diff --git a/examples/Makefile b/examples/Makefile index a5bf4c80b..482e0c75a 100644 --- a/examples/Makefile +++ b/examples/Makefile @@ -36,6 +36,7 @@ integ-test: --ipc=host \ --volume /dev:/dev \ --volume /run/udev/control:/run/udev/control \ + --volume $(CURDIR)/etc/containerd/firecracker-runtime.json:/etc/containerd/firecracker-runtime.json \ --volume $(CURDIR)/logs:/var/log/firecracker-containerd-test \ --env EXTRAGOARGS="${EXTRAGOARGS}" \ --workdir="/firecracker-containerd/examples" \ diff --git a/tools/docker/firecracker-runtime.json b/examples/etc/containerd/firecracker-runtime.json similarity index 81% rename from tools/docker/firecracker-runtime.json rename to examples/etc/containerd/firecracker-runtime.json index 3edd6acfc..d78fcc763 100644 --- a/tools/docker/firecracker-runtime.json +++ b/examples/etc/containerd/firecracker-runtime.json @@ -5,7 +5,5 @@ "root_drive": "/var/lib/firecracker-containerd/runtime/default-rootfs.img", "cpu_count": 1, "cpu_template": "T2", - "log_fifo": "/tmp/fc-logs.fifo", - "log_level": "Debug", - "metrics_fifo": "/tmp/fc-metrics.fifo" + "log_level": "Debug" } diff --git a/runtime/cni_integ_test.go b/runtime/cni_integ_test.go index 160d68101..5af77abfb 100644 --- a/runtime/cni_integ_test.go +++ b/runtime/cni_integ_test.go @@ -39,7 +39,7 @@ import ( ) func TestCNISupport_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) testTimeout := 120 * time.Second ctx, cancel := context.WithTimeout(namespaces.WithNamespace(context.Background(), defaultNamespace), testTimeout) @@ -133,8 +133,7 @@ func TestCNISupport_Isolated(t *testing.T) { } func TestAutomaticCNISupport_Isolated(t *testing.T) { - internal.RequiresIsolation(t) - useDefaultNetworkInterfaceRuntimeConfig(t) + prepareIntegTest(t, withDefaultNetwork()) testTimeout := 120 * time.Second ctx, cancel := context.WithTimeout(namespaces.WithNamespace(context.Background(), defaultNamespace), testTimeout) @@ -200,7 +199,7 @@ func TestAutomaticCNISupport_Isolated(t *testing.T) { } func TestCNIPlugin_Performance(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) numVMs := perfTestVMCount(t) runtimeDuration := perfTestRuntime(t) @@ -354,14 +353,17 @@ func writeCNIConf(path, chainedPluginName, networkName, nameserver string) error }`, networkName, nameserver, chainedPluginName)), 0644) } -func useDefaultNetworkInterfaceRuntimeConfig(t *testing.T) { - t.Helper() - - err := os.RemoveAll(runtimeConfigPath) - require.NoError(t, err, "failed to remove existing firecracker containerd runtime config file") - - err = os.Symlink(defaultNetworkInterfaceRuntimeConfigPath, runtimeConfigPath) - require.NoError(t, err, "failed to symlink default network interface runtime config") +func withDefaultNetwork() func(c *Config) { + return func(c *Config) { + c.DefaultNetworkInterfaces = []proto.FirecrackerNetworkInterface{ + { + CNIConfig: &proto.CNIConfiguration{ + NetworkName: "fcnet", + InterfaceName: "veth0", + }, + }, + } + } } func runCommand(ctx context.Context, t *testing.T, name string, args ...string) { diff --git a/runtime/integ_test.go b/runtime/integ_test.go new file mode 100644 index 000000000..01581e41c --- /dev/null +++ b/runtime/integ_test.go @@ -0,0 +1,69 @@ +// Copyright 2018-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"). You may +// not use this file except in compliance with the License. A copy of the +// License is located at +// +// http://aws.amazon.com/apache2.0/ +// +// or in the "license" file accompanying this file. This file is distributed +// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +// express or implied. See the License for the specific language governing +// permissions and limitations under the License. +package main + +import ( + "encoding/json" + "os" + "testing" + + "github.com/firecracker-microvm/firecracker-containerd/internal" +) + +const runtimeConfigPath = "/etc/containerd/firecracker-runtime.json" + +var defaultRuntimeConfig = Config{ + FirecrackerBinaryPath: "/usr/local/bin/firecracker", + KernelImagePath: "/var/lib/firecracker-containerd/runtime/default-vmlinux.bin", + KernelArgs: "ro console=ttyS0 noapic reboot=k panic=1 pci=off nomodules systemd.journald.forward_to_console systemd.unit=firecracker.target init=/sbin/overlay-init", + RootDrive: "/var/lib/firecracker-containerd/runtime/default-rootfs.img", + CPUCount: 1, + CPUTemplate: "T2", + LogLevel: "Debug", +} + +func prepareIntegTest(t *testing.T, options ...func(*Config)) { + t.Helper() + + internal.RequiresIsolation(t) + + err := writeRuntimeConfig(options...) + if err != nil { + t.Error(err) + } +} + +func writeRuntimeConfig(options ...func(*Config)) error { + config := defaultRuntimeConfig + for _, option := range options { + option(&config) + } + + file, err := os.Create(runtimeConfigPath) + if err != nil { + return err + } + defer file.Close() + + bytes, err := json.Marshal(config) + if err != nil { + return err + } + + _, err = file.Write(bytes) + if err != nil { + return err + } + + return nil +} diff --git a/runtime/service_integ_test.go b/runtime/service_integ_test.go index 9b73e487d..c98a8ae1c 100644 --- a/runtime/service_integ_test.go +++ b/runtime/service_integ_test.go @@ -63,9 +63,6 @@ const ( defaultVMRootfsPath = "/var/lib/firecracker-containerd/runtime/default-rootfs.img" defaultVMNetDevName = "eth0" varRunDir = "/run/firecracker-containerd" - - runtimeConfigPath = "/etc/containerd/firecracker-runtime.json" - defaultNetworkInterfaceRuntimeConfigPath = "/etc/containerd/firecracker-runtime-defaultnetwork.json" ) // Images are presumed by the isolated tests to have already been pulled @@ -94,7 +91,7 @@ func iperf3Image(ctx context.Context, client *containerd.Client, snapshotterName } func TestShimExitsUponContainerDelete_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) ctx := namespaces.WithNamespace(context.Background(), defaultNamespace) @@ -224,7 +221,7 @@ func createTapDevice(ctx context.Context, tapName string) error { } func TestMultipleVMs_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) const ( numVMs = 3 @@ -457,13 +454,14 @@ func TestMultipleVMs_Isolated(t *testing.T) { } func TestLongUnixSocketPath_Isolated(t *testing.T) { + prepareIntegTest(t) + // Verify that if the absolute path of the Firecracker unix sockets are longer // than the max length enforced by the kernel (UNIX_PATH_MAX, usually 108), we // don't fail (due to the internal implementation using relative paths). // We do this by using the max VMID len (76 chars), which in combination with the // default location we store state results in a path like // "/run/firecracker-containerd/default/" (with len 112). - internal.RequiresIsolation(t) const maxUnixSockLen = 108 vmID := strings.Repeat("x", 76) @@ -502,7 +500,8 @@ func TestLongUnixSocketPath_Isolated(t *testing.T) { } func TestStubBlockDevices_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) + const vmID = 0 ctx := namespaces.WithNamespace(context.Background(), "default") @@ -734,7 +733,7 @@ func testCreateContainerWithSameName(t *testing.T, vmID string) { } func TestCreateContainerWithSameName_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) testCreateContainerWithSameName(t, "") @@ -743,7 +742,8 @@ func TestCreateContainerWithSameName_Isolated(t *testing.T) { } func TestCreateTooManyContainers_Isolated(t *testing.T) { - internal.RequiresIsolation(t) + prepareIntegTest(t) + assert := assert.New(t) ctx := namespaces.WithNamespace(context.Background(), "default") diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile index 579251a4e..d321ccaad 100644 --- a/tools/docker/Dockerfile +++ b/tools/docker/Dockerfile @@ -149,7 +149,6 @@ COPY _submodules/firecracker/target/$FIRECRACKER_TARGET/release/firecracker /usr COPY _submodules/firecracker/target/$FIRECRACKER_TARGET/release/jailer /usr/local/bin/ COPY _submodules/runc/runc /usr/local/bin COPY tools/image-builder/rootfs.img /var/lib/firecracker-containerd/runtime/default-rootfs.img -COPY tools/docker/firecracker-runtime.json /etc/containerd/firecracker-runtime.json # pull the images the tests need into the content store so we don't need internet # access during the tests themselves @@ -164,8 +163,6 @@ RUN make -C /firecracker-containerd/internal test-bridged-tap && \ cp /firecracker-containerd/internal/test-bridged-tap /opt/cni/bin/ && \ chmod a+x /firecracker-containerd/internal/test-bridged-tap -COPY tools/docker/firecracker-runtime.json /etc/containerd/firecracker-runtime.json -COPY tools/docker/firecracker-runtime-defaultnetwork.json /etc/containerd/firecracker-runtime-defaultnetwork.json COPY tools/docker/naive-snapshotter/entrypoint.sh /entrypoint ENTRYPOINT ["/entrypoint"] diff --git a/tools/docker/firecracker-runtime-defaultnetwork.json b/tools/docker/firecracker-runtime-defaultnetwork.json deleted file mode 100644 index 110169ae3..000000000 --- a/tools/docker/firecracker-runtime-defaultnetwork.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "firecracker_binary_path": "/usr/local/bin/firecracker", - "kernel_image_path": "/var/lib/firecracker-containerd/runtime/default-vmlinux.bin", - "kernel_args": "ro console=ttyS0 noapic reboot=k panic=1 pci=off nomodules systemd.journald.forward_to_console systemd.unit=firecracker.target init=/sbin/overlay-init", - "root_drive": "/var/lib/firecracker-containerd/runtime/default-rootfs.img", - "cpu_count": 1, - "cpu_template": "T2", - "log_fifo": "/tmp/fc-logs.fifo", - "log_level": "Debug", - "metrics_fifo": "/tmp/fc-metrics.fifo", - "default_network_interfaces": [ - { - "CNIConfig": { - "NetworkName": "fcnet", - "InterfaceName": "veth0" - } - } - ] -}