/* * Host launches http server on all interfaces in the host netns * Container must be able to connect via any IP address of the host in the * macvlan network, which is NAT * TODO: test connection to host on an outside interface */ func testPrivateNetCustomNatConnectivity(t *testing.T, nt networkTemplateT) { ctx := newRktRunCtx() defer ctx.cleanup() defer ctx.reset() netdir := prepareTestNet(t, ctx, nt) defer os.RemoveAll(netdir) httpPort, err := testutils.GetNextFreePort4() if err != nil { t.Fatalf("%v", err) } httpServeAddr := fmt.Sprintf("0.0.0.0:%v", httpPort) httpServeTimeout := 30 nonLoIPv4, err := testutils.GetNonLoIfaceIPv4() if err != nil { t.Fatalf("%v", err) } if nonLoIPv4 == "" { t.Skipf("Can not find any NAT'able IPv4 on the host, skipping..") } httpGetAddr := fmt.Sprintf("http://%v:%v", nonLoIPv4, httpPort) t.Log("Telling the child to connect via", httpGetAddr) ga := testutils.NewGoroutineAssistant(t) // Host opens the server ga.Add(1) go func() { defer ga.Done() err := testutils.HttpServe(httpServeAddr, httpServeTimeout) if err != nil { t.Fatalf("Error during HttpServe: %v", err) } }() // Child connects to host ga.Add(1) hostname, err := os.Hostname() go func() { defer ga.Done() testImageArgs := []string{fmt.Sprintf("--exec=/inspect --get-http=%v", httpGetAddr)} testImage := patchTestACI("rkt-inspect-networking.aci", testImageArgs...) defer os.Remove(testImage) cmd := fmt.Sprintf("%s --debug --insecure-skip-verify run --private-net=%v --mds-register=false %s", ctx.cmd(), nt.Name, testImage) t.Logf("Command: %v\n", cmd) child, err := gexpect.Spawn(cmd) if err != nil { ga.Fatalf("Cannot exec rkt: %v", err) return } expectedRegex := `HTTP-Get received: (.*)\r` result, out, err := expectRegexWithOutput(child, expectedRegex) if err != nil { ga.Fatalf("Error: %v\nOutput: %v", err, out) return } if result[1] != hostname { ga.Fatalf("Hostname received by client `%v` doesn't match `%v`", result[1], hostname) return } err = child.Wait() if err != nil { ga.Fatalf("rkt didn't terminate correctly: %v", err) } }() ga.Wait() }
/* * Host launches http server on all interfaces in the host netns * Container must be able to connect via any IP address of the host in the * macvlan network, which is NAT * TODO: test connection to host on an outside interface */ func testNetCustomNatConnectivity(t *testing.T, nt networkTemplateT) { ctx := testutils.NewRktRunCtx() defer ctx.Cleanup() prepareTestNet(t, ctx, nt) httpPort, err := testutils.GetNextFreePort4() if err != nil { t.Fatalf("%v", err) } httpServeAddr := fmt.Sprintf("0.0.0.0:%v", httpPort) httpServeTimeout := 30 nonLoIPv4, err := testutils.GetNonLoIfaceIPv4() if err != nil { t.Fatalf("%v", err) } if nonLoIPv4 == "" { t.Skipf("Can not find any NAT'able IPv4 on the host, skipping..") } httpGetAddr := fmt.Sprintf("http://%v:%v", nonLoIPv4, httpPort) t.Log("Telling the child to connect via", httpGetAddr) ga := testutils.NewGoroutineAssistant(t) ga.Add(2) // Host opens the server go func() { defer ga.Done() err := testutils.HTTPServe(httpServeAddr, httpServeTimeout) if err != nil { ga.Fatalf("Error during HTTPServe: %v", err) } }() // Child connects to host hostname, err := os.Hostname() if err != nil { panic(err) } go func() { defer ga.Done() testImageArgs := []string{fmt.Sprintf("--exec=/inspect --get-http=%v", httpGetAddr)} testImage := patchTestACI("rkt-inspect-networking.aci", testImageArgs...) defer os.Remove(testImage) cmd := fmt.Sprintf("%s --debug --insecure-options=image run --net=%v --mds-register=false %s", ctx.Cmd(), nt.Name, testImage) child := ga.SpawnOrFail(cmd) defer ga.WaitOrFail(child) expectedRegex := `HTTP-Get received: (.*?)\r` result, out, err := expectRegexWithOutput(child, expectedRegex) if err != nil { ga.Fatalf("Error: %v\nOutput: %v", err, out) } if result[1] != hostname { ga.Fatalf("Hostname received by client `%v` doesn't match `%v`", result[1], hostname) } }() ga.Wait() }
/* * Default net * --- * Host launches http server on all interfaces in the host netns * Container must be able to connect via any IP address of the host in the * default network, which is NATed * TODO: test connection to host on an outside interface */ func TestNetDefaultConnectivity(t *testing.T) { ctx := newRktRunCtx() defer ctx.cleanup() f := func(argument string) { httpPort, err := testutils.GetNextFreePort4() if err != nil { t.Fatalf("%v", err) } httpServeAddr := fmt.Sprintf("0.0.0.0:%v", httpPort) httpServeTimeout := 30 nonLoIPv4, err := testutils.GetNonLoIfaceIPv4() if err != nil { t.Fatalf("%v", err) } if nonLoIPv4 == "" { t.Skipf("Can not find any NAT'able IPv4 on the host, skipping..") } httpGetAddr := fmt.Sprintf("http://%v:%v", nonLoIPv4, httpPort) t.Log("Telling the child to connect via", httpGetAddr) testImageArgs := []string{fmt.Sprintf("--exec=/inspect --get-http=%v", httpGetAddr)} testImage := patchTestACI("rkt-inspect-networking.aci", testImageArgs...) defer os.Remove(testImage) ga := testutils.NewGoroutineAssistant(t) // Host opens the server ga.Add(1) go func() { defer ga.Done() err := testutils.HttpServe(httpServeAddr, httpServeTimeout) if err != nil { ga.Fatalf("Error during HttpServe: %v", err) } }() // Child connects to host ga.Add(1) hostname, err := os.Hostname() if err != nil { ga.Fatalf("Error getting hostname: %v", err) } go func() { defer ga.Done() cmd := fmt.Sprintf("%s --debug --insecure-skip-verify run %s --mds-register=false %s", ctx.cmd(), argument, testImage) child := spawnOrFail(t, cmd) defer waitOrFail(t, child, true) expectedRegex := `HTTP-Get received: (.*)\r` result, out, err := expectRegexWithOutput(child, expectedRegex) if err != nil { ga.Fatalf("Error: %v\nOutput: %v", err, out) return } if result[1] != hostname { ga.Fatalf("Hostname received by client `%v` doesn't match `%v`", result[1], hostname) return } }() ga.Wait() } f("--net=default") f("") }