Skip to content
Cgroup v2

GitHub Actions: use Linux runners for nested virt #1414

Sign in to view logs

GitHub Actions: use Linux runners for nested virt

GitHub Actions: use Linux runners for nested virt #1414

Workflow file for this run

.github/workflows/cgroup2.yaml at 1168397
name: Cgroup v2
on:
workflow_dispatch:
pull_request:
branches:
- main
paths-ignore:
- 'site/**'
permissions:
contents: read
jobs:
docker:
name: Cgroup v2
runs-on: ubuntu-22.04
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
provider: [docker, podman]
rootless: ["rootful", "rootless"]
env:
KIND_EXPERIMENTAL_PROVIDER: "${{ matrix.provider }}"
ROOTLESS: "${{ matrix.rootless }}"
HELPER: "sudo ./hack/ci/vagrant-helper.sh"
JOB_NAME: "cgroup2-${{ matrix.provider }}-${{ matrix.rootless }}"
steps:
- name: Check out code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# https://github.com/containerd/containerd/blob/420503072e58f27a7192ddea4e6e41dced911cb9/.github/workflows/ci.yml#L569-L581
- name: Set up vagrant
run: |
# Canonical's Vagrant 2.2.19 dpkg cannot download Fedora 38 image: https://bugs.launchpad.net/vagrant/+bug/2017828
# So we have to install Vagrant >= 2.3.1 from the upstream: https://github.com/opencontainers/runc/blob/v1.1.8/.cirrus.yml#L41-L49
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo sed -i 's/^# deb-src/deb-src/' /etc/apt/sources.list
sudo apt-get update
sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant
sudo systemctl enable --now libvirtd
sudo apt-get build-dep -y vagrant ruby-libvirt
sudo apt-get install -y --no-install-recommends libxslt-dev libxml2-dev libvirt-dev ruby-bundler ruby-dev zlib1g-dev
sudo vagrant plugin install vagrant-libvirt
- name: Boot Fedora
run: |
ln -sf ./hack/ci/Vagrantfile ./Vagrantfile
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
# Spend up to 10 seconds on this
for i in {1..4}; do
if sudo vagrant up; then
break
fi
sudo vagrant destroy -f
sleep $i
done
- name: Set up Rootless Docker
if: ${{ matrix.provider == 'docker' && matrix.rootless == 'rootless' }}
run: |
# Disable the rootful daemon
$HELPER sudo systemctl disable --now docker
# Install the systemd unit
$HELPER dockerd-rootless-setuptool.sh install
# Modify the client config to use the rootless daemon by default
$HELPER docker context use rootless
- name: Set up Rootless Podman
if: ${{ matrix.provider == 'podman' && matrix.rootless == 'rootless' }}
run: |
# Restart the user session to ensure the cgroup delegation
# ref: https://github.com/kubernetes-sigs/kind/pull/2754#issuecomment-1124027063
$HELPER sudo loginctl terminate-user vagrant || true
# We have modprobe ip6_tables in Vagrantfile, but it seems we have to modprobe it once again
$HELPER sudo modprobe ip6_tables
- name: Show provider info
run: |
$HELPER "$KIND_EXPERIMENTAL_PROVIDER" info
$HELPER "$KIND_EXPERIMENTAL_PROVIDER" version
- name: Create a cluster
run: |
$HELPER kind create cluster -v7 --wait 10m --retain
- name: Get Cluster status
run: |
$HELPER kubectl wait --for=condition=ready pods --namespace=kube-system -l k8s-app=kube-dns
$HELPER kubectl get nodes -o wide
$HELPER kubectl get pods -A
- name: Export logs
if: always()
run: |
$HELPER kind export logs /tmp/kind/logs
mkdir -p /tmp/kind/logs
$HELPER tar cC /tmp/kind/logs . | tar xC /tmp/kind/logs
- name: Upload logs
if: always()
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: kind-logs-${{ env.JOB_NAME }}-${{ github.run_id }}
path: /tmp/kind/logs