gopkg.in/docker/docker.v20@v20.10.27/integration/container/run_linux_test.go (about) 1 package container // import "github.com/docker/docker/integration/container" 2 3 import ( 4 "context" 5 "strings" 6 "testing" 7 "time" 8 9 containertypes "github.com/docker/docker/api/types/container" 10 "github.com/docker/docker/api/types/versions" 11 "github.com/docker/docker/integration/internal/container" 12 net "github.com/docker/docker/integration/internal/network" 13 "gotest.tools/v3/assert" 14 is "gotest.tools/v3/assert/cmp" 15 "gotest.tools/v3/poll" 16 "gotest.tools/v3/skip" 17 ) 18 19 func TestNISDomainname(t *testing.T) { 20 // Older versions of the daemon would concatenate hostname and domainname, 21 // so hostname "foobar" and domainname "baz.cyphar.com" would produce 22 // `foobar.baz.cyphar.com` as hostname. 23 skip.If(t, versions.LessThan(testEnv.DaemonAPIVersion(), "1.40"), "skip test from new feature") 24 skip.If(t, testEnv.DaemonInfo.OSType != "linux") 25 26 // Rootless supports custom Hostname but doesn't support custom Domainname 27 // OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \ 28 // "write sysctl key kernel.domainname: open /proc/sys/kernel/domainname: permission denied\"": unknown. 29 skip.If(t, testEnv.IsRootless, "rootless mode doesn't support setting Domainname (TODO: https://github.com/moby/moby/issues/40632)") 30 31 defer setupTest(t)() 32 client := testEnv.APIClient() 33 ctx := context.Background() 34 35 const ( 36 hostname = "foobar" 37 domainname = "baz.cyphar.com" 38 ) 39 40 cID := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { 41 c.Config.Hostname = hostname 42 c.Config.Domainname = domainname 43 }) 44 45 poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) 46 47 inspect, err := client.ContainerInspect(ctx, cID) 48 assert.NilError(t, err) 49 assert.Check(t, is.Equal(hostname, inspect.Config.Hostname)) 50 assert.Check(t, is.Equal(domainname, inspect.Config.Domainname)) 51 52 // Check hostname. 53 res, err := container.Exec(ctx, client, cID, 54 []string{"cat", "/proc/sys/kernel/hostname"}) 55 assert.NilError(t, err) 56 assert.Assert(t, is.Len(res.Stderr(), 0)) 57 assert.Equal(t, 0, res.ExitCode) 58 assert.Check(t, is.Equal(hostname, strings.TrimSpace(res.Stdout()))) 59 60 // Check domainname. 61 res, err = container.Exec(ctx, client, cID, 62 []string{"cat", "/proc/sys/kernel/domainname"}) 63 assert.NilError(t, err) 64 assert.Assert(t, is.Len(res.Stderr(), 0)) 65 assert.Equal(t, 0, res.ExitCode) 66 assert.Check(t, is.Equal(domainname, strings.TrimSpace(res.Stdout()))) 67 } 68 69 func TestHostnameDnsResolution(t *testing.T) { 70 skip.If(t, testEnv.DaemonInfo.OSType != "linux") 71 72 defer setupTest(t)() 73 client := testEnv.APIClient() 74 ctx := context.Background() 75 76 const ( 77 hostname = "foobar" 78 ) 79 80 // using user defined network as we want to use internal DNS 81 netName := "foobar-net" 82 net.CreateNoError(context.Background(), t, client, netName, net.WithDriver("bridge")) 83 84 cID := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { 85 c.Config.Hostname = hostname 86 c.HostConfig.NetworkMode = containertypes.NetworkMode(netName) 87 }) 88 89 poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) 90 91 inspect, err := client.ContainerInspect(ctx, cID) 92 assert.NilError(t, err) 93 assert.Check(t, is.Equal(hostname, inspect.Config.Hostname)) 94 95 // Clear hosts file so ping will use DNS for hostname resolution 96 res, err := container.Exec(ctx, client, cID, 97 []string{"sh", "-c", "echo 127.0.0.1 localhost | tee /etc/hosts && ping -c 1 foobar"}) 98 assert.NilError(t, err) 99 assert.Check(t, is.Equal("", res.Stderr())) 100 assert.Equal(t, 0, res.ExitCode) 101 } 102 103 func TestUnprivilegedPortsAndPing(t *testing.T) { 104 skip.If(t, testEnv.DaemonInfo.OSType != "linux") 105 skip.If(t, testEnv.IsRootless, "rootless mode doesn't support setting net.ipv4.ping_group_range and net.ipv4.ip_unprivileged_port_start") 106 107 defer setupTest(t)() 108 client := testEnv.APIClient() 109 ctx := context.Background() 110 111 cID := container.Run(ctx, t, client, func(c *container.TestContainerConfig) { 112 c.Config.User = "1000:1000" 113 }) 114 115 poll.WaitOn(t, container.IsInState(ctx, client, cID, "running"), poll.WithDelay(100*time.Millisecond)) 116 117 // Check net.ipv4.ping_group_range. 118 res, err := container.Exec(ctx, client, cID, []string{"cat", "/proc/sys/net/ipv4/ping_group_range"}) 119 assert.NilError(t, err) 120 assert.Assert(t, is.Len(res.Stderr(), 0)) 121 assert.Equal(t, 0, res.ExitCode) 122 assert.Equal(t, `0 2147483647`, strings.TrimSpace(res.Stdout())) 123 124 // Check net.ipv4.ip_unprivileged_port_start. 125 res, err = container.Exec(ctx, client, cID, []string{"cat", "/proc/sys/net/ipv4/ip_unprivileged_port_start"}) 126 assert.NilError(t, err) 127 assert.Assert(t, is.Len(res.Stderr(), 0)) 128 assert.Equal(t, 0, res.ExitCode) 129 assert.Equal(t, "0", strings.TrimSpace(res.Stdout())) 130 }