Merge pull request #11516 from medyagh/disable_docker

Disable Non-Active Containers Runtimes
2021-05-27 13:07:43 -07:00 · 2021-05-27 13:07:43 -07:00 · 89604fcbce
parent 0d3c246f03 be7c85b1a8
commit 89604fcbce
4 changed files with 35 additions and 3 deletions
--- a/pkg/minikube/cruntime/cruntime.go
+++ b/pkg/minikube/cruntime/cruntime.go
@ -225,9 +225,10 @@ func disableOthers(me Manager, cr CommandRunner) error {
 			klog.Infof("skipping containerd shutdown because we are bound to it")
 			continue
 		}
-
-		// runtime is already disabled, nothing to do.
-		if !r.Active() {
+		// in case of docker, if other runtime are already not active we are sure it is disabled, nothing to do.
+		// because #11515 for non-docker runtimes, we gotta ensure Docker is disabled and can not just check if it is not active
+		// since it is enabled by default in the current base image and it keeps coming back to life
+		if me.Name() == "Docker" && !r.Active() {
 			continue
 		}

--- a/pkg/minikube/cruntime/docker.go
+++ b/pkg/minikube/cruntime/docker.go
@ -150,6 +150,7 @@ func (r *Docker) Restart() error {

 // Disable idempotently disables Docker on a host
 func (r *Docker) Disable() error {
+	klog.Info("disabling docker service ...")
 	// because #10373
 	if err := r.Init.ForceStop("docker.socket"); err != nil {
 		klog.ErrorS(err, "Failed to stop", "service", "docker.socket")
--- a/site/content/en/docs/contrib/tests.en.md
+++ b/site/content/en/docs/contrib/tests.en.md
@ -166,6 +166,9 @@ to check existence of the test file
 #### validateCertSync
 to check existence of the test certificate

+#### validateNotActiveRuntimeDisabled
+asserts that for a given runtime, the other runtimes disabled, for example for containerd runtime, docker and crio needs to be not running
+
 #### validateUpdateContextCmd
 asserts basic "update-context" command functionality

--- a/test/integration/functional_test.go
+++ b/test/integration/functional_test.go
@ -138,6 +138,7 @@ func TestFunctional(t *testing.T) {
 			{"RemoveImage", validateRemoveImage},
 			{"BuildImage", validateBuildImage},
 			{"ListImages", validateListImages},
+			{"NonActiveRuntimeDisabled", validateNotActiveRuntimeDisabled},
 		}
 		for _, tc := range tests {
 			tc := tc
@ -1663,6 +1664,32 @@ func validateCertSync(ctx context.Context, t *testing.T, profile string) {
 	}
 }

+// validateNotActiveRuntimeDisabled asserts that for a given runtime, the other runtimes disabled, for example for containerd runtime, docker and crio needs to be not running
+func validateNotActiveRuntimeDisabled(ctx context.Context, t *testing.T, profile string) {
+	if NoneDriver() {
+		t.Skip("skipping on none driver, minikube does not control the runtime of user on the none driver.")
+	}
+	disableMap := map[string][]string{
+		"docker":     {"crio"},
+		"containerd": {"docker", "crio"},
+		"crio":       {"docker", "containerd"},
+	}
+
+	expectDisable := disableMap[ContainerRuntime()]
+	for _, cr := range expectDisable {
+		// for example: minikube sudo systemctl is-active docker
+		rr, err := Run(t, exec.CommandContext(ctx, Target(), "-p", profile, "ssh", fmt.Sprintf("sudo systemctl is-active %s", cr)))
+		got := rr.Stdout.String()
+		if err != nil && !strings.Contains(got, "inactive") {
+			t.Logf("output of %s: %v", rr.Output(), err)
+		}
+		if !strings.Contains(got, "inactive") {
+			t.Errorf("For runtime %q: expected %q to be inactive but got %q ", ContainerRuntime(), cr, got)
+		}
+
+	}
+}
+
 // validateUpdateContextCmd asserts basic "update-context" command functionality
 func validateUpdateContextCmd(ctx context.Context, t *testing.T, profile string) {
 	defer PostMortemLogs(t, profile)