We use cookies to ensure you get the best experience on our website
Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
0ct0pu5
/
moby
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: 86db344e56
Dallar Biçim İmleri
moby
/
libnetwork
/
drivers
/
bridge
/
bridge_test.go

bridge_test.go 22 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794 
  1. package bridge
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 	"net"
    6. 

  6. 	"regexp"
    7. 

  7. 	"testing"
    8. 

  8. 

  9. 	"github.com/docker/libnetwork/driverapi"
    10. 

  10. 	"github.com/docker/libnetwork/ipamutils"
    11. 

  11. 	"github.com/docker/libnetwork/iptables"
    12. 

  12. 	"github.com/docker/libnetwork/netlabel"
    13. 

  13. 	"github.com/docker/libnetwork/testutils"
    14. 

  14. 	"github.com/docker/libnetwork/types"
    15. 

  15. )
    16. 

  16. 

  17. func getIPv4Data(t *testing.T) []driverapi.IPAMData {
    18. 

  18. 	ipd := driverapi.IPAMData{AddressSpace: "full"}
    19. 

  19. 	nw, _, err := ipamutils.ElectInterfaceAddresses("")
    20. 

  20. 	if err != nil {
    21. 

  21. 		t.Fatal(err)
    22. 

  22. 	}
    23. 

  23. 	ipd.Pool = nw
    24. 

  24. 	// Set network gateway to X.X.X.1
    25. 

  25. 	ipd.Gateway = types.GetIPNetCopy(nw)
    26. 

  26. 	ipd.Gateway.IP[len(ipd.Gateway.IP)-1] = 1
    27. 

  27. 	return []driverapi.IPAMData{ipd}
    28. 

  28. }
    29. 

  29. 

  30. func TestCreateFullOptions(t *testing.T) {
    31. 

  31. 	defer testutils.SetupTestOSContext(t)()
    32. 

  32. 	d := newDriver()
    33. 

  33. 

  34. 	config := &configuration{
    35. 

  35. 		EnableIPForwarding: true,
    36. 

  36. 		EnableIPTables:     true,
    37. 

  37. 	}
    38. 

  38. 

  39. 	// Test this scenario: Default gw address does not belong to
    40. 

  40. 	// container network and it's greater than bridge address
    41. 

  41. 	cnw, _ := types.ParseCIDR("172.16.122.0/24")
    42. 

  42. 	bnw, _ := types.ParseCIDR("172.16.0.0/24")
    43. 

  43. 	br, _ := types.ParseCIDR("172.16.0.1/16")
    44. 

  44. 	defgw, _ := types.ParseCIDR("172.16.0.100/16")
    45. 

  45. 

  46. 	genericOption := make(map[string]interface{})
    47. 

  47. 	genericOption[netlabel.GenericData] = config
    48. 

  48. 

  49. 	if err := d.configure(genericOption); err != nil {
    50. 

  50. 		t.Fatalf("Failed to setup driver config: %v", err)
    51. 

  51. 	}
    52. 

  52. 

  53. 	netOption := make(map[string]interface{})
    54. 

  54. 	netOption[netlabel.EnableIPv6] = true
    55. 

  55. 	netOption[netlabel.GenericData] = &networkConfiguration{
    56. 

  56. 		BridgeName: DefaultBridgeName,
    57. 

  57. 	}
    58. 

  58. 

  59. 	ipdList := []driverapi.IPAMData{
    60. 

  60. 		{
    61. 

  61. 			Pool:         bnw,
    62. 

  62. 			Gateway:      br,
    63. 

  63. 			AuxAddresses: map[string]*net.IPNet{DefaultGatewayV4AuxKey: defgw},
    64. 

  64. 		},
    65. 

  65. 	}
    66. 

  66. 	err := d.CreateNetwork("dummy", netOption, ipdList, nil)
    67. 

  67. 	if err != nil {
    68. 

  68. 		t.Fatalf("Failed to create bridge: %v", err)
    69. 

  69. 	}
    70. 

  70. 

  71. 	// Verify the IP address allocated for the endpoint belongs to the container network
    72. 

  72. 	epOptions := make(map[string]interface{})
    73. 

  73. 	te := newTestEndpoint(cnw, 10)
    74. 

  74. 	err = d.CreateEndpoint("dummy", "ep1", te.Interface(), epOptions)
    75. 

  75. 	if err != nil {
    76. 

  76. 		t.Fatalf("Failed to create an endpoint : %s", err.Error())
    77. 

  77. 	}
    78. 

  78. 

  79. 	if !cnw.Contains(te.Interface().Address().IP) {
    80. 

  80. 		t.Fatalf("endpoint got assigned address outside of container network(%s): %s", cnw.String(), te.Interface().Address())
    81. 

  81. 	}
    82. 

  82. }
    83. 

  83. 

  84. func TestCreateNoConfig(t *testing.T) {
    85. 

  85. 	defer testutils.SetupTestOSContext(t)()
    86. 

  86. 	d := newDriver()
    87. 

  87. 

  88. 	netconfig := &networkConfiguration{BridgeName: DefaultBridgeName}
    89. 

  89. 	genericOption := make(map[string]interface{})
    90. 

  90. 	genericOption[netlabel.GenericData] = netconfig
    91. 

  91. 

  92. 	if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err != nil {
    93. 

  93. 		t.Fatalf("Failed to create bridge: %v", err)
    94. 

  94. 	}
    95. 

  95. }
    96. 

  96. 

  97. func TestCreateFullOptionsLabels(t *testing.T) {
    98. 

  98. 	defer testutils.SetupTestOSContext(t)()
    99. 

  99. 	d := newDriver()
    100. 

  100. 

  101. 	config := &configuration{
    102. 

  102. 		EnableIPForwarding: true,
    103. 

  103. 	}
    104. 

  104. 	genericOption := make(map[string]interface{})
    105. 

  105. 	genericOption[netlabel.GenericData] = config
    106. 

  106. 

  107. 	if err := d.configure(genericOption); err != nil {
    108. 

  108. 		t.Fatalf("Failed to setup driver config: %v", err)
    109. 

  109. 	}
    110. 

  110. 

  111. 	bndIPs := "127.0.0.1"
    112. 

  112. 	nwV6s := "2001:db8:2600:2700:2800::/80"
    113. 

  113. 	gwV6s := "2001:db8:2600:2700:2800::25/80"
    114. 

  114. 	nwV6, _ := types.ParseCIDR(nwV6s)
    115. 

  115. 	gwV6, _ := types.ParseCIDR(gwV6s)
    116. 

  116. 

  117. 	labels := map[string]string{
    118. 

  118. 		BridgeName:         DefaultBridgeName,
    119. 

  119. 		DefaultBridge:      "true",
    120. 

  120. 		EnableICC:          "true",
    121. 

  121. 		EnableIPMasquerade: "true",
    122. 

  122. 		DefaultBindingIP:   bndIPs,
    123. 

  123. 	}
    124. 

  124. 

  125. 	netOption := make(map[string]interface{})
    126. 

  126. 	netOption[netlabel.EnableIPv6] = true
    127. 

  127. 	netOption[netlabel.GenericData] = labels
    128. 

  128. 

  129. 	ipdList := getIPv4Data(t)
    130. 

  130. 	ipd6List := []driverapi.IPAMData{
    131. 

  131. 		{
    132. 

  132. 			Pool: nwV6,
    133. 

  133. 			AuxAddresses: map[string]*net.IPNet{
    134. 

  134. 				DefaultGatewayV6AuxKey: gwV6,
    135. 

  135. 			},
    136. 

  136. 		},
    137. 

  137. 	}
    138. 

  138. 

  139. 	err := d.CreateNetwork("dummy", netOption, ipdList, ipd6List)
    140. 

  140. 	if err != nil {
    141. 

  141. 		t.Fatalf("Failed to create bridge: %v", err)
    142. 

  142. 	}
    143. 

  143. 

  144. 	nw, ok := d.networks["dummy"]
    145. 

  145. 	if !ok {
    146. 

  146. 		t.Fatalf("Cannot find dummy network in bridge driver")
    147. 

  147. 	}
    148. 

  148. 

  149. 	if nw.config.BridgeName != DefaultBridgeName {
    150. 

  150. 		t.Fatalf("incongruent name in bridge network")
    151. 

  151. 	}
    152. 

  152. 

  153. 	if !nw.config.EnableIPv6 {
    154. 

  154. 		t.Fatalf("incongruent EnableIPv6 in bridge network")
    155. 

  155. 	}
    156. 

  156. 

  157. 	if !nw.config.EnableICC {
    158. 

  158. 		t.Fatalf("incongruent EnableICC in bridge network")
    159. 

  159. 	}
    160. 

  160. 

  161. 	if !nw.config.EnableIPMasquerade {
    162. 

  162. 		t.Fatalf("incongruent EnableIPMasquerade in bridge network")
    163. 

  163. 	}
    164. 

  164. 

  165. 	bndIP := net.ParseIP(bndIPs)
    166. 

  166. 	if !bndIP.Equal(nw.config.DefaultBindingIP) {
    167. 

  167. 		t.Fatalf("Unexpected: %v", nw.config.DefaultBindingIP)
    168. 

  168. 	}
    169. 

  169. 

  170. 	if !types.CompareIPNet(nw.config.AddressIPv6, nwV6) {
    171. 

  171. 		t.Fatalf("Unexpected: %v", nw.config.AddressIPv6)
    172. 

  172. 	}
    173. 

  173. 

  174. 	if !gwV6.IP.Equal(nw.config.DefaultGatewayIPv6) {
    175. 

  175. 		t.Fatalf("Unexpected: %v", nw.config.DefaultGatewayIPv6)
    176. 

  176. 	}
    177. 

  177. 

  178. 	// In short here we are testing --fixed-cidr-v6 daemon option
    179. 

  179. 	// plus --mac-address run option
    180. 

  180. 	mac, _ := net.ParseMAC("aa:bb:cc:dd:ee:ff")
    181. 

  181. 	epOptions := map[string]interface{}{netlabel.MacAddress: mac}
    182. 

  182. 	te := newTestEndpoint(ipdList[0].Pool, 20)
    183. 

  183. 	err = d.CreateEndpoint("dummy", "ep1", te.Interface(), epOptions)
    184. 

  184. 	if err != nil {
    185. 

  185. 		t.Fatal(err)
    186. 

  186. 	}
    187. 

  187. 

  188. 	if !nwV6.Contains(te.Interface().AddressIPv6().IP) {
    189. 

  189. 		t.Fatalf("endpoint got assigned address outside of container network(%s): %s", nwV6.String(), te.Interface().AddressIPv6())
    190. 

  190. 	}
    191. 

  191. 	if te.Interface().AddressIPv6().IP.String() != "2001:db8:2600:2700:2800:aabb:ccdd:eeff" {
    192. 

  192. 		t.Fatalf("Unexpected endpoint IPv6 address: %v", te.Interface().AddressIPv6().IP)
    193. 

  193. 	}
    194. 

  194. }
    195. 

  195. 

  196. func TestCreate(t *testing.T) {
    197. 

  197. 	defer testutils.SetupTestOSContext(t)()
    198. 

  198. 	d := newDriver()
    199. 

  199. 

  200. 	if err := d.configure(nil); err != nil {
    201. 

  201. 		t.Fatalf("Failed to setup driver config: %v", err)
    202. 

  202. 	}
    203. 

  203. 

  204. 	netconfig := &networkConfiguration{BridgeName: DefaultBridgeName}
    205. 

  205. 	genericOption := make(map[string]interface{})
    206. 

  206. 	genericOption[netlabel.GenericData] = netconfig
    207. 

  207. 

  208. 	if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err != nil {
    209. 

  209. 		t.Fatalf("Failed to create bridge: %v", err)
    210. 

  210. 	}
    211. 

  211. 

  212. 	err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil)
    213. 

  213. 	if err == nil {
    214. 

  214. 		t.Fatalf("Expected bridge driver to refuse creation of second network with default name")
    215. 

  215. 	}
    216. 

  216. 	if _, ok := err.(types.ForbiddenError); !ok {
    217. 

  217. 		t.Fatalf("Creation of second network with default name failed with unexpected error type")
    218. 

  218. 	}
    219. 

  219. }
    220. 

  220. 

  221. func TestCreateFail(t *testing.T) {
    222. 

  222. 	defer testutils.SetupTestOSContext(t)()
    223. 

  223. 	d := newDriver()
    224. 

  224. 

  225. 	if err := d.configure(nil); err != nil {
    226. 

  226. 		t.Fatalf("Failed to setup driver config: %v", err)
    227. 

  227. 	}
    228. 

  228. 

  229. 	netconfig := &networkConfiguration{BridgeName: "dummy0", DefaultBridge: true}
    230. 

  230. 	genericOption := make(map[string]interface{})
    231. 

  231. 	genericOption[netlabel.GenericData] = netconfig
    232. 

  232. 

  233. 	if err := d.CreateNetwork("dummy", genericOption, getIPv4Data(t), nil); err == nil {
    234. 

  234. 		t.Fatal("Bridge creation was expected to fail")
    235. 

  235. 	}
    236. 

  236. }
    237. 

  237. 

  238. func TestCreateMultipleNetworks(t *testing.T) {
    239. 

  239. 	defer testutils.SetupTestOSContext(t)()
    240. 

  240. 	d := newDriver()
    241. 

  241. 

  242. 	config := &configuration{
    243. 

  243. 		EnableIPTables: true,
    244. 

  244. 	}
    245. 

  245. 	genericOption := make(map[string]interface{})
    246. 

  246. 	genericOption[netlabel.GenericData] = config
    247. 

  247. 

  248. 	if err := d.configure(genericOption); err != nil {
    249. 

  249. 		t.Fatalf("Failed to setup driver config: %v", err)
    250. 

  250. 	}
    251. 

  251. 

  252. 	config1 := &networkConfiguration{BridgeName: "net_test_1"}
    253. 

  253. 	genericOption = make(map[string]interface{})
    254. 

  254. 	genericOption[netlabel.GenericData] = config1
    255. 

  255. 	if err := d.CreateNetwork("1", genericOption, getIPv4Data(t), nil); err != nil {
    256. 

  256. 		t.Fatalf("Failed to create bridge: %v", err)
    257. 

  257. 	}
    258. 

  258. 

  259. 	config2 := &networkConfiguration{BridgeName: "net_test_2"}
    260. 

  260. 	genericOption[netlabel.GenericData] = config2
    261. 

  261. 	if err := d.CreateNetwork("2", genericOption, getIPv4Data(t), nil); err != nil {
    262. 

  262. 		t.Fatalf("Failed to create bridge: %v", err)
    263. 

  263. 	}
    264. 

  264. 

  265. 	// Verify the network isolation rules are installed, each network subnet should appear 2 times
    266. 

  266. 	verifyV4INCEntries(d.networks, 2, t)
    267. 

  267. 

  268. 	config3 := &networkConfiguration{BridgeName: "net_test_3"}
    269. 

  269. 	genericOption[netlabel.GenericData] = config3
    270. 

  270. 	if err := d.CreateNetwork("3", genericOption, getIPv4Data(t), nil); err != nil {
    271. 

  271. 		t.Fatalf("Failed to create bridge: %v", err)
    272. 

  272. 	}
    273. 

  273. 

  274. 	// Verify the network isolation rules are installed, each network subnet should appear 4 times
    275. 

  275. 	verifyV4INCEntries(d.networks, 6, t)
    276. 

  276. 

  277. 	config4 := &networkConfiguration{BridgeName: "net_test_4"}
    278. 

  278. 	genericOption[netlabel.GenericData] = config4
    279. 

  279. 	if err := d.CreateNetwork("4", genericOption, getIPv4Data(t), nil); err != nil {
    280. 

  280. 		t.Fatalf("Failed to create bridge: %v", err)
    281. 

  281. 	}
    282. 

  282. 

  283. 	// Now 6 times
    284. 

  284. 	verifyV4INCEntries(d.networks, 12, t)
    285. 

  285. 

  286. 	d.DeleteNetwork("1")
    287. 

  287. 	verifyV4INCEntries(d.networks, 6, t)
    288. 

  288. 

  289. 	d.DeleteNetwork("2")
    290. 

  290. 	verifyV4INCEntries(d.networks, 2, t)
    291. 

  291. 

  292. 	d.DeleteNetwork("3")
    293. 

  293. 	verifyV4INCEntries(d.networks, 0, t)
    294. 

  294. 

  295. 	d.DeleteNetwork("4")
    296. 

  296. 	verifyV4INCEntries(d.networks, 0, t)
    297. 

  297. }
    298. 

  298. 

  299. func verifyV4INCEntries(networks map[string]*bridgeNetwork, numEntries int, t *testing.T) {
    300. 

  300. 	out, err := iptables.Raw("-nvL", IsolationChain)
    301. 

  301. 	if err != nil {
    302. 

  302. 		t.Fatal(err)
    303. 

  303. 	}
    304. 

  304. 

  305. 	found := 0
    306. 

  306. 	for _, x := range networks {
    307. 

  307. 		for _, y := range networks {
    308. 

  308. 			if x == y {
    309. 

  309. 				continue
    310. 

  310. 			}
    311. 

  311. 			re := regexp.MustCompile(fmt.Sprintf("%s %s", x.config.BridgeName, y.config.BridgeName))
    312. 

  312. 			matches := re.FindAllString(string(out[:]), -1)
    313. 

  313. 			if len(matches) != 1 {
    314. 

  314. 				t.Fatalf("Cannot find expected inter-network isolation rules in IP Tables:\n%s", string(out[:]))
    315. 

  315. 			}
    316. 

  316. 			found++
    317. 

  317. 		}
    318. 

  318. 	}
    319. 

  319. 

  320. 	if found != numEntries {
    321. 

  321. 		t.Fatalf("Cannot find expected number (%d) of inter-network isolation rules in IP Tables:\n%s\nFound %d", numEntries, string(out[:]), found)
    322. 

  322. 	}
    323. 

  323. }
    324. 

  324. 

  325. type testInterface struct {
    326. 

  326. 	mac     net.HardwareAddr
    327. 

  327. 	addr    *net.IPNet
    328. 

  328. 	addrv6  *net.IPNet
    329. 

  329. 	srcName string
    330. 

  330. 	dstName string
    331. 

  331. }
    332. 

  332. 

  333. type testEndpoint struct {
    334. 

  334. 	iface          *testInterface
    335. 

  335. 	gw             net.IP
    336. 

  336. 	gw6            net.IP
    337. 

  337. 	hostsPath      string
    338. 

  338. 	resolvConfPath string
    339. 

  339. 	routes         []types.StaticRoute
    340. 

  340. }
    341. 

  341. 

  342. func newTestEndpoint(nw *net.IPNet, ordinal byte) *testEndpoint {
    343. 

  343. 	addr := types.GetIPNetCopy(nw)
    344. 

  344. 	addr.IP[len(addr.IP)-1] = ordinal
    345. 

  345. 	return &testEndpoint{iface: &testInterface{addr: addr}}
    346. 

  346. }
    347. 

  347. 

  348. func (te *testEndpoint) Interface() driverapi.InterfaceInfo {
    349. 

  349. 	if te.iface != nil {
    350. 

  350. 		return te.iface
    351. 

  351. 	}
    352. 

  352. 

  353. 	return nil
    354. 

  354. }
    355. 

  355. 

  356. func (i *testInterface) MacAddress() net.HardwareAddr {
    357. 

  357. 	return i.mac
    358. 

  358. }
    359. 

  359. 

  360. func (i *testInterface) Address() *net.IPNet {
    361. 

  361. 	return i.addr
    362. 

  362. }
    363. 

  363. 

  364. func (i *testInterface) AddressIPv6() *net.IPNet {
    365. 

  365. 	return i.addrv6
    366. 

  366. }
    367. 

  367. 

  368. func (i *testInterface) SetMacAddress(mac net.HardwareAddr) error {
    369. 

  369. 	if i.mac != nil {
    370. 

  370. 		return types.ForbiddenErrorf("endpoint interface MAC address present (%s). Cannot be modified with %s.", i.mac, mac)
    371. 

  371. 	}
    372. 

  372. 	if mac == nil {
    373. 

  373. 		return types.BadRequestErrorf("tried to set nil MAC address to endpoint interface")
    374. 

  374. 	}
    375. 

  375. 	i.mac = types.GetMacCopy(mac)
    376. 

  376. 	return nil
    377. 

  377. }
    378. 

  378. 

  379. func (i *testInterface) SetIPAddress(address *net.IPNet) error {
    380. 

  380. 	if address.IP == nil {
    381. 

  381. 		return types.BadRequestErrorf("tried to set nil IP address to endpoint interface")
    382. 

  382. 	}
    383. 

  383. 	if address.IP.To4() == nil {
    384. 

  384. 		return setAddress(&i.addrv6, address)
    385. 

  385. 	}
    386. 

  386. 	return setAddress(&i.addr, address)
    387. 

  387. }
    388. 

  388. 

  389. func setAddress(ifaceAddr **net.IPNet, address *net.IPNet) error {
    390. 

  390. 	if *ifaceAddr != nil {
    391. 

  391. 		return types.ForbiddenErrorf("endpoint interface IP present (%s). Cannot be modified with (%s).", *ifaceAddr, address)
    392. 

  392. 	}
    393. 

  393. 	*ifaceAddr = types.GetIPNetCopy(address)
    394. 

  394. 	return nil
    395. 

  395. }
    396. 

  396. 

  397. func (i *testInterface) SetNames(srcName string, dstName string) error {
    398. 

  398. 	i.srcName = srcName
    399. 

  399. 	i.dstName = dstName
    400. 

  400. 	return nil
    401. 

  401. }
    402. 

  402. 

  403. func (te *testEndpoint) InterfaceName() driverapi.InterfaceNameInfo {
    404. 

  404. 	if te.iface != nil {
    405. 

  405. 		return te.iface
    406. 

  406. 	}
    407. 

  407. 

  408. 	return nil
    409. 

  409. }
    410. 

  410. 

  411. func (te *testEndpoint) SetGateway(gw net.IP) error {
    412. 

  412. 	te.gw = gw
    413. 

  413. 	return nil
    414. 

  414. }
    415. 

  415. 

  416. func (te *testEndpoint) SetGatewayIPv6(gw6 net.IP) error {
    417. 

  417. 	te.gw6 = gw6
    418. 

  418. 	return nil
    419. 

  419. }
    420. 

  420. 

  421. func (te *testEndpoint) AddStaticRoute(destination *net.IPNet, routeType int, nextHop net.IP) error {
    422. 

  422. 	te.routes = append(te.routes, types.StaticRoute{Destination: destination, RouteType: routeType, NextHop: nextHop})
    423. 

  423. 	return nil
    424. 

  424. }
    425. 

  425. 

  426. func (te *testEndpoint) DisableGatewayService() {}
    427. 

  427. 

  428. func TestQueryEndpointInfo(t *testing.T) {
    429. 

  429. 	testQueryEndpointInfo(t, true)
    430. 

  430. }
    431. 

  431. 

  432. func TestQueryEndpointInfoHairpin(t *testing.T) {
    433. 

  433. 	testQueryEndpointInfo(t, false)
    434. 

  434. }
    435. 

  435. 

  436. func testQueryEndpointInfo(t *testing.T, ulPxyEnabled bool) {
    437. 

  437. 	defer testutils.SetupTestOSContext(t)()
    438. 

  438. 	d := newDriver()
    439. 

  439. 

  440. 	config := &configuration{
    441. 

  441. 		EnableIPTables:      true,
    442. 

  442. 		EnableUserlandProxy: ulPxyEnabled,
    443. 

  443. 	}
    444. 

  444. 	genericOption := make(map[string]interface{})
    445. 

  445. 	genericOption[netlabel.GenericData] = config
    446. 

  446. 

  447. 	if err := d.configure(genericOption); err != nil {
    448. 

  448. 		t.Fatalf("Failed to setup driver config: %v", err)
    449. 

  449. 	}
    450. 

  450. 

  451. 	netconfig := &networkConfiguration{
    452. 

  452. 		BridgeName: DefaultBridgeName,
    453. 

  453. 		EnableICC:  false,
    454. 

  454. 	}
    455. 

  455. 	genericOption = make(map[string]interface{})
    456. 

  456. 	genericOption[netlabel.GenericData] = netconfig
    457. 

  457. 

  458. 	ipdList := getIPv4Data(t)
    459. 

  459. 	err := d.CreateNetwork("net1", genericOption, ipdList, nil)
    460. 

  460. 	if err != nil {
    461. 

  461. 		t.Fatalf("Failed to create bridge: %v", err)
    462. 

  462. 	}
    463. 

  463. 

  464. 	portMappings := getPortMapping()
    465. 

  465. 	epOptions := make(map[string]interface{})
    466. 

  466. 	epOptions[netlabel.PortMap] = portMappings
    467. 

  467. 

  468. 	te := newTestEndpoint(ipdList[0].Pool, 11)
    469. 

  469. 	err = d.CreateEndpoint("net1", "ep1", te.Interface(), epOptions)
    470. 

  470. 	if err != nil {
    471. 

  471. 		t.Fatalf("Failed to create an endpoint : %s", err.Error())
    472. 

  472. 	}
    473. 

  473. 

  474. 	network, ok := d.networks["net1"]
    475. 

  475. 	if !ok {
    476. 

  476. 		t.Fatalf("Cannot find network %s inside driver", "net1")
    477. 

  477. 	}
    478. 

  478. 	ep, _ := network.endpoints["ep1"]
    479. 

  479. 	data, err := d.EndpointOperInfo(network.id, ep.id)
    480. 

  480. 	if err != nil {
    481. 

  481. 		t.Fatalf("Failed to ask for endpoint operational data:  %v", err)
    482. 

  482. 	}
    483. 

  483. 	pmd, ok := data[netlabel.PortMap]
    484. 

  484. 	if !ok {
    485. 

  485. 		t.Fatalf("Endpoint operational data does not contain port mapping data")
    486. 

  486. 	}
    487. 

  487. 	pm, ok := pmd.([]types.PortBinding)
    488. 

  488. 	if !ok {
    489. 

  489. 		t.Fatalf("Unexpected format for port mapping in endpoint operational data")
    490. 

  490. 	}
    491. 

  491. 	if len(ep.portMapping) != len(pm) {
    492. 

  492. 		t.Fatalf("Incomplete data for port mapping in endpoint operational data")
    493. 

  493. 	}
    494. 

  494. 	for i, pb := range ep.portMapping {
    495. 

  495. 		if !pb.Equal(&pm[i]) {
    496. 

  496. 			t.Fatalf("Unexpected data for port mapping in endpoint operational data")
    497. 

  497. 		}
    498. 

  498. 	}
    499. 

  499. 

  500. 	// Cleanup as host ports are there
    501. 

  501. 	err = network.releasePorts(ep)
    502. 

  502. 	if err != nil {
    503. 

  503. 		t.Fatalf("Failed to release mapped ports: %v", err)
    504. 

  504. 	}
    505. 

  505. }
    506. 

  506. 

  507. func getExposedPorts() []types.TransportPort {
    508. 

  508. 	return []types.TransportPort{
    509. 

  509. 		{Proto: types.TCP, Port: uint16(5000)},
    510. 

  510. 		{Proto: types.UDP, Port: uint16(400)},
    511. 

  511. 		{Proto: types.TCP, Port: uint16(600)},
    512. 

  512. 	}
    513. 

  513. }
    514. 

  514. 

  515. func getPortMapping() []types.PortBinding {
    516. 

  516. 	return []types.PortBinding{
    517. 

  517. 		{Proto: types.TCP, Port: uint16(230), HostPort: uint16(23000)},
    518. 

  518. 		{Proto: types.UDP, Port: uint16(200), HostPort: uint16(22000)},
    519. 

  519. 		{Proto: types.TCP, Port: uint16(120), HostPort: uint16(12000)},
    520. 

  520. 	}
    521. 

  521. }
    522. 

  522. 

  523. func TestLinkContainers(t *testing.T) {
    524. 

  524. 	defer testutils.SetupTestOSContext(t)()
    525. 

  525. 

  526. 	d := newDriver()
    527. 

  527. 

  528. 	config := &configuration{
    529. 

  529. 		EnableIPTables: true,
    530. 

  530. 	}
    531. 

  531. 	genericOption := make(map[string]interface{})
    532. 

  532. 	genericOption[netlabel.GenericData] = config
    533. 

  533. 

  534. 	if err := d.configure(genericOption); err != nil {
    535. 

  535. 		t.Fatalf("Failed to setup driver config: %v", err)
    536. 

  536. 	}
    537. 

  537. 

  538. 	netconfig := &networkConfiguration{
    539. 

  539. 		BridgeName: DefaultBridgeName,
    540. 

  540. 		EnableICC:  false,
    541. 

  541. 	}
    542. 

  542. 	genericOption = make(map[string]interface{})
    543. 

  543. 	genericOption[netlabel.GenericData] = netconfig
    544. 

  544. 

  545. 	ipdList := getIPv4Data(t)
    546. 

  546. 	err := d.CreateNetwork("net1", genericOption, ipdList, nil)
    547. 

  547. 	if err != nil {
    548. 

  548. 		t.Fatalf("Failed to create bridge: %v", err)
    549. 

  549. 	}
    550. 

  550. 

  551. 	exposedPorts := getExposedPorts()
    552. 

  552. 	epOptions := make(map[string]interface{})
    553. 

  553. 	epOptions[netlabel.ExposedPorts] = exposedPorts
    554. 

  554. 

  555. 	te1 := newTestEndpoint(ipdList[0].Pool, 11)
    556. 

  556. 	err = d.CreateEndpoint("net1", "ep1", te1.Interface(), epOptions)
    557. 

  557. 	if err != nil {
    558. 

  558. 		t.Fatalf("Failed to create an endpoint : %s", err.Error())
    559. 

  559. 	}
    560. 

  560. 

  561. 	addr1 := te1.iface.addr
    562. 

  562. 	if addr1.IP.To4() == nil {
    563. 

  563. 		t.Fatalf("No Ipv4 address assigned to the endpoint:  ep1")
    564. 

  564. 	}
    565. 

  565. 

  566. 	te2 := newTestEndpoint(ipdList[0].Pool, 22)
    567. 

  567. 	err = d.CreateEndpoint("net1", "ep2", te2.Interface(), nil)
    568. 

  568. 	if err != nil {
    569. 

  569. 		t.Fatalf("Failed to create an endpoint : %s", err.Error())
    570. 

  570. 	}
    571. 

  571. 

  572. 	addr2 := te2.iface.addr
    573. 

  573. 	if addr2.IP.To4() == nil {
    574. 

  574. 		t.Fatalf("No Ipv4 address assigned to the endpoint:  ep2")
    575. 

  575. 	}
    576. 

  576. 

  577. 	ce := []string{"ep1"}
    578. 

  578. 	cConfig := &containerConfiguration{ChildEndpoints: ce}
    579. 

  579. 	genericOption = make(map[string]interface{})
    580. 

  580. 	genericOption[netlabel.GenericData] = cConfig
    581. 

  581. 

  582. 	err = d.Join("net1", "ep2", "", te2, genericOption)
    583. 

  583. 	if err != nil {
    584. 

  584. 		t.Fatalf("Failed to link ep1 and ep2")
    585. 

  585. 	}
    586. 

  586. 

  587. 	out, err := iptables.Raw("-L", DockerChain)
    588. 

  588. 	for _, pm := range exposedPorts {
    589. 

  589. 		regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
    590. 

  590. 		re := regexp.MustCompile(regex)
    591. 

  591. 		matches := re.FindAllString(string(out[:]), -1)
    592. 

  592. 		if len(matches) != 1 {
    593. 

  593. 			t.Fatalf("IP Tables programming failed %s", string(out[:]))
    594. 

  594. 		}
    595. 

  595. 

  596. 		regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
    597. 

  597. 		matched, _ := regexp.MatchString(regex, string(out[:]))
    598. 

  598. 		if !matched {
    599. 

  599. 			t.Fatalf("IP Tables programming failed %s", string(out[:]))
    600. 

  600. 		}
    601. 

  601. 	}
    602. 

  602. 

  603. 	err = d.Leave("net1", "ep2")
    604. 

  604. 	if err != nil {
    605. 

  605. 		t.Fatalf("Failed to unlink ep1 and ep2")
    606. 

  606. 	}
    607. 

  607. 

  608. 	out, err = iptables.Raw("-L", DockerChain)
    609. 

  609. 	for _, pm := range exposedPorts {
    610. 

  610. 		regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
    611. 

  611. 		re := regexp.MustCompile(regex)
    612. 

  612. 		matches := re.FindAllString(string(out[:]), -1)
    613. 

  613. 		if len(matches) != 0 {
    614. 

  614. 			t.Fatalf("Leave should have deleted relevant IPTables rules  %s", string(out[:]))
    615. 

  615. 		}
    616. 

  616. 

  617. 		regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
    618. 

  618. 		matched, _ := regexp.MatchString(regex, string(out[:]))
    619. 

  619. 		if matched {
    620. 

  620. 			t.Fatalf("Leave should have deleted relevant IPTables rules  %s", string(out[:]))
    621. 

  621. 		}
    622. 

  622. 	}
    623. 

  623. 

  624. 	// Error condition test with an invalid endpoint-id "ep4"
    625. 

  625. 	ce = []string{"ep1", "ep4"}
    626. 

  626. 	cConfig = &containerConfiguration{ChildEndpoints: ce}
    627. 

  627. 	genericOption = make(map[string]interface{})
    628. 

  628. 	genericOption[netlabel.GenericData] = cConfig
    629. 

  629. 

  630. 	err = d.Join("net1", "ep2", "", te2, genericOption)
    631. 

  631. 	if err != nil {
    632. 

  632. 		out, err = iptables.Raw("-L", DockerChain)
    633. 

  633. 		for _, pm := range exposedPorts {
    634. 

  634. 			regex := fmt.Sprintf("%s dpt:%d", pm.Proto.String(), pm.Port)
    635. 

  635. 			re := regexp.MustCompile(regex)
    636. 

  636. 			matches := re.FindAllString(string(out[:]), -1)
    637. 

  637. 			if len(matches) != 0 {
    638. 

  638. 				t.Fatalf("Error handling should rollback relevant IPTables rules  %s", string(out[:]))
    639. 

  639. 			}
    640. 

  640. 

  641. 			regex = fmt.Sprintf("%s spt:%d", pm.Proto.String(), pm.Port)
    642. 

  642. 			matched, _ := regexp.MatchString(regex, string(out[:]))
    643. 

  643. 			if matched {
    644. 

  644. 				t.Fatalf("Error handling should rollback relevant IPTables rules  %s", string(out[:]))
    645. 

  645. 			}
    646. 

  646. 		}
    647. 

  647. 	} else {
    648. 

  648. 		t.Fatalf("Expected Join to fail given link conditions are not satisfied")
    649. 

  649. 	}
    650. 

  650. }
    651. 

  651. 

  652. func TestValidateConfig(t *testing.T) {
    653. 

  653. 

  654. 	// Test mtu
    655. 

  655. 	c := networkConfiguration{Mtu: -2}
    656. 

  656. 	err := c.Validate()
    657. 

  657. 	if err == nil {
    658. 

  658. 		t.Fatalf("Failed to detect invalid MTU number")
    659. 

  659. 	}
    660. 

  660. 

  661. 	c.Mtu = 9000
    662. 

  662. 	err = c.Validate()
    663. 

  663. 	if err != nil {
    664. 

  664. 		t.Fatalf("unexpected validation error on MTU number")
    665. 

  665. 	}
    666. 

  666. 

  667. 	// Bridge network
    668. 

  668. 	_, network, _ := net.ParseCIDR("172.28.0.0/16")
    669. 

  669. 	c = networkConfiguration{
    670. 

  670. 		AddressIPv4: network,
    671. 

  671. 	}
    672. 

  672. 

  673. 	err = c.Validate()
    674. 

  674. 	if err != nil {
    675. 

  675. 		t.Fatal(err)
    676. 

  676. 	}
    677. 

  677. 

  678. 	// Test v4 gw
    679. 

  679. 	c.DefaultGatewayIPv4 = net.ParseIP("172.27.30.234")
    680. 

  680. 	err = c.Validate()
    681. 

  681. 	if err == nil {
    682. 

  682. 		t.Fatalf("Failed to detect invalid default gateway")
    683. 

  683. 	}
    684. 

  684. 

  685. 	c.DefaultGatewayIPv4 = net.ParseIP("172.28.30.234")
    686. 

  686. 	err = c.Validate()
    687. 

  687. 	if err != nil {
    688. 

  688. 		t.Fatalf("Unexpected validation error on default gateway")
    689. 

  689. 	}
    690. 

  690. 

  691. 	// Test v6 gw
    692. 

  692. 	_, v6nw, _ := net.ParseCIDR("2001:db8:ae:b004::/64")
    693. 

  693. 	c = networkConfiguration{
    694. 

  694. 		EnableIPv6:         true,
    695. 

  695. 		AddressIPv6:        v6nw,
    696. 

  696. 		DefaultGatewayIPv6: net.ParseIP("2001:db8:ac:b004::bad:a55"),
    697. 

  697. 	}
    698. 

  698. 	err = c.Validate()
    699. 

  699. 	if err == nil {
    700. 

  700. 		t.Fatalf("Failed to detect invalid v6 default gateway")
    701. 

  701. 	}
    702. 

  702. 

  703. 	c.DefaultGatewayIPv6 = net.ParseIP("2001:db8:ae:b004::bad:a55")
    704. 

  704. 	err = c.Validate()
    705. 

  705. 	if err != nil {
    706. 

  706. 		t.Fatalf("Unexpected validation error on v6 default gateway")
    707. 

  707. 	}
    708. 

  708. 

  709. 	c.AddressIPv6 = nil
    710. 

  710. 	err = c.Validate()
    711. 

  711. 	if err == nil {
    712. 

  712. 		t.Fatalf("Failed to detect invalid v6 default gateway")
    713. 

  713. 	}
    714. 

  714. 

  715. 	c.AddressIPv6 = nil
    716. 

  716. 	err = c.Validate()
    717. 

  717. 	if err == nil {
    718. 

  718. 		t.Fatalf("Failed to detect invalid v6 default gateway")
    719. 

  719. 	}
    720. 

  720. }
    721. 

  721. 

  722. func TestSetDefaultGw(t *testing.T) {
    723. 

  723. 	defer testutils.SetupTestOSContext(t)()
    724. 

  724. 	d := newDriver()
    725. 

  725. 

  726. 	if err := d.configure(nil); err != nil {
    727. 

  727. 		t.Fatalf("Failed to setup driver config: %v", err)
    728. 

  728. 	}
    729. 

  729. 

  730. 	_, subnetv6, _ := net.ParseCIDR("2001:db8:ea9:9abc:b0c4::/80")
    731. 

  731. 

  732. 	ipdList := getIPv4Data(t)
    733. 

  733. 	gw4 := types.GetIPCopy(ipdList[0].Pool.IP).To4()
    734. 

  734. 	gw4[3] = 254
    735. 

  735. 	gw6 := net.ParseIP("2001:db8:ea9:9abc:b0c4::254")
    736. 

  736. 

  737. 	config := &networkConfiguration{
    738. 

  738. 		BridgeName:         DefaultBridgeName,
    739. 

  739. 		AddressIPv6:        subnetv6,
    740. 

  740. 		DefaultGatewayIPv4: gw4,
    741. 

  741. 		DefaultGatewayIPv6: gw6,
    742. 

  742. 	}
    743. 

  743. 

  744. 	genericOption := make(map[string]interface{})
    745. 

  745. 	genericOption[netlabel.EnableIPv6] = true
    746. 

  746. 	genericOption[netlabel.GenericData] = config
    747. 

  747. 

  748. 	err := d.CreateNetwork("dummy", genericOption, ipdList, nil)
    749. 

  749. 	if err != nil {
    750. 

  750. 		t.Fatalf("Failed to create bridge: %v", err)
    751. 

  751. 	}
    752. 

  752. 

  753. 	te := newTestEndpoint(ipdList[0].Pool, 10)
    754. 

  754. 	err = d.CreateEndpoint("dummy", "ep", te.Interface(), nil)
    755. 

  755. 	if err != nil {
    756. 

  756. 		t.Fatalf("Failed to create endpoint: %v", err)
    757. 

  757. 	}
    758. 

  758. 

  759. 	err = d.Join("dummy", "ep", "sbox", te, nil)
    760. 

  760. 	if err != nil {
    761. 

  761. 		t.Fatalf("Failed to join endpoint: %v", err)
    762. 

  762. 	}
    763. 

  763. 

  764. 	if !gw4.Equal(te.gw) {
    765. 

  765. 		t.Fatalf("Failed to configure default gateway. Expected %v. Found %v", gw4, te.gw)
    766. 

  766. 	}
    767. 

  767. 

  768. 	if !gw6.Equal(te.gw6) {
    769. 

  769. 		t.Fatalf("Failed to configure default gateway. Expected %v. Found %v", gw6, te.gw6)
    770. 

  770. 	}
    771. 

  771. }
    772. 

  772. 

  773. func TestCleanupIptableRules(t *testing.T) {
    774. 

  774. 	defer testutils.SetupTestOSContext(t)()
    775. 

  775. 	bridgeChain := []iptables.ChainInfo{
    776. 

  776. 		{Name: DockerChain, Table: iptables.Nat},
    777. 

  777. 		{Name: DockerChain, Table: iptables.Filter},
    778. 

  778. 		{Name: IsolationChain, Table: iptables.Filter},
    779. 

  779. 	}
    780. 

  780. 	if _, _, _, err := setupIPChains(&configuration{EnableIPTables: true}); err != nil {
    781. 

  781. 		t.Fatalf("Error setting up ip chains: %v", err)
    782. 

  782. 	}
    783. 

  783. 	for _, chainInfo := range bridgeChain {
    784. 

  784. 		if !iptables.ExistChain(chainInfo.Name, chainInfo.Table) {
    785. 

  785. 			t.Fatalf("iptables chain %s of %s table should have been created", chainInfo.Name, chainInfo.Table)
    786. 

  786. 		}
    787. 

  787. 	}
    788. 

  788. 	removeIPChains()
    789. 

  789. 	for _, chainInfo := range bridgeChain {
    790. 

  790. 		if iptables.ExistChain(chainInfo.Name, chainInfo.Table) {
    791. 

  791. 			t.Fatalf("iptables chain %s of %s table should have been deleted", chainInfo.Name, chainInfo.Table)
    792. 

  792. 		}
    793. 

  793. 	}
    794. 

  794. }
    795.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5