containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cirrus: Force runc use in F30 

Suspect crun might be sneaking in during VM image build via podman RPM
dependency.  Add it to the removal list when building, then also force
use of runc at runtime in F30.

Also quote all true/false vars to force them as strings instead of
booleans (which will become capitalized)

Signed-off-by: Chris Evich <cevich@redhat.com>
This commit is contained in:
Chris Evich 2020-02-27 11:43:47 -05:00
parent c96eb612e5
commit 0885f76742
No known key found for this signature in database
GPG Key ID: 03EDC70FD578067F
4 changed files with 71 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
.cirrus.yml
View File

@ -48,8 +48,9 @@ env:
#### Default to NOT operating in any special-case testing mode
####
SPECIALMODE: "none" # don't do anything special
TEST_REMOTE_CLIENT: false # don't test remote client by default
ADD_SECOND_PARTITION: false # will certainly fail inside containers
TEST_REMOTE_CLIENT: 'false' # don't test remote client by default
ADD_SECOND_PARTITION: 'false' # will certainly fail inside containers
MOD_LIBPOD_CONF: 'true' # Update libpod.conf runtime if required by OS environment
####
#### Credentials and other secret-sauces, decrypted at runtime when authorized.
@ -253,6 +254,9 @@ build_each_commit_task:
cpu: 8
memory: "8Gb"
env:
MOD_LIBPOD_CONF: 'false'
timeout_in: 30m
setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}'
@ -282,6 +286,9 @@ build_without_cgo_task:
cpu: 8
memory: "8Gb"
env:
MOD_LIBPOD_CONF: 'false'
timeout_in: 30m
setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}'
@ -381,10 +388,10 @@ testing_task:
timeout_in: 120m
env:
ADD_SECOND_PARTITION: true
ADD_SECOND_PARTITION: 'true'
matrix:
TEST_REMOTE_CLIENT: true
TEST_REMOTE_CLIENT: false
TEST_REMOTE_CLIENT: 'true'
TEST_REMOTE_CLIENT: 'false'
networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh'
setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}'
@ -428,11 +435,11 @@ special_testing_rootless_task:
$CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*'
env:
ADD_SECOND_PARTITION: true
ADD_SECOND_PARTITION: 'true'
SPECIALMODE: 'rootless' # See docs
matrix:
TEST_REMOTE_CLIENT: true
TEST_REMOTE_CLIENT: false
TEST_REMOTE_CLIENT: 'true'
TEST_REMOTE_CLIENT: 'false'
timeout_in: 60m
@ -469,7 +476,8 @@ special_testing_in_podman_task:
image_name: "${PRIOR_FEDORA_CACHE_IMAGE_NAME}"
env:
ADD_SECOND_PARTITION: true
ADD_SECOND_PARTITION: 'true'
MOD_LIBPOD_CONF: 'false' # Use existing/native setup
SPECIALMODE: 'in_podman' # See docs
# TODO: Support both runc and crun (cgroups v1 and v2 container images)
# matrix:
@ -628,10 +636,10 @@ verify_test_built_images_task:
image_name: "${PACKER_BUILDER_NAME}${BUILT_IMAGE_SUFFIX}"
env:
ADD_SECOND_PARTITION: true
ADD_SECOND_PARTITION: 'true'
matrix:
TEST_REMOTE_CLIENT: true
TEST_REMOTE_CLIENT: false
TEST_REMOTE_CLIENT: 'true'
TEST_REMOTE_CLIENT: 'false'
matrix:
# Required env. var. by check_image_script
PACKER_BUILDER_NAME: "fedora-30"

3
contrib/cirrus/lib.sh
View File

@ -88,6 +88,7 @@ ROOTLESS_ENV_RE='(CIRRUS_.+)|(ROOTLESS_.+)|(.+_IMAGE.*)|(.+_BASE)|(.*DIRPATH)|(.
SECRET_ENV_RE='(IRCID)|(ACCOUNT)|(GC[EP]..+)|(SSH)'
SPECIALMODE="${SPECIALMODE:-none}"
MOD_LIBPOD_CONF="${MOD_LIBPOD_CONF:false}"
TEST_REMOTE_CLIENT="${TEST_REMOTE_CLIENT:-false}"
export CONTAINER_RUNTIME=${CONTAINER_RUNTIME:-podman}
@ -105,6 +106,8 @@ OS_RELEASE_ID="$(source /etc/os-release; echo $ID)"
OS_RELEASE_VER="$(source /etc/os-release; echo $VERSION_ID | cut -d '.' -f 1)"
# Combined to ease soe usage
OS_REL_VER="${OS_RELEASE_ID}-${OS_RELEASE_VER}"
# Type of filesystem used for cgroups
CG_FS_TYPE="$(stat -f -c %T /sys/fs/cgroup)"
# Installed into cache-images, supports overrides
# by user-data in case of breakage or for debugging.

14
contrib/cirrus/packer/fedora_setup.sh
View File

@ -8,7 +8,7 @@ set -e
# Load in library (copied by packer, before this script was run)
source /tmp/libpod/$SCRIPT_BASE/lib.sh
req_env_var SCRIPT_BASE PACKER_BUILDER_NAME GOSRC
req_env_var SCRIPT_BASE PACKER_BUILDER_NAME GOSRC FEDORA_BASE_IMAGE OS_RELEASE_ID OS_RELEASE_VER
install_ooe
@ -17,9 +17,14 @@ trap "sudo rm -rf $GOPATH" EXIT
$BIGTO ooe.sh sudo dnf update -y
echo "Enabling updates-testing repository"
$LILTO ooe.sh sudo dnf install -y 'dnf-command(config-manager)'
$LILTO ooe.sh sudo dnf config-manager --set-enabled updates-testing
# Do not enable update-stesting on the previous Fedora release
if [[ "$FEDORA_BASE_IMAGE" =~ "${OS_RELEASE_ID}-cloud-base-${OS_RELEASE_VER}" ]]; then
warn "Enabling updates-testing repository for image based on $FEDORA_BASE_IMAGE"
$LILTO ooe.sh sudo dnf install -y 'dnf-command(config-manager)'
$LILTO ooe.sh sudo dnf config-manager --set-enabled updates-testing
else
warn "NOT enabling updates-testing repository for image based on $PRIOR_FEDORA_BASE_IMAGE"
fi
echo "Installing general build/test dependencies for Fedora '$OS_RELEASE_VER'"
REMOVE_PACKAGES=()
@ -98,6 +103,7 @@ case "$OS_RELEASE_VER" in
python2-future
runc
)
REMOVE_PACKAGES+=(crun)
;;
31)
INSTALL_PACKAGES+=(crun)

60
contrib/cirrus/setup_environment.sh
View File

@ -53,29 +53,14 @@ case "${OS_RELEASE_ID}" in
bash "$SCRIPT_BASE/add_second_partition.sh"
fi
if [[ "$OS_RELEASE_VER" == "31" ]]; then
warn "Switching io schedular to deadline to avoid RHBZ 1767539"
warn "aka https://bugzilla.kernel.org/show_bug.cgi?id=205447"
echo "mq-deadline" > /sys/block/sda/queue/scheduler
cat /sys/block/sda/queue/scheduler
warn "Switching io scheduler to 'deadline' to avoid RHBZ 1767539"
warn "aka https://bugzilla.kernel.org/show_bug.cgi?id=205447"
echo "mq-deadline" > /sys/block/sda/queue/scheduler
cat /sys/block/sda/queue/scheduler
warn "Forcing systemd cgroup manager"
X=$(echo "export CGROUP_MANAGER=systemd" | \
tee -a /etc/environment) && eval "$X" && echo "$X"
warn "Testing with crun instead of runc"
X=$(echo "export OCI_RUNTIME=/usr/bin/crun" | \
tee -a /etc/environment) && eval "$X" && echo "$X"
warn "Upgrading to the latest crun"
# Normally not something to do for stable testing
# but crun is new, and late-breaking fixes may be required
# on short notice
dnf update -y crun
#warn "Setting SELinux into Permissive mode"
#setenforce 0
fi
warn "Forcing systemd cgroup manager"
X=$(echo "export CGROUP_MANAGER=systemd" | \
tee -a /etc/environment) && eval "$X" && echo "$X"
;;
centos) # Current VM is an image-builder-image no local podman/testing
echo "No further setup required for VM image building"
@ -87,6 +72,37 @@ esac
# Reload to incorporate any changes from above
source "$SCRIPT_BASE/lib.sh"
case "$CG_FS_TYPE" in
tmpfs)
warn "Forcing testing with runc instead of crun"
X=$(echo "export OCI_RUNTIME=/usr/bin/runc" | \
tee -a /etc/environment) && eval "$X" && echo "$X"
;;
cgroup2fs)
# This is necessary since we've built/installed from source, which uses runc as the default.
warn "Forcing testing with crun instead of runc"
X=$(echo "export OCI_RUNTIME=/usr/bin/crun" | \
tee -a /etc/environment) && eval "$X" && echo "$X"
if [[ "$MOD_LIBPOD_CONF" == "true" ]]; then
warn "Updating runtime setting in repo. copy of libpod.conf"
sed -i -r -e 's/^runtime = "runc"/runtime = "crun"/' $GOSRC/libpod.conf
git diff $GOSRC/libpod.conf
fi
if [[ "$OS_RELEASE_ID" == "fedora" ]]; then
warn "Upgrading to the latest crun"
# Normally not something to do for stable testing
# but crun is new, and late-breaking fixes may be required
# on short notice
dnf update -y crun
fi
;;
*)
die 110 "Unsure how to handle cgroup filesystem type '$CG_FS_TYPE'"
;;
esac
# Must execute before possible setup_rootless()
make install.tools