1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
|
From 3fb6de60ecf10278a676a41f8d0c334d1f90d303 Mon Sep 17 00:00:00 2001
From: liuxu <liuxu156@huawei.com>
Date: Wed, 17 Apr 2024 18:02:48 +0800
Subject: [PATCH 086/108] cdi:test case and gateway
Signed-off-by: liuxu <liuxu156@huawei.com>
---
CI/make-and-install.sh | 2 +-
CI/test_cases/container_cases/cdi_test.sh | 205 ++++++++++++++++++
.../criconfigs/container-config-cdi.json | 50 +++++
.../test_data/cdi_devices.json | 53 +++++
4 files changed, 309 insertions(+), 1 deletion(-)
create mode 100755 CI/test_cases/container_cases/cdi_test.sh
create mode 100644 CI/test_cases/container_cases/criconfigs/container-config-cdi.json
create mode 100644 CI/test_cases/container_cases/test_data/cdi_devices.json
diff --git a/CI/make-and-install.sh b/CI/make-and-install.sh
index 9d4c5533..61281965 100755
--- a/CI/make-and-install.sh
+++ b/CI/make-and-install.sh
@@ -105,7 +105,7 @@ cd build
if [[ ${enable_gcov} -ne 0 ]]; then
cmake -DLIB_INSTALL_DIR=${builddir}/lib -DCMAKE_INSTALL_PREFIX=${builddir} -DCMAKE_INSTALL_SYSCONFDIR=${builddir}/etc -DCMAKE_BUILD_TYPE=Debug -DGCOV=ON -DENABLE_EMBEDDED=ON -DENABLE_COVERAGE=ON -DENABLE_CRI_API_V1=ON -DENABLE_CDI=ON -DENABLE_UT=ON -DENABLE_METRICS=ON -DENABLE_REMOTE_LAYER_STORE=ON -DENABLE_GRPC_REMOTE_CONNECT=ON ..
else
- cmake -DLIB_INSTALL_DIR=${builddir}/lib -DCMAKE_INSTALL_PREFIX=${builddir} -DCMAKE_INSTALL_SYSCONFDIR=${builddir}/etc -DENABLE_EMBEDDED=ON -DENABLE_METRICS=ON -DENABLE_REMOTE_LAYER_STORE=ON -DENABLE_CRI_API_V1=ON -DENABLE_GRPC_REMOTE_CONNECT=ON ..
+ cmake -DLIB_INSTALL_DIR=${builddir}/lib -DCMAKE_INSTALL_PREFIX=${builddir} -DCMAKE_INSTALL_SYSCONFDIR=${builddir}/etc -DENABLE_EMBEDDED=ON -DENABLE_METRICS=ON -DENABLE_REMOTE_LAYER_STORE=ON -DENABLE_CRI_API_V1=ON -DENABLE_CDI=ON -DENABLE_GRPC_REMOTE_CONNECT=ON ..
fi
make -j $(nproc)
make install
diff --git a/CI/test_cases/container_cases/cdi_test.sh b/CI/test_cases/container_cases/cdi_test.sh
new file mode 100755
index 00000000..dd7b1177
--- /dev/null
+++ b/CI/test_cases/container_cases/cdi_test.sh
@@ -0,0 +1,205 @@
+#!/bin/bash
+#
+# attributes: isulad cdi
+# concurrent: NA
+# spend time: 41
+
+#######################################################################
+##- Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
+# - iSulad licensed under the Mulan PSL v2.
+# - You can use this software according to the terms and conditions of the Mulan PSL v2.
+# - You may obtain a copy of Mulan PSL v2 at:
+# - http://license.coscl.org.cn/MulanPSL2
+# - THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
+# - IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
+# - PURPOSE.
+# - See the Mulan PSL v2 for more details.
+##- @Description:CI
+##- @Author: liuxu
+##- @Create: 2024-04-16
+#######################################################################
+
+source ../helpers.sh
+curr_path=$(dirname $(readlink -f "$0"))
+data_path=$(realpath $curr_path/criconfigs)
+pause_img_path=$(realpath $curr_path/test_data)
+cdi_static_dir="/etc/cdi"
+
+function do_pre()
+{
+ cp /etc/isulad/daemon.json /etc/isulad/daemon.bak
+ sed -i "s#\"pod-sandbox-image\": \"\"#\"pod-sandbox-image\": \"mirrorgooglecontainers/pause-amd64:3.0\"#g" /etc/isulad/daemon.json
+ sed -i "/\"cni-conf-dir\": \".*\"/a\ \ \ \ \"enable-cri-v1\": true," /etc/isulad/daemon.json
+ sed -i "/\"cni-conf-dir\": \".*\"/a\ \ \ \ \"enable-cdi\": true," /etc/isulad/daemon.json
+
+ check_valgrind_log
+ start_isulad_without_valgrind
+
+ isula load -i ${pause_img_path}/pause.tar
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to load pause" && return ${FAILURE}
+
+ isula pull busybox
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - failed to pull busybox" && return ${FAILURE}
+
+ crictl images | grep "mirrorgooglecontainers/pause-amd64"
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - Failed to find mirrorgooglecontainers/pause-amd64 image" && return ${FAILURE}
+
+ return 0
+}
+
+function do_post()
+{
+ cp -f /etc/isulad/daemon.bak /etc/isulad/daemon.json
+ check_valgrind_log
+ start_isulad_without_valgrind
+}
+
+function verify_injected_vendor0() {
+ # check env
+ output=$(crictl exec --sync "$1" sh -c 'echo $VENDOR0')
+ [[ "$output" != "injected" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - env check failed" && return ${FAILURE}
+
+ # check hooks
+ cat /tmp/cdi_hook_test.log | grep "prestart"
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - hook check failed" && return ${FAILURE}
+
+ # check mounts
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %a /tmp/cdi_mounts_test')
+ [[ "$output" != "755" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - mount check failed" && return ${FAILURE}
+
+ return 0
+}
+
+function verify_injected_loop8() {
+ # check env
+ output=$(crictl exec --sync "$1" sh -c 'echo $LOOP8')
+ [[ "$output" != "CDI8" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - env check failed" && return ${FAILURE}
+
+ # check device nodes
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %a /dev/loop8')
+ [[ "$output" != "640" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - device nodes check failed" && return ${FAILURE}
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %t.%T /dev/loop8')
+ [[ "$output" != "7.8" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - device nodes check failed" && return ${FAILURE}
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %t.%T /dev/loop8c')
+ [[ "$output" != "7.b" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - device nodes check failed" && return ${FAILURE}
+
+ # check mounts
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %a /tmp/cdi_mounts_test_loop8')
+ [[ "$output" != "755" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - mount check failed" && return ${FAILURE}
+
+ return 0
+}
+
+function verify_injected_loop9() {
+ # check env
+ output=$(crictl exec --sync "$1" sh -c 'echo $LOOP9')
+ [[ "$output" != "present" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - env check failed" && return ${FAILURE}
+
+ # check device nodes
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %a /dev/loop9')
+ [[ "$output" != "644" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - device nodes check failed" && return ${FAILURE}
+ output=$(crictl exec --sync "$1" sh -c 'stat -c %t.%T /dev/loop9')
+ [[ "$output" != "7.9" ]] && msg_err "${FUNCNAME[0]}:${LINENO} - device nodes check failed" && return ${FAILURE}
+
+ return 0
+}
+
+function check_full_cdi()
+{
+ verify_injected_vendor0 $1
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - verify_injected_vendor0 failed" && return ${FAILURE}
+
+ verify_injected_loop8 $1
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - verify_injected_loop8 failed" && return ${FAILURE}
+
+ verify_injected_loop9 $1
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - verify_injected_loop9 failed" && return ${FAILURE}
+
+ return 0
+}
+
+function do_test_help()
+{
+ msg_info "cdi test starting..."
+
+ isula rm -f `isula ps -a -q`
+
+ sid=`crictl runp ${data_path}/$1`
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - Failed to run sandbox" && return ${FAILURE}
+
+ cid=`crictl create $sid ${data_path}/$2 ${data_path}/$1`
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - create container failed" && return ${FAILURE}
+
+ crictl start $cid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - start container failed" && return ${FAILURE}
+
+ crictl stats
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - stats container failed" && return ${FAILURE}
+
+ check_full_cdi $cid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - check cdi failed" && return ${FAILURE}
+
+ crictl stop $cid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - stop container failed" && return ${FAILURE}
+
+ crictl rm $cid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - rm container failed" && return ${FAILURE}
+
+ crictl stopp $sid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - stop sandbox failed" && return ${FAILURE}
+
+ crictl rmp $sid
+ [[ $? -ne 0 ]] && msg_err "${FUNCNAME[0]}:${LINENO} - rm sandbox failed" && return ${FAILURE}
+
+ return 0
+}
+
+function do_test_full_cdi()
+{
+ if [ ! -d "$cdi_static_dir" ]; then
+ mkdir -p "$cdi_static_dir"
+ fi
+ cp -f ${pause_img_path}/cdi_devices.json ${cdi_static_dir}/cdi_devices.json
+
+ mkdir -p /tmp/cdi_mounts_test
+ cat > /tmp/cdi_mounts_test_loop8 << EOF
+origin data
+EOF
+ chmod 755 /tmp/cdi_mounts_test_loop8
+ mkdir -p /tmp/cdi_mounts_test_loop9
+
+ mknod /dev/loop8 b 7 8
+ mknod /dev/loop9 b 7 9
+ mknod /dev/loop8c c 7 11
+
+ cat > /tmp/cdi_printargs.sh << EOF
+#!/bin/bash
+echo "\$(date +'%Y-%m-%d %H:%M:%S') Input parameter: \$1 \$2" >> /tmp/cdi_hook_test.log
+EOF
+ chmod 755 /tmp/cdi_printargs.sh
+
+ do_test_help "sandbox-config.json" "container-config-cdi.json" || ((ans++))
+
+ rm -f /tmp/cdi_printargs.sh
+ rm -f /tmp/cdi_hook_test.log
+ rm -f /dev/loop8
+ rm -f /dev/loop9
+ rm -f /dev/loop8c
+
+ rm -f ${cdi_static_dir}/cdi_devices.json
+ rm -f /tmp/cdi_printargs
+ rmdir /tmp/cdi_mounts_test
+ rm -f /tmp/cdi_mounts_test_loop8
+ rmdir /tmp/cdi_mounts_test_loop9
+ rm -f /tmp/cdi_printargs.sh
+
+ return 0
+}
+
+declare -i ans=0
+
+do_pre || ((ans++))
+do_test_full_cdi || ((ans++))
+do_post
+
+show_result ${ans} "${curr_path}/${0}"
diff --git a/CI/test_cases/container_cases/criconfigs/container-config-cdi.json b/CI/test_cases/container_cases/criconfigs/container-config-cdi.json
new file mode 100644
index 00000000..b9805c8a
--- /dev/null
+++ b/CI/test_cases/container_cases/criconfigs/container-config-cdi.json
@@ -0,0 +1,50 @@
+{
+ "metadata": {
+ "name": "haozi"
+ },
+ "image":{
+ "image": "busybox:latest"
+ },
+ "command": [
+ "/bin/sh",
+ "-c",
+ "i=0; while true; do echo \"$i: $(date)\"; i=$((i+1)); sleep 10; done"
+ ],
+ "labels": {
+ "filter_label_key": "filter_label_val"
+ },
+ "annotations": {
+ "extension.network.kubernetes.io/cni/instancename": "pod_instance_name",
+ "cdi.k8s.io/test": "vendor0.com/device=loop8,vendor0.com/device=loop9"
+ },
+ "CDI_Devices":[
+ { "Name": "vendor0.com/device=loop8" },
+ { "Name": "vendor0.com/device=loop9" }
+ ],
+ "mounts" : [
+ {
+ "container_path": "/tmp/contpath",
+ "host_path": "/tmp/hostpath",
+ "readonly": true,
+ "selinux_relabel": true,
+ "propagation": 0
+ },
+ {
+ "container_path": "/tmp/contpath2",
+ "host_path": "/tmp/hostpath2",
+ "readonly": false,
+ "selinux_relabel": false,
+ "propagation": 0
+ }
+ ],
+ "linux": {
+ "security_context": {
+ "namespace_options": {
+ "host_network": true,
+ "host_pid": false,
+ "host_ipc": false
+ }
+ }
+ },
+ "log_path": "cri_test.log"
+}
diff --git a/CI/test_cases/container_cases/test_data/cdi_devices.json b/CI/test_cases/container_cases/test_data/cdi_devices.json
new file mode 100644
index 00000000..f7fe65d4
--- /dev/null
+++ b/CI/test_cases/container_cases/test_data/cdi_devices.json
@@ -0,0 +1,53 @@
+{
+ "cdiVersion": "0.6.0",
+ "kind": "vendor0.com/device",
+ "annotations":{
+ "cdi_annotation":"cdi_annotation_value"
+ },
+ "devices": [
+ {
+ "name": "loop8",
+ "annotations":{
+ "loop8_annotation":"loop8_annotation_value"
+ },
+ "containerEdits": {
+ "env": [
+ "LOOP8=CDI8",
+ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/dev"
+ ],
+ "deviceNodes": [
+ {"path": "/dev/loop8", "type": "b", "fileMode": 416},
+ {"path": "/dev/loop8c", "type": "c"}
+ ],
+ "mounts": [
+ {"hostPath": "/tmp/cdi_mounts_test_loop8", "containerPath": "/tmp/cdi_mounts_test_loop8", "options": ["ro","nosuid","nodev","bind"]},
+ {"hostPath": "tmpfs", "containerPath": "/tmp/data", "type": "tmpfs", "options": ["nosuid","strictatime","mode=755","size=65536k"]}
+ ]
+ }
+ },{
+ "name": "loop9",
+ "containerEdits": {
+ "env":["LOOP9=present"],
+ "deviceNodes": [{
+ "path": "/dev/loop9", "type": "b", "major": 7, "minor": 9, "fileMode": 420
+ }
+ ]
+ }
+ }
+ ],
+ "containerEdits": {
+ "env": [
+ "VENDOR0=injected",
+ "BAR=BARVALUE1"
+ ],
+ "hooks": [
+ {"hookName": "prestart", "path": "/tmp/cdi_printargs.sh", "args":["prestart0", "prestart1"], "env":["prestartenv=value"]},
+ {"hookName": "prestart", "path": "/tmp/cdi_printargs.sh", "args":["prestart0", "prestart1"], "env":["prestartenv=value"]},
+ {"hookName": "poststart", "path": "/tmp/cdi_printargs.sh", "args":["poststart0", "poststart1"], "env":["poststartenv=value"]},
+ {"hookName": "poststop", "path": "/tmp/cdi_printargs.sh", "args":["poststop0", "poststop1"], "env":["poststopenv=value"]}
+ ],
+ "mounts": [
+ {"hostPath": "/tmp/cdi_mounts_test", "containerPath": "/tmp/cdi_mounts_test", "options": ["ro","nosuid","nodev","bind"]}
+ ]
+ }
+}
\ No newline at end of file
--
2.25.1
|
