Dear CircleCI Team,
With the Docker LXC driver you use, the netstat command does not work inside the containers. It runs the netstat command in the host instead of in the container, so its output is wrong.
There is a tool called lxc-netstat to solve this problem, but it is not available on CircleCI machines. I tried installing the lxc-netstat command by hand, but requires cgroups, so that does not work either. I also tried using netcat (
nc -z), with no luck.
In my case, I need this to run Serverspec port tests, which use netstat underneath.
Usage example here: https://circleci.com/gh/zuazo/keywhiz-docker/2
The error output in this case:
Failures: 1) Docker Build from path: "/home/ubuntu/keywhiz-docker" Serverspec on tag: "keywhiz" Port "4444" should be listening Failure/Error: should be_listening expected Port "4444" to be listening netstat -tunl | grep -- :4444\ # ./spec/keywhiz_spec.rb:30:in `block (4 levels) in <top (required)>'
Either way, what I’m trying to say is that it would be good to support netstat inside containers or some way to test listening ports, does not matter if we need to run another tool like lxc-netstat.
Thanks for your time