diff --git a/.cirrus.yml b/.cirrus.yml new file mode 100644 index 0000000000000..4233c5ca6e4e8 --- /dev/null +++ b/.cirrus.yml @@ -0,0 +1,79 @@ +# Cirrus CI gives free 16.0 CPUs for open-source projects. We split that to 4:4:4. +# https://cirrus-ci.org/faq/#are-there-any-limits +# +# Undocumented constraints; +# - The maximum memory limit is 4G times the number of CPUs. +# - The number of CPUs should be mutiple of 2. + +task: + name: Vagrant + + compute_engine_instance: + image_project: cirrus-images + image: family/docker-kvm + platform: linux + nested_virtualization: true + cpu: 2 + memory: 8G + + env: + VAGRANT_EXPERIMENTAL: disks # https://www.vagrantup.com/docs/disks/usage + HOME: /root + matrix: + BOX: fedora/35-cloud-base + BOX: rockylinux/8 + + install_libvirt_vagrant_script: | + apt-get update + apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt + systemctl enable --now libvirtd + + vagrant_cache: + folder: /root/.vagrant.d + fingerprint_script: uname -a; cat Vagrantfile + + vagrant_up_script: | + vagrant up --no-tty + + integration_script: | + vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration + + cri_test_script: | + vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri + + env_script: | + uname -a + df -h + +task: + name: CGroupsV2 - rootless CRI test + + env: + HOME: /root + + compute_engine_instance: + image_project: cirrus-images + image: family/docker-kvm + platform: linux + nested_virtualization: true + cpu: 2 + memory: 8G + + install_libvirt_vagrant_script: | + apt-get update + apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt + systemctl enable --now libvirtd + + vagrant_cache: + folder: /root/.vagrant.d + fingerprint_script: uname -a; cat Vagrantfile + + vagrant_up_script: | + vagrant up --provision-with=install-rootless-podman --no-tty + + podman_build_script: | + # Execute rootless podman to create the UserNS env + vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant + + test_script: | + vagrant ssh -- podman run --rm --privileged cri-in-userns diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b9c58c8e3eca3..5fae417678591 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -579,35 +579,3 @@ jobs: path: | ${{github.workspace}}/*-junit.xml ${{github.workspace}}/critestreport/* - - cgroup2-misc: - name: CGroupsV2 - rootless CRI test - # nested virtualization is only available on macOS hosts - runs-on: macos-10.15 - timeout-minutes: 45 - needs: [project, linters, protos, man] - steps: - - uses: actions/checkout@v2 - - - name: "Cache ~/.vagrant.d/boxes" - uses: actions/cache@v2 - with: - path: ~/.vagrant.d/boxes - key: vagrant-${{ hashFiles('Vagrantfile*') }} - - - name: Vagrant start - run: | - # Retry if it fails (download.fedoraproject.org returns 404 sometimes) - vagrant up || vagrant up - - # slow, so separated from the regular cgroup2 task - - name: CRI-in-UserNS test with Rootless Podman - run: | - vagrant up --provision-with=install-rootless-podman - # Execute rootless podman to create the UserNS env - vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant - vagrant ssh -- podman run --rm --privileged cri-in-userns - - - name: Collect the VM's IP address for Docker Hub's throttling issue - if: failure() - run: vagrant ssh -- curl https://api64.ipify.org/ diff --git a/Vagrantfile b/Vagrantfile index be57cb26a6e19..daadc8e00ff06 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -19,6 +19,8 @@ Vagrant.configure("2") do |config| config.vm.box = ENV["BOX"] || "fedora/35-cloud-base" config.vm.box_version = ENV["BOX_VERSION"] + config.vm.provision 'shell', path: 'script/resize-vagrant-root.sh' + memory = 4096 cpus = 2 config.vm.provider :virtualbox do |v| @@ -28,6 +30,7 @@ Vagrant.configure("2") do |config| config.vm.provider :libvirt do |v| v.memory = memory v.cpus = cpus + v.machine_virtual_size = 60 end # Disabled by default. To run: @@ -43,7 +46,10 @@ Vagrant.configure("2") do |config| sh.inline = <<~SHELL #!/usr/bin/env bash set -eux -o pipefail + df -hT + lsblk dnf -y upgrade ${UPGRADE_PACKAGES} + dnf clean all SHELL end @@ -58,6 +64,8 @@ Vagrant.configure("2") do |config| sh.inline = <<~SHELL #!/usr/bin/env bash set -eux -o pipefail + df -hT + lsblk dnf -y install \ container-selinux \ curl \ @@ -69,6 +77,7 @@ Vagrant.configure("2") do |config| lsof \ make \ ${INSTALL_PACKAGES} + dnf clean all SHELL end diff --git a/script/resize-vagrant-root.sh b/script/resize-vagrant-root.sh new file mode 100755 index 0000000000000..6cde93ddb82b1 --- /dev/null +++ b/script/resize-vagrant-root.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash + +# Copyright The containerd Authors. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -eu -o pipefail + +df_line=$(df / | grep '^/dev/') +if [[ df_line =~ '/dev/([a-z]+)([0-9]+)' ]]; then + dev="${BASH_REMATCH[1]}" + part="${BASH_REMATCH[2]}" + growpart "/dev/$dev" "$part" + xfs_growfs -d "/dev/$dev$part" +else + echo "Failed to parse $df_line" + exit 1 +fi