moby/plugin/manager_linux_test.go
Sebastiaan van Stijn 25ee00c494
pkg/system: move EnsureRemoveAll() to pkg/containerfs
pkg/system historically has been a bit of a kitchen-sink of things that were
somewhat "system" related, but didn't have a good place for. EnsureRemoveAll()
is one of those utilities. EnsureRemoveAll() is used to both unmount and remove
a path, for which it depends on both github.com/moby/sys/mount, which in turn
depends on github.com/moby/sys/mountinfo.

pkg/system is imported in the CLI, but neither EnsureRemoveAll(), nor any of its
moby/sys dependencies are used on the client side, so let's move this function
somewhere else, to remove those dependencies from the CLI.

I looked for plausible locations that were related; it's used in:

- daemon
- daemon/graphdriver/XXX/
- plugin

I considered moving it into a (e.g.) "utils" package within graphdriver (but not
a huge fan of "utils" packages), and given that it felt (mostly) related to
cleaning up container filesystems, I decided to move it there.

Some things to follow-up on after this:

- Verify if this function is still needed (it feels a bit like a big hammer in
  a "YOLO, let's try some things just in case it fails")
- Perhaps it should be integrated in `containerfs.Remove()` (so that it's used
  automatically)
- Look if there's other implementations (and if they should be consolidated),
  although (e.g.) the one in containerd is a copy of ours:
  https://github.com/containerd/containerd/blob/v1.5.9/pkg/cri/server/helpers_linux.go#L200

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-03 00:22:26 +01:00

280 lines
6.8 KiB
Go

package plugin // import "github.com/docker/docker/plugin"
import (
"io"
"net"
"os"
"path/filepath"
"testing"
"github.com/docker/docker/api/types"
"github.com/docker/docker/pkg/containerfs"
"github.com/docker/docker/pkg/stringid"
v2 "github.com/docker/docker/plugin/v2"
"github.com/moby/sys/mount"
"github.com/moby/sys/mountinfo"
specs "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"gotest.tools/v3/skip"
)
func TestManagerWithPluginMounts(t *testing.T) {
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
root, err := os.MkdirTemp("", "test-store-with-plugin-mounts")
if err != nil {
t.Fatal(err)
}
defer containerfs.EnsureRemoveAll(root)
s := NewStore()
managerRoot := filepath.Join(root, "manager")
p1 := newTestPlugin(t, "test1", "testcap", managerRoot)
p2 := newTestPlugin(t, "test2", "testcap", managerRoot)
p2.PluginObj.Enabled = true
m, err := NewManager(
ManagerConfig{
Store: s,
Root: managerRoot,
ExecRoot: filepath.Join(root, "exec"),
CreateExecutor: func(*Manager) (Executor, error) { return nil, nil },
LogPluginEvent: func(_, _, _ string) {},
})
if err != nil {
t.Fatal(err)
}
if err := s.Add(p1); err != nil {
t.Fatal(err)
}
if err := s.Add(p2); err != nil {
t.Fatal(err)
}
// Create a mount to simulate a plugin that has created it's own mounts
p2Mount := filepath.Join(p2.Rootfs, "testmount")
if err := os.MkdirAll(p2Mount, 0755); err != nil {
t.Fatal(err)
}
if err := mount.Mount("tmpfs", p2Mount, "tmpfs", ""); err != nil {
t.Fatal(err)
}
if err := m.Remove(p1.GetID(), &types.PluginRmConfig{ForceRemove: true}); err != nil {
t.Fatal(err)
}
if mounted, err := mountinfo.Mounted(p2Mount); !mounted || err != nil {
t.Fatalf("expected %s to be mounted, err: %v", p2Mount, err)
}
}
func newTestPlugin(t *testing.T, name, cap, root string) *v2.Plugin {
id := stringid.GenerateRandomID()
rootfs := filepath.Join(root, id)
if err := os.MkdirAll(rootfs, 0755); err != nil {
t.Fatal(err)
}
p := v2.Plugin{PluginObj: types.Plugin{ID: id, Name: name}}
p.Rootfs = rootfs
iType := types.PluginInterfaceType{Capability: cap, Prefix: "docker", Version: "1.0"}
i := types.PluginConfigInterface{Socket: "plugin.sock", Types: []types.PluginInterfaceType{iType}}
p.PluginObj.Config.Interface = i
p.PluginObj.ID = id
return &p
}
type simpleExecutor struct {
}
func (e *simpleExecutor) Create(id string, spec specs.Spec, stdout, stderr io.WriteCloser) error {
return errors.New("Create failed")
}
func (e *simpleExecutor) Restore(id string, stdout, stderr io.WriteCloser) (bool, error) {
return false, nil
}
func (e *simpleExecutor) IsRunning(id string) (bool, error) {
return false, nil
}
func (e *simpleExecutor) Signal(id string, signal int) error {
return nil
}
func TestCreateFailed(t *testing.T) {
root, err := os.MkdirTemp("", "test-create-failed")
if err != nil {
t.Fatal(err)
}
defer containerfs.EnsureRemoveAll(root)
s := NewStore()
managerRoot := filepath.Join(root, "manager")
p := newTestPlugin(t, "create", "testcreate", managerRoot)
m, err := NewManager(
ManagerConfig{
Store: s,
Root: managerRoot,
ExecRoot: filepath.Join(root, "exec"),
CreateExecutor: func(*Manager) (Executor, error) { return &simpleExecutor{}, nil },
LogPluginEvent: func(_, _, _ string) {},
})
if err != nil {
t.Fatal(err)
}
if err := s.Add(p); err != nil {
t.Fatal(err)
}
if err := m.enable(p, &controller{}, false); err == nil {
t.Fatalf("expected Create failed error, got %v", err)
}
if err := m.Remove(p.GetID(), &types.PluginRmConfig{ForceRemove: true}); err != nil {
t.Fatal(err)
}
}
type executorWithRunning struct {
m *Manager
root string
exitChans map[string]chan struct{}
}
func (e *executorWithRunning) Create(id string, spec specs.Spec, stdout, stderr io.WriteCloser) error {
sockAddr := filepath.Join(e.root, id, "plugin.sock")
ch := make(chan struct{})
if e.exitChans == nil {
e.exitChans = make(map[string]chan struct{})
}
e.exitChans[id] = ch
listenTestPlugin(sockAddr, ch)
return nil
}
func (e *executorWithRunning) IsRunning(id string) (bool, error) {
return true, nil
}
func (e *executorWithRunning) Restore(id string, stdout, stderr io.WriteCloser) (bool, error) {
return true, nil
}
func (e *executorWithRunning) Signal(id string, signal int) error {
ch := e.exitChans[id]
ch <- struct{}{}
<-ch
e.m.HandleExitEvent(id)
return nil
}
func TestPluginAlreadyRunningOnStartup(t *testing.T) {
skip.If(t, os.Getuid() != 0, "skipping test that requires root")
t.Parallel()
root, err := os.MkdirTemp("", t.Name())
if err != nil {
t.Fatal(err)
}
defer containerfs.EnsureRemoveAll(root)
for _, test := range []struct {
desc string
config ManagerConfig
}{
{
desc: "live-restore-disabled",
config: ManagerConfig{
LogPluginEvent: func(_, _, _ string) {},
},
},
{
desc: "live-restore-enabled",
config: ManagerConfig{
LogPluginEvent: func(_, _, _ string) {},
LiveRestoreEnabled: true,
},
},
} {
t.Run(test.desc, func(t *testing.T) {
config := test.config
desc := test.desc
t.Parallel()
p := newTestPlugin(t, desc, desc, config.Root)
p.PluginObj.Enabled = true
// Need a short-ish path here so we don't run into unix socket path length issues.
config.ExecRoot, err = os.MkdirTemp("", "plugintest")
executor := &executorWithRunning{root: config.ExecRoot}
config.CreateExecutor = func(m *Manager) (Executor, error) { executor.m = m; return executor, nil }
if err := executor.Create(p.GetID(), specs.Spec{}, nil, nil); err != nil {
t.Fatal(err)
}
root := filepath.Join(root, desc)
config.Root = filepath.Join(root, "manager")
if err := os.MkdirAll(filepath.Join(config.Root, p.GetID()), 0755); err != nil {
t.Fatal(err)
}
if !p.IsEnabled() {
t.Fatal("plugin should be enabled")
}
if err := (&Manager{config: config}).save(p); err != nil {
t.Fatal(err)
}
s := NewStore()
config.Store = s
if err != nil {
t.Fatal(err)
}
defer containerfs.EnsureRemoveAll(config.ExecRoot)
m, err := NewManager(config)
if err != nil {
t.Fatal(err)
}
defer m.Shutdown()
p = s.GetAll()[p.GetID()] // refresh `p` with what the manager knows
if p.Client() == nil {
t.Fatal("plugin client should not be nil")
}
})
}
}
func listenTestPlugin(sockAddr string, exit chan struct{}) (net.Listener, error) {
if err := os.MkdirAll(filepath.Dir(sockAddr), 0755); err != nil {
return nil, err
}
l, err := net.Listen("unix", sockAddr)
if err != nil {
return nil, err
}
go func() {
for {
conn, err := l.Accept()
if err != nil {
return
}
conn.Close()
}
}()
go func() {
<-exit
l.Close()
os.Remove(sockAddr)
exit <- struct{}{}
}()
return l, nil
}