daemon_test.go 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320
  1. package daemon // import "github.com/docker/docker/daemon"
  2. import (
  3. "io/ioutil"
  4. "os"
  5. "path/filepath"
  6. "runtime"
  7. "testing"
  8. containertypes "github.com/docker/docker/api/types/container"
  9. "github.com/docker/docker/container"
  10. "github.com/docker/docker/errdefs"
  11. _ "github.com/docker/docker/pkg/discovery/memory"
  12. "github.com/docker/docker/pkg/idtools"
  13. "github.com/docker/docker/pkg/truncindex"
  14. volumesservice "github.com/docker/docker/volume/service"
  15. "github.com/docker/go-connections/nat"
  16. "github.com/docker/libnetwork"
  17. "github.com/pkg/errors"
  18. "gotest.tools/v3/assert"
  19. is "gotest.tools/v3/assert/cmp"
  20. )
  21. //
  22. // https://github.com/docker/docker/issues/8069
  23. //
  24. func TestGetContainer(t *testing.T) {
  25. c1 := &container.Container{
  26. ID: "5a4ff6a163ad4533d22d69a2b8960bf7fafdcba06e72d2febdba229008b0bf57",
  27. Name: "tender_bardeen",
  28. }
  29. c2 := &container.Container{
  30. ID: "3cdbd1aa394fd68559fd1441d6eff2ab7c1e6363582c82febfaa8045df3bd8de",
  31. Name: "drunk_hawking",
  32. }
  33. c3 := &container.Container{
  34. ID: "3cdbd1aa394fd68559fd1441d6eff2abfafdcba06e72d2febdba229008b0bf57",
  35. Name: "3cdbd1aa",
  36. }
  37. c4 := &container.Container{
  38. ID: "75fb0b800922abdbef2d27e60abcdfaf7fb0698b2a96d22d3354da361a6ff4a5",
  39. Name: "5a4ff6a163ad4533d22d69a2b8960bf7fafdcba06e72d2febdba229008b0bf57",
  40. }
  41. c5 := &container.Container{
  42. ID: "d22d69a2b8960bf7fafdcba06e72d2febdba960bf7fafdcba06e72d2f9008b060b",
  43. Name: "d22d69a2b896",
  44. }
  45. store := container.NewMemoryStore()
  46. store.Add(c1.ID, c1)
  47. store.Add(c2.ID, c2)
  48. store.Add(c3.ID, c3)
  49. store.Add(c4.ID, c4)
  50. store.Add(c5.ID, c5)
  51. index := truncindex.NewTruncIndex([]string{})
  52. index.Add(c1.ID)
  53. index.Add(c2.ID)
  54. index.Add(c3.ID)
  55. index.Add(c4.ID)
  56. index.Add(c5.ID)
  57. containersReplica, err := container.NewViewDB()
  58. if err != nil {
  59. t.Fatalf("could not create ViewDB: %v", err)
  60. }
  61. daemon := &Daemon{
  62. containers: store,
  63. containersReplica: containersReplica,
  64. idIndex: index,
  65. }
  66. daemon.reserveName(c1.ID, c1.Name)
  67. daemon.reserveName(c2.ID, c2.Name)
  68. daemon.reserveName(c3.ID, c3.Name)
  69. daemon.reserveName(c4.ID, c4.Name)
  70. daemon.reserveName(c5.ID, c5.Name)
  71. if ctr, _ := daemon.GetContainer("3cdbd1aa394fd68559fd1441d6eff2ab7c1e6363582c82febfaa8045df3bd8de"); ctr != c2 {
  72. t.Fatal("Should explicitly match full container IDs")
  73. }
  74. if ctr, _ := daemon.GetContainer("75fb0b8009"); ctr != c4 {
  75. t.Fatal("Should match a partial ID")
  76. }
  77. if ctr, _ := daemon.GetContainer("drunk_hawking"); ctr != c2 {
  78. t.Fatal("Should match a full name")
  79. }
  80. // c3.Name is a partial match for both c3.ID and c2.ID
  81. if c, _ := daemon.GetContainer("3cdbd1aa"); c != c3 {
  82. t.Fatal("Should match a full name even though it collides with another container's ID")
  83. }
  84. if ctr, _ := daemon.GetContainer("d22d69a2b896"); ctr != c5 {
  85. t.Fatal("Should match a container where the provided prefix is an exact match to the its name, and is also a prefix for its ID")
  86. }
  87. if _, err := daemon.GetContainer("3cdbd1"); err == nil {
  88. t.Fatal("Should return an error when provided a prefix that partially matches multiple container ID's")
  89. }
  90. if _, err := daemon.GetContainer("nothing"); err == nil {
  91. t.Fatal("Should return an error when provided a prefix that is neither a name or a partial match to an ID")
  92. }
  93. }
  94. func initDaemonWithVolumeStore(tmp string) (*Daemon, error) {
  95. var err error
  96. daemon := &Daemon{
  97. repository: tmp,
  98. root: tmp,
  99. }
  100. daemon.volumes, err = volumesservice.NewVolumeService(tmp, nil, idtools.Identity{UID: 0, GID: 0}, daemon)
  101. if err != nil {
  102. return nil, err
  103. }
  104. return daemon, nil
  105. }
  106. func TestValidContainerNames(t *testing.T) {
  107. invalidNames := []string{"-rm", "&sdfsfd", "safd%sd"}
  108. validNames := []string{"word-word", "word_word", "1weoid"}
  109. for _, name := range invalidNames {
  110. if validContainerNamePattern.MatchString(name) {
  111. t.Fatalf("%q is not a valid container name and was returned as valid.", name)
  112. }
  113. }
  114. for _, name := range validNames {
  115. if !validContainerNamePattern.MatchString(name) {
  116. t.Fatalf("%q is a valid container name and was returned as invalid.", name)
  117. }
  118. }
  119. }
  120. func TestContainerInitDNS(t *testing.T) {
  121. if os.Getuid() != 0 {
  122. t.Skip("root required") // for chown
  123. }
  124. tmp, err := ioutil.TempDir("", "docker-container-test-")
  125. if err != nil {
  126. t.Fatal(err)
  127. }
  128. defer os.RemoveAll(tmp)
  129. containerID := "d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e"
  130. containerPath := filepath.Join(tmp, containerID)
  131. if err := os.MkdirAll(containerPath, 0755); err != nil {
  132. t.Fatal(err)
  133. }
  134. config := `{"State":{"Running":true,"Paused":false,"Restarting":false,"OOMKilled":false,"Dead":false,"Pid":2464,"ExitCode":0,
  135. "Error":"","StartedAt":"2015-05-26T16:48:53.869308965Z","FinishedAt":"0001-01-01T00:00:00Z"},
  136. "ID":"d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e","Created":"2015-05-26T16:48:53.7987917Z","Path":"top",
  137. "Args":[],"Config":{"Hostname":"d59df5276e7b","Domainname":"","User":"","Memory":0,"MemorySwap":0,"CpuShares":0,"Cpuset":"",
  138. "AttachStdin":false,"AttachStdout":false,"AttachStderr":false,"PortSpecs":null,"ExposedPorts":null,"Tty":true,"OpenStdin":true,
  139. "StdinOnce":false,"Env":null,"Cmd":["top"],"Image":"ubuntu:latest","Volumes":null,"WorkingDir":"","Entrypoint":null,
  140. "NetworkDisabled":false,"MacAddress":"","OnBuild":null,"Labels":{}},"Image":"07f8e8c5e66084bef8f848877857537ffe1c47edd01a93af27e7161672ad0e95",
  141. "NetworkSettings":{"IPAddress":"172.17.0.1","IPPrefixLen":16,"MacAddress":"02:42:ac:11:00:01","LinkLocalIPv6Address":"fe80::42:acff:fe11:1",
  142. "LinkLocalIPv6PrefixLen":64,"GlobalIPv6Address":"","GlobalIPv6PrefixLen":0,"Gateway":"172.17.42.1","IPv6Gateway":"","Bridge":"docker0","Ports":{}},
  143. "ResolvConfPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/resolv.conf",
  144. "HostnamePath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/hostname",
  145. "HostsPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/hosts",
  146. "LogPath":"/var/lib/docker/containers/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e/d59df5276e7b219d510fe70565e0404bc06350e0d4b43fe961f22f339980170e-json.log",
  147. "Name":"/ubuntu","Driver":"aufs","MountLabel":"","ProcessLabel":"","AppArmorProfile":"","RestartCount":0,
  148. "UpdateDns":false,"Volumes":{},"VolumesRW":{},"AppliedVolumesFrom":null}`
  149. // Container struct only used to retrieve path to config file
  150. ctr := &container.Container{Root: containerPath}
  151. configPath, err := ctr.ConfigPath()
  152. if err != nil {
  153. t.Fatal(err)
  154. }
  155. if err = ioutil.WriteFile(configPath, []byte(config), 0644); err != nil {
  156. t.Fatal(err)
  157. }
  158. hostConfig := `{"Binds":[],"ContainerIDFile":"","Memory":0,"MemorySwap":0,"CpuShares":0,"CpusetCpus":"",
  159. "Privileged":false,"PortBindings":{},"Links":null,"PublishAllPorts":false,"Dns":null,"DnsOptions":null,"DnsSearch":null,"ExtraHosts":null,"VolumesFrom":null,
  160. "Devices":[],"NetworkMode":"bridge","IpcMode":"","PidMode":"","CapAdd":null,"CapDrop":null,"RestartPolicy":{"Name":"no","MaximumRetryCount":0},
  161. "SecurityOpt":null,"ReadonlyRootfs":false,"Ulimits":null,"LogConfig":{"Type":"","Config":null},"CgroupParent":""}`
  162. hostConfigPath, err := ctr.HostConfigPath()
  163. if err != nil {
  164. t.Fatal(err)
  165. }
  166. if err = ioutil.WriteFile(hostConfigPath, []byte(hostConfig), 0644); err != nil {
  167. t.Fatal(err)
  168. }
  169. daemon, err := initDaemonWithVolumeStore(tmp)
  170. if err != nil {
  171. t.Fatal(err)
  172. }
  173. c, err := daemon.load(containerID)
  174. if err != nil {
  175. t.Fatal(err)
  176. }
  177. if c.HostConfig.DNS == nil {
  178. t.Fatal("Expected container DNS to not be nil")
  179. }
  180. if c.HostConfig.DNSSearch == nil {
  181. t.Fatal("Expected container DNSSearch to not be nil")
  182. }
  183. if c.HostConfig.DNSOptions == nil {
  184. t.Fatal("Expected container DNSOptions to not be nil")
  185. }
  186. }
  187. func newPortNoError(proto, port string) nat.Port {
  188. p, _ := nat.NewPort(proto, port)
  189. return p
  190. }
  191. func TestMerge(t *testing.T) {
  192. volumesImage := make(map[string]struct{})
  193. volumesImage["/test1"] = struct{}{}
  194. volumesImage["/test2"] = struct{}{}
  195. portsImage := make(nat.PortSet)
  196. portsImage[newPortNoError("tcp", "1111")] = struct{}{}
  197. portsImage[newPortNoError("tcp", "2222")] = struct{}{}
  198. configImage := &containertypes.Config{
  199. ExposedPorts: portsImage,
  200. Env: []string{"VAR1=1", "VAR2=2"},
  201. Volumes: volumesImage,
  202. }
  203. portsUser := make(nat.PortSet)
  204. portsUser[newPortNoError("tcp", "2222")] = struct{}{}
  205. portsUser[newPortNoError("tcp", "3333")] = struct{}{}
  206. volumesUser := make(map[string]struct{})
  207. volumesUser["/test3"] = struct{}{}
  208. configUser := &containertypes.Config{
  209. ExposedPorts: portsUser,
  210. Env: []string{"VAR2=3", "VAR3=3"},
  211. Volumes: volumesUser,
  212. }
  213. if err := merge(configUser, configImage); err != nil {
  214. t.Error(err)
  215. }
  216. if len(configUser.ExposedPorts) != 3 {
  217. t.Fatalf("Expected 3 ExposedPorts, 1111, 2222 and 3333, found %d", len(configUser.ExposedPorts))
  218. }
  219. for portSpecs := range configUser.ExposedPorts {
  220. if portSpecs.Port() != "1111" && portSpecs.Port() != "2222" && portSpecs.Port() != "3333" {
  221. t.Fatalf("Expected 1111 or 2222 or 3333, found %s", portSpecs)
  222. }
  223. }
  224. if len(configUser.Env) != 3 {
  225. t.Fatalf("Expected 3 env var, VAR1=1, VAR2=3 and VAR3=3, found %d", len(configUser.Env))
  226. }
  227. for _, env := range configUser.Env {
  228. if env != "VAR1=1" && env != "VAR2=3" && env != "VAR3=3" {
  229. t.Fatalf("Expected VAR1=1 or VAR2=3 or VAR3=3, found %s", env)
  230. }
  231. }
  232. if len(configUser.Volumes) != 3 {
  233. t.Fatalf("Expected 3 volumes, /test1, /test2 and /test3, found %d", len(configUser.Volumes))
  234. }
  235. for v := range configUser.Volumes {
  236. if v != "/test1" && v != "/test2" && v != "/test3" {
  237. t.Fatalf("Expected /test1 or /test2 or /test3, found %s", v)
  238. }
  239. }
  240. ports, _, err := nat.ParsePortSpecs([]string{"0000"})
  241. if err != nil {
  242. t.Error(err)
  243. }
  244. configImage2 := &containertypes.Config{
  245. ExposedPorts: ports,
  246. }
  247. if err := merge(configUser, configImage2); err != nil {
  248. t.Error(err)
  249. }
  250. if len(configUser.ExposedPorts) != 4 {
  251. t.Fatalf("Expected 4 ExposedPorts, 0000, 1111, 2222 and 3333, found %d", len(configUser.ExposedPorts))
  252. }
  253. for portSpecs := range configUser.ExposedPorts {
  254. if portSpecs.Port() != "0" && portSpecs.Port() != "1111" && portSpecs.Port() != "2222" && portSpecs.Port() != "3333" {
  255. t.Fatalf("Expected %q or %q or %q or %q, found %s", 0, 1111, 2222, 3333, portSpecs)
  256. }
  257. }
  258. }
  259. func TestValidateContainerIsolation(t *testing.T) {
  260. d := Daemon{}
  261. _, err := d.verifyContainerSettings(runtime.GOOS, &containertypes.HostConfig{Isolation: containertypes.Isolation("invalid")}, nil, false)
  262. assert.Check(t, is.Error(err, "invalid isolation 'invalid' on "+runtime.GOOS))
  263. }
  264. func TestFindNetworkErrorType(t *testing.T) {
  265. d := Daemon{}
  266. _, err := d.FindNetwork("fakeNet")
  267. var nsn libnetwork.ErrNoSuchNetwork
  268. ok := errors.As(err, &nsn)
  269. if !errdefs.IsNotFound(err) || !ok {
  270. t.Error("The FindNetwork method MUST always return an error that implements the NotFound interface and is ErrNoSuchNetwork")
  271. }
  272. }