-
Notifications
You must be signed in to change notification settings - Fork 1.6k
133 lines (116 loc) · 4.84 KB
/
vm.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: VM
on:
workflow_dispatch:
pull_request:
branches:
- main
paths-ignore:
- 'site/**'
permissions:
contents: read
jobs:
vm:
# Fedora is different from Ubuntu in LSM (SELinux), filesystem (btrfs), kernel version, etc.
name: "CGroupv2 (Fedora)"
runs-on: ubuntu-22.04
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
provider: [docker, podman]
rootless: ["rootful", "rootless"]
env:
LIMA_VERSION: "0.23.2" # Fedora 40
KIND_EXPERIMENTAL_PROVIDER: "${{ matrix.provider }}"
ROOTLESS: "${{ matrix.rootless }}"
HELPER: "./hack/ci/lima-helper.sh"
JOB_NAME: "cgroup2-${{ matrix.provider }}-${{ matrix.rootless }}"
steps:
- name: Check out code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Get go version
id: golangversion
run: |
echo "go_version=$(cat .go-version)" >> "$GITHUB_OUTPUT"
- name: Set up Go
id: go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version: ${{ steps.golangversion.outputs.go_version }}
check-latest: true
- name: "Install QEMU"
run: |
sudo apt-get update
sudo apt-get install -y --no-install-recommends ovmf qemu-system-x86 qemu-utils
sudo modprobe kvm
# `sudo usermod -aG kvm $(whoami)` does not take an effect on GHA
sudo chown $(whoami) /dev/kvm
- name: "Install Lima"
run: curl -fsSL https://github.com/lima-vm/lima/releases/download/v${LIMA_VERSION}/lima-${LIMA_VERSION}-Linux-x86_64.tar.gz | sudo tar Cxzvf /usr/local -
- name: "Cache ~/.cache/lima"
uses: actions/cache@v4
with:
path: ~/.cache/lima
key: lima-${{ env.LIMA_VERSION }}
- name: "Start Fedora"
# --plain is set to disable file sharing, port forwarding, built-in containerd, etc.
run: limactl start --name=default --plain template://fedora
- name: "Initialize Fedora"
# plain old rsync and ssh are used for the initialization of the guest,
# so that people who are not familiar with Lima can understand the initialization steps.
run: |
set -eux -o pipefail
# Initialize SSH
mkdir -p -m 0700 ~/.ssh
cat ~/.lima/default/ssh.config >> ~/.ssh/config
# Sync the current directory to /tmp/kind in the guest
rsync -a -e ssh . lima-default:/tmp/kind
# Install packages
ssh lima-default sudo /tmp/kind/hack/ci/init-fedora.sh
# Enable systemd lingering for rootless
ssh lima-default sudo loginctl enable-linger "$USER"
# Install kind
ssh lima-default sudo git config --global --add safe.directory /tmp/kind
ssh lima-default sudo make -C /tmp/kind install INSTALL_DIR=/usr/local/bin
- name: Set up Rootless Docker
if: ${{ matrix.provider == 'docker' && matrix.rootless == 'rootless' }}
run: |
# Disable the rootful daemon
"$HELPER" sudo systemctl disable --now docker
# Install the systemd unit
"$HELPER" dockerd-rootless-setuptool.sh install
# Modify the client config to use the rootless daemon by default
"$HELPER" docker context use rootless
- name: Set up Rootless Podman
if: ${{ matrix.provider == 'podman' && matrix.rootless == 'rootless' }}
run: |
# Restart the user session to ensure the cgroup delegation
# ref: https://github.com/kubernetes-sigs/kind/pull/2754#issuecomment-1124027063
"$HELPER" sudo loginctl terminate-user vagrant || true
# We have modprobe ip6_tables in Vagrantfile, but it seems we have to modprobe it once again
"$HELPER" sudo modprobe ip6_tables
- name: Show provider info
run: |
"$HELPER" "$KIND_EXPERIMENTAL_PROVIDER" info
"$HELPER" "$KIND_EXPERIMENTAL_PROVIDER" version
- name: Create a cluster
run: |
"$HELPER" kind create cluster -v7 --wait 10m --retain
- name: Get Cluster status
run: |
"$HELPER" kubectl wait --for=condition=ready pods --namespace=kube-system -l k8s-app=kube-dns
"$HELPER" kubectl get nodes -o wide
"$HELPER" kubectl get pods -A
- name: Export logs
if: always()
run: |
"$HELPER" kind export logs /tmp/kind/logs
mkdir -p /tmp/kind/logs/lima
cp -a ~/.lima/default/*.log /tmp/kind/logs/lima || true
"$HELPER" tar cC /tmp/kind/logs . | tar xC /tmp/kind/logs
- name: Upload logs
if: always()
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: kind-logs-${{ env.JOB_NAME }}-${{ github.run_id }}
path: /tmp/kind/logs