Skip to content

Commit

Permalink
chapter 4 tests
Browse files Browse the repository at this point in the history
  • Loading branch information
AlanHohn committed Jan 12, 2024
1 parent c4b8af1 commit 495adf1
Show file tree
Hide file tree
Showing 6 changed files with 150 additions and 0 deletions.
5 changes: 5 additions & 0 deletions chapter-04/Vagrantfile
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,11 @@ Vagrant.configure("2") do |config|
ansible.playbook = "playbook.yaml"
ansible.groups = groups
end
host.vm.provision "test", type: "ansible", run: "never" do |ansible|
ansible.limit = "all"
ansible.playbook = "test.yaml"
ansible.groups = groups
end
end
end
end
Expand Down
12 changes: 12 additions & 0 deletions chapter-04/test.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
- hosts: remote
become: yes
pre_tasks:
- name: install tests
ansible.builtin.copy:
src: tests
dest: /opt
owner: root
group: root
roles:
- test
13 changes: 13 additions & 0 deletions chapter-04/tests/basic.bats
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# bats file_tags=host01

setup() {
BATS_LIB_PATH=/usr/local/lib/node_modules
bats_load_library bats-support
bats_load_library bats-assert
bats_require_minimum_version 1.5.0
}

@test 'available commands' {
run -0 which lsns
run -0 which brctl
}
35 changes: 35 additions & 0 deletions chapter-04/tests/busybox.bats
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# bats file_tags=host01

setup() {
BATS_LIB_PATH=/usr/local/lib/node_modules
bats_load_library bats-support
bats_load_library bats-assert
bats_require_minimum_version 1.5.0
}

@test 'busybox container' {
run -0 /bin/bash -ec '\
cd /opt
source busybox.sh
crictl ps
crictl exec $B1C_ID /bin/sh -c "ip addr"
crictl exec $B1C_ID /bin/sh -c "ping -c 1 192.168.61.11"
crictl exec $B1C_ID /bin/sh -c "ip route"
JQ_PATH=".info.runtimeSpec.linux.namespaces[]|select(.type==\"network\").path"
NETNS_PATH=$(crictl inspectp $B1P_ID | jq -r $JQ_PATH)
echo $NETNS_PATH
NETNS=$(basename $NETNS_PATH)
ip netns exec $NETNS ip addr'
assert_output --partial 'busybox'
assert_output --partial 'inet 10.85.0'
assert_output --partial '64 bytes from 192.168.61.11'
assert_output --partial 'default via 10.85.0.1'
assert_output --partial '/var/run/netns'
run -0 lsns -t net
assert_output --partial '/pause'
}

teardown() {
crictl rm -a -f
crictl rmp -a -f
}
60 changes: 60 additions & 0 deletions chapter-04/tests/netns.bats
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
# bats file_tags=host01

setup() {
BATS_LIB_PATH=/usr/local/lib/node_modules
bats_load_library bats-support
bats_load_library bats-assert
bats_require_minimum_version 1.5.0
}

@test 'create and manipulate a network namespace' {
ip netns add myns
run -0 ip netns list
assert_output --partial 'myns'
run -0 ip netns exec myns ip addr
assert_output --partial 'DOWN'
ip netns exec myns ip link set dev lo up
run -0 ip netns exec myns ip addr
assert_output --partial 'UP'
ip link add myveth-host type veth peer myveth-myns netns myns
run -0 ip addr
assert_output --partial 'myveth-host'
run -0 ip netns exec myns ip addr
assert_output --partial 'myveth-myns'
ip netns exec myns ip addr add 10.85.0.254/16 dev myveth-myns
ip netns exec myns ip link set dev myveth-myns up
ip link set dev myveth-host up
run -0 ip netns exec myns ip addr
assert_output --partial '10.85.0.254'
run -0 ip netns exec myns ping -c 1 10.85.0.254
assert_output --partial '64 bytes from 10.85.0.254'
run -1 ping -c 1 10.85.0.254
assert_output --partial 'Destination Host Unreachable'
brctl addif cni0 myveth-host
run -0 brctl show
assert_output --partial 'myveth-host'
run -0 ping -c 1 10.85.0.254
assert_output --partial '64 bytes from 10.85.0.254'
run -2 ip netns exec myns ping -c 1 192.168.61.11
assert_output --partial 'Network is unreachable'
ip netns exec myns ip route add default via 10.85.0.1
run -0 ip netns exec myns ping -c 1 192.168.61.11
assert_output --partial '64 bytes from 192.168.61.11'
run -1 ip netns exec myns ping -c 1 192.168.61.12
assert_output --partial '0 received'
iptables -t nat -N chain-myns
iptables -t nat -A chain-myns -d 10.85.0.0/16 -j ACCEPT
iptables -t nat -A chain-myns ! -d 224.0.0.0/4 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.85.0.254 -j chain-myns
run -0 iptables -t nat -n -L
assert_output --partial 'chain-myns'
run -0 ip netns exec myns ping -c 1 192.168.61.12
assert_output --partial '64 bytes from 192.168.61.12'
}

teardown() {
ip -all netns delete
iptables -t nat -D POSTROUTING -s 10.85.0.254 -j chain-myns
iptables -t nat -F chain-myns
iptables -t nat -X chain-myns
}
25 changes: 25 additions & 0 deletions chapter-04/tests/nginx.bats
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
# bats file_tags=host01

setup() {
BATS_LIB_PATH=/usr/local/lib/node_modules
bats_load_library bats-support
bats_load_library bats-assert
bats_require_minimum_version 1.5.0
}

@test 'nginx containers' {
run -0 /bin/bash -ec '\
cd /opt
source nginx.sh
crictl ps
crictl exec $N1C_ID cat /proc/net/tcp
crictl exec $N2C_ID cat /proc/net/tcp'
assert_output --partial 'nginx1'
assert_output --partial 'nginx2'
assert_output --partial '0050'
}

teardown() {
crictl rm -a -f
crictl rmp -a -f
}

0 comments on commit 495adf1

Please sign in to comment.