runc/tests/integration/netdev.bats

#!/usr/bin/env bats

load helpers

function setup_netns() {
	local tmp

	# Create a temporary name for the test network namespace.
	tmp=$(mktemp -u)
	ns_name=$(basename "$tmp")

	# Create the network namespace.
	ip netns add "$ns_name"
	ns_path=$(ip netns add "$ns_name" 2>&1 | sed -e 's/.*"\(.*\)".*/\1/')

	# Tell runc to use it.
	update_config '(.. | select(.type? == "network")) .path |= "'"$ns_path"'"'
}

function delete_netns() {
	# Delete the namespace only if the ns_name variable is set.
	[ -v ns_name ] && ip netns del "$ns_name"
}

function setup() {
	requires root
	setup_busybox

	# Create a dummy interface to move to the container.
	ip link add dummy0 type dummy
}

function teardown() {
	ip link del dev dummy0
	delete_netns
	teardown_bundle
}

@test "move network device to container network namespace" {
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	runc run test_busybox
	[ "$status" -eq 0 ]
}

@test "move network device to container network namespace and restore it back" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }'

	runc run -d --console-socket "$CONSOLE_SOCKET" test_busybox
	[ "$status" -eq 0 ]

	# The network namespace owner controls the lifecycle of the interface.
	# The interface should remain on the namespace after the container was killed.
	runc delete --force test_busybox

	# Move back the interface to the root namespace (pid 1).
	ip netns exec "$ns_name" ip link set dev dummy0 netns 1

	# Verify the interface is back in the root network namespace.
	ip address show dev dummy0
}

@test "move network device to precreated container network namespace" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	runc run test_busybox
	[ "$status" -eq 0 ]

	# Verify the interface is still present in the network namespace.
	ip netns exec "$ns_name" ip address show dev dummy0
}

@test "move network device to precreated container network namespace and set ip address with global scope" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	global_ip="169.254.169.77/32"

	# Set the interface down to avoid possible network problems.
	# Set a custom address to the interface.
	ip link set down dev dummy0
	ip address add "$global_ip" dev dummy0

	runc run test_busybox
	[ "$status" -eq 0 ]
	[[ "$output" == *"$global_ip "* ]]

	# Verify the interface is still present in the network namespace.
	run -0 ip netns exec "$ns_name" ip address show dev dummy0
	[[ "$output" == *"$global_ip "* ]]
}

@test "move network device to precreated container network namespace and set ip address without global scope" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	non_global_ip="127.0.0.33"

	# Set the interface down to avoid possible network problems.
	# Set a custom address to the interface.
	ip link set down dev dummy0
	ip address add "$non_global_ip" dev dummy0

	runc run test_busybox
	[ "$status" -eq 0 ]
	[[ "$output" != *" $non_global_ip "* ]]

	# Verify the interface is still present in the network namespace.
	ip netns exec "$ns_name" ip address show dev dummy0
}

@test "move network device to precreated container network namespace and set mtu" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	mtu_value=1789
	# Set a custom mtu to the interface.
	ip link set mtu "$mtu_value" dev dummy0

	runc run test_busybox
	[ "$status" -eq 0 ]
	[[ "$output" == *"mtu $mtu_value "* ]]

	# Verify the interface is still present in the network namespace.
	run -0 ip netns exec "$ns_name" ip address show dev dummy0
	[[ "$output" == *"mtu $mtu_value "* ]]
}

@test "move network device to precreated container network namespace and set mac address" {
	setup_netns
	update_config ' .linux.netDevices |= {"dummy0": {} }
      		| .process.args |= ["ip", "address", "show", "dev", "dummy0"]'

	mac_address="00:11:22:33:44:55"
	# set a custom mac address to the interface
	ip link set address "$mac_address" dev dummy0

	runc run test_busybox
	[ "$status" -eq 0 ]
	[[ "$output" == *"ether $mac_address "* ]]

	# Verify the interface is still present in the network namespace.
	run -0 ip netns exec "$ns_name" ip address show dev dummy0
	[[ "$output" == *"ether $mac_address "* ]]
}

@test "move network device to precreated container network namespace and rename" {
	setup_netns
	update_config ' .linux.netDevices |= { "dummy0": { "name" : "ctr_dummy0" } }
      		| .process.args |= ["ip", "address", "show", "dev", "ctr_dummy0"]'

	runc run test_busybox
	[ "$status" -eq 0 ]

	# Verify the interface is still present in the network namespace.
	ip netns exec "$ns_name" ip address show dev ctr_dummy0
}

@test "move network device to precreated container network namespace and rename and set mtu and mac and ip address" {
	setup_netns
	update_config ' .linux.netDevices |= { "dummy0": { "name" : "ctr_dummy0" } }
	    		| .process.args |= ["ip", "address", "show", "dev", "ctr_dummy0"]'

	mtu_value=1789
	mac_address="00:11:22:33:44:55"
	global_ip="169.254.169.77/32"

	# Set a custom mtu to the interface.
	ip link set mtu "$mtu_value" dev dummy0
	# Set a custom mac address to the interface.
	ip link set address "$mac_address" dev dummy0
	# Set a custom ip address to the interface.
	ip address add "$global_ip" dev dummy0

	runc run test_busybox
	[ "$status" -eq 0 ]
	[[ "$output" == *" $global_ip "* ]]
	[[ "$output" == *"ether $mac_address "* ]]
	[[ "$output" == *"mtu $mtu_value "* ]]

	# Verify the interface is still present in the network namespace.
	run -0 ip netns exec "$ns_name" ip address show dev ctr_dummy0
	[[ "$output" == *" $global_ip "* ]]
	[[ "$output" == *"ether $mac_address "* ]]
	[[ "$output" == *"mtu $mtu_value "* ]]
}