tests: more logging for UC20 kernel test #9343
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds support to use telnet to access the nested VM serial port. This is useful for interactive debugging of the nested VM if e.g. the creation of a user fails. It is also useful to test/play-with console-conf in the nested env. With that inside the L1 qemu one can type: ``` $ telnet localhost 7777 ``` to get access to the serial port. With "ctrl-]" and "send escape\nq\n" the telnet session can be stopped again. As a drive-by it cleans a duplicated PARAM_SERIAL definition. We should address the duplication of all the PARAM_* for qemu in a followup.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
adjust tests ATM we should never have sealed keys and not a TrustedAssetsBootloader
This test adds checks that resealing happens after the kernel gets updated.
…eal-with-kernel Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…el' into nested-core20-kernel-reseal-with-9331
This commit adds support to use telnet to access the nested VM serial port. This is useful for interactive debugging of the nested VM if e.g. the creation of a user fails. It is also useful to test/play-with console-conf in the nested env. With that inside the L1 qemu one can type: ``` $ telnet localhost 7777 ``` to get access to the serial port. With "ctrl-]" and "send escape\nq\n" the telnet session can be stopped again. As a drive-by it cleans a duplicated PARAM_SERIAL definition. We should address the duplication of all the PARAM_* for qemu in a followup.
Attempt to repack core20 with tweaks that enable snapd debug logs. Try to forward the logs to the console. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Haveged should help with the host running out of entropy. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Occasionally, the socket may not be up yet. Make sure we wait a bit after restarting/installing swtpm. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
tests/lib/nested.sh
Outdated
| @@ -690,6 +705,9 @@ nested_start_core_vm_unit() { | |||
| else | |||
| snap install swtpm-mvo --beta | |||
| fi | |||
| # we've observed the socket not being up yet by the time a nested-vm | |||
| # starts | |||
| sleep 5 | |||
There was a problem hiding this comment.
I proposed #9344 for a proper fix for this
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
We have observed it takes very long for a nested VM with TPM and full disk encryption, to be set up to the point that the user1 added by the test is picked up by pam_extrausers. Only once that happens, logging over ssh is possible. Investigating further, with the current retry count, the attemps are exhausted before logging in over ssh is possible. Bump the retry count so that we get more retries until we have better ideas on how to fix this. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
pedronis
reviewed
Sep 14, 2020
| @@ -555,7 +561,7 @@ nested_create_cloud_init_config() { | |||
| list: | | |||
| user1:ubuntu | |||
| expire: False | |||
| datasource_list: [ "None"] | |||
| datasource_list: [ NoCloud, None ] | |||
| datasource: | |||
| None: | |||
There was a problem hiding this comment.
this, if we keep should also become NoCloud
pedronis
reviewed
Sep 14, 2020
| @@ -555,7 +561,7 @@ nested_create_cloud_init_config() { | |||
| list: | | |||
| user1:ubuntu | |||
| expire: False | |||
| datasource_list: [ "None"] | |||
| datasource_list: [ NoCloud, None ] | |||
| datasource: | |||
| None: | |||
| userdata_raw: | | |||
There was a problem hiding this comment.
the stanza maybe should use "logger -t nested" instead of "echo"
mvo5
reviewed
Sep 15, 2020
tests/lib/prepare.sh
Outdated
| [Journal] | ||
| ForwardToConsole=yes | ||
| EOF | ||
| echo 'SNAPD_DEBUG=1' >> "$UNPACK_DIR"/etc/environment |
There was a problem hiding this comment.
This makes the smoke test fail now because it does not expect stderr output when running commands, I think this idea is great but maybe we want something more targeted, let me try something
It may be possible to log into the nested VM before the snap command is available in the system. Make sure that the command exists before proceeding with the test execution. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
…o bboozzoo/nested-core20-kernel-reseal-with-mvo
…ce instead of enable it via /etc/environment
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…o bboozzoo/nested-core20-kernel-reseal-with-mvo
…core20-kernel-reseal-with-mvo
Otherwise logs accumulate and become unmanageable. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…b.com:bboozzoo/snapd into bboozzoo/nested-core20-kernel-reseal-with-mvo
Bump the kill timeouts of nested/manual and nested/core20 test suites. The tests take a bit longer than initially anticipated. With the resealing it takes even longer. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
|
the files and changes landed separately |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Includes #9331, #9338, and #9311