github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

add use systemd cgroup e2e

Browse Source 
Signed-off-by: lengrongfu <lenronfu@gmail.com>
Signed-off-by: rongfu.leng <lenronfu@gmail.com>
This commit is contained in:
lengrongfu
2023-12-05 22:54:40 +08:00
committed by rongfu.leng
parent 06dfa0c2f1
commit 095131abf9
8 changed files with 154 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
contrib/Dockerfile.test.d/cri-in-userns/docker-entrypoint.sh
View File

@@ -41,6 +41,13 @@ xargs -rn1 < /sys/fs/cgroup/cgroup.procs > /sys/fs/cgroup/init/cgroup.procs || :
sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers \
> /sys/fs/cgroup/cgroup.subtree_control
if [ ! -z "$IS_SYSTEMD_CGROUP" ] && [ "$IS_SYSTEMD_CGROUP" = true ];then
cat >> /etc/containerd/config.toml <<EOF
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
EOF
fi
set -x
echo >&2 "Running containerd in background"
containerd &
@@ -48,4 +55,9 @@ containerd &
echo >&2 "Waiting for containerd"
until ctr plugins list; do sleep 3; done
exec "$@"
if [ ! -z "$IS_SYSTEMD_CGROUP" ] && [ "$IS_SYSTEMD_CGROUP" = true ];then
critest "--ginkgo.skip=should support unsafe sysctls|should support safe sysctls|should allow privilege escalation when false"
/bin/bash /critest.sh exit
else
exec "$@"
fi

47
contrib/Dockerfile.test.d/critest.sh Executable file
View File

@@ -0,0 +1,47 @@
#!/usr/bin/env bash
cat > /etc/systemd/system/critest.service << EOF
[Unit]
Description=critest script
[Service]
Type=simple
Environment="IS_SYSTEMD_CGROUP=true"
RemainAfterExit=yes
ExecStart=/bin/bash /docker-entrypoint.sh
StandardOutput=/dev/stdout
StandardError=/dev/stderr
[Install]
WantedBy=default.target
EOF
function echo_exit_code() {
sleep 30
log_str=`systemctl status critest.service|grep "SUCCESS!"`
if [ -z "$log_str" ]; then
echo 1 > /tmp/critest_exit_code.txt
/bin/systemctl poweroff
fi
failed_count=$(echo "$log_str" | awk '{for(i=1;i<=NF;i++) if($i=="Failed") {print $(i-1); exit}}')
if [ "$failed_count" -gt 0 ]; then
echo 1 > /tmp/critest_exit_code.txt
else
echo 0 > /tmp/critest_exit_code.txt
fi
/bin/systemctl poweroff
}
function start(){
systemctl enable critest.service
journalctl -f &
exec /lib/systemd/systemd
}
case $1 in
start)
start
;;
exit)
echo_exit_code
;;
esac