def test_empty_jailer_id(test_microvm_with_api): """ Test that the jailer ID cannot be empty. @type: security """ test_microvm = test_microvm_with_api fc_binary, _ = build_tools.get_firecracker_binaries() # Set the jailer ID to None. test_microvm.jailer = JailerContext( jailer_id="", exec_file=fc_binary, ) # pylint: disable=W0703 try: test_microvm.spawn() # If the exception is not thrown, it means that Firecracker was # started successfully, hence there's a bug in the code due to which # we can set an empty ID. assert False except Exception as err: expected_err = "Jailer error: Invalid instance ID: invalid len (0);" \ " the length must be between 1 and 64" assert expected_err in str(err)
def init_microvm(root_path, bin_cloner_path, fc_binary=None, jailer_binary=None): """Auxiliary function for instantiating a microvm and setting it up.""" # pylint: disable=redefined-outer-name # The fixture pattern causes a pylint false positive for that rule. microvm_id = str(uuid.uuid4()) # Update permissions for custom binaries. if fc_binary is not None: os.chmod(fc_binary, 0o555) if jailer_binary is not None: os.chmod(jailer_binary, 0o555) if fc_binary is None or jailer_binary is None: fc_binary, jailer_binary = build_tools.get_firecracker_binaries() # Make sure we always have both binaries. assert fc_binary assert jailer_binary vm = Microvm(resource_path=root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, microvm_id=microvm_id, bin_cloner_path=bin_cloner_path) vm.setup() return vm
def test_binary_sizes(): """Test if the sizes of the release binaries are within expected ranges.""" fc_binary, jailer_binary = host.get_firecracker_binaries() check_binary_size("firecracker", fc_binary, FC_BINARY_SIZE_TARGET, BINARY_SIZE_TOLERANCE, FC_BINARY_SIZE_LIMIT) check_binary_size("jailer", jailer_binary, JAILER_BINARY_SIZE_TARGET, BINARY_SIZE_TOLERANCE, JAILER_BINARY_SIZE_LIMIT)
def init_microvm(root_path, cloner_path): """Auxiliary function for instantiating a microvm and setting it up.""" microvm_id = str(uuid.uuid4()) fc_binary, jailer_binary = build_tools.get_firecracker_binaries(root_path) vm = Microvm(resource_path=root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, microvm_id=microvm_id, newpid_cloner_path=cloner_path) vm.setup() return vm
def test_firecracker_binary_size(): """ Test if the size of the firecracker binary is within expected ranges. @type: build """ fc_binary, _ = host.get_firecracker_binaries() result = check_binary_size("firecracker", fc_binary, FC_BINARY_SIZE_TARGET, BINARY_SIZE_TOLERANCE, FC_BINARY_SIZE_LIMIT) return f"{result} B", \ f"{FC_BINARY_SIZE_TARGET} +/- {BINARY_SIZE_TOLERANCE * 100}% B"
def init_microvm(root_path, aux_binary_paths, features=''): """Auxiliary function for instantiating a microvm and setting it up.""" microvm_id = str(uuid.uuid4()) fc_binary, jailer_binary = build_tools.get_firecracker_binaries( root_path, features) vm = Microvm(resource_path=root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, build_feature=features, microvm_id=microvm_id, aux_bin_paths=aux_binary_paths) vm.setup() return vm
def test_jailer_binary_size(): """ Test if the size of the jailer binary is within expected ranges. @type: build """ _, jailer_binary = host.get_firecracker_binaries() result = check_binary_size("jailer", jailer_binary, JAILER_BINARY_SIZE_TARGET, BINARY_SIZE_TOLERANCE, JAILER_BINARY_SIZE_LIMIT) return f"{result} B", \ f"{JAILER_BINARY_SIZE_TARGET} +/- {BINARY_SIZE_TOLERANCE * 100}% B"
def init_microvm(root_path, bin_cloner_path): """Auxiliary function for instantiating a microvm and setting it up.""" # pylint: disable=redefined-outer-name # The fixture pattern causes a pylint false positive for that rule. microvm_id = str(uuid.uuid4()) fc_binary, jailer_binary = build_tools.get_firecracker_binaries() vm = Microvm(resource_path=root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, microvm_id=microvm_id, bin_cloner_path=bin_cloner_path) vm.setup() return vm
def init_microvm(root_path, aux_binary_paths, features=''): """Auxiliary function for instantiating a microvm and setting it up.""" microvm_id = str(uuid.uuid4()) fc_binary, jailer_binary = build_tools.get_firecracker_binaries( root_path, features ) vm = Microvm( resource_path=root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, build_feature=features, microvm_id=microvm_id, aux_bin_paths=aux_binary_paths ) vm.setup() return vm
def microvm(test_session_root_path, newpid_cloner_path): """Instantiate a microvm.""" # pylint: disable=redefined-outer-name # The fixture pattern causes a pylint false positive for that rule. # Make sure the necessary binaries are there before instantiating the # microvm. fc_binary, jailer_binary = build_tools.get_firecracker_binaries( test_session_root_path) microvm_id = str(uuid.uuid4()) vm = Microvm(resource_path=test_session_root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, microvm_id=microvm_id, newpid_cloner_path=newpid_cloner_path) vm.setup() yield vm vm.kill()
def microvm(test_session_root_path, newpid_cloner_path): """Instantiate a microvm.""" # pylint: disable=redefined-outer-name # The fixture pattern causes a pylint false positive for that rule. # Make sure the necessary binaries are there before instantiating the # microvm. fc_binary, jailer_binary = build_tools.get_firecracker_binaries( test_session_root_path ) microvm_id = str(uuid.uuid4()) vm = Microvm( resource_path=test_session_root_path, fc_binary_path=fc_binary, jailer_binary_path=jailer_binary, microvm_id=microvm_id, newpid_cloner_path=newpid_cloner_path ) vm.setup() yield vm vm.kill()
def test_describe_snapshot_all_versions(bin_cloner_path): """ Test `--describe-snapshot` correctness for all snapshot versions. @type: functional """ logger = logging.getLogger("describe_snapshot") builder = MicrovmBuilder(bin_cloner_path) artifacts = ArtifactCollection(_test_images_s3_bucket()) # Fetch all firecracker binaries. # For each binary create a snapshot and verify the data version # of the snapshot state file. firecracker_artifacts = artifacts.firecrackers( max_version=get_firecracker_version_from_toml()) for firecracker in firecracker_artifacts: firecracker.download() jailer = firecracker.jailer() jailer.download() target_version = firecracker.base_name()[1:] # Skip for aarch64, since the snapshotting feature # was introduced in v0.24.0. if platform.machine() == "aarch64" and "v0.23" in target_version: continue logger.info("Creating snapshot with Firecracker: %s", firecracker.local_path()) logger.info("Using Jailer: %s", jailer.local_path()) logger.info("Using target version: %s", target_version) # v0.23 does not support creating diff snapshots. diff_snapshots = "0.23" not in target_version vm_instance = builder.build_vm_nano(fc_binary=firecracker.local_path(), jailer_binary=jailer.local_path(), diff_snapshots=diff_snapshots) vm = vm_instance.vm vm.start() # Create a snapshot builder from a microvm. snapshot_builder = SnapshotBuilder(vm) disks = [vm_instance.disks[0].local_path()] # Version 0.24 and greater have Diff support. snap_type = SnapshotType.DIFF if diff_snapshots else SnapshotType.FULL snapshot = snapshot_builder.create(disks, vm_instance.ssh_key, target_version=target_version, snapshot_type=snap_type) logger.debug("========== Firecracker create snapshot log ==========") logger.debug(vm.log_data) vm.kill() # Fetch Firecracker binary for the latest version fc_binary, _ = get_firecracker_binaries() # Verify the output of `--describe-snapshot` command line parameter cmd = [fc_binary] + ["--describe-snapshot", snapshot.vmstate] code, stdout, stderr = run_cmd(cmd) assert code == 0 assert stderr == '' assert target_version in stdout