From 9e17cdd7838275c041f0d9bde549b3c372a69025 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Fri, 5 Jul 2024 19:42:12 +0200 Subject: [PATCH 1/2] kola/tests: Add docker.network test with OpenBSD nc Nmap's ncat will be replaced in newer versions with OpenBSD nc. But keep the old test intact, as the older channels still have nmap's ncat. The CRIO and podman are untested - they do not run on Flatcar. --- kola/tests/crio/crio.go | 12 ++++---- kola/tests/docker/docker.go | 59 ++++++++++++++++++++++++++++++------- kola/tests/podman/podman.go | 10 +++---- 3 files changed, 59 insertions(+), 22 deletions(-) diff --git a/kola/tests/crio/crio.go b/kola/tests/crio/crio.go index c117753fa..72f2f6dc3 100644 --- a/kola/tests/crio/crio.go +++ b/kola/tests/crio/crio.go @@ -259,16 +259,16 @@ func crioNetwork(c cluster.TestCluster) { machines := c.Machines() src, dest := machines[0], machines[1] - c.Log("creating ncat containers") + c.Log("creating netcat containers") // Since genContainer also generates crio pod/container configs, // there will be a duplicate config file on each machine. // Thus we only save one set for later use. - crioConfigPod, crioConfigContainer, err := genContainer(c, src, "ncat", "ncat", []string{"ncat", "echo"}, []string{"ncat"}) + crioConfigPod, crioConfigContainer, err := genContainer(c, src, "netcat", "netcat", []string{"nc", "echo", "timeout"}, []string{"nc"}) if err != nil { c.Fatal(err) } - _, _, err = genContainer(c, dest, "ncat", "ncat", []string{"ncat", "echo"}, []string{"ncat"}) + _, _, err = genContainer(c, dest, "netcat", "netcat", []string{"nc", "echo", "timeout"}, []string{"nc"}) if err != nil { c.Fatal(err) } @@ -285,8 +285,8 @@ func crioNetwork(c cluster.TestCluster) { return err } - // This command will block until a message is recieved - output, err := c.SSH(dest, fmt.Sprintf("sudo timeout 30 crictl exec %s echo 'HELLO FROM SERVER' | timeout 20 ncat --listen 0.0.0.0 9988 || echo 'LISTENER TIMEOUT'", containerID)) + // This command will block until a message is received + output, err := c.SSH(dest, fmt.Sprintf("sudo timeout 30 crictl exec %s echo 'HELLO FROM SERVER' | timeout 20 nc -l -N 0.0.0.0 9988 || echo 'LISTENER TIMEOUT'", containerID)) if err != nil { return err } @@ -328,7 +328,7 @@ func crioNetwork(c cluster.TestCluster) { return err } - output, err := c.SSH(src, fmt.Sprintf("sudo crictl exec %s echo 'HELLO FROM CLIENT' | ncat %s 9988", + output, err := c.SSH(src, fmt.Sprintf("sudo crictl exec %s echo 'HELLO FROM CLIENT' | nc %s 9988", containerID, dest.PrivateIP())) if err != nil { return err diff --git a/kola/tests/docker/docker.go b/kola/tests/docker/docker.go index ef9b82e81..78efd377c 100644 --- a/kola/tests/docker/docker.go +++ b/kola/tests/docker/docker.go @@ -64,10 +64,21 @@ func init() { Platforms: []string{"qemu", "qemu-unpriv"}, }) register.Register(®ister.Test{ - Run: dockerNetwork, + Run: dockerNetworkNmapNcat, ClusterSize: 2, - Name: "docker.network", + Name: "docker.network-nmap-ncat", Distros: []string{"cl"}, + EndVersion: semver.Version{Major: 4057}, + // No idea why Docker containers cannot reach each the other VM + ExcludePlatforms: []string{"qemu-unpriv"}, + // Should run on all cloud environments to check against network conflicts + }) + register.Register(®ister.Test{ + Run: dockerNetworkOpenBsdNc, + ClusterSize: 2, + Name: "docker.network-openbsd-nc", + Distros: []string{"cl"}, + MinVersion: semver.Version{Major: 4057}, // No idea why Docker containers cannot reach each the other VM ExcludePlatforms: []string{"qemu-unpriv"}, // Should run on all cloud environments to check against network conflicts @@ -362,21 +373,47 @@ func dockerResources(c cluster.TestCluster) { } } +type ncSetup struct { + imageName string + binaries []string + clientCommand string + serverCommand string +} + +func dockerNetworkNmapNcat(c cluster.TestCluster) { + nc := ncSetup{ + imageName: "ncat", + binaries: []string{"ncat"}, + clientCommand: "ncat", + serverCommand: "ncat --idle-timeout 20 --listen", + } + dockerNetwork(c, nc) +} + +func dockerNetworkOpenBsdNc(c cluster.TestCluster) { + nc := ncSetup{ + imageName: "netcat", + binaries: []string{"nc", "timeout"}, + clientCommand: "nc", + serverCommand: "timeout 20 nc -N -l", + } + dockerNetwork(c, nc) +} + // Ensure that docker containers can make network connections outside of the host -func dockerNetwork(c cluster.TestCluster) { +func dockerNetwork(c cluster.TestCluster, nc ncSetup) { machines := c.Machines() src, dest := machines[0], machines[1] - c.Log("creating ncat containers") + c.Logf("creating %s containers\n", nc.imageName) - GenDockerImage(c, src, "ncat", []string{"ncat"}) - GenDockerImage(c, dest, "ncat", []string{"ncat"}) + GenDockerImage(c, src, nc.imageName, nc.binaries) + GenDockerImage(c, dest, nc.imageName, nc.binaries) listener := func(ctx context.Context) error { - // Will block until a message is recieved - out, err := c.SSH(dest, - `echo "HELLO FROM SERVER" | docker run -i -p 9988:9988 ncat ncat --idle-timeout 20 --listen 0.0.0.0 9988`, - ) + // Will block until a message is received + destCmd := fmt.Sprintf(`echo "HELLO FROM SERVER" | docker run -i -p 9988:9988 %s %s 0.0.0.0 9988`, nc.imageName, nc.serverCommand) + out, err := c.SSH(dest, destCmd) if err != nil { return err } @@ -409,7 +446,7 @@ func dockerNetwork(c cluster.TestCluster) { } } - srcCmd := fmt.Sprintf(`echo "HELLO FROM CLIENT" | docker run -i ncat ncat %s 9988`, dest.PrivateIP()) + srcCmd := fmt.Sprintf(`echo "HELLO FROM CLIENT" | docker run -i %s %s %s 9988`, nc.imageName, nc.clientCommand, dest.PrivateIP()) out, err := c.SSH(src, srcCmd) if err != nil { return err diff --git a/kola/tests/podman/podman.go b/kola/tests/podman/podman.go index d1a956162..e169d27f4 100644 --- a/kola/tests/podman/podman.go +++ b/kola/tests/podman/podman.go @@ -275,15 +275,15 @@ func podmanNetworkTest(c cluster.TestCluster) { machines := c.Machines() src, dest := machines[0], machines[1] - c.Log("creating ncat containers") + c.Log("creating netcat containers") - tutil.GenPodmanScratchContainer(c, src, "ncat", []string{"ncat"}) - tutil.GenPodmanScratchContainer(c, dest, "ncat", []string{"ncat"}) + tutil.GenPodmanScratchContainer(c, src, "netcat", []string{"timeout", "nc"}) + tutil.GenPodmanScratchContainer(c, dest, "netcat", []string{"timeout", "nc"}) listener := func(ctx context.Context) error { // Will block until a message is recieved out, err := c.SSH(dest, - `echo "HELLO FROM SERVER" | sudo podman run -i -p 9988:9988 ncat ncat --idle-timeout 20 --listen 0.0.0.0 9988`, + `echo "HELLO FROM SERVER" | sudo podman run -i -p 9988:9988 netcat timeout 20 nc -l -N 0.0.0.0 9988`, ) if err != nil { return err @@ -317,7 +317,7 @@ func podmanNetworkTest(c cluster.TestCluster) { } } - srcCmd := fmt.Sprintf(`echo "HELLO FROM CLIENT" | sudo podman run -i ncat ncat %s 9988`, dest.PrivateIP()) + srcCmd := fmt.Sprintf(`echo "HELLO FROM CLIENT" | sudo podman run -i netcat nc %s 9988`, dest.PrivateIP()) out, err := c.SSH(src, srcCmd) if err != nil { return err From a602f874da13feb18df8e70bd4f1740020087922 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Thu, 1 Aug 2024 17:56:46 +0200 Subject: [PATCH 2/2] README: Replace ncat with nc --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b2597cbbf..d860dd0fa 100644 --- a/README.md +++ b/README.md @@ -128,7 +128,7 @@ ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ProxyCommand= - using `--qemu-vnc 0`, it's possible to setup a VNC server. Similar to SSH you need to identify the PID of the `qemu` instance to setup a proxy: ``` mkfifo reply -ncat -kl 12800 < reply | sudo nsenter -t "${QEMUPID}" -n ncat localhost 5900 > reply +nc -kl 12800 < reply | sudo nsenter -t "${QEMUPID}" -n nc localhost 5900 > reply rm reply ``` Now, you can access the VNC session on localhost:12800 using a VNC client.