From acf8000e531e520af8611c4e07909da29b1b89b0 Mon Sep 17 00:00:00 2001 From: Ed Santiago Date: Tue, 5 Jul 2022 13:27:24 -0600 Subject: [PATCH] Force CgroupsV1 on Ubuntu PR #115 removed a force-cgroups-v2 setup for Ubuntu, possibly assuming that Ubuntu uses cgroups v1 by default? That doesn't seem to be the case: the Ubuntu I've looked at (via Cirrus rerun-with-terminal) seems to default to v2. End result is that we've been running CI for months without testing runc. This PR forces cgroups v1 on Ubuntu, via grub boot args. Signed-off-by: Ed Santiago --- cache_images/ubuntu_packaging.sh | 62 ++++++++++++++++++++++++-------- cache_images/ubuntu_setup.sh | 3 +- 2 files changed, 49 insertions(+), 16 deletions(-) diff --git a/cache_images/ubuntu_packaging.sh b/cache_images/ubuntu_packaging.sh index 098b8844..4522495d 100644 --- a/cache_images/ubuntu_packaging.sh +++ b/cache_images/ubuntu_packaging.sh @@ -27,21 +27,53 @@ if [[ "$OS_RELEASE_VER" -le 2004 ]]; then fi # The OpenSuse Open Build System must be utilized to obtain newer -# development versions of podman/buildah/skopeo & dependencies, -# in order to support upstream (i.e. bleeding-edge) development and -# automated testing. These packages are not otherwise intended for -# end-user consumption. -VERSION_ID=$(source /etc/os-release; echo $VERSION_ID) -# Overview: https://build.opensuse.org/project/show/devel:kubic:libcontainers:unstable -REPO_URL="https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/unstable/xUbuntu_$VERSION_ID/" -GPG_URL="https://download.opensuse.org/repositories/devel:kubic:libcontainers:unstable/xUbuntu_$VERSION_ID/Release.key" - -echo "deb $REPO_URL /" | ooe.sh $SUDO \ - tee /etc/apt/sources.list.d/devel:kubic:libcontainers:unstable:ci.list -curl --fail --silent --location --url "$GPG_URL" | \ - gpg --dearmor | \ - $SUDO tee /etc/apt/trusted.gpg.d/devel_kubic_libcontainers_unstable_ci.gpg &> /dev/null - +# development versions of some tools. This helper sets up config +# files for apt to fetch packages from OBS. We can be called with +# a variable number of arguments. +function setup_obs() { + # Version of ubuntu, e.g., 22.04 + local xubuntu_version + xubuntu_version="xUbuntu_$(source /etc/os-release; echo $VERSION_ID)" + + local base_url="https://download.opensuse.org/repositories/devel" + + # Assemble the .deb repo URL by appending colon-slash-item for each arg + local repo_url="$base_url" + local repo_file="/etc/apt/sources.list.d/devel" + for i in "$@"; do + repo_url+=":/$i" + repo_file+=":$i" + done + repo_url+="/${xubuntu_version}/" + repo_file+=":ci.list" + echo "deb $repo_url /" | ooe.sh $SUDO tee "$repo_file" + + # GPG key URL is similar to .deb repo, but just colons, no slashes + local gpg_url="$base_url" + local gpg_file="/etc/apt/trusted.gpg.d/devel" + for i in "$@"; do + gpg_url+=":$i" + gpg_file+="_$i" + done + gpg_url+="/${xubuntu_version}/Release.key" + gpg_file+="_ci.gpg" + curl --fail --silent --location --url "$gpg_url" | \ + gpg --dearmor | \ + $SUDO tee "$gpg_file" &> /dev/null +} + +# OBS: podman/buildah/skopeo & dependencies, in order to support +# upstream (i.e. bleeding-edge) development and automated testing. +# These packages are not otherwise intended for end-user consumption. +# This line is needed forever. +setup_obs kubic libcontainers unstable + +# OBS: FIXME! TEMPORARY! 2022-07-20! Needed because a glibc update broke criu. +# >>> PLEASE REMOVE THIS ONCE CRIU GETS FIXED IN REGULAR UBUNTU! +# >>> (No, I -- Ed -- have no idea how to even check that, sorry). +# Context: https://github.com/containers/podman/pull/14972 +# Context: https://github.com/checkpoint-restore/criu/issues/1935 +setup_obs tools criu # N/B: DO NOT install the bats package on Ubuntu VMs, it's broken. # ref: (still open) https://bugs.launchpad.net/ubuntu/+source/bats/+bug/1882542 diff --git a/cache_images/ubuntu_setup.sh b/cache_images/ubuntu_setup.sh index 34dedfd8..de13f919 100644 --- a/cache_images/ubuntu_setup.sh +++ b/cache_images/ubuntu_setup.sh @@ -23,7 +23,8 @@ bash $SCRIPT_DIRPATH/ubuntu_packaging.sh if ! ((CONTAINER)); then warn "Making Ubuntu kernel to enable cgroup swap accounting" - SEDCMD='s/^GRUB_CMDLINE_LINUX="(.*)"/GRUB_CMDLINE_LINUX="\1 cgroup_enable=memory swapaccount=1"/' + warn "Forcing CgroupsV1" + SEDCMD='s/^GRUB_CMDLINE_LINUX="(.*)"/GRUB_CMDLINE_LINUX="\1 cgroup_enable=memory swapaccount=1 systemd.unified_cgroup_hierarchy=0"/' ooe.sh $SUDO sed -re "$SEDCMD" -i /etc/default/grub.d/* ooe.sh $SUDO sed -re "$SEDCMD" -i /etc/default/grub ooe.sh $SUDO update-grub