bpm does not work with cgroupv2

[ramonskie]

for the noble stemcel where we cgroupv2 is now the default
bpm is not starting

linked issue: cloudfoundry/bosh-linux-stemcell-builder#355
slack discussion: https://cloudfoundry.slack.com/archives/C06HTDT78N9/p1717058467990399

[geofffranks]

Is this still an issue, or is this solved with #172?

[jpalermo]

We've got some redness in the Noble pipeline currently, but we're going to try and fix that tomorrow and that should tell us if BPM is good on Noble

[geofffranks]

Did y'all figure out the redness in the Noble pipeline? I'm running into problems where there is no DNS lookup capability inside BPM containers, whether or not bosh-dns is present on the VM. Getting connection refused on all :53 attempts:

vcap@3f588a05-5eff-4077-940c-44a7d8dbb1ac:/var/vcap/jobs/loggregator_agent$ host google.com
;; communications error to ::1#53: connection refused
;; communications error to ::1#53: connection refused
;; communications error to 127.0.0.1#53: connection refused
;; no servers could be reached
vcap@3f588a05-5eff-4077-940c-44a7d8dbb1ac:/var/vcap/jobs/loggregator_agent$ ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Aug 14 20:27 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
vcap@3f588a05-5eff-4077-940c-44a7d8dbb1ac:/var/vcap/jobs/loggregator_agent$ ls /run
ls: cannot access '/run': No such file or directory

Additionally it looks like ping doesn't work inside BPM containers either:

vcap@3f588a05-5eff-4077-940c-44a7d8dbb1ac:/var/vcap/jobs/loggregator_agent$ ping google.com
ping: socktype: SOCK_RAW
ping: socket: Operation not permitted
ping: => missing cap_net_raw+p capability or setuid?

For reference, on a jammy BPM container:

vcap@d3ee922f-0701-44b4-91e5-85a65aece394:/var/vcap/jobs/loggregator_agent$ ping google.com
PING google.com (173.194.206.138) 56(84) bytes of data.
64 bytes from nz-in-f138.1e100.net (173.194.206.138): icmp_seq=1 ttl=115 time=2.18 ms
64 bytes from nz-in-f138.1e100.net (173.194.206.138): icmp_seq=2 ttl=115 time=1.08 ms
^C
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.081/1.629/2.178/0.548 ms
vcap@d3ee922f-0701-44b4-91e5-85a65aece394:/var/vcap/jobs/loggregator_agent$ ls -l /etc/resolv.conf
lrwxrwxrwx 1 root root 27 Sep  4 16:34 /etc/resolv.conf -> /run/resolvconf/resolv.conf
vcap@d3ee922f-0701-44b4-91e5-85a65aece394:/var/vcap/jobs/loggregator_agent$ ls /run
resolvconf

[jpalermo]

Looks like it had to do with how bpm was mounting the resolv.conf file into the container. We fix it today and will get a 1.4.0 cut with the changes.

[jpalermo]

Released