add bypass4netnsd to manage bypass4netns via REST API listening on un…

…ix socket

Signed-off-by: Naoki MATSUMOTO <[email protected]>

.gitignore

@@ -1,3 +1,4 @@
 /bypass4netns
+/bypass4netnsd
 *~
 /.vagrant

Makefile

@@ -1,18 +1,24 @@
 GO ?= go
 GO_BUILD := $(GO) build
 
-.DEFAULT: bypass4netns
+.DEFAULT: all
+
+all: bypass4netns bypass4netnsd
 
 bypass4netns:
 	$(GO_BUILD) -o $@ cmd/$@/*
 
-install: bypass4netns
+bypass4netnsd:
+	$(GO_BUILD) -o $@ cmd/$@/*
+
+install: bypass4netns bypass4netnsd
 	install bypass4netns /usr/local/bin/bypass4netns
+	install bypass4netnsd /usr/local/bin/bypass4netnsd
 
 uninstall:
 	rm -rf /usr/local/bin/bypass4netns
 
 clean:
 	rm -rf bypass4netns
 
-.PHONY: bypass4netns install uninstall clean
+.PHONY: all bypass4netns bypass4netnsd install uninstall clean

Vagrantfile

@@ -107,5 +107,11 @@ Vagrant.configure("2") do |config|
      nerdctl rm -f test
     )
 
+    echo "===== Test bypass4netnsd ====="
+    (
+     set -x
+     /vagrant/test/test_b4nsd.sh
+    )
+
   SHELL
 end

cmd/bypass4netnsd/main.go

@@ -0,0 +1,101 @@
+package main
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"os"
+	"path/filepath"
+
+	"github.com/gorilla/mux"
+	"github.com/rootless-containers/bypass4netns/pkg/api/daemon/router"
+	"github.com/rootless-containers/bypass4netns/pkg/bypass4netns"
+	"github.com/sirupsen/logrus"
+	flag "github.com/spf13/pflag"
+)
+
+var (
+	socketFile  string
+	pidFile     string
+	logFilePath string
+	b4nsPath    string
+)
+
+func main() {
+	xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR")
+	if xdgRuntimeDir == "" {
+		panic("$XDG_RUNTIME_DIR needs to be set")
+	}
+	exePath, err := os.Executable()
+	if err != nil {
+		panic(err)
+	}
+	defaultB4nsPath := filepath.Join(filepath.Dir(exePath), "bypass4netns")
+
+	flag.StringVar(&socketFile, "socket", filepath.Join(xdgRuntimeDir, "bypass4netnsd.sock"), "Socket file")
+	flag.StringVar(&pidFile, "pid-file", "", "Pid file")
+	flag.StringVar(&logFilePath, "log-file", "", "Output logs to file")
+	flag.StringVar(&b4nsPath, "b4ns-executable", defaultB4nsPath, "Path to bypass4netns executable")
+	logrus.SetLevel(logrus.DebugLevel)
+
+	// Parse arguments
+	flag.Parse()
+	if flag.NArg() > 0 {
+		flag.PrintDefaults()
+		logrus.Fatal("Invalid command")
+	}
+
+	if err := os.Remove(socketFile); err != nil && !errors.Is(err, os.ErrNotExist) {
+		logrus.Fatalf("Cannot cleanup socket file: %v", err)
+	}
+	logrus.Infof("SocketPath: %s", socketFile)
+
+	if pidFile != "" {
+		pid := fmt.Sprintf("%d", os.Getpid())
+		if err := os.WriteFile(pidFile, []byte(pid), 0o644); err != nil {
+			logrus.Fatalf("Cannot write pid file: %v", err)
+		}
+		logrus.Infof("PidFilePath: %s", pidFile)
+	}
+
+	if logFilePath != "" {
+		logFile, err := os.Create(logFilePath)
+		if err != nil {
+			logrus.Fatalf("Cannnot write log file %s : %v", logFilePath, err)
+		}
+		defer logFile.Close()
+		logrus.SetOutput(io.MultiWriter(os.Stderr, logFile))
+		logrus.Infof("LogFilePath %s", logFilePath)
+	}
+
+	if _, err = os.Stat(b4nsPath); err != nil {
+		logrus.Fatalf("Bypass4netns executable not found %s", b4nsPath)
+	}
+	logrus.Infof("Bypass4netns executable path: %s", b4nsPath)
+
+	err = listenServeAPI(socketFile, &router.Backend{
+		BypassDriver: bypass4netns.NewDriver(b4nsPath),
+	})
+	if err != nil {
+		logrus.Fatalf("failed to serve API: %s", err)
+	}
+}
+
+func listenServeAPI(socketPath string, backend *router.Backend) error {
+	r := mux.NewRouter()
+	router.AddRoutes(r, backend)
+	srv := &http.Server{Handler: r}
+	err := os.RemoveAll(socketPath)
+	if err != nil {
+		return err
+	}
+	l, err := net.Listen("unix", socketPath)
+	if err != nil {
+		return err
+	}
+	srv.Serve(l)
+
+	return nil
+}

cmd/bypass4netnsd/main_test.go

@@ -0,0 +1,59 @@
+package main
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"syscall"
+	"testing"
+
+	"github.com/rootless-containers/bypass4netns/pkg/api/daemon/client"
+	"github.com/rootless-containers/bypass4netns/pkg/bypass4netns"
+	"github.com/stretchr/testify/assert"
+)
+
+// Start bypass4netnsd before testing
+func TestBypass4netnsd(t *testing.T) {
+	xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR")
+	if xdgRuntimeDir == "" {
+		panic("$XDG_RUNTIME_DIR needs to be set")
+	}
+	client, err := client.New(filepath.Join(xdgRuntimeDir, "bypass4netnsd.sock"))
+	if err != nil {
+		t.Fatalf("failed client.New %s", err)
+	}
+	bm := client.BypassManager()
+	specs := bypass4netns.BypassSpec{
+		ID: "1234567890",
+	}
+	status, err := bm.StartBypass(context.TODO(), specs)
+	assert.Equal(t, nil, err)
+
+	statuses, err := bm.ListBypass(context.TODO())
+	assert.Equal(t, nil, err)
+	assert.Equal(t, 1, len(statuses))
+	newStatus := statuses[0]
+	assert.Equal(t, status.ID, newStatus.ID)
+	assert.NotEqual(t, 0, newStatus.Pid)
+	assert.Equal(t, true, isProcessRunning(newStatus.Pid))
+
+	err = bm.StopBypass(context.TODO(), specs.ID)
+	assert.Equal(t, nil, err)
+	assert.Equal(t, false, isProcessRunning(newStatus.Pid))
+
+	statuses, err = bm.ListBypass(context.TODO())
+	assert.Equal(t, nil, err)
+	assert.Equal(t, 0, len(statuses))
+}
+
+func isProcessRunning(pid int) bool {
+	proc, err := os.FindProcess(pid)
+	if err != nil {
+		return false
+	}
+
+	// check the process is alive or not
+	err = proc.Signal(syscall.Signal(0))
+
+	return err == nil
+}

go.mod

@@ -3,6 +3,7 @@ module github.com/rootless-containers/bypass4netns
 go 1.17
 
 require (
+	github.com/gorilla/mux v1.8.0
 	github.com/opencontainers/runtime-spec v1.0.3-0.20211214071223-8958f93039ab
 	github.com/oraoto/go-pidfd v0.1.2-0.20210402155345-46bf1ba22e22
 	github.com/seccomp/libseccomp-golang v0.9.2-0.20220128023657-2a7184820543
@@ -11,3 +12,10 @@ require (
 	github.com/vtolstov/go-ioctl v0.0.0-20151206205506-6be9cced4810
 	golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27
 )
+
+require (
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/testify v1.7.0 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
+)

go.sum

@@ -1,5 +1,8 @@
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
+github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/opencontainers/runtime-spec v1.0.3-0.20211214071223-8958f93039ab h1:YQZXa3elcHgKXAa2GjVFC9M3JeP7ZPyFD1YByDx/dgQ=
 github.com/opencontainers/runtime-spec v1.0.3-0.20211214071223-8958f93039ab/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
 github.com/oraoto/go-pidfd v0.1.2-0.20210402155345-46bf1ba22e22 h1:TBw1Dwr/0eRvVIhdgQ+qGQuJ2STNL1+bjaI7nKLCoiQ=
@@ -12,10 +15,16 @@ github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE
 github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/vtolstov/go-ioctl v0.0.0-20151206205506-6be9cced4810 h1:X6ps8XHfpQjw8dUStzlMi2ybiKQ2Fmdw7UM+TinwvyM=
 github.com/vtolstov/go-ioctl v0.0.0-20151206205506-6be9cced4810/go.mod h1:dF0BBJ2YrV1+2eAIyEI+KeSidgA6HqoIP1u5XTlMq/o=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27 h1:XDXtA5hveEEV8JB2l7nhMTp3t3cHp9ZpwcdjqyEWLlo=
 golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

pkg/api/api.go

@@ -0,0 +1,5 @@
+package api
+
+type ErrorJSON struct {
+	Message string `json:"message"`
+}