It is not in any wa=y a required container, and now that arm64
and other architecture machines are widely available we should
start to deprecate it, as it has many issues, eg requires patches
to qemu for Go support, will mislabel images etc.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Mounting a directory inside a read only container requires that to be
created in advance, but `runc` worked around that if the rootfs was not
originally read only.
You cannot even bind mount a file that does not exist into a
read only container.
The containerd test is given a disk, as running on an overlay does
not work; however it is also disabled as one of the parts of the test
is failing, needs investigation.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
It has been EOLed today and won't receive any further updates.
The images are still on hub so can be continued to be used
for the time being.
4.12 support is coming soon.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The newest tests actually run containerd and therefore have some additional
requirements:
- containerd + shim + runc binaries are needed. We bind these in from the host.
The test code should, by design, be from matching containerd source, assuming
we remember to update test/pkg/container/Dockerfile when we bump
CONTAINERD_COMMIT. 5217b9973b added a reminder
to do so.
- the tests need networking (to pull images). So add dhcp to onboot and bind
/etc/resolv.conf into the test container.
- running containers requires a writeable cgroup mount.
- containerd wants /etc/localtime, so install the UTC one (as we do in
pkg/containerd).
The test image already has `net: host` and `capabilities: all`.
Signed-off-by: Ian Campbell <ijc@docker.com>
The logrus import path has changed, so adjust. Also there is a minor API change
to the containerd.IOCreation() function spec, it now takes a string id which we
can ignore.
Signed-off-by: Ian Campbell <ijc@docker.com>
with cwd of test this was done with:
for i in pkg/* ; do make --no-print-directory -C $i show-tag; done | ( IFS=: ; while read image hash ; do ../scripts/update-component-sha.sh --image $image $hash ; done )
Note that `linuxkit/test-virtsock` (built by `test/pkg/virtsock`) does not
appear to be referenced anywhere.
Signed-off-by: Ian Campbell <ijc@docker.com>
Makefile and Dockerfile are implicit from pacakge.mk.
Need to list the other files consumed by the Dockerfile though.
template.yml is only for manual testing and so is not a dependency of the
standard build.
Signed-off-by: Ian Campbell <ijc@docker.com>
This makes the package actually build reproducibly, with the downside that it
requires changing the hash. Perhaps this should move to tools/alpine.
Signed-off-by: Ian Campbell <ijc@docker.com>
This commit adds a myriad of test cases to ensure the format and mount
and extend packages are working as expected
Signed-off-by: Dave Tucker <dt@docker.com>
These tests run individual and a mix of namespace stress tests
mostly around networking and unix domain sockets where either
the client or the server of socket echo application is run inside
a container in different configurations:
- different protocols
- short or long lived connections
- different levels of concurrency
Tests are only run if the 'kernel' label is specified and more
detailed tests are run if the additional 'kernel-extra' label
is specified.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The previous version just created a network name space which does
not allow us to also test additional namespaces, e.g. for unix
domain sockets.
This commit uses runc to create a fully namespaced container to
run a test in. It creates a container, configures the network
interfaces in the new network namespace before starting the
container.
A OCI config.json template is used and then customised for a
given test based on command line arguments.
Finally, instead of iperf, we use the socket stress test from
https://github.com/linuxkit/virtsock as it provides finer-grained
control over the traffic patterns (e.g. long lived vs lots of
short lived connections).
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
