1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package chaosdaemon
17
18 import (
19 "context"
20 "os"
21 "os/exec"
22
23 . "github.com/onsi/ginkgo/v2"
24 . "github.com/onsi/gomega"
25 "github.com/pkg/errors"
26
27 "github.com/chaos-mesh/chaos-mesh/api/v1alpha1"
28 "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients"
29 "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/crclients/test"
30 "github.com/chaos-mesh/chaos-mesh/pkg/chaosdaemon/pb"
31 "github.com/chaos-mesh/chaos-mesh/pkg/log"
32 "github.com/chaos-mesh/chaos-mesh/pkg/mock"
33 )
34
35 var _ = Describe("ipset server", func() {
36 defer mock.With("MockContainerdClient", &test.MockClient{})()
37 logger, err := log.NewDefaultZapLogger()
38 Expect(err).To(BeNil())
39 s, _ := newDaemonServer(&crclients.CrClientConfig{
40 Runtime: crclients.ContainerRuntimeContainerd}, nil, logger)
41
42 Context("createIPSet", func() {
43 It("should work", func() {
44 defer mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
45 Expect(cmd).To(Equal("/usr/local/bin/nsexec"))
46 Expect(args[0]).To(Equal("-n"))
47 Expect(args[1]).To(Equal("/proc/1/ns/net"))
48 Expect(args[2]).To(Equal("--"))
49 Expect(args[3]).To(Equal("ipset"))
50 Expect(args[4]).To(Equal("create"))
51 Expect(args[5]).To(Equal("name"))
52 Expect(args[6]).To(Equal("hash:net"))
53 return exec.Command("echo", "mock command")
54 })()
55 err := createIPSet(context.TODO(), logger, true, 1, "name", v1alpha1.NetIPSet)
56 Expect(err).To(BeNil())
57 })
58
59 It("should work since ipset exist", func() {
60
61 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
62 echo $1
63 cat > /tmp/mockfail.sh << EOF
64 #! /bin/sh
65 exit 0
66 EOF
67 exit 1
68 `), 0755)
69 Expect(err).To(BeNil())
70 defer os.Remove("/tmp/mockfail.sh")
71 defer mock.With("MockProcessBuild", func(ctx context.Context, cmd string, args ...string) *exec.Cmd {
72 return exec.Command("/tmp/mockfail.sh", ipsetExistErr)
73 })()
74 err = createIPSet(context.TODO(), logger, true, 1, "name", v1alpha1.NetIPSet)
75 Expect(err).To(BeNil())
76 })
77
78 It("shoud fail on the first command", func() {
79
80 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
81 echo $1
82 exit 1
83 `), 0755)
84 Expect(err).To(BeNil())
85 defer os.Remove("/tmp/mockfail.sh")
86 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
87 return exec.Command("/tmp/mockfail.sh", "fail msg")
88 })()
89 err = createIPSet(context.TODO(), logger, true, 1, "name", v1alpha1.NetIPSet)
90 Expect(err).ToNot(BeNil())
91 })
92
93 It("shoud fail on the second command", func() {
94
95 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
96 echo $1
97 exit 1
98 `), 0755)
99 Expect(err).To(BeNil())
100 defer os.Remove("/tmp/mockfail.sh")
101 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
102 return exec.Command("/tmp/mockfail.sh", ipsetExistErr)
103 })()
104 err = createIPSet(context.TODO(), logger, true, 1, "name", v1alpha1.NetIPSet)
105 Expect(err).ToNot(BeNil())
106 })
107 })
108
109 Context("addToIPSet", func() {
110 It("should work", func() {
111 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
112 return exec.Command("echo", "mock command")
113 })()
114 err := addToIPSet(context.TODO(), logger, true, 1, "name", "1.1.1.1")
115 Expect(err).To(BeNil())
116 })
117
118 It("should work if ipset exists", func() {
119
120 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
121 echo $1
122 exit 1
123 `), 0755)
124 Expect(err).To(BeNil())
125 defer os.Remove("/tmp/mockfail.sh")
126 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
127 return exec.Command("/tmp/mockfail.sh", ipExistErr)
128 })()
129 err = addToIPSet(context.TODO(), logger, true, 1, "name", "1.1.1.1")
130 Expect(err).To(BeNil())
131 })
132
133 It("should fail", func() {
134
135 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
136 echo $1
137 exit 1
138 `), 0755)
139 Expect(err).To(BeNil())
140 defer os.Remove("/tmp/mockfail.sh")
141 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
142 return exec.Command("/tmp/mockfail.sh", "fail msg")
143 })()
144 err = addToIPSet(context.TODO(), logger, true, 1, "name", "1.1.1.1")
145 Expect(err).ToNot(BeNil())
146 })
147 })
148
149 Context("renameIPSet", func() {
150 It("should work", func() {
151 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
152 return exec.Command("echo", "mock command")
153 })()
154 err := renameIPSet(context.TODO(), logger, true, 1, "name", "newname")
155 Expect(err).To(BeNil())
156 })
157
158 It("should work since ipset exist", func() {
159
160 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
161 echo $1
162 cat > /tmp/mockfail.sh << EOF
163 #! /bin/sh
164 exit 0
165 EOF
166 exit 1
167 `), 0755)
168 Expect(err).To(BeNil())
169 defer os.Remove("/tmp/mockfail.sh")
170 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
171 return exec.Command("/tmp/mockfail.sh", ipsetNewNameExistErr)
172 })()
173 err = renameIPSet(context.TODO(), logger, true, 1, "name", "newname")
174 Expect(err).To(BeNil())
175 })
176
177 It("shoud fail on the first command", func() {
178
179 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
180 echo $1
181 exit 1
182 `), 0755)
183 Expect(err).To(BeNil())
184 defer os.Remove("/tmp/mockfail.sh")
185 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
186 return exec.Command("/tmp/mockfail.sh", "fail msg")
187 })()
188 err = renameIPSet(context.TODO(), logger, true, 1, "name", "newname")
189 Expect(err).ToNot(BeNil())
190 })
191
192 It("shoud fail on the second command", func() {
193
194 err := os.WriteFile("/tmp/mockfail.sh", []byte(`#! /bin/sh
195 echo $1
196 exit 1
197 `), 0755)
198 Expect(err).To(BeNil())
199 defer os.Remove("/tmp/mockfail.sh")
200 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
201 return exec.Command("/tmp/mockfail.sh", ipsetExistErr)
202 })()
203 err = renameIPSet(context.TODO(), logger, true, 1, "name", "newname")
204 Expect(err).ToNot(BeNil())
205 })
206 })
207
208 Context("FlushIPSets", func() {
209 It("should work", func() {
210 defer mock.With("MockProcessBuild", func(context.Context, string, ...string) *exec.Cmd {
211 return exec.Command("echo", "mock command")
212 })()
213 _, err := s.FlushIPSets(context.TODO(), &pb.IPSetsRequest{
214 Ipsets: []*pb.IPSet{
215 {
216 Name: "ipset-set-name",
217 Type: "list:set",
218 SetNames: []string{"set-1", "set-2"},
219 },
220 {
221 Name: "ipset-net-name",
222 Type: "hash:net",
223 Cidrs: []string{"0.0.0.0/24"},
224 },
225 {
226 Name: "ipset-net-port-name",
227 Type: "hash:net,port",
228 CidrAndPorts: []*pb.CidrAndPort{{
229 Cidr: "1.1.1.1/32",
230 Port: 80,
231 }},
232 },
233 },
234 ContainerId: "containerd://container-id",
235 EnterNS: true,
236 })
237 Expect(err).To(BeNil())
238 })
239
240 It("should fail on get pid", func() {
241 const errorStr = "mock get pid error"
242 defer mock.With("TaskError", errors.New(errorStr))()
243 _, err := s.FlushIPSets(context.TODO(), &pb.IPSetsRequest{
244 Ipsets: []*pb.IPSet{{
245 Name: "ipset-name",
246 SetNames: []string{"set-1", "set-2"},
247 }},
248 ContainerId: "containerd://container-id",
249 EnterNS: true,
250 })
251 Expect(err).ToNot(BeNil())
252 Expect(err.Error()).To(Equal(errorStr))
253 })
254
255 It("should fail on unknown type", func() {
256 _, err := s.FlushIPSets(context.TODO(), &pb.IPSetsRequest{
257 Ipsets: []*pb.IPSet{{
258 Name: "ipset-name",
259 Type: "foo:bar",
260 }},
261 ContainerId: "containerd://container-id",
262 EnterNS: true,
263 })
264 Expect(err).ToNot(BeNil())
265 Expect(err.Error()).To(Equal("unexpected IP set type: foo:bar"))
266 })
267 })
268 })
269