New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tests: more logging for UC20 kernel test #9343
tests: more logging for UC20 kernel test #9343
Conversation
This commit adds support to use telnet to access the nested VM serial port. This is useful for interactive debugging of the nested VM if e.g. the creation of a user fails. It is also useful to test/play-with console-conf in the nested env. With that inside the L1 qemu one can type: ``` $ telnet localhost 7777 ``` to get access to the serial port. With "ctrl-]" and "send escape\nq\n" the telnet session can be stopped again. As a drive-by it cleans a duplicated PARAM_SERIAL definition. We should address the duplication of all the PARAM_* for qemu in a followup.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
adjust tests ATM we should never have sealed keys and not a TrustedAssetsBootloader
This test adds checks that resealing happens after the kernel gets updated.
…eal-with-kernel Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…el' into nested-core20-kernel-reseal-with-9331
This commit adds support to use telnet to access the nested VM serial port. This is useful for interactive debugging of the nested VM if e.g. the creation of a user fails. It is also useful to test/play-with console-conf in the nested env. With that inside the L1 qemu one can type: ``` $ telnet localhost 7777 ``` to get access to the serial port. With "ctrl-]" and "send escape\nq\n" the telnet session can be stopped again. As a drive-by it cleans a duplicated PARAM_SERIAL definition. We should address the duplication of all the PARAM_* for qemu in a followup.
Attempt to repack core20 with tweaks that enable snapd debug logs. Try to forward the logs to the console. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Haveged should help with the host running out of entropy. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Occasionally, the socket may not be up yet. Make sure we wait a bit after restarting/installing swtpm. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
tests/lib/nested.sh
Outdated
@@ -690,6 +705,9 @@ nested_start_core_vm_unit() { | |||
else | |||
snap install swtpm-mvo --beta | |||
fi | |||
# we've observed the socket not being up yet by the time a nested-vm | |||
# starts | |||
sleep 5 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I proposed #9344 for a proper fix for this
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
We have observed it takes very long for a nested VM with TPM and full disk encryption, to be set up to the point that the user1 added by the test is picked up by pam_extrausers. Only once that happens, logging over ssh is possible. Investigating further, with the current retry count, the attemps are exhausted before logging in over ssh is possible. Bump the retry count so that we get more retries until we have better ideas on how to fix this. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
@@ -555,7 +561,7 @@ nested_create_cloud_init_config() { | |||
list: | | |||
user1:ubuntu | |||
expire: False | |||
datasource_list: [ "None"] | |||
datasource_list: [ NoCloud, None ] | |||
datasource: | |||
None: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this, if we keep should also become NoCloud
@@ -555,7 +561,7 @@ nested_create_cloud_init_config() { | |||
list: | | |||
user1:ubuntu | |||
expire: False | |||
datasource_list: [ "None"] | |||
datasource_list: [ NoCloud, None ] | |||
datasource: | |||
None: | |||
userdata_raw: | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the stanza maybe should use "logger -t nested" instead of "echo"
tests/lib/prepare.sh
Outdated
[Journal] | ||
ForwardToConsole=yes | ||
EOF | ||
echo 'SNAPD_DEBUG=1' >> "$UNPACK_DIR"/etc/environment |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This makes the smoke test fail now because it does not expect stderr output when running commands, I think this idea is great but maybe we want something more targeted, let me try something
It may be possible to log into the nested VM before the snap command is available in the system. Make sure that the command exists before proceeding with the test execution. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
…o bboozzoo/nested-core20-kernel-reseal-with-mvo
…ce instead of enable it via /etc/environment
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…o bboozzoo/nested-core20-kernel-reseal-with-mvo
…core20-kernel-reseal-with-mvo
Otherwise logs accumulate and become unmanageable. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…b.com:bboozzoo/snapd into bboozzoo/nested-core20-kernel-reseal-with-mvo
Bump the kill timeouts of nested/manual and nested/core20 test suites. The tests take a bit longer than initially anticipated. With the resealing it takes even longer. Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
…ore20-kernel-reseal-with-mvo
the files and changes landed separately |
Includes #9331, #9338, and #9311