diff --git a/images/hostnet-nginx/Dockerfile b/images/hostnet-nginx/Dockerfile new file mode 100644 index 0000000000..cdbb96e891 --- /dev/null +++ b/images/hostnet-nginx/Dockerfile @@ -0,0 +1,17 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM nginx +ARG PORT +RUN sed -i "s/listen\s*80;/listen ${PORT};/g" /etc/nginx/conf.d/default.conf diff --git a/images/hostnet-nginx/Makefile b/images/hostnet-nginx/Makefile new file mode 100644 index 0000000000..bed8113c40 --- /dev/null +++ b/images/hostnet-nginx/Makefile @@ -0,0 +1,21 @@ +# Copyright 2018 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +.PHONY: all + +all: hostnet-nginx + +hostnet-nginx: + docker build . -t gcr.io/cri-tools/$@ --build-arg PORT=12003 + gcloud docker -- push gcr.io/cri-tools/$@ diff --git a/pkg/validate/networking.go b/pkg/validate/networking.go index 8bf255f7f0..2939fc8e43 100644 --- a/pkg/validate/networking.go +++ b/pkg/validate/networking.go @@ -30,14 +30,19 @@ import ( ) const ( - defaultDNSServer string = "10.10.10.10" - defaultDNSSearch string = "google.com" - defaultDNSOption string = "ndots:8" - resolvConfigPath string = "/etc/resolv.conf" - nginxImage string = "nginx" - nginxContainerPort int32 = 80 - nginxHostPortForPortMapping int32 = 8000 - nginxHostPortForPortForward int32 = 8001 + defaultDNSServer string = "10.10.10.10" + defaultDNSSearch string = "google.com" + defaultDNSOption string = "ndots:8" + resolvConfigPath string = "/etc/resolv.conf" + nginxImage string = "nginx" + hostNetNginxImage string = "gcr.io/cri-tools/hostnet-nginx" + nginxContainerPort int32 = 80 + // The following host ports must not be in-use when running the test. + nginxHostPortForPortMapping int32 = 12000 + nginxHostPortForPortForward int32 = 12001 + nginxHostPortForHostNetPortFroward int32 = 12002 + // The port used in hostNetNginxImage (See images/hostnet-nginx/) + nginxHostNetContainerPort int32 = 12003 ) var _ = framework.KubeDescribe("Networking", func() { @@ -89,7 +94,7 @@ var _ = framework.KubeDescribe("Networking", func() { ContainerPort: nginxContainerPort, }, } - podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings) + podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings, false) By("create a nginx container") containerID := createNginxContainer(rc, ic, podID, podConfig, "container-for-container-port") @@ -110,7 +115,7 @@ var _ = framework.KubeDescribe("Networking", func() { HostPort: nginxHostPortForPortMapping, }, } - podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings) + podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings, false) By("create a nginx container") containerID := createNginxContainer(rc, ic, podID, podConfig, "container-for-host-port") @@ -144,7 +149,7 @@ func createPodSandWithDNSConfig(c internalapi.RuntimeService) (string, *runtimea } // createPodSandboxWithPortMapping create a PodSandbox with port mapping. -func createPodSandboxWithPortMapping(c internalapi.RuntimeService, portMappings []*runtimeapi.PortMapping) (string, *runtimeapi.PodSandboxConfig) { +func createPodSandboxWithPortMapping(c internalapi.RuntimeService, portMappings []*runtimeapi.PortMapping, hostNet bool) (string, *runtimeapi.PodSandboxConfig) { podSandboxName := "create-PodSandbox-with-port-mapping" + framework.NewUUID() uid := framework.DefaultUIDPrefix + framework.NewUUID() namespace := framework.DefaultNamespacePrefix + framework.NewUUID() @@ -153,6 +158,13 @@ func createPodSandboxWithPortMapping(c internalapi.RuntimeService, portMappings PortMappings: portMappings, Linux: &runtimeapi.LinuxPodSandboxConfig{}, } + if hostNet { + config.Linux.SecurityContext = &runtimeapi.LinuxSandboxSecurityContext{ + NamespaceOptions: &runtimeapi.NamespaceOption{ + Network: runtimeapi.NamespaceMode_NODE, + }, + } + } podID := framework.RunPodSandbox(c, config) return podID, config @@ -182,6 +194,17 @@ func createNginxContainer(rc internalapi.RuntimeService, ic internalapi.ImageMan return framework.CreateContainer(rc, ic, containerConfig, podID, podConfig) } +// createHostNetNginxContainer creates a nginx container using nginxHostNetContainerPort. +func createHostNetNginxContainer(rc internalapi.RuntimeService, ic internalapi.ImageManagerService, podID string, podConfig *runtimeapi.PodSandboxConfig, prefix string) string { + containerName := prefix + framework.NewUUID() + containerConfig := &runtimeapi.ContainerConfig{ + Metadata: framework.BuildContainerMetadata(containerName, framework.DefaultAttempt), + Image: &runtimeapi.ImageSpec{Image: hostNetNginxImage}, + Linux: &runtimeapi.LinuxContainerConfig{}, + } + return framework.CreateContainer(rc, ic, containerConfig, podID, podConfig) +} + // checkNginxMainPage check if the we can get the main page of nginx via given IP:port. func checkNginxMainPage(c internalapi.RuntimeService, podID string, hostPort int32) { By("get the IP:port needed to be checked") diff --git a/pkg/validate/streaming.go b/pkg/validate/streaming.go index d1dc3cda26..85728de504 100644 --- a/pkg/validate/streaming.go +++ b/pkg/validate/streaming.go @@ -124,14 +124,14 @@ var _ = framework.KubeDescribe("Streaming", func() { }) It("runtime should support portforward [Conformance]", func() { - By("create a PodSandbox with host port and container port port mapping") + By("create a PodSandbox with container port port mapping") var podConfig *runtimeapi.PodSandboxConfig portMappings := []*runtimeapi.PortMapping{ { ContainerPort: nginxContainerPort, }, } - podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings) + podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings, false) By("create a nginx container") containerID := createNginxContainer(rc, ic, podID, podConfig, "container-for-portforward-test") @@ -142,8 +142,31 @@ var _ = framework.KubeDescribe("Streaming", func() { req := createDefaultPortForward(rc, podID) By("check the output of portforward") - checkPortForward(rc, req) + checkPortForward(rc, req, nginxHostPortForPortForward, nginxContainerPort) }) + + It("runtime should support portforward in host network", func() { + By("create a PodSandbox with container port port mapping in host network") + var podConfig *runtimeapi.PodSandboxConfig + portMappings := []*runtimeapi.PortMapping{ + { + ContainerPort: nginxHostNetContainerPort, + }, + } + podID, podConfig = createPodSandboxWithPortMapping(rc, portMappings, true) + + By("create a nginx container") + containerID := createHostNetNginxContainer(rc, ic, podID, podConfig, "container-for-host-net-portforward-test") + + By("start the nginx container") + startContainer(rc, containerID) + + req := createDefaultPortForward(rc, podID) + + By("check the output of portforward") + checkPortForward(rc, req, nginxHostPortForHostNetPortFroward, nginxHostNetContainerPort) + }) + }) }) @@ -300,7 +323,7 @@ func createDefaultPortForward(c internalapi.RuntimeService, podID string) string return resp.Url } -func checkPortForward(c internalapi.RuntimeService, portForwardSeverURL string) { +func checkPortForward(c internalapi.RuntimeService, portForwardSeverURL string, hostPort, containerPort int32) { stopChan := make(chan struct{}, 1) readyChan := make(chan struct{}) defer close(stopChan) @@ -309,7 +332,7 @@ func checkPortForward(c internalapi.RuntimeService, portForwardSeverURL string) framework.ExpectNoError(err, "failed to create spdy round tripper") url := parseURL(c, portForwardSeverURL) dialer := spdy.NewDialer(upgrader, &http.Client{Transport: transport}, "POST", url) - pf, err := portforward.New(dialer, []string{fmt.Sprintf("%d:80", nginxHostPortForPortForward)}, stopChan, readyChan, os.Stdout, os.Stderr) + pf, err := portforward.New(dialer, []string{fmt.Sprintf("%d:%d", hostPort, containerPort)}, stopChan, readyChan, os.Stdout, os.Stderr) framework.ExpectNoError(err, "failed to create port forward for %q", portForwardSeverURL) go func() { @@ -319,7 +342,7 @@ func checkPortForward(c internalapi.RuntimeService, portForwardSeverURL string) framework.ExpectNoError(err, "failed to start port forward for %q", portForwardSeverURL) }() - By(fmt.Sprintf("check if we can get nginx main page via localhost:%d", nginxHostPortForPortForward)) - checkNginxMainPage(c, "", nginxHostPortForPortForward) + By(fmt.Sprintf("check if we can get nginx main page via localhost:%d", hostPort)) + checkNginxMainPage(c, "", hostPort) framework.Logf("Check port forward url %q succeed", portForwardSeverURL) }