Skip to content

Commit

Permalink
[test] Checking if criu cgroup v1 kludges help
Browse files Browse the repository at this point in the history
Testing criu PR 2545.

Now with AlmaLinux 8 on Cirrus CI only.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Iteration 22 - 2024-12-18 05:52:09
  • Loading branch information
kolyshkin committed Dec 18, 2024
1 parent aace922 commit 1b56e0d
Show file tree
Hide file tree
Showing 4 changed files with 75 additions and 572 deletions.
160 changes: 74 additions & 86 deletions .cirrus.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,70 +7,6 @@
# NOTE Cirrus execution environments lack a terminal, needed for
# some integration tests. So we use `ssh -tt` command to fake a terminal.

task:
timeout_in: 30m

env:
DEBIAN_FRONTEND: noninteractive
HOME: /root
# yamllint disable rule:key-duplicates
matrix:
DISTRO: fedora

name: vagrant DISTRO:$DISTRO

compute_engine_instance:
image_project: cirrus-images
image: family/docker-kvm
platform: linux
nested_virtualization: true
# CPU limit: `16 / NTASK`: see https://cirrus-ci.org/faq/#are-there-any-limits
cpu: 4
# Memory limit: `4GB * NCPU`
memory: 16G

host_info_script: |
uname -a
# -----
cat /etc/os-release
# -----
df -T
# -----
cat /proc/cpuinfo
install_libvirt_vagrant_script: |
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo sed -i 's/^# deb-src/deb-src/' /etc/apt/sources.list
apt-get update
apt-get install -y libvirt-daemon libvirt-daemon-system vagrant
systemctl enable --now libvirtd
apt-get build-dep -y vagrant ruby-libvirt
apt-get install -y --no-install-recommends libxslt-dev libxml2-dev libvirt-dev ruby-bundler ruby-dev zlib1g-dev
vagrant plugin install vagrant-libvirt
vagrant_cache:
fingerprint_script: cat Vagrantfile.$DISTRO
folder: /root/.vagrant.d/boxes
vagrant_up_script: |
ln -sf Vagrantfile.$DISTRO Vagrantfile
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
vagrant up --no-tty || vagrant up --no-tty
mkdir -p -m 0700 /root/.ssh
vagrant ssh-config >> /root/.ssh/config
guest_info_script: |
ssh default 'sh -exc "uname -a && systemctl --version && df -T && cat /etc/os-release && go version && sestatus && rpm -q container-selinux"'
check_config_script: |
ssh default /vagrant/script/check-config.sh
unit_tests_script: |
ssh default 'sudo -i make -C /vagrant localunittest'
integration_systemd_script: |
ssh -tt default "sudo -i make -C /vagrant localintegration RUNC_USE_SYSTEMD=yes"
integration_fs_script: |
ssh -tt default "sudo -i make -C /vagrant localintegration"
integration_systemd_rootless_script: |
ssh -tt default "sudo -i make -C /vagrant localrootlessintegration RUNC_USE_SYSTEMD=yes"
integration_fs_rootless_script: |
ssh -tt default "sudo -i make -C /vagrant localrootlessintegration"
task:
timeout_in: 30m

Expand All @@ -79,11 +15,10 @@ task:
CIRRUS_WORKING_DIR: /home/runc
GO_VERSION: "1.23"
BATS_VERSION: "v1.9.0"
RPMS: gcc git iptables jq glibc-static libseccomp-devel make criu fuse-sshfs container-selinux
RPMS: gcc git glibc-static libseccomp-devel make fuse-sshfs container-selinux gnutls-devel libaio-devel libasan libcap-devel libnet-devel libnl3-devel libselinux-devel protobuf-c-devel protobuf-devel libdrm-devel
# yamllint disable rule:key-duplicates
matrix:
DISTRO: almalinux-8
DISTRO: almalinux-9

name: ci / $DISTRO

Expand All @@ -100,6 +35,7 @@ task:
yum config-manager --set-enabled powertools # for glibc-static
;;
*-9)
RPMS="$RPMS nftables-devel libbsd-devel"
dnf config-manager --set-enabled crb # for glibc-static
dnf -y install epel-release # for fuse-sshfs
# Delegate all cgroup v2 controllers to rootless user via --systemd-cgroup.
Expand Down Expand Up @@ -128,6 +64,14 @@ task:
git checkout $BATS_VERSION
./install.sh /usr/local
cd -
# Install CRIU
# Testing https://github.com/checkpoint-restore/criu/pull/2545
git clone https://github.com/kolyshkin/criu.git ~/criu
(cd ~/criu && git checkout freeze-kludges && sudo make install-criu)
mv /usr/local/sbin/criu /usr/local/sbin/criu-kir
(cd ~/criu && git reset --hard HEAD~3 && sudo make install-criu)
mv /usr/local/sbin/criu /usr/local/sbin/criu-dev
# Add a user for rootless tests
useradd -u2000 -m -d/home/rootless -s/bin/bash rootless
# Allow root and rootless itself to execute `ssh rootless@localhost` in tests/rootless.sh
Expand All @@ -147,6 +91,10 @@ task:
sed -e "s,PermitRootLogin.*,PermitRootLogin prohibit-password,g" -i /etc/ssh/sshd_config
systemctl restart sshd
host_info_script: |
criu-kir --version
# -----
criu-dev --version
# -----
uname -a
# -----
/usr/local/go/bin/go version
Expand All @@ -158,23 +106,63 @@ task:
df -T
# -----
sestatus
# -----
cat /proc/cpuinfo
check_config_script: |
/home/runc/script/check-config.sh
unit_tests_script: |
ssh -tt localhost "make -C /home/runc localunittest"
integration_systemd_script: |
ssh -tt localhost "make -C /home/runc localintegration RUNC_USE_SYSTEMD=yes"
integration_fs_script: |
ssh -tt localhost "make -C /home/runc localintegration"
integration_systemd_rootless_script: |
case $DISTRO in
*-8)
echo "SKIP: integration_systemd_rootless_script requires cgroup v2"
;;
*)
ssh -tt localhost "make -C /home/runc localrootlessintegration RUNC_USE_SYSTEMD=yes"
esac
integration_fs_rootless_script: |
ssh -tt localhost "make -C /home/runc localrootlessintegration"
unit_tests_kir0_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev0_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir1_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev1_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir2_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev2_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir3_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev3_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir4_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev4_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir5_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev5_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir6_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev6_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir7_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev7_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir8_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev8_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_kir9_script: |
cp -f /usr/local/sbin/criu{-kir,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
unit_tests_dev9_script: |
cp -f /usr/local/sbin/criu{-dev,}; criu --version
ssh -tt localhost "make -C /home/runc localunittest"
Loading

0 comments on commit 1b56e0d

Please sign in to comment.