github.com/vvnotw/moby@v1.13.1/integration-cli/requirements_unix.go

github.com/vvnotw/moby@v1.13.1/integration-cli/requirements_unix.go (about)

     1  // +build !windows
     2  
     3  package main
     4  
     5  import (
     6  	"bytes"
     7  	"io/ioutil"
     8  	"os/exec"
     9  	"strings"
    10  
    11  	"github.com/docker/docker/pkg/parsers/kernel"
    12  	"github.com/docker/docker/pkg/sysinfo"
    13  )
    14  
    15  var (
    16  	// SysInfo stores information about which features a kernel supports.
    17  	SysInfo      *sysinfo.SysInfo
    18  	cpuCfsPeriod = testRequirement{
    19  		func() bool {
    20  			return SysInfo.CPUCfsPeriod
    21  		},
    22  		"Test requires an environment that supports cgroup cfs period.",
    23  	}
    24  	cpuCfsQuota = testRequirement{
    25  		func() bool {
    26  			return SysInfo.CPUCfsQuota
    27  		},
    28  		"Test requires an environment that supports cgroup cfs quota.",
    29  	}
    30  	cpuShare = testRequirement{
    31  		func() bool {
    32  			return SysInfo.CPUShares
    33  		},
    34  		"Test requires an environment that supports cgroup cpu shares.",
    35  	}
    36  	oomControl = testRequirement{
    37  		func() bool {
    38  			return SysInfo.OomKillDisable
    39  		},
    40  		"Test requires Oom control enabled.",
    41  	}
    42  	pidsLimit = testRequirement{
    43  		func() bool {
    44  			return SysInfo.PidsLimit
    45  		},
    46  		"Test requires pids limit enabled.",
    47  	}
    48  	kernelMemorySupport = testRequirement{
    49  		func() bool {
    50  			return SysInfo.KernelMemory
    51  		},
    52  		"Test requires an environment that supports cgroup kernel memory.",
    53  	}
    54  	memoryLimitSupport = testRequirement{
    55  		func() bool {
    56  			return SysInfo.MemoryLimit
    57  		},
    58  		"Test requires an environment that supports cgroup memory limit.",
    59  	}
    60  	memoryReservationSupport = testRequirement{
    61  		func() bool {
    62  			return SysInfo.MemoryReservation
    63  		},
    64  		"Test requires an environment that supports cgroup memory reservation.",
    65  	}
    66  	swapMemorySupport = testRequirement{
    67  		func() bool {
    68  			return SysInfo.SwapLimit
    69  		},
    70  		"Test requires an environment that supports cgroup swap memory limit.",
    71  	}
    72  	memorySwappinessSupport = testRequirement{
    73  		func() bool {
    74  			return SysInfo.MemorySwappiness
    75  		},
    76  		"Test requires an environment that supports cgroup memory swappiness.",
    77  	}
    78  	blkioWeight = testRequirement{
    79  		func() bool {
    80  			return SysInfo.BlkioWeight
    81  		},
    82  		"Test requires an environment that supports blkio weight.",
    83  	}
    84  	cgroupCpuset = testRequirement{
    85  		func() bool {
    86  			return SysInfo.Cpuset
    87  		},
    88  		"Test requires an environment that supports cgroup cpuset.",
    89  	}
    90  	seccompEnabled = testRequirement{
    91  		func() bool {
    92  			return supportsSeccomp && SysInfo.Seccomp
    93  		},
    94  		"Test requires that seccomp support be enabled in the daemon.",
    95  	}
    96  	bridgeNfIptables = testRequirement{
    97  		func() bool {
    98  			return !SysInfo.BridgeNFCallIPTablesDisabled
    99  		},
   100  		"Test requires that bridge-nf-call-iptables support be enabled in the daemon.",
   101  	}
   102  	bridgeNfIP6tables = testRequirement{
   103  		func() bool {
   104  			return !SysInfo.BridgeNFCallIP6TablesDisabled
   105  		},
   106  		"Test requires that bridge-nf-call-ip6tables support be enabled in the daemon.",
   107  	}
   108  	unprivilegedUsernsClone = testRequirement{
   109  		func() bool {
   110  			content, err := ioutil.ReadFile("/proc/sys/kernel/unprivileged_userns_clone")
   111  			if err == nil && strings.Contains(string(content), "0") {
   112  				return false
   113  			}
   114  			return true
   115  		},
   116  		"Test cannot be run with 'sysctl kernel.unprivileged_userns_clone' = 0",
   117  	}
   118  	ambientCapabilities = testRequirement{
   119  		func() bool {
   120  			content, err := ioutil.ReadFile("/proc/self/status")
   121  			if err == nil && strings.Contains(string(content), "CapAmb:") {
   122  				return true
   123  			}
   124  			return false
   125  		},
   126  		"Test cannot be run without a kernel (4.3+) supporting ambient capabilities",
   127  	}
   128  	overlayFSSupported = testRequirement{
   129  		func() bool {
   130  			cmd := exec.Command(dockerBinary, "run", "--rm", "busybox", "/bin/sh", "-c", "cat /proc/filesystems")
   131  			out, err := cmd.CombinedOutput()
   132  			if err != nil {
   133  				return false
   134  			}
   135  			return bytes.Contains(out, []byte("overlay\n"))
   136  		},
   137  		"Test cannot be run without suppport for overlayfs",
   138  	}
   139  	overlay2Supported = testRequirement{
   140  		func() bool {
   141  			if !overlayFSSupported.Condition() {
   142  				return false
   143  			}
   144  
   145  			daemonV, err := kernel.ParseRelease(daemonKernelVersion)
   146  			if err != nil {
   147  				return false
   148  			}
   149  			requiredV := kernel.VersionInfo{Kernel: 4}
   150  			return kernel.CompareKernelVersion(*daemonV, requiredV) > -1
   151  
   152  		},
   153  		"Test cannot be run without overlay2 support (kernel 4.0+)",
   154  	}
   155  )
   156  
   157  func init() {
   158  	SysInfo = sysinfo.New(true)
   159  }