search

NVIDIA / container-canary

A tool for testing and validating container requirements against versioned manifests
Apache License 2.0
245 stars 15 forks source link

Container fails to start if port already in use #30

Open jacobtomlinson opened 2 years ago

jacobtomlinson commented 2 years ago

If canary tries to expose a container port for testing and that port is already in use the container fails to start and canary fails to validate.

Works

# check-port.yaml
apiVersion: container-canary.nvidia.com/v1
kind: Validator
name: check-port
description: Check port
env: []
ports:
  - port: 80
    protocol: TCP
volumes: []
checks:
  - name: http
    description: Check port 80
    probe:
      httpGet:
        path: /
        port: 80
      failureThreshold: 30
$ canary validate --file check-port.yaml nginx
Validating nginx against check-port
 Check port 80                                      [passed]
validation passed

Reproducer

$ docker run -p 80:80 nginx  # Start a process that binds to port 80 in another terminal
$ canary validate --file /tmp/test.yaml nginx
Validating nginx against check-port
\ Starting container
Error: container failed to start after 10 seconds

~The container also doesn't get cleaned up.~

$ docker ps -a             
CONTAINER ID   IMAGE                                  COMMAND                  CREATED         STATUS         PORTS                               NAMES
e8d32b8f45aa   nginx                                  "/docker-entrypoint.…"   2 minutes ago   Created                                            canary-runner-d43137e8
jacobtomlinson commented 2 years ago

In #35 we added cleanup so the container isn't left after. However, things still fail to start.

Ideally canary would bind the container port to a random high port and then run the tests on that port.