test: hostport network test

Signed-off-by: Andrew Pilloud <andrewpilloud@igneoussystems.com>

Dockerfile

@@ -24,6 +24,7 @@ RUN apt-get update && apt-get install -y \
     libdevmapper1.02.1 \
     libdevmapper-dev \
     libgpgme11-dev \
+    netcat \
     --no-install-recommends \
     && apt-get clean
 

test/helpers.bash

@@ -397,6 +397,12 @@ function parse_pod_ip() {
 	done
 }
 
+function get_host_ip() {
+	gateway_dev=`ip -o route show default 0.0.0.0/0 | sed 's/.*dev \([^[:space:]]*\).*/\1/'`
+	[ "$gateway_dev" ]
+	host_ip=`ip -o -4 addr show dev $gateway_dev scope global | sed 's/.*inet \([0-9.]*\).*/\1/'`
+}
+
 function ping_pod() {
 	netns=`crioctl pod status --id $1 | grep namespace | cut -d ' ' -f 3`
 	inet=`ip netns exec \`basename $netns\` ip addr show dev eth0 scope global | grep inet`

test/network.bats

@@ -67,3 +67,31 @@ load helpers
 	cleanup_pods
 	stop_crio
 }
+
+@test "Connect to pod hostport from the host" {
+	start_crio
+	run crioctl pod run --config "$TESTDATA"/sandbox_config_hostport.json
+	echo "$output"
+	[ "$status" -eq 0 ]
+	pod_id="$output"
+
+	get_host_ip
+	echo $host_ip
+
+	run crioctl ctr create --config "$TESTDATA"/container_config_hostport.json --pod "$pod_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	ctr_id="$output"
+	run crioctl ctr start --id "$ctr_id"
+	echo "$output"
+	[ "$status" -eq 0 ]
+	run nc -w 5 $host_ip 4888
+	echo "$output"
+	[ "$output" = "crioctl_host" ]
+	[ "$status" -eq 0 ]
+	run crioctl ctr stop --id "$ctr_id"
+	echo "$output"
+	cleanup_pods
+
+	stop_crio
+}

test/testdata/container_config_hostport.json

@@ -0,0 +1,73 @@
+{
+	"metadata": {
+		"name": "container1",
+		"attempt": 1
+	},
+	"image": {
+		"image": "busybox:latest"
+	},
+	"command": [
+		"/bin/nc", "-ll", "-p", "80", "-e"
+	],
+	"args": [
+		"/bin/hostname"
+	],
+	"working_dir": "/",
+	"envs": [
+		{
+			"key": "PATH",
+			"value": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+		},
+		{
+			"key": "TERM",
+			"value": "xterm"
+		},
+		{
+			"key": "TESTDIR",
+			"value": "test/dir1"
+		},
+		{
+			"key": "TESTFILE",
+			"value": "test/file1"
+		}
+	],
+	"labels": {
+		"type": "small",
+		"batch": "no"
+	},
+	"annotations": {
+		"owner": "dragon",
+		"daemon": "crio"
+	},
+	"privileged": true,
+	"readonly_rootfs": true,
+	"log_path": "",
+	"stdin": false,
+	"stdin_once": false,
+	"tty": false,
+	"linux": {
+		"resources": {
+			"cpu_period": 10000,
+			"cpu_quota": 20000,
+			"cpu_shares": 512,
+			"oom_score_adj": 30
+		},
+		"security_context": {
+			"capabilities": {
+				"add_capabilities": [
+					"setuid",
+					"setgid"
+				],
+				"drop_capabilities": [
+					"audit_read"
+				]
+			},
+			"selinux_options": {
+				"user": "system_u",
+				"role": "system_r",
+				"type": "container_t",
+				"level": "s0:c4,c5"
+			}
+		}
+	}
+}

test/testdata/sandbox_config_hostport.json

@@ -0,0 +1,55 @@
+{
+	"metadata": {
+		"name": "podsandbox1",
+		"uid": "redhat-test-crio",
+		"namespace": "redhat.test.crio",
+		"attempt": 1
+	},
+	"hostname": "crioctl_host",
+	"log_directory": "",
+	"dns_options": {
+		"servers": [
+			"server1.redhat.com",
+			"server2.redhat.com"
+		],
+		"searches": [
+			"8.8.8.8"
+		]
+	},
+	"port_mappings": [
+		{
+			"protocol": 0,
+			"container_port": 80,
+			"host_port": 4888
+		}
+	],
+	"resources": {
+		"cpu": {
+			"limits": 3,
+			"requests": 2
+		},
+		"memory": {
+			"limits": 50000000,
+			"requests": 2000000
+		}
+	},
+	"labels": {
+		"group": "test"
+	},
+	"annotations": {
+		"owner": "hmeng",
+		"security.alpha.kubernetes.io/sysctls": "kernel.shm_rmid_forced=1,net.ipv4.ip_local_port_range=1024 65000",
+		"security.alpha.kubernetes.io/unsafe-sysctls": "kernel.msgmax=8192" ,
+		"security.alpha.kubernetes.io/seccomp/pod": "unconfined"
+	},
+	"linux": {
+		"cgroup_parent": "/Burstable/pod_123-456",
+		"security_context": {
+			"namespace_options": {
+				"host_network": false,
+				"host_pid": false,
+				"host_ipc": false
+			}
+		}
+	}
+}