systemtests now run completely in containers

[dseevr]

Copied from the top of systemtests.sh:

1. builds a systemtests container
2. creates a docker network (all containers are attached to it)
3. starts an etcd container
4. starts a consul container
5. starts a systemtests container (does nothing by default)
6. starts a ccn_proxy container on port 10000 linked to etcd
7. starts a ccn_proxy container on port 10001 linked to consul
8. executes ./scripts/systemtests_in_container.sh which runs all the systemtests against the etcd proxy and consul proxy
9. stops etcd proxy container
10. stops consul proxy container
11. stops systemtests container
12. stops etcd container
13. stops consul container
14. destroys the docker network

Fixes https://github.com/contiv/ccn/issues/84

[dseevr]

As mentioned on Slack, CI will not pass until the firewall issue is resolved and the unit tests are also containerized (in progress)

[rhim]

Some questions. Mostly looks good.

[rhim]

why is devbuild version hardcoded here?

[dseevr]

This script can actually be deleted I guess. This was a convenience script for quickly testing the proxy during the early stages of development. There's now too many external components (datastore, netmaster, AD, etc.) to realistically have a universal "quick run" target.

[rhim]

same, why hardcode of version?

[dseevr]

This is the default name when no BUILD_VERSION is given to the make build target.

Hmm... I was thinking about this in the context of a CI run (which invokes the make ci target which runs make build before tests run). I guess we can't make that assumption and need to always build the main proxy container before tests run (either systemtests or unit tests)

[rhim]

same.

[dseevr]

This should really be made into a variable. I missed it because originally there was only one proxy being spawned and I just copy-pasted and tweaked the --data-store-address and port

[rhim]

Does this mean that systemtests assume that proxy is setup and running?

[dseevr]

Yeah, this will always be set before this container is invoked. Can you think of a use case for running systemtests in any other way than the make systemtests target?

I'll add a comment here that this is being set by systemtests_in_container.sh when the test suite is spun up

[rhim]

docker rm -f -v to do both in one shot? Same for all below.

[dseevr]

I'll test this tomorrow and make sure it does The Right Thing™ when the container doesn't shut down in a timely manner. docker stop lets you specify a timeout (which I use when shutting down the systemtests container)

[dseevr]

Removed scripts/run.sh, made the proxy image name a variable, replaced stop + rm -v with rm -f -v, and added a comment about where PROXY_ADDRESS is set

Also, cleaned up the systemtests.sh script a bit by moving some redundant IP stuff into a function and adding more comments

[neelimamukiri]

Looks good overall. Nice hack with the systemtest container start!

[neelimamukiri]

Will having this local save us some CI headaches?

[dseevr]

Are you thinking that we put it into the repo itself? This will permanently increase the size of the repo by ~70mb for each version we upgrade to, and Github will start yelling at us and telling us to use their Large File Storage service 🙃

Also because we COPY the whole repo into our build container, it'll slow down almost every Docker-related operation we do here... 🤔

[neelimamukiri]

Good points :) Ignore the suggestion. I wish we could build and push this to docker hub once and reuse it, though docker pull has its reliability issues too.

[neelimamukiri]

What happens when go version changes? Why is the image not being cached and how much additional time do you see this step taking?

[dseevr]

Actually, I'm going to remove the caching on this stuff and just change us to a more lightweight base image instead of using ubuntu:16.04

[neelimamukiri]

gocycle -> gocyclo. Wouldn't it be simpler to move 10-60 to a function and call all the commands using it - something like run_check("gofmt", gofmt -s -l ${files}) ...

[dseevr]

This script is originally from volplugin (https://github.com/contiv/volplugin/blob/0453e29b4d9916ae35ae492b9f3f302ff72bcc58/build/scripts/checks.sh) and we were using it verbatim. In this PR, I just removed the "fetch if not installed" lines because we're baking them in in the Dockerfile.checks

I'll fix this typo though :)

[neelimamukiri]

How do you use the mock server vs a real netmaster for the system tests?

[dseevr]

Take a peek at any of the systemtests/*_test.go files and look for the runTest() function. Each systemtest has the MockServer injected into it and it can be programmed in a test-specific way.

[dseevr]

Oh, I misread the actual question being asked here. As mentioned on Slack, we don't support running the systemtests against a real netmaster for various logistical reasons. We use the mockserver to emulate the responses a real netmaster would send (@yuva29 did the heavy lifting on that) and validate that we process them properly.

[neelimamukiri]

Are the logs stored somewhere, in case things fail and we want to debug?

[dseevr]

All the test logs are written to stdout, and there's additional output if the DEBUG envvar is set. I actually need to pass -e DEBUG="$DEBUG" to the systemtests container docker run command...

I think having the tests clean up after themselves by default is a good idea, but I'm open to ideas around allowing state to hang around afterwards. Maybe a KEEP_CONTAINERS envvar you can set will result in the containers not being deleted? The downside there is that you would need to manually delete all the containers and then delete the Docker network before you could run the systemtests again.

[neelimamukiri]

As long as the CI gets them through stdout it is sufficient. For the rare cases where we need the containers themselves running (which is a pure proxy case should be very rare), we can change it then.

[dseevr]

If you run DEBUG=1 make systemtests, you'll now get log.Debug*() output on stdout/stderr as well 😄

[neelimamukiri]

Awesome!

[neelimamukiri]

LGTM