From bd236e50a5fa876492e5d11e30b25cf245bf96c8 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 3 Jun 2020 14:13:39 +0900 Subject: [PATCH 1/5] integration: skip checkpoint tests if criu binary not found Signed-off-by: Akihiro Suda --- libcontainer/integration/checkpoint_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libcontainer/integration/checkpoint_test.go b/libcontainer/integration/checkpoint_test.go index ad34fb36..28fdbdb0 100644 --- a/libcontainer/integration/checkpoint_test.go +++ b/libcontainer/integration/checkpoint_test.go @@ -60,6 +60,10 @@ func testCheckpoint(t *testing.T, userns bool) { return } + if _, err := exec.LookPath("criu"); err != nil { + t.Skipf("criu binary not found: %v", err) + } + root, err := newTestRoot() if err != nil { t.Fatal(err) From 6246bb1110a12617bae3ade21fbf0a58efa3d642 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 3 Jun 2020 14:14:29 +0900 Subject: [PATCH 2/5] spec.bats: avoid using `git -C` `git -C` is not present in git 1.8.3.1 shipped in CentOS 7 Signed-off-by: Akihiro Suda --- tests/integration/spec.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration/spec.bats b/tests/integration/spec.bats index d924007d..1aa38815 100644 --- a/tests/integration/spec.bats +++ b/tests/integration/spec.bats @@ -79,7 +79,7 @@ function teardown() { SPEC_REF=$([[ -z "$SPEC_COMMIT" ]] && echo $SPEC_VERSION || echo $SPEC_COMMIT) - run git -C src/runtime-spec reset --hard "${SPEC_REF}" + run bash -c "cd src/runtime-spec && git reset --hard ${SPEC_REF}" [ "$status" -eq 0 ] [ -e src/runtime-spec/schema/config-schema.json ] @@ -87,7 +87,7 @@ function teardown() { run bash -c "GOPATH='$GOPATH' go get github.com/xeipuuv/gojsonschema" [ "$status" -eq 0 ] - run git -C "${GOPATH}/src/github.com/xeipuuv/gojsonschema" reset --hard 6637feb73ee44cd4640bb3def285c29774234c7f + run bash -c "cd ${GOPATH}/src/github.com/xeipuuv/gojsonschema && git reset --hard 6637feb73ee44cd4640bb3def285c29774234c7f" [ "$status" -eq 0 ] GOPATH="$GOPATH" go build src/runtime-spec/schema/validate.go From 1f366c6a01db1c67b4b2fa891a087de8f1275ac3 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 3 Jun 2020 14:15:21 +0900 Subject: [PATCH 3/5] tests/rootless.sh: fix executing bats in non-root PATH Signed-off-by: Akihiro Suda --- tests/rootless.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/rootless.sh b/tests/rootless.sh index 19ec43e1..c9c79383 100755 --- a/tests/rootless.sh +++ b/tests/rootless.sh @@ -146,7 +146,7 @@ do # https://bugzilla.redhat.com/show_bug.cgi?id=1788616 ssh -t -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i $HOME/rootless.key rootless@localhost -- PATH="$PATH" RUNC_USE_SYSTEMD="$RUNC_USE_SYSTEMD" bats -t "$ROOT/tests/integration$ROOTLESS_TESTPATH" else - sudo -HE -u rootless PATH="$PATH" bats -t "$ROOT/tests/integration$ROOTLESS_TESTPATH" + sudo -HE -u rootless PATH="$PATH" $(which bats) -t "$ROOT/tests/integration$ROOTLESS_TESTPATH" fi set +e done From 262ef5631aa8af01161e34ce7d9ba645e9e1393e Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 3 Jun 2020 17:49:35 +0900 Subject: [PATCH 4/5] update.bats: support systemd <= 226 The infinity value was changed in systemd 227. systemd >= 227: "infinity" systemd <= 226: 18446744073709551615 e.g. https://github.com/systemd/systemd/commit/03a7b521e3ffb7f5d153d90480ba5d4bc29d1e8f#diff-423c8c1eeb2ef5b08849c3c30b7e53aeR558 Signed-off-by: Akihiro Suda --- tests/integration/update.bats | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/integration/update.bats b/tests/integration/update.bats index c4fcaf1f..82b835b2 100644 --- a/tests/integration/update.bats +++ b/tests/integration/update.bats @@ -67,6 +67,10 @@ function setup() { ;; esac SD_UNLIMITED="infinity" + SD_VERSION=$(systemctl --version | awk '{print $2; exit}') + if [ $SD_VERSION -lt 227 ]; then + SD_UNLIMITED="18446744073709551615" + fi # check that initial values were properly set check_cgroup_value "cpuset.cpus" 0 From 499357d61a2fa7474d97a2ec70fa4650ad7e33f5 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Wed, 3 Jun 2020 14:16:10 +0900 Subject: [PATCH 5/5] add Vagrantfile.centos7 Signed-off-by: Akihiro Suda --- .gitignore | 2 ++ .travis.yml | 28 ++++++++++----- Vagrantfile.centos7 | 54 +++++++++++++++++++++++++++++ Vagrantfile => Vagrantfile.fedora32 | 0 script/install-vagrant.sh | 11 ++++++ 5 files changed, 87 insertions(+), 8 deletions(-) create mode 100644 Vagrantfile.centos7 rename Vagrantfile => Vagrantfile.fedora32 (100%) create mode 100755 script/install-vagrant.sh diff --git a/.gitignore b/.gitignore index 282e34ec..84485cb9 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,5 @@ vendor/pkg contrib/cmd/recvtty/recvtty man/man8 release +Vagrantfile +.vagrant diff --git a/.travis.yml b/.travis.yml index e6351555..6a4c2dc9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -20,15 +20,10 @@ matrix: script: - make all - sudo PATH="$PATH" make localintegration RUNC_USE_SYSTEMD=1 - - go: 1.13.x - name: "cgroup-v2" - env: - - VAGRANT_VERSION=2.2.7 + - name: "fedora32" before_install: - - cat /proc/cpuinfo -# https://github.com/alvistack/ansible-role-virtualbox/blob/6887b020b0ca5c59ddb6620d73f053ffb84f4126/.travis.yml#L30 - - sudo apt-get install -q -y bridge-utils dnsmasq-base ebtables libvirt-bin libvirt-dev qemu-kvm qemu-utils ruby-dev && wget https://releases.hashicorp.com/vagrant/${VAGRANT_VERSION}/vagrant_${VAGRANT_VERSION}_$(uname -m).deb && sudo dpkg -i vagrant_${VAGRANT_VERSION}_$(uname -m).deb && rm -f vagrant_${VAGRANT_VERSION}_$(uname -m).deb - - sudo vagrant plugin install vagrant-libvirt + - sudo ./script/install-vagrant.sh + - ln -sf Vagrantfile.fedora32 Vagrantfile - sudo vagrant up && sudo mkdir -p /root/.ssh && sudo sh -c "vagrant ssh-config >> /root/.ssh/config" script: - sudo ssh default -t 'cd /vagrant && sudo make localunittest' @@ -40,6 +35,23 @@ matrix: - sudo ssh default -t 'cd /vagrant && sudo make localrootlessintegration RUNC_USE_SYSTEMD=yes' # same setup but with fs2 driver (rootless) instead of systemd - sudo ssh default -t 'cd /vagrant && sudo make localrootlessintegration' + - name: "centos7" + before_install: + - sudo ./script/install-vagrant.sh + - ln -sf Vagrantfile.centos7 Vagrantfile + - sudo vagrant up && sudo mkdir -p /root/.ssh && sudo sh -c "vagrant ssh-config >> /root/.ssh/config" + script: + # kernel 3.10 (frankenized), systemd 219 + - sudo ssh default 'rpm -q centos-release kernel systemd' + # FIXME: the following unit tests are skipped (TESTFLAGS=-short): + # FAIL: TestPidsSystemd: utils_test.go:55: exec_test.go:630: unexpected error: container_linux.go:353: starting container process caused: process_linux.go:326: applying cgroup configuration for process caused: mountpoint for devices not found + # FAIL: TestRunWithKernelMemorySystemd: exec_test.go:713: runContainer failed with kernel memory limit: container_linux.go:353: starting container process caused: process_linux.go:326: applying cgroup configuration for process caused: mkdir : no such file or directory + - sudo ssh default -t 'sudo -i make -C /vagrant localunittest TESTFLAGS=-short' + - sudo ssh default -t 'sudo -i make -C /vagrant localintegration' + - sudo ssh default -t 'sudo -i make -C /vagrant localintegration RUNC_USE_SYSTEMD=1' + # FIXME: rootless is skipped because of EPERM on writing cgroup.procs + # - sudo ssh default -t 'sudo -i make -C /vagrant localrootlessintegration' + allow_failures: - go: tip diff --git a/Vagrantfile.centos7 b/Vagrantfile.centos7 new file mode 100644 index 00000000..49cb2779 --- /dev/null +++ b/Vagrantfile.centos7 @@ -0,0 +1,54 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + config.vm.box = "centos/7" + config.vm.provider :virtualbox do |v| + v.memory = 2048 + v.cpus = 2 + end + config.vm.provider :libvirt do |v| + v.memory = 2048 + v.cpus = 2 + end + config.vm.provision "shell", inline: <<-SHELL + # configuration + GO_VERSION="1.13.11" + BATS_VERSION="v1.2.0" + + # install yum packages + yum install -y -q epel-release + yum install -y -q gcc git iptables jq libseccomp-devel make + yum clean all + + # install Go + curl -fsSL "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz" | tar Cxz /usr/local + + # install bats + git clone https://github.com/bats-core/bats-core + cd bats-core + git checkout $BATS_VERSION + ./install.sh /usr/local + + # NOTE: criu is NOT installed. criu tests are skipped. + + # set PATH (NOTE: sudo without -i ignores this PATH) + cat >> /etc/profile.d/sh.local < /etc/sysctl.d/userns.conf + sysctl --system + + # Add a user for rootless tests + useradd -u2000 -m -d/home/rootless -s/bin/bash rootless + + # Add busybox for libcontainer/integration tests + . /vagrant/tests/integration/multi-arch.bash \ + && mkdir /busybox \ + && curl -fsSL $(get_busybox) | tar xfJC - /busybox + SHELL +end diff --git a/Vagrantfile b/Vagrantfile.fedora32 similarity index 100% rename from Vagrantfile rename to Vagrantfile.fedora32 diff --git a/script/install-vagrant.sh b/script/install-vagrant.sh new file mode 100755 index 00000000..ed3b60ba --- /dev/null +++ b/script/install-vagrant.sh @@ -0,0 +1,11 @@ +#!/bin/bash +set -eux -o pipefail +VAGRANT_VERSION="2.2.7" + +# https://github.com/alvistack/ansible-role-virtualbox/blob/6887b020b0ca5c59ddb6620d73f053ffb84f4126/.travis.yml#L30 +apt-get update +apt-get install -q -y bridge-utils dnsmasq-base ebtables libvirt-bin libvirt-dev qemu-kvm qemu-utils ruby-dev +wget https://releases.hashicorp.com/vagrant/${VAGRANT_VERSION}/vagrant_${VAGRANT_VERSION}_$(uname -m).deb +dpkg -i vagrant_${VAGRANT_VERSION}_$(uname -m).deb +rm -f vagrant_${VAGRANT_VERSION}_$(uname -m).deb +vagrant plugin install vagrant-libvirt