search

testcontainers / testcontainers-go

Testcontainers for Go is a Go package that makes it simple to create and clean up container-based dependencies for automated integration/smoke tests. The clean, easy-to-use API enables developers to programmatically define containers that should be run as part of a test and clean up those resources when the test is done.
https://golang.testcontainers.org
MIT License
3.52k stars 482 forks source link

[Bug]: can't use hostnetworking with Podman #1514

Open iameli-streams opened 1 year ago

iameli-streams commented 1 year ago

Testcontainers version

0.23.0

Using the latest Testcontainers version?

Yes

Host OS

Ubuntu 22.04

Host arch

amd64

Go version

1.20.5

Docker version

▶ docker version
Client:       Podman Engine
Version:      4.6.1
API Version:  4.6.1
Go Version:   go1.18.1
Built:        Wed Dec 31 16:00:00 1969
OS/Arch:      linux/amd64

Docker info

host:
  arch: amd64
  buildahVersion: 1.31.2
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon_2:2.1.7-0ubuntu22.04+obs15.66_amd64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.7, commit: '
  cpuUtilization:
    idlePercent: 88.92
    systemPercent: 1.97
    userPercent: 9.1
  cpus: 8
  databaseBackend: boltdb
  distribution:
    codename: jammy
    distribution: ubuntu
    version: "22.04"
  eventLogger: journald
  freeLocks: 2012
  hostname: putter
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 6.2.0-26-generic
  linkmode: dynamic
  logDriver: journald
  memFree: 26644713472
  memTotal: 64285564928
  networkBackend: cni
  networkBackendInfo:
    backend: cni
    dns:
      package: golang-github-containernetworking-plugin-dnsname_1.3.1+ds1-2_amd64
      path: /usr/lib/cni/dnsname
      version: |-
        CNI dnsname plugin
        version: 1.3.1
        commit: unknown
    package: 'golang-github-containernetworking-plugin-dnsname, containernetworking-plugins:
      /usr/lib/cni'
    path: /usr/lib/cni
  ociRuntime:
    name: crun
    package: crun_101:1.8.6-0ubuntu22.04+obs57.10_amd64
    path: /usr/bin/crun
    version: |-
      crun version 1.8.6
      commit: 73f759f4a39769f60990e7d225f561b4f4f06bcf
      rundir: /run/user/1000/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  pasta:
    executable: ""
    package: ""
    version: ""
  remoteSocket:
    exists: true
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: false
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns_1.2.0-0ubuntu22.04+obs10.103_amd64
    version: |-
      slirp4netns version 1.2.0
      commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 0
  swapTotal: 0
  uptime: 3h 44m 31.00s (Approximately 0.12 days)
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - docker.io
store:
  configFile: /home/iameli/.config/containers/storage.conf
  containerStore:
    number: 36
    paused: 0
    running: 0
    stopped: 36
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/iameli/.local/share/containers/storage
  graphRootAllocated: 1266592731136
  graphRootUsed: 212004159488
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 103
  runRoot: /run/user/1000/containers
  transientStore: false
  volumePath: /home/iameli/.local/share/containers/storage/volumes
version:
  APIVersion: 4.6.1
  Built: 0
  BuiltTime: Wed Dec 31 16:00:00 1969
  GitCommit: ""
  GoVersion: go1.18.1
  Os: linux
  OsArch: linux/amd64
  Version: 4.6.1

What happened?

I ran this:

    req := testcontainers.ContainerRequest{
        Image:          "livepeer/record-tester",
        Hostname:       hostname,
        Name:           hostname,
        ShmSize:        1000000000,
        Cmd: []string{
            "recordtester",
            "-api-server=http://127.0.0.1:8888",
            "-api-token=f61b3cdb-d173-4a7a-a0d3-547b871a56f9",
            "-test-dur=1m",
            "-file=https://bafybeihurit2tqjub5ffocpy6tlo5c5o2rviats2bapv7hin226zrmotaa.ipfs.w3s.link/big_buck_bunny_90s_360p_1s_nobframes.mp4",
        },
        HostConfigModifier: func(hc *container.HostConfig) {
            hc.NetworkMode = "host"
        },
        WaitingFor: wait.ForExit(),
    }
    container,
        err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
        ContainerRequest: req,
        Started:          false,
    })
    require.NoError(t, err)
2023/08/21 17:57:27 🐳 Creating container for image livepeer/record-tester
    box_record_test.go:135: 
            Error Trace:    /home/iameli/code/catalyst/test/e2e/box_record_test.go:135
                                        /home/iameli/code/catalyst/test/e2e/box_record_test.go:35
            Error:          Received unexpected error:
                            Error response from daemon: container create: invalid config provided: networks and static ip/mac address can only be used with Bridge mode networking: failed to create container
            Test:           TestBoxRecording

Relevant log output

No response

Additional information

I'm not 100% sure this is the right way to use host networking. The docs provide you with a means of skipping Docker for Desktop tests if you need to use host networking, but don't actually explain how to actually do it. Happy to send a PR updating if I'm doing it wrong!

Also for the record using --network=host from the command line works just fine.

candrews commented 8 months ago

Is there a workaround or otherwise a fix available for this issue?

I'm attempting to run the tests in https://github.com/aquasecurity/trivy-policies (using make bundle) and hitting this issue.