▽

Source file src/github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/iptables_server_test.go

Documentation: github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon

     1  // Copyright 2020 Chaos Mesh Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // See the License for the specific language governing permissions and
    12  // limitations under the License.
    13  
    14  package chaosdaemon
    15  
    16  import (
    17  	"context"
    18  	"errors"
    19  	"io/ioutil"
    20  	"os"
    21  	"os/exec"
    22  
    23  	. "github.com/onsi/ginkgo"
    24  	. "github.com/onsi/gomega"
    25  
    26  	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients"
    27  	"github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients/test"
    28  	pb "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/pb"
    29  	"github.com/chaos-mesh/chaos-mesh/pkg/mock"
    30  )
    31  
    32  var _ = Describe("iptables server", func() {
    33  	defer mock.With("MockContainerdClient", &test.MockClient{})()
    34  	s, _ := newDaemonServer(crclients.ContainerRuntimeContainerd)
    35  
    36  	Context("FlushIptables", func() {
    37  		It("should work", func() {
    38  			defer mock.With("pid", 9527)()
    39  			defer mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
    40  				Expect(cmd).To(Equal("/usr/local/bin/nsexec"))
    41  				Expect(args[0]).To(Equal("-n"))
    42  				Expect(args[1]).To(Equal("/proc/9527/ns/net"))
    43  				Expect(args[2]).To(Equal("--"))
    44  				Expect(args[3]).To(Equal(iptablesCmd))
    45  				return exec.Command("echo", "-n")
    46  			})()
    47  			_, err := s.SetIptablesChains(context.TODO(), &pb.IptablesChainsRequest{
    48  				Chains: []*pb.Chain{{
    49  					Name:      "TEST",
    50  					Direction: pb.Chain_INPUT,
    51  					Ipsets:    []string{},
    52  				}},
    53  				ContainerId: "containerd://container-id",
    54  				EnterNS:     true,
    55  			})
    56  			Expect(err).To(BeNil())
    57  		})
    58  
    59  		It("should fail on get pid", func() {
    60  			const errorStr = "mock error on Task()"
    61  			defer mock.With("TaskError", errors.New(errorStr))()
    62  			_, err := s.SetIptablesChains(context.TODO(), &pb.IptablesChainsRequest{
    63  				Chains: []*pb.Chain{{
    64  					Name:      "TEST",
    65  					Direction: pb.Chain_INPUT,
    66  					Ipsets:    []string{},
    67  				}},
    68  				ContainerId: "containerd://container-id",
    69  				EnterNS:     true,
    70  			})
    71  			Expect(err).ToNot(BeNil())
    72  			Expect(err.Error()).To(Equal(errorStr))
    73  		})
    74  
    75  		It("should fail on unknown chain direction", func() {
    76  			defer mock.With("pid", 9527)()
    77  			defer mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
    78  				Expect(cmd).To(Equal("/usr/local/bin/nsexec"))
    79  				Expect(args[0]).To(Equal("-n"))
    80  				Expect(args[1]).To(Equal("/proc/9527/ns/net"))
    81  				Expect(args[2]).To(Equal("--"))
    82  				Expect(args[3]).To(Equal(iptablesCmd))
    83  				return exec.Command("echo", "-n")
    84  			})()
    85  
    86  			_, err := s.SetIptablesChains(context.TODO(), &pb.IptablesChainsRequest{
    87  				Chains: []*pb.Chain{{
    88  					Name:      "TEST",
    89  					Direction: pb.Chain_Direction(233),
    90  					Ipsets:    []string{},
    91  				}},
    92  				ContainerId: "containerd://container-id",
    93  				EnterNS:     true,
    94  			})
    95  			Expect(err).ToNot(BeNil())
    96  			Expect(err.Error()).To(Equal("unknown chain direction 233"))
    97  		})
    98  
    99  		It("should fail on command error", func() {
   100  			// The mockfail.sh will fail
   101  			err := ioutil.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
   102  exit 1
   103  			`), 0755)
   104  			Expect(err).To(BeNil())
   105  			defer os.Remove("/tmp/mockfail.sh")
   106  			defer mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
   107  				return exec.Command("mockfail.sh")
   108  			})()
   109  			_, err = s.SetIptablesChains(context.TODO(), &pb.IptablesChainsRequest{
   110  				Chains: []*pb.Chain{{
   111  					Name:      "TEST",
   112  					Direction: pb.Chain_INPUT,
   113  					Ipsets:    []string{},
   114  				}},
   115  				ContainerId: "containerd://container-id",
   116  				EnterNS:     true,
   117  			})
   118  			Expect(err).ToNot(BeNil())
   119  		})
   120  	})
   121  })
   122