microsoft
/
docker
зеркало из https://github.com/microsoft/docker.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge pull request #34495 from ripcurld0/registry_mirror_json 

Exit if service config is loaded unsuccessfully on startup
This commit is contained in:
Yong Tang 2017-09-18 21:59:14 -07:00 коммит произвёл GitHub
Родитель cfdac1245a 5258297dac
Коммит b075cd2d78
9 изменённых файлов: 131 добавлений и 26 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

6
cmd/dockerd/daemon.go
Просмотреть файл

@ -199,7 +199,11 @@ func (cli *DaemonCli) start(opts *daemonOptions) (err error) {
cli.api.Accept(addr, ls...) cli.api.Accept(addr, ls...)
} }
registryService := registry.NewService(cli.Config.ServiceOptions) registryService, err := registry.NewService(cli.Config.ServiceOptions)
if err != nil {
return err
}
containerdRemote, err := libcontainerd.New(cli.getLibcontainerdRoot(), cli.getPlatformRemoteOptions()...) containerdRemote, err := libcontainerd.New(cli.getLibcontainerdRoot(), cli.getPlatformRemoteOptions()...)
if err != nil { if err != nil {
return err return err

18
daemon/reload_test.go
Просмотреть файл

@ -47,8 +47,9 @@ func TestDaemonReloadAllowNondistributableArtifacts(t *testing.T) {
configStore: &config.Config{}, configStore: &config.Config{},
} }
var err error
// Initialize daemon with some registries. // Initialize daemon with some registries.
daemon.RegistryService = registry.NewService(registry.ServiceOptions{ daemon.RegistryService, err = registry.NewService(registry.ServiceOptions{
AllowNondistributableArtifacts: []string{ AllowNondistributableArtifacts: []string{
"127.0.0.0/8", "127.0.0.0/8",
"10.10.1.11:5000", "10.10.1.11:5000",
@ -57,6 +58,9 @@ func TestDaemonReloadAllowNondistributableArtifacts(t *testing.T) {
"docker2.com", // This will be removed during reload. "docker2.com", // This will be removed during reload.
}, },
}) })
if err != nil {
t.Fatal(err)
}
registries := []string{ registries := []string{
"127.0.0.0/8", "127.0.0.0/8",
@ -95,7 +99,8 @@ func TestDaemonReloadAllowNondistributableArtifacts(t *testing.T) {
func TestDaemonReloadMirrors(t *testing.T) { func TestDaemonReloadMirrors(t *testing.T) {
daemon := &Daemon{} daemon := &Daemon{}
daemon.RegistryService = registry.NewService(registry.ServiceOptions{ var err error
daemon.RegistryService, err = registry.NewService(registry.ServiceOptions{
InsecureRegistries: []string{}, InsecureRegistries: []string{},
Mirrors: []string{ Mirrors: []string{
"https://mirror.test1.com", "https://mirror.test1.com",
@ -103,6 +108,9 @@ func TestDaemonReloadMirrors(t *testing.T) {
"https://mirror.test3.com", // this will be removed when reloading "https://mirror.test3.com", // this will be removed when reloading
}, },
}) })
if err != nil {
t.Fatal(err)
}
daemon.configStore = &config.Config{} daemon.configStore = &config.Config{}
@ -188,8 +196,9 @@ func TestDaemonReloadMirrors(t *testing.T) {
func TestDaemonReloadInsecureRegistries(t *testing.T) { func TestDaemonReloadInsecureRegistries(t *testing.T) {
daemon := &Daemon{} daemon := &Daemon{}
var err error
// initialize daemon with existing insecure registries: "127.0.0.0/8", "10.10.1.11:5000", "10.10.1.22:5000" // initialize daemon with existing insecure registries: "127.0.0.0/8", "10.10.1.11:5000", "10.10.1.22:5000"
daemon.RegistryService = registry.NewService(registry.ServiceOptions{ daemon.RegistryService, err = registry.NewService(registry.ServiceOptions{
InsecureRegistries: []string{ InsecureRegistries: []string{
"127.0.0.0/8", "127.0.0.0/8",
"10.10.1.11:5000", "10.10.1.11:5000",
@ -198,6 +207,9 @@ func TestDaemonReloadInsecureRegistries(t *testing.T) {
"docker2.com", // this will be removed when reloading "docker2.com", // this will be removed when reloading
}, },
}) })
if err != nil {
t.Fatal(err)
}
daemon.configStore = &config.Config{} daemon.configStore = &config.Config{}

7
integration-cli/fixtures/plugin/plugin_linux.go
Просмотреть файл

@ -71,9 +71,14 @@ func CreateInRegistry(ctx context.Context, repo string, auth *types.AuthConfig,
} }
defer tar.Close() defer tar.Close()
regService, err := registry.NewService(registry.ServiceOptions{V2Only: true})
if err != nil {
return err
}
managerConfig := plugin.ManagerConfig{ managerConfig := plugin.ManagerConfig{
Store: plugin.NewStore(), Store: plugin.NewStore(),
RegistryService: registry.NewService(registry.ServiceOptions{V2Only: true}), RegistryService: regService,
Root: filepath.Join(tmpDir, "root"), Root: filepath.Join(tmpDir, "root"),
ExecRoot: "/run/docker", // manager init fails if not set ExecRoot: "/run/docker", // manager init fails if not set
Executor: dummyExecutor{}, Executor: dummyExecutor{},

19
registry/config.go
Просмотреть файл

@ -60,7 +60,7 @@ var (
// not have the correct form // not have the correct form
ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")") ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
emptyServiceConfig = newServiceConfig(ServiceOptions{}) emptyServiceConfig, _ = newServiceConfig(ServiceOptions{})
) )
var ( var (
@ -71,7 +71,7 @@ var (
var lookupIP = net.LookupIP var lookupIP = net.LookupIP
// newServiceConfig returns a new instance of ServiceConfig // newServiceConfig returns a new instance of ServiceConfig
func newServiceConfig(options ServiceOptions) *serviceConfig { func newServiceConfig(options ServiceOptions) (*serviceConfig, error) {
config := &serviceConfig{ config := &serviceConfig{
ServiceConfig: registrytypes.ServiceConfig{ ServiceConfig: registrytypes.ServiceConfig{
InsecureRegistryCIDRs: make([]*registrytypes.NetIPNet, 0), InsecureRegistryCIDRs: make([]*registrytypes.NetIPNet, 0),
@ -81,12 +81,17 @@ func newServiceConfig(options ServiceOptions) *serviceConfig {
}, },
V2Only: options.V2Only, V2Only: options.V2Only,
} }
if err := config.LoadAllowNondistributableArtifacts(options.AllowNondistributableArtifacts); err != nil {
return nil, err
}
if err := config.LoadMirrors(options.Mirrors); err != nil {
return nil, err
}
if err := config.LoadInsecureRegistries(options.InsecureRegistries); err != nil {
return nil, err
}
config.LoadAllowNondistributableArtifacts(options.AllowNondistributableArtifacts) return config, nil
config.LoadMirrors(options.Mirrors)
config.LoadInsecureRegistries(options.InsecureRegistries)
return config
} }
// LoadAllowNondistributableArtifacts loads allow-nondistributable-artifacts registries into config. // LoadAllowNondistributableArtifacts loads allow-nondistributable-artifacts registries into config.

63
registry/config_test.go
Просмотреть файл

@ -5,6 +5,8 @@ import (
"sort" "sort"
"strings" "strings"
"testing" "testing"
"github.com/stretchr/testify/assert"
) )
func TestLoadAllowNondistributableArtifacts(t *testing.T) { func TestLoadAllowNondistributableArtifacts(t *testing.T) {
@ -90,7 +92,7 @@ func TestLoadAllowNondistributableArtifacts(t *testing.T) {
}, },
} }
for _, testCase := range testCases { for _, testCase := range testCases {
config := newServiceConfig(ServiceOptions{}) config := emptyServiceConfig
err := config.LoadAllowNondistributableArtifacts(testCase.registries) err := config.LoadAllowNondistributableArtifacts(testCase.registries)
if testCase.err == "" { if testCase.err == "" {
if err != nil { if err != nil {
@ -233,7 +235,7 @@ func TestLoadInsecureRegistries(t *testing.T) {
}, },
} }
for _, testCase := range testCases { for _, testCase := range testCases {
config := newServiceConfig(ServiceOptions{}) config := emptyServiceConfig
err := config.LoadInsecureRegistries(testCase.registries) err := config.LoadInsecureRegistries(testCase.registries)
if testCase.err == "" { if testCase.err == "" {
if err != nil { if err != nil {
@ -258,3 +260,60 @@ func TestLoadInsecureRegistries(t *testing.T) {
} }
} }
} }
func TestNewServiceConfig(t *testing.T) {
testCases := []struct {
opts ServiceOptions
errStr string
}{
{
ServiceOptions{},
"",
},
{
ServiceOptions{
Mirrors: []string{"example.com:5000"},
},
`invalid mirror: unsupported scheme "example.com" in "example.com:5000"`,
},
{
ServiceOptions{
Mirrors: []string{"http://example.com:5000"},
},
"",
},
{
ServiceOptions{
InsecureRegistries: []string{"[fe80::]/64"},
},
`insecure registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`,
},
{
ServiceOptions{
InsecureRegistries: []string{"102.10.8.1/24"},
},
"",
},
{
ServiceOptions{
AllowNondistributableArtifacts: []string{"[fe80::]/64"},
},
`allow-nondistributable-artifacts registry [fe80::]/64 is not valid: invalid host "[fe80::]/64"`,
},
{
ServiceOptions{
AllowNondistributableArtifacts: []string{"102.10.8.1/24"},
},
"",
},
}
for _, testCase := range testCases {
_, err := newServiceConfig(testCase.opts)
if testCase.errStr != "" {
assert.EqualError(t, err, testCase.errStr)
} else {
assert.Nil(t, err)
}
}
}

2
registry/registry_mock_test.go
Просмотреть файл

@ -175,7 +175,7 @@ func makePublicIndex() *registrytypes.IndexInfo {
return index return index
} }
func makeServiceConfig(mirrors []string, insecureRegistries []string) *serviceConfig { func makeServiceConfig(mirrors []string, insecureRegistries []string) (*serviceConfig, error) {
options := ServiceOptions{ options := ServiceOptions{
Mirrors: mirrors, Mirrors: mirrors,
InsecureRegistries: insecureRegistries, InsecureRegistries: insecureRegistries,

29
registry/registry_test.go
Просмотреть файл

@ -540,7 +540,7 @@ func TestNewIndexInfo(t *testing.T) {
} }
} }
config := newServiceConfig(ServiceOptions{}) config := emptyServiceConfig
noMirrors := []string{} noMirrors := []string{}
expectedIndexInfos := map[string]*registrytypes.IndexInfo{ expectedIndexInfos := map[string]*registrytypes.IndexInfo{
IndexName: { IndexName: {
@ -571,7 +571,11 @@ func TestNewIndexInfo(t *testing.T) {
testIndexInfo(config, expectedIndexInfos) testIndexInfo(config, expectedIndexInfos)
publicMirrors := []string{"http://mirror1.local", "http://mirror2.local"} publicMirrors := []string{"http://mirror1.local", "http://mirror2.local"}
config = makeServiceConfig(publicMirrors, []string{"example.com"}) var err error
config, err = makeServiceConfig(publicMirrors, []string{"example.com"})
if err != nil {
t.Fatal(err)
}
expectedIndexInfos = map[string]*registrytypes.IndexInfo{ expectedIndexInfos = map[string]*registrytypes.IndexInfo{
IndexName: { IndexName: {
@ -619,7 +623,10 @@ func TestNewIndexInfo(t *testing.T) {
} }
testIndexInfo(config, expectedIndexInfos) testIndexInfo(config, expectedIndexInfos)
config = makeServiceConfig(nil, []string{"42.42.0.0/16"}) config, err = makeServiceConfig(nil, []string{"42.42.0.0/16"})
if err != nil {
t.Fatal(err)
}
expectedIndexInfos = map[string]*registrytypes.IndexInfo{ expectedIndexInfos = map[string]*registrytypes.IndexInfo{
"example.com": { "example.com": {
Name: "example.com", Name: "example.com",
@ -664,7 +671,11 @@ func TestMirrorEndpointLookup(t *testing.T) {
} }
return false return false
} }
s := DefaultService{config: makeServiceConfig([]string{"https://my.mirror"}, nil)} cfg, err := makeServiceConfig([]string{"https://my.mirror"}, nil)
if err != nil {
t.Fatal(err)
}
s := DefaultService{config: cfg}
imageName, err := reference.WithName(IndexName + "/test/image") imageName, err := reference.WithName(IndexName + "/test/image")
if err != nil { if err != nil {
@ -841,9 +852,12 @@ func TestAllowNondistributableArtifacts(t *testing.T) {
{"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, true}, {"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, true},
} }
for _, tt := range tests { for _, tt := range tests {
config := newServiceConfig(ServiceOptions{ config, err := newServiceConfig(ServiceOptions{
AllowNondistributableArtifacts: tt.registries, AllowNondistributableArtifacts: tt.registries,
}) })
if err != nil {
t.Error(err)
}
if v := allowNondistributableArtifacts(config, tt.addr); v != tt.expected { if v := allowNondistributableArtifacts(config, tt.addr); v != tt.expected {
t.Errorf("allowNondistributableArtifacts failed for %q %v, expected %v got %v", tt.addr, tt.registries, tt.expected, v) t.Errorf("allowNondistributableArtifacts failed for %q %v, expected %v got %v", tt.addr, tt.registries, tt.expected, v)
} }
@ -883,7 +897,10 @@ func TestIsSecureIndex(t *testing.T) {
{"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, false}, {"invalid.domain.com:5000", []string{"invalid.domain.com:5000"}, false},
} }
for _, tt := range tests { for _, tt := range tests {
config := makeServiceConfig(nil, tt.insecureRegistries) config, err := makeServiceConfig(nil, tt.insecureRegistries)
if err != nil {
t.Error(err)
}
if sec := isSecureIndex(config, tt.addr); sec != tt.expected { if sec := isSecureIndex(config, tt.addr); sec != tt.expected {
t.Errorf("isSecureIndex failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec) t.Errorf("isSecureIndex failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
} }

8
registry/service.go
Просмотреть файл

@ -45,10 +45,10 @@ type DefaultService struct {
// NewService returns a new instance of DefaultService ready to be // NewService returns a new instance of DefaultService ready to be
// installed into an engine. // installed into an engine.
func NewService(options ServiceOptions) *DefaultService { func NewService(options ServiceOptions) (*DefaultService, error) {
return &DefaultService{ config, err := newServiceConfig(options)
config: newServiceConfig(options),
} return &DefaultService{config: config}, err
} }
// ServiceConfig returns the public registry service configuration. // ServiceConfig returns the public registry service configuration.

5
registry/service_v1_test.go
Просмотреть файл

@ -3,7 +3,10 @@ package registry
import "testing" import "testing"
func TestLookupV1Endpoints(t *testing.T) { func TestLookupV1Endpoints(t *testing.T) {
s := NewService(ServiceOptions{}) s, err := NewService(ServiceOptions{})
if err != nil {
t.Fatal(err)
}
cases := []struct { cases := []struct {
hostname string hostname string