Merge pull request #45004 from feiskyer/hostnetwork

Automatic merge from submit-queue

Add node e2e tests for hostNetwork

**What this PR does / why we need it**:

Add node e2e tests for hostNetwork.

**Which issue this PR fixes**

Part of #44118.

**Special notes for your reviewer**:

**Release note**:

```release-note
NONE
```

/assign @Random-Liu @yujuhong

test/e2e_node/security_context_test.go

@@ -18,6 +18,7 @@ package e2e_node
 
 import (
 	"fmt"
+	"net"
 	"os/exec"
 	"strings"
 
@@ -195,4 +196,82 @@ var _ = framework.KubeDescribe("Security Context", func() {
 			}
 		})
 	})
+
+	Context("when creating a pod in the host network namespace", func() {
+		makeHostNetworkPod := func(podName, image string, command []string, hostNetwork bool) *v1.Pod {
+			return &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyNever,
+					HostNetwork:   hostNetwork,
+					Containers: []v1.Container{
+						{
+							Image:   image,
+							Name:    podName,
+							Command: command,
+						},
+					},
+				},
+			}
+		}
+		listListeningPortsCommand := []string{"sh", "-c", "netstat -ln"}
+		createAndWaitHostNetworkPod := func(podName string, hostNetwork bool) {
+			podClient.Create(makeHostNetworkPod(podName,
+				"gcr.io/google_containers/busybox:1.24",
+				listListeningPortsCommand,
+				hostNetwork,
+			))
+
+			podClient.WaitForSuccess(podName, framework.PodStartTimeout)
+		}
+
+		listeningPort := ""
+		var l net.Listener
+		BeforeEach(func() {
+			l, err := net.Listen("tcp", ":0")
+			if err != nil {
+				framework.Failf("Failed to open a new tcp port: %v", err)
+			}
+			addr := strings.Split(l.Addr().String(), ":")
+			listeningPort = addr[len(addr)-1]
+			framework.Logf("Opened a new tcp port %q", listeningPort)
+		})
+
+		It("should listen on same port in the host network containers", func() {
+			busyboxPodName := "busybox-hostnetwork-" + string(uuid.NewUUID())
+			createAndWaitHostNetworkPod(busyboxPodName, true)
+			logs, err := framework.GetPodLogs(f.ClientSet, f.Namespace.Name, busyboxPodName, busyboxPodName)
+			if err != nil {
+				framework.Failf("GetPodLogs for pod %q failed: %v", busyboxPodName, err)
+			}
+
+			framework.Logf("Got logs for pod %q: %q", busyboxPodName, logs)
+			if !strings.Contains(logs, listeningPort) {
+				framework.Failf("host-networked container should listening on same port as host")
+			}
+		})
+
+		It("shouldn't show the same port in the non-hostnetwork containers", func() {
+			busyboxPodName := "busybox-non-hostnetwork-" + string(uuid.NewUUID())
+			createAndWaitHostNetworkPod(busyboxPodName, false)
+			logs, err := framework.GetPodLogs(f.ClientSet, f.Namespace.Name, busyboxPodName, busyboxPodName)
+			if err != nil {
+				framework.Failf("GetPodLogs for pod %q failed: %v", busyboxPodName, err)
+			}
+
+			framework.Logf("Got logs for pod %q: %q", busyboxPodName, logs)
+			if strings.Contains(logs, listeningPort) {
+				framework.Failf("non-hostnetworked container shouldn't show the same port as host")
+			}
+		})
+
+		AfterEach(func() {
+			if l != nil {
+				l.Close()
+			}
+		})
+	})
+
 })