Skip to content

Commit 3f9c70c

Browse files
dcantahdcantah
committed
Integration: Add a test to validate userns IP restore
Add a new case to TestContainerdRestartSandboxRecover that will launch a userns pod if the host and runtime supports it. The new case will just test that we have networking info in the pod metadata on restart. Signed-off-by: Danny Canter <[email protected]>
1 parent 2a28ee4 commit 3f9c70c

1 file changed

Lines changed: 37 additions & 3 deletions

File tree

integration/restart_linux_test.go

Lines changed: 37 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,17 +22,40 @@ import (
2222
"time"
2323

2424
"github.com/stretchr/testify/assert"
25+
"github.com/stretchr/testify/require"
2526
runtime "k8s.io/cri-api/pkg/apis/runtime/v1"
2627
)
2728

29+
func setupUserNSPod(t *testing.T) {
30+
supportsUserNs := supportsUserNS() && supportsIDMap(defaultRoot) && supportsRuncIDMap() == nil
31+
if !supportsUserNs {
32+
t.Log("host or runtime doesn't support userns, skipping pod setup")
33+
return
34+
}
35+
36+
t.Log("adding userns pods for containerd restart test")
37+
38+
containerID := uint32(0)
39+
hostID := uint32(65536)
40+
size := uint32(65536)
41+
42+
sOpts := []PodSandboxOpts{WithPodUserNs(containerID, hostID, size)}
43+
sbCfg := PodSandboxConfig("sandbox_ready_userns", "sandbox_ready_userns", sOpts...)
44+
_, err := runtimeService.RunPodSandbox(sbCfg, *runtimeHandler)
45+
assert.NoError(t, err)
46+
}
47+
2848
func TestContainerdRestartSandboxRecover(t *testing.T) {
2949
sbStatuses := map[string]runtime.PodSandboxState{
3050
// Sandbox with unknown status will be NotReady when returned from ListPodSandbox
31-
"sandbox_unknown": runtime.PodSandboxState_SANDBOX_NOTREADY,
32-
"sandbox_not_ready": runtime.PodSandboxState_SANDBOX_NOTREADY,
33-
"sandbox_ready": runtime.PodSandboxState_SANDBOX_READY,
51+
"sandbox_unknown": runtime.PodSandboxState_SANDBOX_NOTREADY,
52+
"sandbox_not_ready": runtime.PodSandboxState_SANDBOX_NOTREADY,
53+
"sandbox_ready": runtime.PodSandboxState_SANDBOX_READY,
54+
"sandbox_ready_userns": runtime.PodSandboxState_SANDBOX_READY,
3455
}
3556

57+
setupUserNSPod(t)
58+
3659
sbReadyConfig := PodSandboxConfig("sandbox_ready", "sandbox_ready")
3760
_, err := runtimeService.RunPodSandbox(sbReadyConfig, *runtimeHandler)
3861
assert.NoError(t, err)
@@ -67,6 +90,17 @@ func TestContainerdRestartSandboxRecover(t *testing.T) {
6790
foundUnkownSb = true
6891
}
6992
if status, ok := sbStatuses[sb.Metadata.Name]; ok {
93+
// See: https://github.com/containerd/containerd/issues/10363
94+
//
95+
// Test that sandbox IP is still present after restart.
96+
if sb.State == runtime.PodSandboxState_SANDBOX_READY {
97+
status, _, err := SandboxInfo(sb.Id)
98+
require.NoError(t, err)
99+
100+
assert.NotNil(t, status.Network)
101+
assert.NotEmpty(t, status.Network.Ip)
102+
}
103+
70104
assert.Equal(t, status, sb.State)
71105
err = runtimeService.StopPodSandbox(sb.Id)
72106
assert.NoError(t, err)

0 commit comments

Comments
 (0)