mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-10-10 00:23:54 +00:00
7c4e479956
`virtcontainers.ensureDestinationExists` will create the bind destination directory/file, which should be removed properly when unmounting. Fixes: #1974 Signed-off-by: Li Yuxuan <liyuxuan04@baidu.com>
573 lines
13 KiB
Go
573 lines
13 KiB
Go
// Copyright (c) 2017 Intel Corporation
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package virtcontainers
|
|
|
|
import (
|
|
"context"
|
|
"io/ioutil"
|
|
"os"
|
|
"os/exec"
|
|
"path/filepath"
|
|
"strings"
|
|
"syscall"
|
|
"testing"
|
|
|
|
ktu "github.com/kata-containers/runtime/pkg/katatestutils"
|
|
"github.com/kata-containers/runtime/virtcontainers/device/api"
|
|
"github.com/kata-containers/runtime/virtcontainers/device/config"
|
|
"github.com/kata-containers/runtime/virtcontainers/device/drivers"
|
|
"github.com/kata-containers/runtime/virtcontainers/device/manager"
|
|
"github.com/kata-containers/runtime/virtcontainers/persist"
|
|
"github.com/kata-containers/runtime/virtcontainers/store"
|
|
"github.com/kata-containers/runtime/virtcontainers/types"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGetAnnotations(t *testing.T) {
|
|
annotations := map[string]string{
|
|
"annotation1": "abc",
|
|
"annotation2": "xyz",
|
|
"annotation3": "123",
|
|
}
|
|
|
|
container := Container{
|
|
config: &ContainerConfig{
|
|
Annotations: annotations,
|
|
},
|
|
}
|
|
|
|
containerAnnotations := container.GetAnnotations()
|
|
|
|
for k, v := range containerAnnotations {
|
|
assert.Equal(t, annotations[k], v)
|
|
}
|
|
}
|
|
|
|
func TestContainerSystemMountsInfo(t *testing.T) {
|
|
mounts := []Mount{
|
|
{
|
|
Source: "/dev",
|
|
Destination: "/dev",
|
|
Type: "bind",
|
|
},
|
|
{
|
|
Source: "procfs",
|
|
Destination: "/proc",
|
|
Type: "procfs",
|
|
},
|
|
}
|
|
|
|
c := Container{
|
|
mounts: mounts,
|
|
}
|
|
|
|
assert.False(t, c.systemMountsInfo.BindMountDev)
|
|
c.getSystemMountInfo()
|
|
assert.True(t, c.systemMountsInfo.BindMountDev)
|
|
|
|
c.mounts[0].Type = "tmpfs"
|
|
c.getSystemMountInfo()
|
|
assert.False(t, c.systemMountsInfo.BindMountDev)
|
|
}
|
|
|
|
func TestContainerSandbox(t *testing.T) {
|
|
expectedSandbox := &Sandbox{}
|
|
|
|
container := Container{
|
|
sandbox: expectedSandbox,
|
|
}
|
|
|
|
sandbox := container.Sandbox()
|
|
assert.Exactly(t, sandbox, expectedSandbox)
|
|
}
|
|
|
|
func TestContainerRemoveDrive(t *testing.T) {
|
|
sandbox := &Sandbox{
|
|
ctx: context.Background(),
|
|
id: "sandbox",
|
|
devManager: manager.NewDeviceManager(manager.VirtioSCSI, nil),
|
|
config: &SandboxConfig{},
|
|
}
|
|
|
|
vcStore, err := store.NewVCSandboxStore(sandbox.ctx, sandbox.id)
|
|
assert.Nil(t, err)
|
|
|
|
sandbox.store = vcStore
|
|
|
|
container := Container{
|
|
sandbox: sandbox,
|
|
id: "testContainer",
|
|
}
|
|
|
|
container.state.Fstype = ""
|
|
err = container.removeDrive()
|
|
|
|
// hotplugRemoveDevice for hypervisor should not be called.
|
|
// test should pass without a hypervisor created for the container's sandbox.
|
|
assert.Nil(t, err, "remove drive should succeed")
|
|
|
|
sandbox.hypervisor = &mockHypervisor{}
|
|
path := "/dev/hda"
|
|
deviceInfo := config.DeviceInfo{
|
|
HostPath: path,
|
|
ContainerPath: path,
|
|
DevType: "b",
|
|
}
|
|
devReceiver := &api.MockDeviceReceiver{}
|
|
|
|
device, err := sandbox.devManager.NewDevice(deviceInfo)
|
|
assert.Nil(t, err)
|
|
_, ok := device.(*drivers.BlockDevice)
|
|
assert.True(t, ok)
|
|
err = device.Attach(devReceiver)
|
|
assert.Nil(t, err)
|
|
err = sandbox.storeSandboxDevices()
|
|
assert.Nil(t, err)
|
|
|
|
container.state.Fstype = "xfs"
|
|
container.state.BlockDeviceID = device.DeviceID()
|
|
err = container.removeDrive()
|
|
assert.Nil(t, err, "remove drive should succeed")
|
|
}
|
|
|
|
func TestUnmountHostMountsRemoveBindHostPath(t *testing.T) {
|
|
if tc.NotValid(ktu.NeedRoot()) {
|
|
t.Skip(testDisabledAsNonRoot)
|
|
}
|
|
|
|
createFakeMountDir := func(t *testing.T, dir, prefix string) string {
|
|
name, err := ioutil.TempDir(dir, "test-mnt-"+prefix+"-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
return name
|
|
}
|
|
|
|
createFakeMountFile := func(t *testing.T, dir, prefix string) string {
|
|
f, err := ioutil.TempFile(dir, "test-mnt-"+prefix+"-")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
f.Close()
|
|
return f.Name()
|
|
}
|
|
|
|
doUnmountCheck := func(src, dest, hostPath, nonEmptyHostpath, devPath string) {
|
|
mounts := []Mount{
|
|
{
|
|
Source: src,
|
|
Destination: dest,
|
|
HostPath: hostPath,
|
|
Type: "bind",
|
|
},
|
|
{
|
|
Source: src,
|
|
Destination: dest,
|
|
HostPath: nonEmptyHostpath,
|
|
Type: "bind",
|
|
},
|
|
{
|
|
Source: src,
|
|
Destination: dest,
|
|
HostPath: devPath,
|
|
Type: "dev",
|
|
},
|
|
}
|
|
|
|
c := Container{
|
|
mounts: mounts,
|
|
ctx: context.Background(),
|
|
}
|
|
|
|
if err := bindMount(c.ctx, src, hostPath, false); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer syscall.Unmount(hostPath, 0)
|
|
if err := bindMount(c.ctx, src, nonEmptyHostpath, false); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer syscall.Unmount(nonEmptyHostpath, 0)
|
|
if err := bindMount(c.ctx, src, devPath, false); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
defer syscall.Unmount(devPath, 0)
|
|
|
|
err := c.unmountHostMounts()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
for _, path := range [3]string{src, dest, devPath} {
|
|
if _, err := os.Stat(path); err != nil {
|
|
if os.IsNotExist(err) {
|
|
t.Fatalf("path %s should not be removed", path)
|
|
} else {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
}
|
|
|
|
if _, err := os.Stat(hostPath); err == nil {
|
|
t.Fatal("empty host-path should be removed")
|
|
} else if !os.IsNotExist(err) {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if _, err := os.Stat(nonEmptyHostpath); err != nil {
|
|
if os.IsNotExist(err) {
|
|
t.Fatal("non-empty host-path should not be removed")
|
|
} else {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
}
|
|
|
|
src := createFakeMountDir(t, testDir, "src")
|
|
dest := createFakeMountDir(t, testDir, "dest")
|
|
hostPath := createFakeMountDir(t, testDir, "host-path")
|
|
nonEmptyHostpath := createFakeMountDir(t, testDir, "non-empty-host-path")
|
|
devPath := createFakeMountDir(t, testDir, "dev-hostpath")
|
|
createFakeMountDir(t, nonEmptyHostpath, "nop")
|
|
doUnmountCheck(src, dest, hostPath, nonEmptyHostpath, devPath)
|
|
|
|
src = createFakeMountFile(t, testDir, "src")
|
|
dest = createFakeMountFile(t, testDir, "dest")
|
|
hostPath = createFakeMountFile(t, testDir, "host-path")
|
|
nonEmptyHostpath = createFakeMountFile(t, testDir, "non-empty-host-path")
|
|
devPath = createFakeMountFile(t, testDir, "dev-host-path")
|
|
f, err := os.OpenFile(nonEmptyHostpath, os.O_WRONLY, os.FileMode(0640))
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
f.WriteString("nop\n")
|
|
f.Close()
|
|
doUnmountCheck(src, dest, hostPath, nonEmptyHostpath, devPath)
|
|
}
|
|
|
|
func testSetupFakeRootfs(t *testing.T) (testRawFile, loopDev, mntDir string, err error) {
|
|
assert := assert.New(t)
|
|
if tc.NotValid(ktu.NeedRoot()) {
|
|
t.Skip(testDisabledAsNonRoot)
|
|
}
|
|
|
|
tmpDir, err := ioutil.TempDir("", "")
|
|
assert.NoError(err)
|
|
|
|
testRawFile = filepath.Join(tmpDir, "raw.img")
|
|
_, err = os.Stat(testRawFile)
|
|
assert.True(os.IsNotExist(err))
|
|
|
|
output, err := exec.Command("losetup", "-f").CombinedOutput()
|
|
assert.NoError(err)
|
|
loopDev = strings.TrimSpace(string(output[:]))
|
|
|
|
_, err = exec.Command("fallocate", "-l", "256K", testRawFile).CombinedOutput()
|
|
assert.NoError(err)
|
|
|
|
_, err = exec.Command("mkfs.ext4", "-F", testRawFile).CombinedOutput()
|
|
assert.NoError(err)
|
|
|
|
_, err = exec.Command("losetup", loopDev, testRawFile).CombinedOutput()
|
|
assert.NoError(err)
|
|
|
|
mntDir = filepath.Join(tmpDir, "rootfs")
|
|
err = os.Mkdir(mntDir, store.DirMode)
|
|
assert.NoError(err)
|
|
|
|
err = syscall.Mount(loopDev, mntDir, "ext4", uintptr(0), "")
|
|
assert.NoError(err)
|
|
return
|
|
}
|
|
|
|
func cleanupFakeRootfsSetup(testRawFile, loopDev, mntDir string) {
|
|
// unmount loop device
|
|
if mntDir != "" {
|
|
syscall.Unmount(mntDir, 0)
|
|
}
|
|
|
|
// detach loop device
|
|
if loopDev != "" {
|
|
exec.Command("losetup", "-d", loopDev).CombinedOutput()
|
|
}
|
|
|
|
if _, err := os.Stat(testRawFile); err == nil {
|
|
tmpDir := filepath.Dir(testRawFile)
|
|
os.RemoveAll(tmpDir)
|
|
}
|
|
}
|
|
|
|
func TestContainerAddDriveDir(t *testing.T) {
|
|
assert := assert.New(t)
|
|
if tc.NotValid(ktu.NeedRoot()) {
|
|
t.Skip(testDisabledAsNonRoot)
|
|
}
|
|
|
|
testRawFile, loopDev, fakeRootfs, err := testSetupFakeRootfs(t)
|
|
|
|
defer cleanupFakeRootfsSetup(testRawFile, loopDev, fakeRootfs)
|
|
|
|
assert.NoError(err)
|
|
|
|
sandbox := &Sandbox{
|
|
ctx: context.Background(),
|
|
id: testSandboxID,
|
|
devManager: manager.NewDeviceManager(manager.VirtioSCSI, nil),
|
|
hypervisor: &mockHypervisor{},
|
|
agent: &noopAgent{},
|
|
config: &SandboxConfig{
|
|
HypervisorConfig: HypervisorConfig{
|
|
DisableBlockDeviceUse: false,
|
|
},
|
|
},
|
|
}
|
|
|
|
defer store.DeleteAll()
|
|
|
|
sandboxStore, err := store.NewVCSandboxStore(sandbox.ctx, sandbox.id)
|
|
assert.Nil(err)
|
|
sandbox.store = sandboxStore
|
|
|
|
sandbox.newStore, err = persist.GetDriver("fs")
|
|
assert.NoError(err)
|
|
assert.NotNil(sandbox.newStore)
|
|
|
|
contID := "100"
|
|
container := Container{
|
|
sandbox: sandbox,
|
|
id: contID,
|
|
rootFs: RootFs{Target: fakeRootfs, Mounted: true},
|
|
}
|
|
|
|
containerStore, err := store.NewVCContainerStore(sandbox.ctx, sandbox.id, container.id)
|
|
assert.Nil(err)
|
|
container.store = containerStore
|
|
|
|
// create state file
|
|
path := store.ContainerRuntimeRootPath(testSandboxID, container.ID())
|
|
stateFilePath := filepath.Join(path, store.StateFile)
|
|
os.Remove(stateFilePath)
|
|
|
|
_, err = os.Create(stateFilePath)
|
|
assert.NoError(err)
|
|
|
|
// Make the checkStorageDriver func variable point to a fake check function
|
|
savedFunc := checkStorageDriver
|
|
checkStorageDriver = func(major, minor int) (bool, error) {
|
|
return true, nil
|
|
}
|
|
|
|
defer func() {
|
|
checkStorageDriver = savedFunc
|
|
}()
|
|
|
|
container.state.Fstype = ""
|
|
|
|
err = container.hotplugDrive()
|
|
assert.NoError(err)
|
|
|
|
assert.NotEmpty(container.state.Fstype)
|
|
}
|
|
|
|
func TestContainerRootfsPath(t *testing.T) {
|
|
|
|
testRawFile, loopDev, fakeRootfs, err := testSetupFakeRootfs(t)
|
|
defer cleanupFakeRootfsSetup(testRawFile, loopDev, fakeRootfs)
|
|
assert.Nil(t, err)
|
|
|
|
truecheckstoragedriver := checkStorageDriver
|
|
checkStorageDriver = func(major, minor int) (bool, error) {
|
|
return true, nil
|
|
}
|
|
defer func() {
|
|
checkStorageDriver = truecheckstoragedriver
|
|
}()
|
|
|
|
sandbox := &Sandbox{
|
|
ctx: context.Background(),
|
|
id: "rootfstestsandbox",
|
|
agent: &noopAgent{},
|
|
hypervisor: &mockHypervisor{},
|
|
config: &SandboxConfig{
|
|
HypervisorConfig: HypervisorConfig{
|
|
DisableBlockDeviceUse: false,
|
|
},
|
|
},
|
|
}
|
|
vcstore, err := store.NewVCSandboxStore(sandbox.ctx, sandbox.id)
|
|
sandbox.store = vcstore
|
|
assert.Nil(t, err)
|
|
container := Container{
|
|
id: "rootfstestcontainerid",
|
|
sandbox: sandbox,
|
|
rootFs: RootFs{Target: fakeRootfs, Mounted: true},
|
|
rootfsSuffix: "rootfs",
|
|
}
|
|
cvcstore, err := store.NewVCContainerStore(context.Background(),
|
|
sandbox.id,
|
|
container.id)
|
|
assert.Nil(t, err)
|
|
container.store = cvcstore
|
|
|
|
container.hotplugDrive()
|
|
assert.Empty(t, container.rootfsSuffix)
|
|
|
|
// Reset the value to test the other case
|
|
container.rootFs = RootFs{Target: fakeRootfs + "/rootfs", Mounted: true}
|
|
container.rootfsSuffix = "rootfs"
|
|
|
|
container.hotplugDrive()
|
|
assert.Equal(t, container.rootfsSuffix, "rootfs")
|
|
}
|
|
|
|
func TestCheckSandboxRunningEmptyCmdFailure(t *testing.T) {
|
|
c := &Container{}
|
|
err := c.checkSandboxRunning("")
|
|
assert.NotNil(t, err, "Should fail because provided command is empty")
|
|
}
|
|
|
|
func TestCheckSandboxRunningNotRunningFailure(t *testing.T) {
|
|
c := &Container{
|
|
sandbox: &Sandbox{},
|
|
}
|
|
err := c.checkSandboxRunning("test_cmd")
|
|
assert.NotNil(t, err, "Should fail because sandbox state is empty")
|
|
}
|
|
|
|
func TestCheckSandboxRunningSuccessful(t *testing.T) {
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
err := c.checkSandboxRunning("test_cmd")
|
|
assert.Nil(t, err, "%v", err)
|
|
}
|
|
|
|
func TestContainerEnterErrorsOnContainerStates(t *testing.T) {
|
|
assert := assert.New(t)
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
cmd := types.Cmd{}
|
|
|
|
// Container state undefined
|
|
_, err := c.enter(cmd)
|
|
assert.Error(err)
|
|
|
|
// Container paused
|
|
c.state.State = types.StatePaused
|
|
_, err = c.enter(cmd)
|
|
assert.Error(err)
|
|
|
|
// Container stopped
|
|
c.state.State = types.StateStopped
|
|
_, err = c.enter(cmd)
|
|
assert.Error(err)
|
|
}
|
|
|
|
func TestContainerWaitErrorState(t *testing.T) {
|
|
assert := assert.New(t)
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
processID := "foobar"
|
|
|
|
// Container state undefined
|
|
_, err := c.wait(processID)
|
|
assert.Error(err)
|
|
|
|
// Container paused
|
|
c.state.State = types.StatePaused
|
|
_, err = c.wait(processID)
|
|
assert.Error(err)
|
|
|
|
// Container stopped
|
|
c.state.State = types.StateStopped
|
|
_, err = c.wait(processID)
|
|
assert.Error(err)
|
|
}
|
|
|
|
func TestKillContainerErrorState(t *testing.T) {
|
|
assert := assert.New(t)
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
// Container state undefined
|
|
err := c.kill(syscall.SIGKILL, true)
|
|
assert.Error(err)
|
|
|
|
// Container stopped
|
|
c.state.State = types.StateStopped
|
|
err = c.kill(syscall.SIGKILL, true)
|
|
assert.Error(err)
|
|
}
|
|
|
|
func TestWinsizeProcessErrorState(t *testing.T) {
|
|
assert := assert.New(t)
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
processID := "foobar"
|
|
|
|
// Container state undefined
|
|
err := c.winsizeProcess(processID, 100, 200)
|
|
assert.Error(err)
|
|
|
|
// Container paused
|
|
c.state.State = types.StatePaused
|
|
err = c.winsizeProcess(processID, 100, 200)
|
|
assert.Error(err)
|
|
|
|
// Container stopped
|
|
c.state.State = types.StateStopped
|
|
err = c.winsizeProcess(processID, 100, 200)
|
|
assert.Error(err)
|
|
}
|
|
|
|
func TestProcessIOStream(t *testing.T) {
|
|
assert := assert.New(t)
|
|
c := &Container{
|
|
sandbox: &Sandbox{
|
|
state: types.SandboxState{
|
|
State: types.StateRunning,
|
|
},
|
|
},
|
|
}
|
|
processID := "foobar"
|
|
|
|
// Container state undefined
|
|
_, _, _, err := c.ioStream(processID)
|
|
assert.Error(err)
|
|
|
|
// Container paused
|
|
c.state.State = types.StatePaused
|
|
_, _, _, err = c.ioStream(processID)
|
|
assert.Error(err)
|
|
|
|
// Container stopped
|
|
c.state.State = types.StateStopped
|
|
_, _, _, err = c.ioStream(processID)
|
|
assert.Error(err)
|
|
}
|