *libnetwork.Network 1830 delNet bool 1831 epOpts []libnetwork.EndpointOption 1832 sbOpts []libnetwork.SandboxOption 1833 originResolvConf string 1834 expResolvConf string 1835 }{ 1836 { 1837 name: "IPv6 network", 1838 makeNet: makeTestIPv6Network, 1839 delNet: true, 1840 originResolvConf: "search pommesfrites.fr\nnameserver 12.34.56.78\nnameserver 2001:4860:4860::8888\n", 1841 expResolvConf: "nameserver 127.0.0.11\nnameserver 2001:4860:4860::8888\nsearch pommesfrites.fr\noptions ndots:0", 1842 }, 1843 { 1844 name: "host network", 1845 makeNet: makeTesthostNetwork, 1846 epOpts: []libnetwork.EndpointOption{libnetwork.CreateOptionDisableResolution()}, 1847 sbOpts: []libnetwork.SandboxOption{libnetwork.OptionUseDefaultSandbox()}, 1848 originResolvConf: "search localhost.net\nnameserver 127.0.0.1\nnameserver 2001:4860:4860::8888\n", 1849 expResolvConf: "nameserver 127.0.0.1\nnameserver 2001:4860:4860::8888\nsearch localhost.net", 1850 }, 1851 } 1852 1853 for _, tc := range testcases { 1854 t.Run(tc.name, func(t *testing.T) { 1855 defer netnsutils.SetupTestOSContext(t)() 1856 c := newController(t) 1857 1858 err := os.WriteFile(originResolvConfPath, []byte(tc.originResolvConf), 0o644) 1859 assert.NilError(t, err) 1860 1861 n := tc.makeNet(t, c) 1862 if tc.delNet { 1863 defer func() { 1864 err := n.Delete() 1865 assert.Check(t, err) 1866 }() 1867 } 1868 1869 sbOpts := append(tc.sbOpts, 1870 libnetwork.OptionResolvConfPath(resolvConfPath), 1871 libnetwork.OptionOriginResolvConfPath(originResolvConfPath), 1872 ) 1873 sb, err := c.NewSandbox(containerID, sbOpts...) 1874 assert.NilError(t, err) 1875 defer func() { 1876 err := sb.Delete() 1877 assert.Check(t, err) 1878 }() 1879 1880 ep, err := n.CreateEndpoint("ep", tc.epOpts...) 1881 assert.NilError(t, err) 1882 defer func() { 1883 err := ep.Delete(false) 1884 assert.Check(t, err) 1885 }() 1886 1887 err = ep.Join(sb) 1888 assert.NilError(t, err) 1889 defer func() { 1890 err := ep.Leave(sb) 1891 assert.Check(t, err) 1892 }() 1893 1894 finfo, err := os.Stat(resolvConfPath) 1895 assert.NilError(t, err) 1896 expFMode := (os.FileMode)(0o644) 1897 assert.Check(t, is.Equal(finfo.Mode().String(), expFMode.String())) 1898 content, err := os.ReadFile(resolvConfPath) 1899 assert.NilError(t, err) 1900 actual := stripCommentsRE.ReplaceAllString(string(content), "") 1901 actual = strings.TrimSpace(actual) 1902 assert.Check(t, is.Equal(actual, tc.expResolvConf)) 1903 }) 1904 } 1905 } 1906 1907 type parallelTester struct { 1908 osctx *netnsutils.OSContext 1909 controller *libnetwork.Controller 1910 net1, net2 *libnetwork.Network 1911 iterCnt int 1912 } 1913 1914 func (pt parallelTester) Do(t *testing.T, thrNumber int) error { 1915 teardown, err := pt.osctx.Set() 1916 if err != nil { 1917 return err 1918 } 1919 defer teardown(t) 1920 1921 var ep *libnetwork.Endpoint 1922 if thrNumber == 1 { 1923 ep, err = pt.net1.EndpointByName(fmt.Sprintf("pep%d", thrNumber)) 1924 } else { 1925 ep, err = pt.net2.EndpointByName(fmt.Sprintf("pep%d", thrNumber)) 1926 } 1927 1928 if err != nil { 1929 return errors.WithStack(err) 1930 } 1931 if ep == nil { 1932 return errors.New("got nil ep with no error") 1933 } 1934 1935 cid := fmt.Sprintf("%drace", thrNumber) 1936 sb, err := pt.controller.GetSandbox(cid) 1937 if err != nil { 1938 return err 1939 } 1940 1941 for i := 0; i < pt.iterCnt; i++ { 1942 if err := ep.Join(sb); err != nil { 1943 if _, ok := err.(types.ForbiddenError); !ok { 1944 return errors.Wrapf(err, "thread %d", thrNumber) 1945 } 1946 } 1947 if err := ep.Leave(sb); err != nil { 1948 if _, ok := err.(types.ForbiddenError); !ok { 1949 return errors.Wrapf(err, "thread %d", thrNumber) 1950 } 1951 } 1952 } 1953 1954 if err := errors.WithStack(sb.Delete()); err != nil { 1955 return err 1956 } 1957 return errors.WithStack(ep.Delete(false)) 1958 } 1959 1960 func TestParallel(t *testing.T) { 1961 const ( 1962 first = 1 1963 last = 3 1964 numThreads = last - first + 1 1965 iterCnt = 25 1966 ) 1967 1968 osctx := netnsutils.SetupTestOSContextEx(t) 1969 defer osctx.Cleanup(t) 1970 controller := newController(t) 1971 1972 netOption := options.Generic{ 1973 netlabel.GenericData: options.Generic{ 1974 "BridgeName": "network", 1975 }, 1976 } 1977 1978 net1 := makeTesthostNetwork(t, controller) 1979 defer net1.Delete() 1980 net2, err := createTestNetwork(controller, "bridge", "network2", netOption, nil, nil) 1981 if err != nil { 1982 t.Fatal(err) 1983 } 1984 defer net2.Delete() 1985 1986 _, err = net1.CreateEndpoint("pep1") 1987 if err != nil { 1988 t.Fatal(err) 1989 } 1990 1991 _, err = net2.CreateEndpoint("pep2") 1992 if err != nil { 1993 t.Fatal(err) 1994 } 1995 1996 _, err = net2.CreateEndpoint("pep3") 1997 if err != nil { 1998 t.Fatal(err) 1999 } 2000 2001 sboxes := make([]*libnetwork.Sandbox, numThreads) 2002 if sboxes[first-1], err = controller.NewSandbox(fmt.Sprintf("%drace", first), libnetwork.OptionUseDefaultSandbox()); err != nil { 2003 t.Fatal(err) 2004 } 2005 for thd := first + 1; thd <= last; thd++ { 2006 if sboxes[thd-1], err = controller.NewSandbox(fmt.Sprintf("%drace", thd)); err != nil { 2007 t.Fatal(err) 2008 } 2009 } 2010 2011 pt := parallelTester{ 2012 osctx: osctx, 2013 controller: controller, 2014 net1: net1, 2015 net2: net2, 2016 iterCnt: iterCnt, 2017 } 2018 2019 var eg errgroup.Group 2020 for i := first; i <= last; i++ { 2021 i := i 2022 eg.Go(func() error { return pt.Do(t, i) }) 2023 } 2024 if err := eg.Wait(); err != nil { 2025 t.Fatalf("%+v", err) 2026 } 2027 } 2028 2029 func TestBridge(t *testing.T) { 2030 defer netnsutils.SetupTestOSContext(t)() 2031 controller := newController(t) 2032 2033 netOption := options.Generic{ 2034 netlabel.EnableIPv6: true, 2035 netlabel.GenericData: options.Generic{ 2036 "BridgeName": "testnetwork", 2037 "EnableICC": true, 2038 "EnableIPMasquerade": true, 2039 }, 2040 } 2041 ipamV4ConfList := []*libnetwork.IpamConf{{PreferredPool: "192.168.100.0/24", Gateway: "192.168.100.1"}} 2042 ipamV6ConfList := []*libnetwork.IpamConf{{PreferredPool: "fe90::/64", Gateway: "fe90::22"}} 2043 2044 network, err := createTestNetwork(controller, bridgeNetType, "testnetwork", netOption, ipamV4ConfList, ipamV6ConfList) 2045 if err != nil { 2046 t.Fatal(err) 2047 } 2048 defer func() { 2049 if err := network.Delete(); err != nil { 2050 t.Fatal(err) 2051 } 2052 }() 2053 2054 ep, err := network.CreateEndpoint("testep") 2055 if err != nil { 2056 t.Fatal(err) 2057 } 2058 2059 sb, err := controller.NewSandbox(containerID, libnetwork.OptionPortMapping(getPortMapping())) 2060 if err != nil { 2061 t.Fatal(err) 2062 } 2063 defer func() { 2064 if err := sb.Delete(); err != nil { 2065 t.Fatal(err) 2066 } 2067 }() 2068 2069 err = ep.Join(sb) 2070 if err != nil { 2071 t.Fatal(err) 2072 } 2073 2074 epInfo, err := ep.DriverInfo() 2075 if err != nil { 2076 t.Fatal(err) 2077 } 2078 pmd, ok := epInfo[netlabel.PortMap] 2079 if !ok { 2080 t.Fatalf("Could not find expected info in endpoint data") 2081 } 2082 pm, ok := pmd.([]types.PortBinding) 2083 if !ok { 2084 t.Fatalf("Unexpected format for port mapping in endpoint operational data") 2085 } 2086 expectedLen := 10 2087 if !isV6Listenable() { 2088 expectedLen = 5 2089 } 2090 if len(pm) != expectedLen { 2091 t.Fatalf("Incomplete data for port mapping in endpoint operational data: %d", len(pm)) 2092 } 2093 } 2094 2095 var ( 2096 v6ListenableCached bool 2097 v6ListenableOnce sync.Once 2098 ) 2099 2100 // This is copied from the bridge driver package b/c the bridge driver is not platform agnostic. 2101 func isV6Listenable() bool { 2102 v6ListenableOnce.Do(func() { 2103 ln, err := net.Listen("tcp6", "[::1]:0") 2104 if err != nil { 2105 // When the kernel was booted with `ipv6.disable=1`, 2106 // we get err "listen tcp6 [::1]:0: socket: address family not supported by protocol" 2107 // https://github.com/moby/moby/issues/42288 2108 log.G(context.TODO()).Debugf("port_mapping: v6Listenable=false (%v)", err) 2109 } else { 2110 v6ListenableCached = true 2111 ln.Close() 2112 } 2113 }) 2114 return v6ListenableCached 2115 } 2116 2117 func TestNullIpam(t *testing.T) { 2118 defer netnsutils.SetupTestOSContext(t)() 2119 controller := newController(t) 2120 2121 _, err := controller.NewNetwork(bridgeNetType, "testnetworkinternal", "", libnetwork.NetworkOptionIpam(ipamapi.NullIPAM, "", nil, nil, nil)) 2122 if err == nil || err.Error() != "ipv4 pool is empty" { 2123 t.Fatal("bridge network should complain empty pool") 2124 } 2125 }