README
¶
dockerutil
This package is for creating and controlling docker containers for testing runsc, gVisor's docker/kubernetes binary. A simple test may look like:
func TestSuperCool(t *testing.T) {
ctx := context.Background()
c := dockerutil.MakeContainer(ctx, t)
got, err := c.Run(ctx, dockerutil.RunOpts{
Image: "basic/alpine"
}, "echo", "super cool")
if err != nil {
t.Fatalf("err was not nil: %v", err)
}
want := "super cool"
if !strings.Contains(got, want){
t.Fatalf("want: %s, got: %s", want, got)
}
}
For further examples, see many of our end to end tests elsewhere in the repo, such as those in //test/e2e or benchmarks at //test/benchmarks.
dockerutil uses the "official" docker golang api, which is very powerful. dockerutil is a thin wrapper around this API, allowing desired new use cases to be easily implemented.
Profiling
dockerutil is capable of generating profiles. Currently, the only option is to
use pprof profiles generated by runsc debug. The profiler will generate Block,
CPU, Heap, Goroutine, and Mutex profiles. To generate profiles:
- Install runsc with the
--profileflag:make configure RUNTIME=myrunsc ARGS="--profile"Also add other flags with ARGS like--platform=kvmor--vfs2. - Restart docker:
sudo service docker restart
To run and generate CPU profiles run:
make sudo TARGETS=//path/to:target \
ARGS="--runtime=myrunsc -test.v -test.bench=. --pprof-cpu" OPTIONS="-c opt"
Profiles would be at: /tmp/profile/myrunsc/CONTAINERNAME/cpu.pprof
Container name in most tests and benchmarks in gVisor is usually the test name
and some random characters like so:
BenchmarkABSL-CleanCache-JF2J2ZYF3U7SL47QAA727CSJI3C4ZAW2
Profiling requires root as runsc debug inspects running containers in /var/run among other things.
Writing for Profiling
The below shows an example of using profiles with dockerutil.
func TestSuperCool(t *testing.T){
ctx := context.Background()
// profiled and using runtime from dockerutil.runtime flag
profiled := MakeContainer()
// not profiled and using runtime runc
native := MakeNativeContainer()
err := profiled.Spawn(ctx, RunOpts{
Image: "some/image",
}, "sleep", "100000")
// profiling has begun here
...
expensive setup that I don't want to profile.
...
profiled.RestartProfiles()
// profiled activity
}
In the above example, profiled would be profiled and native would not. The
call to RestartProfiles() restarts the clock on profiling. This is useful if
the main activity being tested is done with docker exec or container.Spawn()
followed by one or more container.Exec() calls.
Documentation
¶
Overview ¶
Package dockerutil is a collection of utility functions.
Index ¶
- Variables
- func EnsureSupportedDockerVersion()
- func Runtime() string
- func RuntimePath() (string, error)
- func Save(logger testutil.Logger, image string, w io.Writer) error
- func UsingVFS2() (bool, error)
- type Container
- func (c *Container) Checkpoint(ctx context.Context, name string) error
- func (c *Container) CleanUp(ctx context.Context)
- func (c *Container) ConfigsFrom(r RunOpts, args ...string) (*container.Config, *container.HostConfig, *network.NetworkingConfig)
- func (c *Container) CopyFiles(opts *RunOpts, target string, sources ...string)
- func (c *Container) Create(ctx context.Context, r RunOpts, args ...string) error
- func (c *Container) CreateFrom(ctx context.Context, profileImage string, conf *container.Config, ...) error
- func (c *Container) Exec(ctx context.Context, opts ExecOpts, args ...string) (string, error)
- func (c *Container) ExecProcess(ctx context.Context, opts ExecOpts, args ...string) (Process, error)
- func (c *Container) FindIP(ctx context.Context, ipv6 bool) (net.IP, error)
- func (c *Container) FindPort(ctx context.Context, sandboxPort int) (int, error)
- func (c *Container) ID() string
- func (c *Container) Kill(ctx context.Context) error
- func (c *Container) Logs(ctx context.Context) (string, error)
- func (c *Container) MakeLink(target string) string
- func (c *Container) Pause(ctx context.Context) error
- func (c *Container) Remove(ctx context.Context) error
- func (c *Container) Restore(ctx context.Context, name string) error
- func (c *Container) Run(ctx context.Context, r RunOpts, args ...string) (string, error)
- func (c *Container) SandboxPid(ctx context.Context) (int, error)
- func (c *Container) Spawn(ctx context.Context, r RunOpts, args ...string) error
- func (c *Container) SpawnProcess(ctx context.Context, r RunOpts, args ...string) (Process, error)
- func (c *Container) Start(ctx context.Context) error
- func (c *Container) Status(ctx context.Context) (types.ContainerState, error)
- func (c *Container) Stop(ctx context.Context) error
- func (c *Container) Unpause(ctx context.Context) error
- func (c *Container) Wait(ctx context.Context) error
- func (c *Container) WaitForOutput(ctx context.Context, pattern string, timeout time.Duration) (string, error)
- func (c *Container) WaitForOutputSubmatch(ctx context.Context, pattern string, timeout time.Duration) ([]string, error)
- func (c *Container) WaitTimeout(ctx context.Context, timeout time.Duration) error
- type ExecOpts
- type Network
- type Process
- func (p *Process) ExitCode(ctx context.Context) (int, error)
- func (p *Process) IsRunning(ctx context.Context) (bool, error)
- func (p *Process) Logs() (string, error)
- func (p *Process) Read() (string, string, error)
- func (p *Process) WaitExitStatus(ctx context.Context) (int, error)
- func (p *Process) Write(timeout time.Duration, buf []byte) (int, error)
- type RunOpts
Constants ¶
This section is empty.
Variables ¶
var ErrNoIP = errors.New("no IP available")
ErrNoIP indicates that no IP address is available.
Functions ¶
func EnsureSupportedDockerVersion ¶
func EnsureSupportedDockerVersion()
EnsureSupportedDockerVersion checks if correct docker is installed.
This logs directly to stderr, as it is typically called from a Main wrapper.
func RuntimePath ¶
RuntimePath returns the binary path for the current runtime.
Types ¶
type Container ¶
type Container struct {
Name string
// contains filtered or unexported fields
}
Container represents a Docker Container allowing user to configure and control as one would with the 'docker' client. Container is backed by the offical golang docker API. See: https://pkg.go.dev/github.com/docker/docker.
func MakeContainer ¶
MakeContainer constructs a suitable Container object.
The runtime used is determined by the runtime flag.
Containers will check flags for profiling requests.
func MakeNativeContainer ¶
MakeNativeContainer constructs a suitable Container object.
The runtime used will be the system default.
Native containers aren't profiled.
func (*Container) Checkpoint ¶
Checkpoint is analogous to 'docker checkpoint'.
func (*Container) ConfigsFrom ¶
func (c *Container) ConfigsFrom(r RunOpts, args ...string) (*container.Config, *container.HostConfig, *network.NetworkingConfig)
ConfigsFrom returns container configs from RunOpts and args. The caller should call 'CreateFrom' and Start.
func (*Container) CopyFiles ¶
CopyFiles copies in and mounts the given files. They are always ReadOnly.
func (*Container) CreateFrom ¶
func (c *Container) CreateFrom(ctx context.Context, profileImage string, conf *container.Config, hostconf *container.HostConfig, netconf *network.NetworkingConfig) error
CreateFrom creates a container from the given configs.
func (*Container) ExecProcess ¶
func (c *Container) ExecProcess(ctx context.Context, opts ExecOpts, args ...string) (Process, error)
ExecProcess creates a process inside the container and returns a process struct for the caller to use.
func (*Container) SandboxPid ¶
SandboxPid returns the container's pid.
func (*Container) SpawnProcess ¶
SpawnProcess is analogous to 'docker run -it'. It returns a process which represents the root process.
func (*Container) WaitForOutput ¶
func (c *Container) WaitForOutput(ctx context.Context, pattern string, timeout time.Duration) (string, error)
WaitForOutput searches container logs for pattern and returns or timesout.
type ExecOpts ¶
type ExecOpts struct {
// Env are additional environment variables.
Env []string
// Privileged enables privileged mode.
Privileged bool
// User is the user to use.
User string
// Enables Tty and stdin for the created process.
UseTTY bool
// WorkDir is the working directory of the process.
WorkDir string
}
ExecOpts holds arguments for Exec calls.
type Network ¶
Network is a docker network.
func NewNetwork ¶
NewNetwork sets up the struct for a Docker network. Names of networks will be unique.
func (*Network) Connect ¶
Connect is analogous to 'docker network connect' with the arguments provided.
type Process ¶
type Process struct {
// contains filtered or unexported fields
}
Process represents a containerized process.
func (*Process) WaitExitStatus ¶
WaitExitStatus until process completes and returns exit status.
type RunOpts ¶
type RunOpts struct {
// Image is the image relative to images/. This will be mangled
// appropriately, to ensure that only first-party images are used.
Image string
// Memory is the memory limit in bytes.
Memory int
// Cpus in which to allow execution. ("0", "1", "0-2").
CpusetCpus string
// Ports are the ports to be allocated.
Ports []int
// WorkDir sets the working directory.
WorkDir string
// ReadOnly sets the read-only flag.
ReadOnly bool
// Env are additional environment variables.
Env []string
// User is the user to use.
User string
// Privileged enables privileged mode.
Privileged bool
// CapAdd are the extra set of capabilities to add.
CapAdd []string
// CapDrop are the extra set of capabilities to drop.
CapDrop []string
// Mounts is the list of directories/files to be mounted inside the container.
Mounts []mount.Mount
// Links is the list of containers to be connected to the container.
Links []string
}
RunOpts are options for running a container.
Source Files