This is an automated email from the ASF dual-hosted git repository. gilbert pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mesos.git
commit ab7edeb490e0fa6dab8b5d5ed700c59834455955 Author: Andrei Budnik <abud...@mesosphere.com> AuthorDate: Mon Dec 10 16:00:30 2018 -0800 Added `ROOT_PseudoDevicesWithRootFilesystem` test. This test verifies that pseudo devices like /dev/random are properly mounted in the container's root filesystem. Review: https://reviews.apache.org/r/69540/ --- .../linux_filesystem_isolator_tests.cpp | 54 ++++++++++++++++++++++ src/tests/containerizer/rootfs.cpp | 1 + 2 files changed, 55 insertions(+) diff --git a/src/tests/containerizer/linux_filesystem_isolator_tests.cpp b/src/tests/containerizer/linux_filesystem_isolator_tests.cpp index 84b342c..99af704 100644 --- a/src/tests/containerizer/linux_filesystem_isolator_tests.cpp +++ b/src/tests/containerizer/linux_filesystem_isolator_tests.cpp @@ -123,6 +123,60 @@ TEST_F(LinuxFilesystemIsolatorTest, ROOT_ChangeRootFilesystem) } +// This test verifies that pseudo devices like /dev/random are properly mounted +// in the container's root filesystem. +TEST_F(LinuxFilesystemIsolatorTest, ROOT_PseudoDevicesWithRootFilesystem) +{ + string registry = path::join(sandbox.get(), "registry"); + AWAIT_READY(DockerArchive::create(registry, "test_image")); + + slave::Flags flags = CreateSlaveFlags(); + flags.isolation = "filesystem/linux,docker/runtime"; + flags.docker_registry = registry; + flags.docker_store_dir = path::join(sandbox.get(), "store"); + flags.image_providers = "docker"; + + Fetcher fetcher(flags); + + Try<MesosContainerizer*> create = + MesosContainerizer::create(flags, true, &fetcher); + + ASSERT_SOME(create); + + Owned<Containerizer> containerizer(create.get()); + + ContainerID containerId; + containerId.set_value(id::UUID::random().toString()); + + ExecutorInfo executor = createExecutorInfo( + "test_executor", + "dd if=/dev/zero of=/dev/null bs=1024 count=1 &&" + "dd if=/dev/random of=/dev/null bs=1024 count=1 &&" + "dd if=/dev/urandom of=/dev/null bs=1024 count=1 &&" + "dd if=/dev/full of=/dev/null bs=1024 count=1"); + + executor.mutable_container()->CopyFrom(createContainerInfo("test_image")); + + string directory = path::join(flags.work_dir, "sandbox"); + ASSERT_SOME(os::mkdir(directory)); + + Future<Containerizer::LaunchResult> launch = containerizer->launch( + containerId, + createContainerConfig(None(), executor, directory), + map<string, string>(), + None()); + + AWAIT_ASSERT_EQ(Containerizer::LaunchResult::SUCCESS, launch); + + Future<Option<ContainerTermination>> wait = containerizer->wait(containerId); + + AWAIT_READY(wait); + ASSERT_SOME(wait.get()); + ASSERT_TRUE(wait->get().has_status()); + EXPECT_WEXITSTATUS_EQ(0, wait->get().status()); +} + + // This test verifies that the metrics about the number of executors // that have root filesystem specified is correctly reported. TEST_F(LinuxFilesystemIsolatorTest, ROOT_Metrics) diff --git a/src/tests/containerizer/rootfs.cpp b/src/tests/containerizer/rootfs.cpp index 83662fc..48eb010 100644 --- a/src/tests/containerizer/rootfs.cpp +++ b/src/tests/containerizer/rootfs.cpp @@ -128,6 +128,7 @@ Try<process::Owned<Rootfs>> LinuxRootfs::create(const string& root) const vector<string> programs = { "/bin/cat", + "/bin/dd", "/bin/echo", "/bin/ls", "/bin/ping",