From 5c5ab49d52d21d897ad598feb35cee025a48d58f Mon Sep 17 00:00:00 2001 From: Michael Edgar Date: Thu, 11 Dec 2025 12:45:42 -0500 Subject: [PATCH] Bridge network for communication between ApiServerContainer and Etcd Signed-off-by: Michael Edgar --- .../dajudge/kindcontainer/ApiServerContainer.java | 10 +++++++--- .../com/dajudge/kindcontainer/EtcdContainer.java | 12 +++++++----- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/src/main/java/com/dajudge/kindcontainer/ApiServerContainer.java b/src/main/java/com/dajudge/kindcontainer/ApiServerContainer.java index d0310232..ba5ff673 100644 --- a/src/main/java/com/dajudge/kindcontainer/ApiServerContainer.java +++ b/src/main/java/com/dajudge/kindcontainer/ApiServerContainer.java @@ -9,6 +9,7 @@ import com.github.dockerjava.api.command.InspectContainerResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.testcontainers.containers.Network; import org.testcontainers.shaded.org.awaitility.Awaitility; import org.testcontainers.shaded.org.bouncycastle.asn1.x509.GeneralName; import org.testcontainers.utility.DockerImageName; @@ -53,6 +54,7 @@ public class ApiServerContainer> extends Kuberne )); private EtcdContainer etcd; private Duration controlPlaneReadyTimeout = Duration.ofMinutes(5); + private Network network = Network.newNetwork(); /** * Constructs a new ApiServerContainer with the latest supported Kubernetes version. @@ -93,7 +95,8 @@ public ApiServerContainer(final KubernetesImageSpec i .withCopyAsciiToContainer(apiServerCa.getCaKeyStore().getCertificatePem(), API_SERVER_CA) .withCopyAsciiToContainer(etcdClientKeyPair.getCertificatePem(), ETCD_CLIENT_CERT) .withCopyAsciiToContainer(etcdClientKeyPair.getPrivateKeyPem(), ETCD_CLIENT_KEY) - .withCopyAsciiToContainer(etcdCa.getCaKeyStore().getCertificatePem(), ETCD_CLIENT_CA); + .withCopyAsciiToContainer(etcdCa.getCaKeyStore().getCertificatePem(), ETCD_CLIENT_CA) + .withNetwork(network); } @Override @@ -119,7 +122,7 @@ private void createContainerCmdModifier(final CreateContainerCmd cmd) { put("etcd-cafile", ETCD_CLIENT_CA); put("etcd-certfile", ETCD_CLIENT_CERT); put("etcd-keyfile", ETCD_CLIENT_KEY); - put("etcd-servers", "https://localhost:2379"); + put("etcd-servers", "https://etcd:2379"); put("service-account-key-file", API_SERVER_PUBKEY); put("service-account-signing-key-file", API_SERVER_KEY); put("service-account-issuer", "https://kubernetes.default.svc.cluster.local"); @@ -143,7 +146,7 @@ private void createContainerCmdModifier(final CreateContainerCmd cmd) { @Override protected void containerIsStarting(final InspectContainerResponse containerInfo) { - etcd = new EtcdContainer(etcdImage, etcdCa, containerInfo.getId()); + etcd = new EtcdContainer(etcdImage, etcdCa, network); etcd.start(); waitForApiServer(); waitForDefaultNamespace(); @@ -205,6 +208,7 @@ public T withEtcdImage(final DockerImageName image) { public void stop() { super.stop(); etcd.stop(); + network.close(); } /** diff --git a/src/main/java/com/dajudge/kindcontainer/EtcdContainer.java b/src/main/java/com/dajudge/kindcontainer/EtcdContainer.java index 181fb62e..48d1f1b2 100644 --- a/src/main/java/com/dajudge/kindcontainer/EtcdContainer.java +++ b/src/main/java/com/dajudge/kindcontainer/EtcdContainer.java @@ -2,6 +2,8 @@ import com.dajudge.kindcontainer.pki.CertAuthority; import com.dajudge.kindcontainer.pki.KeyStoreWrapper; + +import org.testcontainers.containers.Network; import org.testcontainers.shaded.org.bouncycastle.asn1.x509.GeneralName; import org.testcontainers.utility.DockerImageName; @@ -22,15 +24,15 @@ class EtcdContainer extends BaseGenericContainer { private static final String STARTUP_SIGNAL_PATH = DOCKER_BASE_PATH + "/startup"; private static final String[] CMD = buildCommand(); - EtcdContainer(final DockerImageName image, final CertAuthority etcdCa, final String targetContainerId) { + EtcdContainer(final DockerImageName image, final CertAuthority etcdCa, final Network network) { super(image); final KeyStoreWrapper etcdKeypair = etcdCa.newKeyPair( "CN=etcd", - singletonList(new GeneralName(GeneralName.dNSName, "localhost")) + singletonList(new GeneralName(GeneralName.dNSName, "etcd")) ); this .withNetworkAliases("etcd") - .withNetworkMode("container:" + targetContainerId) + .withNetwork(network) .withEnv("STARTUP_SIGNAL", STARTUP_SIGNAL_PATH) .withEnv("SERVER_CERT_PATH", SERVER_CERT_PATH) .withEnv("SERVER_KEY_PATH", SERVER_KEY_PATH) @@ -44,7 +46,7 @@ class EtcdContainer extends BaseGenericContainer { private static String[] buildCommand() { final Map params = new HashMap() {{ - put("advertise-client-urls", "https://localhost:2379"); + put("advertise-client-urls", "https://etcd:2379"); put("cert-file", SERVER_CERT_PATH); put("key-file", SERVER_KEY_PATH); put("trusted-ca-file", SERVER_CACERTS_PATH); @@ -56,7 +58,7 @@ private static String[] buildCommand() { put("data-dir", "/var/lib/etcd"); put("initial-advertise-peer-urls", "https://localhost:2380"); put("initial-cluster", "control-plane=https://localhost:2380"); - put("listen-client-urls", "https://localhost:2379"); + put("listen-client-urls", "https://0.0.0.0:2379"); put("listen-metrics-urls", "http://localhost:2381"); put("listen-peer-urls", "https://localhost:2380"); put("name", "control-plane");