// Start a client pod using given VolumeSource (exported by startVolumeServer()) // and check that the pod sees the data from the server pod. func testVolumeClient(f *framework.Framework, config VolumeTestConfig, volume v1.VolumeSource, fsGroup *int64, expectedContent string) { By(fmt.Sprint("starting ", config.prefix, " client")) clientPod := &v1.Pod{ TypeMeta: metav1.TypeMeta{ Kind: "Pod", APIVersion: "v1", }, ObjectMeta: metav1.ObjectMeta{ Name: config.prefix + "-client", Labels: map[string]string{ "role": config.prefix + "-client", }, }, Spec: v1.PodSpec{ Containers: []v1.Container{ { Name: config.prefix + "-client", Image: "gcr.io/google_containers/busybox:1.24", WorkingDir: "/opt", // An imperative and easily debuggable container which reads vol contents for // us to scan in the tests or by eye. // We expect that /opt is empty in the minimal containers which we use in this test. Command: []string{ "/bin/sh", "-c", "while true ; do cat /opt/index.html ; sleep 2 ; ls -altrh /opt/ ; sleep 2 ; done ", }, VolumeMounts: []v1.VolumeMount{ { Name: config.prefix + "-volume", MountPath: "/opt/", }, }, }, }, SecurityContext: &v1.PodSecurityContext{ SELinuxOptions: &v1.SELinuxOptions{ Level: "s0:c0,c1", }, }, Volumes: []v1.Volume{ { Name: config.prefix + "-volume", VolumeSource: volume, }, }, }, } podClient := f.PodClient() if fsGroup != nil { clientPod.Spec.SecurityContext.FSGroup = fsGroup } clientPod = podClient.CreateSync(clientPod) By("Checking that text file contents are perfect.") result := f.ExecCommandInPod(clientPod.Name, "cat", "/opt/index.html") var err error if !strings.Contains(result, expectedContent) { err = fmt.Errorf("Failed to find \"%s\", last result: \"%s\"", expectedContent, result) } Expect(err).NotTo(HaveOccurred(), "failed: finding the contents of the mounted file.") if fsGroup != nil { By("Checking fsGroup is correct.") _, err := framework.LookForStringInPodExec(config.namespace, clientPod.Name, []string{"ls", "-ld", "/opt"}, strconv.Itoa(int(*fsGroup)), time.Minute) Expect(err).NotTo(HaveOccurred(), "failed: getting the right priviliges in the file %v", int(*fsGroup)) } }