diff --git a/integration/sandbox_clean_remove_test.go b/integration/sandbox_clean_remove_test.go index ee4843f94..ecfbf1b37 100644 --- a/integration/sandbox_clean_remove_test.go +++ b/integration/sandbox_clean_remove_test.go @@ -17,7 +17,6 @@ limitations under the License. package integration import ( - "encoding/json" "io/ioutil" "os" "path/filepath" @@ -32,8 +31,6 @@ import ( "golang.org/x/net/context" "golang.org/x/sys/unix" runtime "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2" - - "github.com/containerd/cri/pkg/server" ) func TestSandboxCleanRemove(t *testing.T) { @@ -77,7 +74,6 @@ func TestSandboxCleanRemove(t *testing.T) { } func TestSandboxRemoveWithoutIPLeakage(t *testing.T) { - ctx := context.Background() const hostLocalCheckpointDir = "/var/lib/cni" t.Logf("Make sure host-local ipam is in use") @@ -104,22 +100,13 @@ func TestSandboxRemoveWithoutIPLeakage(t *testing.T) { }() t.Logf("Get pod information") - client, err := RawRuntimeClient() + status, info, err := SandboxInfo(sb) require.NoError(t, err) - resp, err := client.PodSandboxStatus(ctx, &runtime.PodSandboxStatusRequest{ - PodSandboxId: sb, - Verbose: true, - }) - require.NoError(t, err) - status := resp.GetStatus() - info := resp.GetInfo() ip := status.GetNetwork().GetIp() require.NotEmpty(t, ip) - var sbInfo server.SandboxInfo - require.NoError(t, json.Unmarshal([]byte(info["info"]), &sbInfo)) - require.NotNil(t, sbInfo.RuntimeSpec.Linux) + require.NotNil(t, info.RuntimeSpec.Linux) var netNS string - for _, n := range sbInfo.RuntimeSpec.Linux.Namespaces { + for _, n := range info.RuntimeSpec.Linux.Namespaces { if n.Type == runtimespec.NetworkNamespace { netNS = n.Path } @@ -140,14 +127,23 @@ func TestSandboxRemoveWithoutIPLeakage(t *testing.T) { require.True(t, checkIP(ip)) t.Logf("Kill sandbox container") - require.NoError(t, KillPid(int(sbInfo.Pid))) + require.NoError(t, KillPid(int(info.Pid))) t.Logf("Unmount network namespace") - // The umount will take effect after containerd is stopped. require.NoError(t, unix.Unmount(netNS, unix.MNT_DETACH)) - t.Logf("Restart containerd") - RestartContainerd(t) + t.Logf("Network namespace should be closed") + _, info, err = SandboxInfo(sb) + require.NoError(t, err) + assert.True(t, info.NetNSClosed) + + t.Logf("Remove network namespace") + require.NoError(t, os.RemoveAll(netNS)) + + t.Logf("Network namespace should still be closed") + _, info, err = SandboxInfo(sb) + require.NoError(t, err) + assert.True(t, info.NetNSClosed) t.Logf("Sandbox state should be NOTREADY") assert.NoError(t, Eventually(func() (bool, error) { @@ -158,14 +154,10 @@ func TestSandboxRemoveWithoutIPLeakage(t *testing.T) { return status.GetState() == runtime.PodSandboxState_SANDBOX_NOTREADY, nil }, time.Second, 30*time.Second), "sandbox state should become NOTREADY") - t.Logf("Network namespace should have been removed") - _, err = os.Stat(netNS) - assert.True(t, os.IsNotExist(err)) - t.Logf("Should still be able to find the pod ip in host-local checkpoint") assert.True(t, checkIP(ip)) - t.Logf("Should be able to remove the sandbox after properly stopped") + t.Logf("Should be able to stop and remove the sandbox") assert.NoError(t, runtimeService.StopPodSandbox(sb)) assert.NoError(t, runtimeService.RemovePodSandbox(sb)) diff --git a/integration/test_utils.go b/integration/test_utils.go index a2e598f77..12507dab6 100644 --- a/integration/test_utils.go +++ b/integration/test_utils.go @@ -42,6 +42,7 @@ import ( "github.com/containerd/cri/pkg/client" criconfig "github.com/containerd/cri/pkg/config" "github.com/containerd/cri/pkg/constants" + "github.com/containerd/cri/pkg/server" "github.com/containerd/cri/pkg/util" ) @@ -352,6 +353,27 @@ func CRIConfig() (*criconfig.Config, error) { return config, nil } +// SandboxInfo gets sandbox info. +func SandboxInfo(id string) (*runtime.PodSandboxStatus, *server.SandboxInfo, error) { + client, err := RawRuntimeClient() + if err != nil { + return nil, nil, errors.Wrap(err, "failed to get raw runtime client") + } + resp, err := client.PodSandboxStatus(context.Background(), &runtime.PodSandboxStatusRequest{ + PodSandboxId: id, + Verbose: true, + }) + if err != nil { + return nil, nil, errors.Wrap(err, "failed to get sandbox status") + } + status := resp.GetStatus() + var info server.SandboxInfo + if err := json.Unmarshal([]byte(resp.GetInfo()["info"]), &info); err != nil { + return nil, nil, errors.Wrap(err, "failed to unmarshal sandbox info") + } + return status, &info, nil +} + func RestartContainerd(t *testing.T) { require.NoError(t, KillProcess("containerd"))