Apache
/
hadoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

YARN-8064. Bugfix for clean up container-executor cmd helper file. 

Contributed by Eric Badger
This commit is contained in:
Eric Yang 2018-04-20 13:49:33 -04:00
parent 7fd878813b
commit 85585f9eef
8 changed files with 293 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/LinuxContainerExecutor.java
View File

@ -113,6 +113,7 @@ public class LinuxContainerExecutor extends ContainerExecutor {
private boolean containerLimitUsers;
private ResourceHandler resourceHandlerChain;
private LinuxContainerRuntime linuxContainerRuntime;
private Context nmContext;
/**
* The container exit code.
@ -284,8 +285,9 @@ public class LinuxContainerExecutor extends ContainerExecutor {
}
@Override
public void init(Context nmContext) throws IOException {
public void init(Context context) throws IOException {
Configuration conf = super.getConf();
this.nmContext = context;
// Send command to executor which will just start up,
// verify configuration/permissions and exit
@ -956,11 +958,11 @@ public class LinuxContainerExecutor extends ContainerExecutor {
PrivilegedOperationExecutor.getInstance(super.getConf());
if (DockerCommandExecutor.isRemovable(
DockerCommandExecutor.getContainerStatus(containerId,
super.getConf(), privOpExecutor))) {
super.getConf(), privOpExecutor, nmContext))) {
LOG.info("Removing Docker container : " + containerId);
DockerRmCommand dockerRmCommand = new DockerRmCommand(containerId);
DockerCommandExecutor.executeDockerCommand(dockerRmCommand, containerId,
null, super.getConf(), privOpExecutor, false);
null, super.getConf(), privOpExecutor, false, nmContext);
}
} catch (ContainerExecutionException e) {
LOG.warn("Unable to remove docker container: " + containerId);

22
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/DockerLinuxContainerRuntime.java
View File

@ -383,7 +383,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
Container container) throws ContainerExecutionException {
try {
String commandFile = dockerClient.writeCommandToTempFile(
dockerVolumeCommand, container.getContainerId().toString());
dockerVolumeCommand, container, nmContext);
PrivilegedOperation privOp = new PrivilegedOperation(
PrivilegedOperation.OperationType.RUN_DOCKER_CMD);
privOp.appendArgs(commandFile);
@ -902,7 +902,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
}
String commandFile = dockerClient.writeCommandToTempFile(runCommand,
containerIdStr);
container, nmContext);
PrivilegedOperation launchOp = buildLaunchOp(ctx,
commandFile, runCommand);
@ -926,12 +926,12 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
// Check to see if the container already exists for relaunch
DockerCommandExecutor.DockerContainerStatus containerStatus =
DockerCommandExecutor.getContainerStatus(containerIdStr, conf,
privilegedOperationExecutor);
privilegedOperationExecutor, nmContext);
if (containerStatus != null &&
DockerCommandExecutor.isStartable(containerStatus)) {
DockerStartCommand startCommand = new DockerStartCommand(containerIdStr);
String commandFile = dockerClient.writeCommandToTempFile(startCommand,
containerIdStr);
container, nmContext);
PrivilegedOperation launchOp = buildLaunchOp(ctx, commandFile,
startCommand);
@ -1041,7 +1041,7 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
new DockerInspectCommand(containerId).getIpAndHost();
try {
String commandFile = dockerClient.writeCommandToTempFile(inspectCommand,
containerId);
container, nmContext);
PrivilegedOperation privOp = new PrivilegedOperation(
PrivilegedOperation.OperationType.RUN_DOCKER_CMD);
privOp.appendArgs(commandFile);
@ -1183,12 +1183,12 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
throws ContainerExecutionException {
DockerCommandExecutor.DockerContainerStatus containerStatus =
DockerCommandExecutor.getContainerStatus(containerId, conf,
privilegedOperationExecutor);
privilegedOperationExecutor, nmContext);
if (DockerCommandExecutor.isStoppable(containerStatus)) {
DockerStopCommand dockerStopCommand = new DockerStopCommand(
containerId).setGracePeriod(dockerStopGracePeriod);
DockerCommandExecutor.executeDockerCommand(dockerStopCommand, containerId,
env, conf, privilegedOperationExecutor, false);
env, conf, privilegedOperationExecutor, false, nmContext);
} else {
if (LOG.isDebugEnabled()) {
LOG.debug(
@ -1202,12 +1202,12 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
ContainerExecutor.Signal signal) throws ContainerExecutionException {
DockerCommandExecutor.DockerContainerStatus containerStatus =
DockerCommandExecutor.getContainerStatus(containerId, conf,
privilegedOperationExecutor);
privilegedOperationExecutor, nmContext);
if (DockerCommandExecutor.isKillable(containerStatus)) {
DockerKillCommand dockerKillCommand =
new DockerKillCommand(containerId).setSignal(signal.name());
DockerCommandExecutor.executeDockerCommand(dockerKillCommand, containerId,
env, conf, privilegedOperationExecutor, false);
env, conf, privilegedOperationExecutor, false, nmContext);
} else {
if (LOG.isDebugEnabled()) {
LOG.debug(
@ -1227,11 +1227,11 @@ public class DockerLinuxContainerRuntime implements LinuxContainerRuntime {
} else {
DockerCommandExecutor.DockerContainerStatus containerStatus =
DockerCommandExecutor.getContainerStatus(containerId, conf,
privilegedOperationExecutor);
privilegedOperationExecutor, nmContext);
if (DockerCommandExecutor.isRemovable(containerStatus)) {
DockerRmCommand dockerRmCommand = new DockerRmCommand(containerId);
DockerCommandExecutor.executeDockerCommand(dockerRmCommand, containerId,
env, conf, privilegedOperationExecutor, false);
env, conf, privilegedOperationExecutor, false, nmContext);
}
}
}

56
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/docker/DockerClient.java
View File

@ -23,7 +23,13 @@ package org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.util.StringUtils;
import org.apache.hadoop.yarn.api.records.ApplicationId;
import org.apache.hadoop.yarn.api.records.ContainerId;
import org.apache.hadoop.yarn.server.nodemanager.Context;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.container.Container;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.localizer.ResourceLocalizationService;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.runtime.ContainerExecutionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -97,4 +103,54 @@ public final class DockerClient {
throw new ContainerExecutionException(e);
}
}
public String writeCommandToTempFile(DockerCommand cmd, Container container,
Context nmContext) throws ContainerExecutionException {
ContainerId containerId = container.getContainerId();
String filePrefix = containerId.toString();
ApplicationId appId = containerId.getApplicationAttemptId()
.getApplicationId();
File dockerCommandFile;
String cmdDir = null;
if(nmContext == null || nmContext.getLocalDirsHandler() == null) {
throw new ContainerExecutionException(
"Unable to write temporary docker command");
}
try {
cmdDir = nmContext.getLocalDirsHandler().getLocalPathForWrite(
ResourceLocalizationService.NM_PRIVATE_DIR + Path.SEPARATOR +
appId + Path.SEPARATOR + filePrefix + Path.SEPARATOR).toString();
dockerCommandFile = File.createTempFile(TMP_FILE_PREFIX + filePrefix,
TMP_FILE_SUFFIX, new File(cmdDir));
Writer writer = new OutputStreamWriter(
new FileOutputStream(dockerCommandFile.toString()), "UTF-8");
PrintWriter printWriter = new PrintWriter(writer);
printWriter.println("[docker-command-execution]");
for (Map.Entry<String, List<String>> entry :
cmd.getDockerCommandWithArguments().entrySet()) {
if (entry.getKey().contains("=")) {
throw new ContainerExecutionException(
"'=' found in entry for docker command file, key = " + entry
.getKey() + "; value = " + entry.getValue());
}
if (entry.getValue().contains("\n")) {
throw new ContainerExecutionException(
"'\\n' found in entry for docker command file, key = " + entry
.getKey() + "; value = " + entry.getValue());
}
printWriter.println(" " + entry.getKey() + "=" + StringUtils
.join(",", entry.getValue()));
}
printWriter.close();
return dockerCommandFile.toString();
} catch (IOException e) {
LOG.warn("Unable to write docker command to " + cmdDir);
throw new ContainerExecutionException(e);
}
}
}

20
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/docker/DockerCommandExecutor.java
View File

@ -17,6 +17,8 @@
package org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.yarn.api.records.ContainerId;
import org.apache.hadoop.yarn.server.nodemanager.Context;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperation;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationException;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperationExecutor;
@ -76,11 +78,13 @@ public final class DockerCommandExecutor {
public static String executeDockerCommand(DockerCommand dockerCommand,
String containerId, Map<String, String> env, Configuration conf,
PrivilegedOperationExecutor privilegedOperationExecutor,
boolean disableFailureLogging)
boolean disableFailureLogging, Context nmContext)
throws ContainerExecutionException {
DockerClient dockerClient = new DockerClient(conf);
String commandFile =
dockerClient.writeCommandToTempFile(dockerCommand, containerId);
dockerClient.writeCommandToTempFile(dockerCommand,
nmContext.getContainers().get(ContainerId.fromString(containerId)),
nmContext);
PrivilegedOperation dockerOp = new PrivilegedOperation(
PrivilegedOperation.OperationType.RUN_DOCKER_CMD);
dockerOp.appendArgs(commandFile);
@ -116,11 +120,13 @@ public final class DockerCommandExecutor {
*/
public static DockerContainerStatus getContainerStatus(String containerId,
Configuration conf,
PrivilegedOperationExecutor privilegedOperationExecutor) {
PrivilegedOperationExecutor privilegedOperationExecutor,
Context nmContext) {
try {
DockerContainerStatus dockerContainerStatus;
String currentContainerStatus =
executeStatusCommand(containerId, conf, privilegedOperationExecutor);
executeStatusCommand(containerId, conf,
privilegedOperationExecutor, nmContext);
if (currentContainerStatus == null) {
dockerContainerStatus = DockerContainerStatus.UNKNOWN;
} else if (currentContainerStatus
@ -177,13 +183,15 @@ public final class DockerCommandExecutor {
*/
private static String executeStatusCommand(String containerId,
Configuration conf,
PrivilegedOperationExecutor privilegedOperationExecutor)
PrivilegedOperationExecutor privilegedOperationExecutor,
Context nmContext)
throws ContainerExecutionException {
DockerInspectCommand dockerInspectCommand =
new DockerInspectCommand(containerId).getContainerStatus();
try {
return DockerCommandExecutor.executeDockerCommand(dockerInspectCommand,
containerId, null, conf, privilegedOperationExecutor, true);
containerId, null, conf, privilegedOperationExecutor, true,
nmContext);
} catch (ContainerExecutionException e) {
throw new ContainerExecutionException(e);
}

16
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/container-executor.c
View File

@ -1279,6 +1279,15 @@ char *construct_docker_command(const char *command_file) {
int ret = 0;
size_t command_size = MIN(sysconf(_SC_ARG_MAX), 128*1024);
char *buffer = alloc_and_clear_memory(command_size, sizeof(char));
uid_t user = geteuid();
gid_t group = getegid();
if (change_effective_user(nm_uid, nm_gid) != 0) {
fprintf(ERRORFILE, "Cannot change effective user to nm");
fflush(ERRORFILE);
exit(SETUID_OPER_FAILED);
}
ret = get_docker_command(command_file, &CFG, buffer, command_size);
if (ret != 0) {
fprintf(ERRORFILE, "Error constructing docker command, docker error code=%d, error message='%s'\n", ret,
@ -1286,6 +1295,13 @@ char *construct_docker_command(const char *command_file) {
fflush(ERRORFILE);
exit(DOCKER_RUN_FAILED);
}
if (change_effective_user(user, group)) {
fprintf(ERRORFILE, "Cannot change effective user from nm back to original");
fflush(ERRORFILE);
exit(SETUID_OPER_FAILED);
}
return buffer;
}

1
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/main/native/container-executor/impl/utils/docker-util.c
View File

@ -341,6 +341,7 @@ int docker_module_enabled(const struct configuration *conf) {
int get_docker_command(const char *command_file, const struct configuration *conf, char *out, const size_t outlen) {
int ret = 0;
struct configuration command_config = {0, NULL};
ret = read_config(command_file, &command_config);
if (ret != 0) {
return INVALID_COMMAND_FILE;

199
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/TestDockerContainerRuntime.java
View File

@ -30,8 +30,10 @@ import org.apache.hadoop.registry.client.binding.RegistryPathUtils;
import org.apache.hadoop.security.Credentials;
import org.apache.hadoop.util.Shell;
import org.apache.hadoop.util.StringUtils;
import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
import org.apache.hadoop.yarn.api.records.ContainerId;
import org.apache.hadoop.yarn.api.records.ContainerLaunchContext;
import org.apache.hadoop.yarn.server.nodemanager.LocalDirsHandlerService;
import org.apache.hadoop.yarn.util.DockerClientConfigHandler;
import org.apache.hadoop.yarn.conf.YarnConfiguration;
import org.apache.hadoop.yarn.security.TestDockerClientConfigHandler;
@ -84,6 +86,7 @@ import java.util.List;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.APPID;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.APPLICATION_LOCAL_DIRS;
@ -104,6 +107,7 @@ import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.r
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.TC_COMMAND_FILE;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.USER;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.USER_FILECACHE_DIRS;
import static org.mockito.Matchers.anyString;
import static org.mockito.Mockito.any;
import static org.mockito.Mockito.anyBoolean;
import static org.mockito.Mockito.anyList;
@ -123,7 +127,9 @@ public class TestDockerContainerRuntime {
private String containerId;
private Container container;
private ContainerId cId;
private ApplicationAttemptId appAttemptId;
private ContainerLaunchContext context;
private Context nmContext;
private HashMap<String, String> env;
private String image;
private String uidGidPair;
@ -162,13 +168,15 @@ public class TestDockerContainerRuntime {
mockExecutor = Mockito
.mock(PrivilegedOperationExecutor.class);
mockCGroupsHandler = Mockito.mock(CGroupsHandler.class);
containerId = "container_id";
containerId = "container_e11_1518975676334_14532816_01_000001";
container = mock(Container.class);
cId = mock(ContainerId.class);
appAttemptId = mock(ApplicationAttemptId.class);
context = mock(ContainerLaunchContext.class);
env = new HashMap<String, String>();
env.put("FROM_CLIENT", "1");
image = "busybox:latest";
nmContext = createMockNMContext();
dockerStopGracePeriod = conf.getInt(
YarnConfiguration.NM_DOCKER_STOP_GRACE_PERIOD,
@ -177,6 +185,7 @@ public class TestDockerContainerRuntime {
env.put(DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_IMAGE, image);
when(container.getContainerId()).thenReturn(cId);
when(cId.toString()).thenReturn(containerId);
when(cId.getApplicationAttemptId()).thenReturn(appAttemptId);
when(container.getLaunchContext()).thenReturn(context);
when(context.getEnvironment()).thenReturn(env);
when(container.getUser()).thenReturn(submittingUser);
@ -265,6 +274,34 @@ public class TestDockerContainerRuntime {
.setExecutionAttribute(RESOURCES_OPTIONS, resourcesOptions);
}
public Context createMockNMContext() {
Context mockNMContext = mock(Context.class);
LocalDirsHandlerService localDirsHandler =
mock(LocalDirsHandlerService.class);
ResourcePluginManager resourcePluginManager =
mock(ResourcePluginManager.class);
String tmpPath = new StringBuffer(System.getProperty("test.build.data"))
.append('/').append("hadoop.tmp.dir").toString();
ConcurrentMap<ContainerId, Container> containerMap =
mock(ConcurrentMap.class);
when(mockNMContext.getLocalDirsHandler()).thenReturn(localDirsHandler);
when(mockNMContext.getResourcePluginManager())
.thenReturn(resourcePluginManager);
when(mockNMContext.getContainers()).thenReturn(containerMap);
when(containerMap.get(any())).thenReturn(container);
try {
when(localDirsHandler.getLocalPathForWrite(anyString()))
.thenReturn(new Path(tmpPath));
} catch (IOException ioe) {
LOG.info("LocalDirsHandler failed" + ioe);
}
return mockNMContext;
}
@Test
public void testSelectDockerContainerType() {
Map<String, String> envDockerType = new HashMap<>();
@ -341,7 +378,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
runtime.launchContainer(builder.build());
PrivilegedOperation op = capturePrivilegedOperationAndVerifyArgs();
@ -368,7 +405,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir",
@ -390,7 +429,7 @@ public class TestDockerContainerRuntime {
true);
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
runtime.launchContainer(builder.build());
PrivilegedOperation op = capturePrivilegedOperationAndVerifyArgs();
@ -416,7 +455,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert
.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -439,7 +480,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
//invalid default network configuration - sdn2 is included in allowed
// networks
@ -455,7 +496,7 @@ public class TestDockerContainerRuntime {
try {
runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Assert.fail("Invalid default network configuration should did not "
+ "trigger initialization failure.");
} catch (ContainerExecutionException e) {
@ -471,7 +512,7 @@ public class TestDockerContainerRuntime {
validDefaultNetwork);
runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
}
@Test
@ -481,7 +522,7 @@ public class TestDockerContainerRuntime {
PrivilegedOperationException {
DockerLinuxContainerRuntime runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Random randEngine = new Random();
String disallowedNetwork = "sdn" + Integer.toString(randEngine.nextInt());
@ -532,7 +573,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert
.assertEquals(" net=" + allowedNetwork, dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -557,7 +600,7 @@ public class TestDockerContainerRuntime {
conf.setBoolean(RegistryConstants.KEY_DNS_ENABLED, true);
DockerLinuxContainerRuntime runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
String expectedHostname = "test.hostname";
env.put(DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_HOSTNAME,
@ -590,7 +633,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert
.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -628,7 +673,7 @@ public class TestDockerContainerRuntime {
customNetwork1);
//this should cause no failures.
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
runtime.launchContainer(builder.build());
PrivilegedOperation op = capturePrivilegedOperationAndVerifyArgs();
List<String> args = op.getArguments();
@ -651,13 +696,17 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(" docker-command=run", dockerCommands.get(counter++));
Assert.assertEquals(" group-add=" + String.join(",", groups),
dockerCommands.get(counter++));
Assert.assertEquals(" hostname=ctr-id", dockerCommands.get(counter++));
Assert.assertEquals(
" hostname=ctr-e11-1518975676334-14532816-01-000001",
dockerCommands.get(counter++));
Assert
.assertEquals(" image=busybox:latest", dockerCommands.get(counter++));
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=sdn1", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir",
@ -696,14 +745,18 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(" docker-command=run", dockerCommands.get(counter++));
Assert.assertEquals(" group-add=" + String.join(",", groups),
dockerCommands.get(counter++));
Assert.assertEquals(" hostname=ctr-id", dockerCommands.get(counter++));
Assert.assertEquals(
" hostname=ctr-e11-1518975676334-14532816-01-000001",
dockerCommands.get(counter++));
Assert
.assertEquals(" image=busybox:latest", dockerCommands.get(counter++));
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=sdn2", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir",
@ -736,7 +789,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_PID_NAMESPACE, "invalid-value");
@ -764,7 +817,7 @@ public class TestDockerContainerRuntime {
throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_PID_NAMESPACE, "host");
@ -787,7 +840,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_PID_NAMESPACE, "host");
@ -817,7 +870,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" pid=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -838,7 +893,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_RUN_PRIVILEGED_CONTAINER, "invalid-value");
@ -866,7 +921,7 @@ public class TestDockerContainerRuntime {
throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_RUN_PRIVILEGED_CONTAINER, "true");
@ -888,7 +943,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_RUN_PRIVILEGED_CONTAINER, "true");
@ -917,7 +972,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_RUN_PRIVILEGED_CONTAINER, "true");
@ -944,7 +999,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(DockerLinuxContainerRuntime
.ENV_DOCKER_CONTAINER_RUN_PRIVILEGED_CONTAINER, "true");
@ -972,7 +1027,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" privileged=true", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -996,7 +1053,7 @@ public class TestDockerContainerRuntime {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime
(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
String resourceOptionsNone = "cgroups=none";
DockerRunCommand command = Mockito.mock(DockerRunCommand.class);
@ -1023,7 +1080,7 @@ public class TestDockerContainerRuntime {
runtime = new DockerLinuxContainerRuntime
(mockExecutor, null);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
runtime.addCGroupParentIfRequired(resourceOptionsNone, containerIdStr,
command);
@ -1038,7 +1095,7 @@ public class TestDockerContainerRuntime {
public void testMountSourceOnly() throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_LOCAL_RESOURCE_MOUNTS,
@ -1058,7 +1115,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_LOCAL_RESOURCE_MOUNTS,
@ -1089,7 +1146,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(
" ro-mounts=/test_filecache_dir:/test_filecache_dir,/"
@ -1109,7 +1168,7 @@ public class TestDockerContainerRuntime {
public void testMountInvalid() throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_LOCAL_RESOURCE_MOUNTS,
@ -1129,7 +1188,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_LOCAL_RESOURCE_MOUNTS,
@ -1161,7 +1220,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(
" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
@ -1184,7 +1245,7 @@ public class TestDockerContainerRuntime {
IOException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_MOUNTS,
@ -1215,7 +1276,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir,"
@ -1235,7 +1298,7 @@ public class TestDockerContainerRuntime {
public void testUserMountInvalid() throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_MOUNTS,
@ -1253,7 +1316,7 @@ public class TestDockerContainerRuntime {
public void testUserMountModeInvalid() throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_MOUNTS,
@ -1271,7 +1334,7 @@ public class TestDockerContainerRuntime {
public void testUserMountModeNulInvalid() throws ContainerExecutionException {
DockerLinuxContainerRuntime runtime = new DockerLinuxContainerRuntime(
mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
env.put(
DockerLinuxContainerRuntime.ENV_DOCKER_CONTAINER_MOUNTS,
@ -1318,7 +1381,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(4, dockerCommands.size());
Assert.assertEquals("[docker-command-execution]", dockerCommands.get(0));
Assert.assertEquals(" docker-command=stop", dockerCommands.get(1));
Assert.assertEquals(" name=container_id", dockerCommands.get(2));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(2));
Assert.assertEquals(" time=10", dockerCommands.get(3));
}
@ -1332,7 +1397,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(4, dockerCommands.size());
Assert.assertEquals("[docker-command-execution]", dockerCommands.get(0));
Assert.assertEquals(" docker-command=stop", dockerCommands.get(1));
Assert.assertEquals(" name=container_id", dockerCommands.get(2));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(2));
Assert.assertEquals(" time=10", dockerCommands.get(3));
}
@ -1344,7 +1411,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(4, dockerCommands.size());
Assert.assertEquals("[docker-command-execution]", dockerCommands.get(0));
Assert.assertEquals(" docker-command=kill", dockerCommands.get(1));
Assert.assertEquals(" name=container_id", dockerCommands.get(2));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(2));
Assert.assertEquals(" signal=QUIT", dockerCommands.get(3));
}
@ -1563,7 +1632,7 @@ public class TestDockerContainerRuntime {
any(File.class), anyMap(), anyBoolean(), anyBoolean())).thenReturn(
dockerVolumeListOutput);
Context nmContext = mock(Context.class);
Context mockNMContext = createMockNMContext();
ResourcePluginManager rpm = mock(ResourcePluginManager.class);
Map<String, ResourcePlugin> pluginsMap = new HashMap<>();
ResourcePlugin plugin1 = mock(ResourcePlugin.class);
@ -1580,9 +1649,9 @@ public class TestDockerContainerRuntime {
when(rpm.getNameToPlugins()).thenReturn(pluginsMap);
when(nmContext.getResourcePluginManager()).thenReturn(rpm);
when(mockNMContext.getResourcePluginManager()).thenReturn(rpm);
runtime.initialize(conf, nmContext);
runtime.initialize(conf, mockNMContext);
ContainerRuntimeContext containerRuntimeContext = builder.build();
@ -1660,7 +1729,7 @@ public class TestDockerContainerRuntime {
any(File.class), anyMap(), anyBoolean(), anyBoolean())).thenReturn(
"volume1,local");
Context nmContext = mock(Context.class);
Context mockNMContext = createMockNMContext();
ResourcePluginManager rpm = mock(ResourcePluginManager.class);
Map<String, ResourcePlugin> pluginsMap = new HashMap<>();
ResourcePlugin plugin1 = mock(ResourcePlugin.class);
@ -1677,9 +1746,9 @@ public class TestDockerContainerRuntime {
when(rpm.getNameToPlugins()).thenReturn(pluginsMap);
when(nmContext.getResourcePluginManager()).thenReturn(rpm);
when(mockNMContext.getResourcePluginManager()).thenReturn(rpm);
runtime.initialize(conf, nmContext);
runtime.initialize(conf, mockNMContext);
ContainerRuntimeContext containerRuntimeContext = builder.build();
@ -1711,7 +1780,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir,"
@ -1737,7 +1808,7 @@ public class TestDockerContainerRuntime {
try {
conf.setStrings(YarnConfiguration.NM_DOCKER_CONTAINER_CAPABILITIES,
"none", "CHOWN", "DAC_OVERRIDE");
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Assert.fail("Initialize didn't fail with invalid capabilities " +
"'none', 'CHOWN', 'DAC_OVERRIDE'");
} catch (ContainerExecutionException e) {
@ -1746,7 +1817,7 @@ public class TestDockerContainerRuntime {
try {
conf.setStrings(YarnConfiguration.NM_DOCKER_CONTAINER_CAPABILITIES,
"CHOWN", "DAC_OVERRIDE", "NONE");
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Assert.fail("Initialize didn't fail with invalid capabilities " +
"'CHOWN', 'DAC_OVERRIDE', 'NONE'");
} catch (ContainerExecutionException e) {
@ -1754,17 +1825,17 @@ public class TestDockerContainerRuntime {
conf.setStrings(YarnConfiguration.NM_DOCKER_CONTAINER_CAPABILITIES,
"NONE");
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Assert.assertEquals(0, runtime.getCapabilities().size());
conf.setStrings(YarnConfiguration.NM_DOCKER_CONTAINER_CAPABILITIES,
"none");
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Assert.assertEquals(0, runtime.getCapabilities().size());
conf.setStrings(YarnConfiguration.NM_DOCKER_CONTAINER_CAPABILITIES,
"CHOWN", "DAC_OVERRIDE");
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Iterator<String> it = runtime.getCapabilities().iterator();
Assert.assertEquals("CHOWN", it.next());
Assert.assertEquals("DAC_OVERRIDE", it.next());
@ -1792,7 +1863,7 @@ public class TestDockerContainerRuntime {
when(context.getTokens()).thenReturn(tokens);
DockerLinuxContainerRuntime runtime =
new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
runtime.initialize(conf, null);
runtime.initialize(conf, nmContext);
Set<PosixFilePermission> perms =
PosixFilePermissions.fromString("rwxr-xr--");
@ -1852,7 +1923,9 @@ public class TestDockerContainerRuntime {
Assert.assertEquals(
" launch-command=bash,/test_container_work_dir/launch_container.sh",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter++));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter++));
Assert.assertEquals(" net=host", dockerCommands.get(counter++));
Assert.assertEquals(" ro-mounts=/test_filecache_dir:/test_filecache_dir,"
+ "/test_user_filecache_dir:/test_user_filecache_dir",
@ -1889,7 +1962,9 @@ public class TestDockerContainerRuntime {
dockerCommands.get(counter++));
Assert.assertEquals(" docker-command=start",
dockerCommands.get(counter++));
Assert.assertEquals(" name=container_id", dockerCommands.get(counter));
Assert.assertEquals(
" name=container_e11_1518975676334_14532816_01_000001",
dockerCommands.get(counter));
}
class MockRuntime extends DockerLinuxContainerRuntime {
@ -1922,7 +1997,8 @@ public class TestDockerContainerRuntime {
new DockerStopCommand(containerName)
.setGracePeriod(dockerStopGracePeriod);
DockerCommandExecutor.executeDockerCommand(dockerStopCommand,
containerName, environment, conf, mockExecutor, false);
containerName, environment, conf, mockExecutor, false,
nmContext);
}
} else {
if (DockerCommandExecutor.isKillable(containerStatus)) {
@ -1930,7 +2006,8 @@ public class TestDockerContainerRuntime {
new DockerKillCommand(containerName);
dockerKillCommand.setSignal(signal.name());
DockerCommandExecutor.executeDockerCommand(dockerKillCommand,
containerName, environment, conf, mockExecutor, false);
containerName, environment, conf, mockExecutor, false,
nmContext);
}
}
} catch (ContainerExecutionException e) {
@ -1953,7 +2030,7 @@ public class TestDockerContainerRuntime {
DockerRmCommand dockerRmCommand = new DockerRmCommand(containerId);
DockerCommandExecutor
.executeDockerCommand(dockerRmCommand, containerId, env, conf,
privilegedOperationExecutor, false);
privilegedOperationExecutor, false, nmContext);
}
}
}

63
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-server/hadoop-yarn-server-nodemanager/src/test/java/org/apache/hadoop/yarn/server/nodemanager/containermanager/linux/runtime/docker/TestDockerCommandExecutor.java
View File

@ -17,9 +17,13 @@
package org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.yarn.api.records.ApplicationAttemptId;
import org.apache.hadoop.yarn.api.records.ContainerId;
import org.apache.hadoop.yarn.api.records.ContainerLaunchContext;
import org.apache.hadoop.yarn.server.nodemanager.ContainerExecutor;
import org.apache.hadoop.yarn.server.nodemanager.Context;
import org.apache.hadoop.yarn.server.nodemanager.LocalDirsHandlerService;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.container.Container;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.MockPrivilegedOperationCaptor;
import org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.privileged.PrivilegedOperation;
@ -39,13 +43,16 @@ import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.concurrent.ConcurrentMap;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.LinuxContainerRuntimeConstants.CONTAINER_ID_STR;
import static org.apache.hadoop.yarn.server.nodemanager.containermanager.linux.runtime.docker.DockerCommandExecutor.DockerContainerStatus;
import static org.eclipse.jetty.server.handler.gzip.GzipHttpOutputInterceptor.LOG;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.anyString;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
@ -55,7 +62,8 @@ import static org.mockito.Mockito.when;
*/
public class TestDockerCommandExecutor {
private static final String MOCK_CONTAINER_ID = "container_id";
private static final String MOCK_CONTAINER_ID =
"container_e11_1861047502093_13763105_01_000001";
private static final String MOCK_LOCAL_IMAGE_NAME = "local_image_name";
private static final String MOCK_IMAGE_NAME = "image_name";
@ -68,21 +76,29 @@ public class TestDockerCommandExecutor {
private ContainerId cId;
private ContainerLaunchContext context;
private HashMap<String, String> env;
private Context nmContext;
private ApplicationAttemptId appAttemptId;
@Before
public void setUp() throws Exception {
mockExecutor = mock(PrivilegedOperationExecutor.class);
mockCGroupsHandler = mock(CGroupsHandler.class);
configuration = new Configuration();
String tmpPath = new StringBuffer(System.getProperty("test.build.data"))
.append('/').append("hadoop.tmp.dir").toString();
configuration.set("hadoop.tmp.dir", tmpPath);
runtime = new DockerLinuxContainerRuntime(mockExecutor, mockCGroupsHandler);
container = mock(Container.class);
cId = mock(ContainerId.class);
context = mock(ContainerLaunchContext.class);
env = new HashMap<>();
builder = new ContainerRuntimeContext.Builder(container);
nmContext = createMockNMContext();
appAttemptId = mock(ApplicationAttemptId.class);
when(container.getContainerId()).thenReturn(cId);
when(cId.toString()).thenReturn(MOCK_CONTAINER_ID);
when(cId.getApplicationAttemptId()).thenReturn(appAttemptId);
when(container.getLaunchContext()).thenReturn(context);
when(context.getEnvironment()).thenReturn(env);
@ -92,12 +108,37 @@ public class TestDockerCommandExecutor {
null);
}
public Context createMockNMContext() {
Context mockNMContext = mock(Context.class);
LocalDirsHandlerService localDirsHandler =
mock(LocalDirsHandlerService.class);
String tmpPath = new StringBuffer(System.getProperty("test.build.data"))
.append('/').append("hadoop.tmp.dir").toString();
ConcurrentMap<ContainerId, Container> containerMap =
mock(ConcurrentMap.class);
when(mockNMContext.getLocalDirsHandler()).thenReturn(localDirsHandler);
when(mockNMContext.getContainers()).thenReturn(containerMap);
when(containerMap.get(any())).thenReturn(container);
try {
when(localDirsHandler.getLocalPathForWrite(anyString()))
.thenReturn(new Path(tmpPath));
} catch (IOException ioe) {
LOG.info("LocalDirsHandler failed" + ioe);
}
return mockNMContext;
}
@Test
public void testExecuteDockerCommand() throws Exception {
DockerStopCommand dockerStopCommand =
new DockerStopCommand(MOCK_CONTAINER_ID);
DockerCommandExecutor.executeDockerCommand(dockerStopCommand,
cId.toString(), env, configuration, mockExecutor, false);
cId.toString(), env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
assertEquals(1, ops.size());
@ -109,7 +150,7 @@ public class TestDockerCommandExecutor {
public void testExecuteDockerRm() throws Exception {
DockerRmCommand dockerCommand = new DockerRmCommand(MOCK_CONTAINER_ID);
DockerCommandExecutor.executeDockerCommand(dockerCommand, MOCK_CONTAINER_ID,
env, configuration, mockExecutor, false);
env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -126,7 +167,7 @@ public class TestDockerCommandExecutor {
public void testExecuteDockerStop() throws Exception {
DockerStopCommand dockerCommand = new DockerStopCommand(MOCK_CONTAINER_ID);
DockerCommandExecutor.executeDockerCommand(dockerCommand, MOCK_CONTAINER_ID,
env, configuration, mockExecutor, false);
env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -144,7 +185,7 @@ public class TestDockerCommandExecutor {
DockerInspectCommand dockerCommand =
new DockerInspectCommand(MOCK_CONTAINER_ID).getContainerStatus();
DockerCommandExecutor.executeDockerCommand(dockerCommand, MOCK_CONTAINER_ID,
env, configuration, mockExecutor, false);
env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -164,7 +205,7 @@ public class TestDockerCommandExecutor {
DockerPullCommand dockerCommand =
new DockerPullCommand(MOCK_IMAGE_NAME);
DockerCommandExecutor.executeDockerCommand(dockerCommand, MOCK_CONTAINER_ID,
env, configuration, mockExecutor, false);
env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -182,7 +223,7 @@ public class TestDockerCommandExecutor {
DockerLoadCommand dockerCommand =
new DockerLoadCommand(MOCK_LOCAL_IMAGE_NAME);
DockerCommandExecutor.executeDockerCommand(dockerCommand, MOCK_CONTAINER_ID,
env, configuration, mockExecutor, false);
env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -204,7 +245,7 @@ public class TestDockerCommandExecutor {
any(PrivilegedOperation.class), eq(null), any(), eq(true), eq(false)))
.thenReturn(status.getName());
assertEquals(status, DockerCommandExecutor.getContainerStatus(
MOCK_CONTAINER_ID, configuration, mockExecutor));
MOCK_CONTAINER_ID, configuration, mockExecutor, nmContext));
}
}
@ -214,7 +255,7 @@ public class TestDockerCommandExecutor {
new DockerKillCommand(MOCK_CONTAINER_ID)
.setSignal(ContainerExecutor.Signal.QUIT.name());
DockerCommandExecutor.executeDockerCommand(dockerKillCommand,
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false);
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -235,7 +276,7 @@ public class TestDockerCommandExecutor {
new DockerKillCommand(MOCK_CONTAINER_ID)
.setSignal(ContainerExecutor.Signal.KILL.name());
DockerCommandExecutor.executeDockerCommand(dockerKillCommand,
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false);
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);
@ -256,7 +297,7 @@ public class TestDockerCommandExecutor {
new DockerKillCommand(MOCK_CONTAINER_ID)
.setSignal(ContainerExecutor.Signal.TERM.name());
DockerCommandExecutor.executeDockerCommand(dockerKillCommand,
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false);
MOCK_CONTAINER_ID, env, configuration, mockExecutor, false, nmContext);
List<PrivilegedOperation> ops = MockPrivilegedOperationCaptor
.capturePrivilegedOperations(mockExecutor, 1, true);
List<String> dockerCommands = getValidatedDockerCommands(ops);