Browse code
Re-enable shared namespace tests for userns CI runs
Allow --net=container and --ipc=container tests to run when user
namespaces are enabled.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
Phil Estes authored on 2016/03/23 22:37:15Showing 3 changed files
- integration-cli/docker_cli_create_test.go
- integration-cli/docker_cli_netmode_test.go
- integration-cli/docker_cli_run_test.go
| ... | ... |
@@ -241,8 +241,7 @@ func (s *DockerSuite) TestCreateRM(c *check.C) {
|
| 241 | 241 |
|
| 242 | 242 |
func (s *DockerSuite) TestCreateModeIpcContainer(c *check.C) {
|
| 243 | 243 |
// Uses Linux specific functionality (--ipc) |
| 244 |
- testRequires(c, DaemonIsLinux) |
|
| 245 |
- testRequires(c, SameHostDaemon, NotUserNamespace) |
|
| 244 |
+ testRequires(c, DaemonIsLinux, SameHostDaemon) |
|
| 246 | 245 |
|
| 247 | 246 |
out, _ := dockerCmd(c, "create", "busybox") |
| 248 | 247 |
id := strings.TrimSpace(out) |
| ... | ... |
@@ -21,13 +21,17 @@ func dockerCmdWithFail(c *check.C, args ...string) (string, int) {
|
| 21 | 21 |
return out, status |
| 22 | 22 |
} |
| 23 | 23 |
|
| 24 |
-func (s *DockerSuite) TestNetHostname(c *check.C) {
|
|
| 24 |
+func (s *DockerSuite) TestNetHostnameWithNetHost(c *check.C) {
|
|
| 25 | 25 |
testRequires(c, DaemonIsLinux, NotUserNamespace) |
| 26 | 26 |
|
| 27 |
- out, _ := dockerCmd(c, "run", "-h=name", "busybox", "ps") |
|
| 27 |
+ out, _ := dockerCmd(c, "run", "--net=host", "busybox", "ps") |
|
| 28 | 28 |
c.Assert(out, checker.Contains, stringCheckPS) |
| 29 |
+} |
|
| 29 | 30 |
|
| 30 |
- out, _ = dockerCmd(c, "run", "--net=host", "busybox", "ps") |
|
| 31 |
+func (s *DockerSuite) TestNetHostname(c *check.C) {
|
|
| 32 |
+ testRequires(c, DaemonIsLinux) |
|
| 33 |
+ |
|
| 34 |
+ out, _ := dockerCmd(c, "run", "-h=name", "busybox", "ps") |
|
| 31 | 35 |
c.Assert(out, checker.Contains, stringCheckPS) |
| 32 | 36 |
|
| 33 | 37 |
out, _ = dockerCmd(c, "run", "-h=name", "--net=bridge", "busybox", "ps") |
| ... | ... |
@@ -47,32 +51,40 @@ func (s *DockerSuite) TestNetHostname(c *check.C) {
|
| 47 | 47 |
} |
| 48 | 48 |
|
| 49 | 49 |
func (s *DockerSuite) TestConflictContainerNetworkAndLinks(c *check.C) {
|
| 50 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 50 |
+ testRequires(c, DaemonIsLinux) |
|
| 51 | 51 |
|
| 52 | 52 |
out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--link=zip:zap", "busybox", "ps") |
| 53 | 53 |
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndLinks.Error()) |
| 54 |
+} |
|
| 55 |
+ |
|
| 56 |
+func (s *DockerSuite) TestConflictContainerNetworkHostAndLinks(c *check.C) {
|
|
| 57 |
+ testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 54 | 58 |
|
| 55 |
- out, _ = dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps") |
|
| 59 |
+ out, _ := dockerCmdWithFail(c, "run", "--net=host", "--link=zip:zap", "busybox", "ps") |
|
| 56 | 60 |
c.Assert(out, checker.Contains, runconfig.ErrConflictHostNetworkAndLinks.Error()) |
| 57 | 61 |
} |
| 58 | 62 |
|
| 59 |
-func (s *DockerSuite) TestConflictNetworkModeAndOptions(c *check.C) {
|
|
| 63 |
+func (s *DockerSuite) TestConflictNetworkModeNetHostAndOptions(c *check.C) {
|
|
| 60 | 64 |
testRequires(c, DaemonIsLinux, NotUserNamespace) |
| 61 | 65 |
|
| 62 | 66 |
out, _ := dockerCmdWithFail(c, "run", "--net=host", "--dns=8.8.8.8", "busybox", "ps") |
| 63 | 67 |
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error()) |
| 64 | 68 |
|
| 65 |
- out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps") |
|
| 66 |
- c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error()) |
|
| 67 |
- |
|
| 68 | 69 |
out, _ = dockerCmdWithFail(c, "run", "--net=host", "--add-host=name:8.8.8.8", "busybox", "ps") |
| 69 | 70 |
c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error()) |
| 70 | 71 |
|
| 71 |
- out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps") |
|
| 72 |
- c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error()) |
|
| 73 |
- |
|
| 74 | 72 |
out, _ = dockerCmdWithFail(c, "run", "--net=host", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps") |
| 75 | 73 |
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error()) |
| 74 |
+} |
|
| 75 |
+ |
|
| 76 |
+func (s *DockerSuite) TestConflictNetworkModeAndOptions(c *check.C) {
|
|
| 77 |
+ testRequires(c, DaemonIsLinux) |
|
| 78 |
+ |
|
| 79 |
+ out, _ := dockerCmdWithFail(c, "run", "--net=container:other", "--dns=8.8.8.8", "busybox", "ps") |
|
| 80 |
+ c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkAndDNS.Error()) |
|
| 81 |
+ |
|
| 82 |
+ out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--add-host=name:8.8.8.8", "busybox", "ps") |
|
| 83 |
+ c.Assert(out, checker.Contains, runconfig.ErrConflictNetworkHosts.Error()) |
|
| 76 | 84 |
|
| 77 | 85 |
out, _ = dockerCmdWithFail(c, "run", "--net=container:other", "--mac-address=92:d0:c6:0a:29:33", "busybox", "ps") |
| 78 | 86 |
c.Assert(out, checker.Contains, runconfig.ErrConflictContainerNetworkAndMac.Error()) |
| ... | ... |
@@ -2390,7 +2390,7 @@ func (s *DockerSuite) TestRunModeIpcHost(c *check.C) {
|
| 2390 | 2390 |
|
| 2391 | 2391 |
func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) {
|
| 2392 | 2392 |
// Not applicable on Windows as uses Unix-specific capabilities |
| 2393 |
- testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) |
|
| 2393 |
+ testRequires(c, SameHostDaemon, DaemonIsLinux) |
|
| 2394 | 2394 |
|
| 2395 | 2395 |
out, _ := dockerCmd(c, "run", "-d", "busybox", "sh", "-c", "echo -n test > /dev/shm/test && touch /dev/mqueue/toto && top") |
| 2396 | 2396 |
|
| ... | ... |
@@ -2432,7 +2432,7 @@ func (s *DockerSuite) TestRunModeIpcContainer(c *check.C) {
|
| 2432 | 2432 |
|
| 2433 | 2433 |
func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) {
|
| 2434 | 2434 |
// Not applicable on Windows as uses Unix-specific capabilities |
| 2435 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 2435 |
+ testRequires(c, DaemonIsLinux) |
|
| 2436 | 2436 |
out, _, err := dockerCmdWithError("run", "-d", "--ipc", "container:abcd1234", "busybox", "top")
|
| 2437 | 2437 |
if !strings.Contains(out, "abcd1234") || err == nil {
|
| 2438 | 2438 |
c.Fatalf("run IPC from a non exists container should with correct error out")
|
| ... | ... |
@@ -2441,7 +2441,7 @@ func (s *DockerSuite) TestRunModeIpcContainerNotExists(c *check.C) {
|
| 2441 | 2441 |
|
| 2442 | 2442 |
func (s *DockerSuite) TestRunModeIpcContainerNotRunning(c *check.C) {
|
| 2443 | 2443 |
// Not applicable on Windows as uses Unix-specific capabilities |
| 2444 |
- testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) |
|
| 2444 |
+ testRequires(c, SameHostDaemon, DaemonIsLinux) |
|
| 2445 | 2445 |
|
| 2446 | 2446 |
out, _ := dockerCmd(c, "create", "busybox") |
| 2447 | 2447 |
|
| ... | ... |
@@ -2478,7 +2478,7 @@ func (s *DockerSuite) TestRunMountShmMqueueFromHost(c *check.C) {
|
| 2478 | 2478 |
|
| 2479 | 2479 |
func (s *DockerSuite) TestContainerNetworkMode(c *check.C) {
|
| 2480 | 2480 |
// Not applicable on Windows as uses Unix-specific capabilities |
| 2481 |
- testRequires(c, SameHostDaemon, DaemonIsLinux, NotUserNamespace) |
|
| 2481 |
+ testRequires(c, SameHostDaemon, DaemonIsLinux) |
|
| 2482 | 2482 |
|
| 2483 | 2483 |
out, _ := dockerCmd(c, "run", "-d", "busybox", "top") |
| 2484 | 2484 |
id := strings.TrimSpace(out) |
| ... | ... |
@@ -3614,7 +3614,7 @@ func (s *DockerSuite) TestRunContainerWithCgroupMountRO(c *check.C) {
|
| 3614 | 3614 |
|
| 3615 | 3615 |
func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) {
|
| 3616 | 3616 |
// Not applicable on Windows which does not support --net=container |
| 3617 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3617 |
+ testRequires(c, DaemonIsLinux) |
|
| 3618 | 3618 |
out, _, err := dockerCmdWithError("run", "--name=me", "--net=container:me", "busybox", "true")
|
| 3619 | 3619 |
if err == nil || !strings.Contains(out, "cannot join own network") {
|
| 3620 | 3620 |
c.Fatalf("using container net mode to self should result in an error\nerr: %q\nout: %s", err, out)
|
| ... | ... |
@@ -3623,7 +3623,7 @@ func (s *DockerSuite) TestRunContainerNetworkModeToSelf(c *check.C) {
|
| 3623 | 3623 |
|
| 3624 | 3624 |
func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) {
|
| 3625 | 3625 |
// Not applicable on Windows which does not support --net=container |
| 3626 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3626 |
+ testRequires(c, DaemonIsLinux) |
|
| 3627 | 3627 |
out, _, err := dockerCmdWithError("run", "-d", "--name", "parent", "busybox", "top")
|
| 3628 | 3628 |
if err != nil {
|
| 3629 | 3629 |
c.Fatalf("failed to run container: %v, output: %q", err, out)
|
| ... | ... |
@@ -3647,7 +3647,7 @@ func (s *DockerSuite) TestRunContainerNetModeWithDnsMacHosts(c *check.C) {
|
| 3647 | 3647 |
|
| 3648 | 3648 |
func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) {
|
| 3649 | 3649 |
// Not applicable on Windows which does not support --net=container |
| 3650 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3650 |
+ testRequires(c, DaemonIsLinux) |
|
| 3651 | 3651 |
dockerCmd(c, "run", "-d", "--name", "parent", "busybox", "top") |
| 3652 | 3652 |
|
| 3653 | 3653 |
out, _, err := dockerCmdWithError("run", "-p", "5000:5000", "--net=container:parent", "busybox")
|
| ... | ... |
@@ -3668,7 +3668,7 @@ func (s *DockerSuite) TestRunContainerNetModeWithExposePort(c *check.C) {
|
| 3668 | 3668 |
|
| 3669 | 3669 |
func (s *DockerSuite) TestRunLinkToContainerNetMode(c *check.C) {
|
| 3670 | 3670 |
// Not applicable on Windows which does not support --net=container or --link |
| 3671 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3671 |
+ testRequires(c, DaemonIsLinux) |
|
| 3672 | 3672 |
dockerCmd(c, "run", "--name", "test", "-d", "busybox", "top") |
| 3673 | 3673 |
dockerCmd(c, "run", "--name", "parent", "-d", "--net=container:test", "busybox", "top") |
| 3674 | 3674 |
dockerCmd(c, "run", "-d", "--link=parent:parent", "busybox", "top") |
| ... | ... |
@@ -3712,7 +3712,7 @@ func (s *DockerSuite) TestRunLoopbackWhenNetworkDisabled(c *check.C) {
|
| 3712 | 3712 |
|
| 3713 | 3713 |
func (s *DockerSuite) TestRunModeNetContainerHostname(c *check.C) {
|
| 3714 | 3714 |
// Windows does not support --net=container |
| 3715 |
- testRequires(c, DaemonIsLinux, ExecSupport, NotUserNamespace) |
|
| 3715 |
+ testRequires(c, DaemonIsLinux, ExecSupport) |
|
| 3716 | 3716 |
|
| 3717 | 3717 |
dockerCmd(c, "run", "-i", "-d", "--name", "parent", "busybox", "top") |
| 3718 | 3718 |
out, _ := dockerCmd(c, "exec", "parent", "cat", "/etc/hostname") |
| ... | ... |
@@ -3863,7 +3863,7 @@ func (s *DockerSuite) TestContainerWithConflictingHostNetworks(c *check.C) {
|
| 3863 | 3863 |
} |
| 3864 | 3864 |
|
| 3865 | 3865 |
func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) {
|
| 3866 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3866 |
+ testRequires(c, DaemonIsLinux) |
|
| 3867 | 3867 |
dockerCmd(c, "run", "-d", "--name=first", "busybox", "top") |
| 3868 | 3868 |
c.Assert(waitRun("first"), check.IsNil)
|
| 3869 | 3869 |
// Run second container in first container's network namespace |
| ... | ... |
@@ -3880,7 +3880,7 @@ func (s *DockerSuite) TestContainerWithConflictingSharedNetwork(c *check.C) {
|
| 3880 | 3880 |
} |
| 3881 | 3881 |
|
| 3882 | 3882 |
func (s *DockerSuite) TestContainerWithConflictingNoneNetwork(c *check.C) {
|
| 3883 |
- testRequires(c, DaemonIsLinux, NotUserNamespace) |
|
| 3883 |
+ testRequires(c, DaemonIsLinux) |
|
| 3884 | 3884 |
dockerCmd(c, "run", "-d", "--net=none", "--name=first", "busybox", "top") |
| 3885 | 3885 |
c.Assert(waitRun("first"), check.IsNil)
|
| 3886 | 3886 |
|