Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cirrus: Use F33 VM image #8074

Merged
merged 3 commits into from
Nov 4, 2020
Merged

Cirrus: Use F33 VM image #8074

merged 3 commits into from
Nov 4, 2020

Conversation

cevich
Copy link
Member

@cevich cevich commented Oct 20, 2020
edited
Loading

Depends on #8231

@cevich cevich mentioned this pull request Oct 20, 2020
Merged
@cevich cevich force-pushed the new_f33_images branch 2 times, most recently from ab876ff to c321ff8 Compare October 20, 2020 16:19
@TomSweeneyRedHat
Copy link
Member

Tests don't look too hip @cevich

@cevich cevich force-pushed the new_f33_images branch 3 times, most recently from 7eea153 to 8863e86 Compare October 21, 2020 14:40
@cevich cevich marked this pull request as draft October 21, 2020 14:56
@openshift-ci-robot openshift-ci-robot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 21, 2020
@cevich
Copy link
Member Author

cevich commented Oct 21, 2020

Tests don't look too hip @cevich

Sorry...converted to a draft.

@cevich
Copy link
Member Author

cevich commented Oct 21, 2020
edited
Loading

I'm hitting a major snafu with the latest Fedora 33beta container images from containers/automation_images. The VM images don't exhibit this problem, and I was able to narrow the issue down to a call in /etc/profile:

https://cirrus-ci.com/task/5765609151528960?command=setup#L18

If I run this manually, the error message returned is even more concerning:

$ podman run -it --rm quay.io/libpod/fedora_podman:c6039369259679744
[root@6d3d4678c740 podman]# less /etc/profile
[root@6d3d4678c740 podman]# /usr/bin/hostnamectl --transient
System has not been booted with systemd as init system (PID 1). Can't operate.
Failed to create bus connection: Host is down
exit(1)
[root@6d3d4678c740 podman]# cat /etc/hostname
6d3d4678c740

For F32 and prior, /etc/profile used a call to hostname instead, which (of course) runs without any problems.

@cevich cevich mentioned this pull request Oct 22, 2020
Merged
@cevich cevich mentioned this pull request Oct 22, 2020
Merged
@cevich cevich force-pushed the new_f33_images branch 7 times, most recently from 91fca95 to 0ec95a7 Compare October 27, 2020 16:52
@cevich cevich changed the title Cirrus: Use F33beta VM image Cirrus: Use F33 VM image Oct 27, 2020
@cevich cevich force-pushed the new_f33_images branch 2 times, most recently from 1137514 to 089b679 Compare October 27, 2020 18:26
@cevich cevich mentioned this pull request Oct 29, 2020
Merged
@cevich cevich force-pushed the new_f33_images branch 4 times, most recently from df0ee96 to 3738c79 Compare October 30, 2020 18:46
@cevich cevich force-pushed the new_f33_images branch 3 times, most recently from cc5bc21 to 11f4016 Compare November 3, 2020 20:19
cevich added 3 commits November 4, 2020 09:37
@cevich
Use ping from alpine
f37d1d2 
As of this commit, in Fedora 33, without without `CAP_NET_ADMIN` and
`CAP_NET_RAW`, require setting `net.ipv3.ping_group_range` in order for
the `ping` command to work inside a container.  However, not all images
`ping` are created equal.  For whatever reason, the busybox version in
the busybox container image, does not function.  Switch to the Alpine
image's busybox ping, which seems to work fine.

Signed-off-by: Chris Evich <[email protected]>
@cevich
Cirrus: Simplify artifact collection
55a1aec 
On several occasions, fatal task failures were observed
during the upload of artifacts after a otherwise successful
testing.  Prior to this commit, most tasks were storing both
logs and binary artifacts.  Avoid possible major inconveniences
of upload failures, by only collecting binary artifacts when
necessary.

Signed-off-by: Chris Evich <[email protected]>
@cevich
Cirrus: Use F33beta VM image
4649833 
Includes disk-space increase for all Fedora images to accommodate
the static-build job disk space requirements.  This job substantially
leverages task-cache, which was previously failing to restore early on
in the Cirrus-CI task setup, due to disk-space limitations.

Also simplify .cirrus.yml slightly by removing an unncessary setup
and run directory change step.

Signed-off-by: Chris Evich <[email protected]>
cevich
cevich commented Nov 4, 2020
View reviewed changes
test/e2e/pod_infra_container_test.go
@@ -383,12 +383,14 @@ var _ = Describe("Podman pod create", func() {
podID := session.OutputToString()

// verify we can add a host to the infra's /etc/hosts
session = podmanTest.Podman([]string{"run", "--pod", podID, "--add-host", "foobar:127.0.0.1", BB, "ping", "-c", "1", "foobar"})
// N/B: Using alpine for ping, since BB ping throws
// permission denied error as of Fedora 33.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blah, that's kinda confusing. Should say "...as of Fedora 33 seccomp and sysctl changes"

@cevich cevich marked this pull request as ready for review November 4, 2020 16:28
@openshift-ci-robot openshift-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Nov 4, 2020
@cevich cevich requested review from baude, mheon and rhatdan November 4, 2020 16:28
@cevich
Copy link
Member Author

cevich commented Nov 4, 2020

@rhatdan @mheon @baude when you have a moment PTAL (not urgent). Note: There's a new problem with Static Build I will open an issue on, for now it's marked as "ignore-failure".

@rhatdan
Copy link
Member

rhatdan commented Nov 4, 2020

/approve
lgtm
@containers/podman-maintainers PTAL

@openshift-ci-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cevich, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Nov 4, 2020
@mheon
Copy link
Member

mheon commented Nov 4, 2020

LGTM

@edsantiago
Copy link
Member

Is it absolutely necessary to cram the artifacts change into this PR?

@umohnani8
Copy link
Member

LGTM

1 similar comment
@TomSweeneyRedHat
Copy link
Member

LGTM

@TomSweeneyRedHat
Copy link
Member

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Nov 4, 2020
@openshift-merge-robot openshift-merge-robot merged commit ab273a9 into containers:master Nov 4, 2020
@cevich
Copy link
Member Author

cevich commented Nov 4, 2020

Is it absolutely necessary to cram the artifacts change into this PR?

It was a "while I'm at it" thing, having hit two "failure to upload" flakes today. So we'd want to get it in ASAP anyway.

@edsantiago
Copy link
Member

"while I'm at it" things are great; but when they're longer and more complex than the PR itself (at least what the PR title and git commit message show), a future maintainer will appreciate having them split out into separate PRs. Just a recommendation for next time.

@cevich cevich deleted the new_f33_images branch June 30, 2021 18:12
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@baude baude Awaiting requested review from baude

@mheon mheon Awaiting requested review from mheon

@rhatdan rhatdan Awaiting requested review from rhatdan

Assignees

@TomSweeneyRedHat TomSweeneyRedHat

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@cevich @TomSweeneyRedHat @rhatdan @openshift-ci-robot @mheon @edsantiago @umohnani8 @openshift-merge-robot