update to latest base image with containerd 2.0.2, ensure containerd is ready before importing images #285
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: VM | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: | |
- main | |
paths-ignore: | |
- 'site/**' | |
permissions: | |
contents: read | |
jobs: | |
vm: | |
# Fedora is different from Ubuntu in LSM (SELinux), filesystem (btrfs), kernel version, etc. | |
name: "CGroupv2 (Fedora)" | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 30 | |
strategy: | |
fail-fast: false | |
matrix: | |
provider: [docker, podman] | |
rootless: ["rootful", "rootless"] | |
env: | |
LIMA_VERSION: "0.23.2" # Fedora 40 | |
KIND_EXPERIMENTAL_PROVIDER: "${{ matrix.provider }}" | |
ROOTLESS: "${{ matrix.rootless }}" | |
HELPER: "./hack/ci/lima-helper.sh" | |
JOB_NAME: "cgroup2-${{ matrix.provider }}-${{ matrix.rootless }}" | |
steps: | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Get go version | |
id: golangversion | |
run: | | |
echo "go_version=$(cat .go-version)" >> "$GITHUB_OUTPUT" | |
- name: Set up Go | |
id: go | |
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 | |
with: | |
go-version: ${{ steps.golangversion.outputs.go_version }} | |
check-latest: true | |
- name: "Install QEMU" | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y --no-install-recommends ovmf qemu-system-x86 qemu-utils | |
sudo modprobe kvm | |
# `sudo usermod -aG kvm $(whoami)` does not take an effect on GHA | |
sudo chown $(whoami) /dev/kvm | |
- name: "Install Lima" | |
run: curl -fsSL https://github.com/lima-vm/lima/releases/download/v${LIMA_VERSION}/lima-${LIMA_VERSION}-Linux-x86_64.tar.gz | sudo tar Cxzvf /usr/local - | |
- name: "Cache ~/.cache/lima" | |
uses: actions/cache@v4 | |
with: | |
path: ~/.cache/lima | |
key: lima-${{ env.LIMA_VERSION }} | |
- name: "Start Fedora" | |
# --plain is set to disable file sharing, port forwarding, built-in containerd, etc. | |
run: limactl start --name=default --plain template://fedora | |
- name: "Initialize Fedora" | |
# plain old rsync and ssh are used for the initialization of the guest, | |
# so that people who are not familiar with Lima can understand the initialization steps. | |
run: | | |
set -eux -o pipefail | |
# Initialize SSH | |
mkdir -p -m 0700 ~/.ssh | |
cat ~/.lima/default/ssh.config >> ~/.ssh/config | |
# Sync the current directory to /tmp/kind in the guest | |
rsync -a -e ssh . lima-default:/tmp/kind | |
# Install packages | |
ssh lima-default sudo /tmp/kind/hack/ci/init-fedora.sh | |
# Enable systemd lingering for rootless | |
ssh lima-default sudo loginctl enable-linger "$USER" | |
# Install kind | |
ssh lima-default sudo git config --global --add safe.directory /tmp/kind | |
ssh lima-default sudo make -C /tmp/kind install INSTALL_DIR=/usr/local/bin | |
- name: Set up Rootless Docker | |
if: ${{ matrix.provider == 'docker' && matrix.rootless == 'rootless' }} | |
run: | | |
# Disable the rootful daemon | |
"$HELPER" sudo systemctl disable --now docker | |
# Install the systemd unit | |
"$HELPER" dockerd-rootless-setuptool.sh install | |
# Modify the client config to use the rootless daemon by default | |
"$HELPER" docker context use rootless | |
- name: Set up Rootless Podman | |
if: ${{ matrix.provider == 'podman' && matrix.rootless == 'rootless' }} | |
run: | | |
# Restart the user session to ensure the cgroup delegation | |
# ref: https://github.com/kubernetes-sigs/kind/pull/2754#issuecomment-1124027063 | |
"$HELPER" sudo loginctl terminate-user vagrant || true | |
# We have modprobe ip6_tables in Vagrantfile, but it seems we have to modprobe it once again | |
"$HELPER" sudo modprobe ip6_tables | |
- name: Show provider info | |
run: | | |
"$HELPER" "$KIND_EXPERIMENTAL_PROVIDER" info | |
"$HELPER" "$KIND_EXPERIMENTAL_PROVIDER" version | |
- name: Create a cluster | |
run: | | |
"$HELPER" kind create cluster -v7 --wait 10m --retain | |
- name: Get Cluster status | |
run: | | |
"$HELPER" kubectl wait --for=condition=ready pods --namespace=kube-system -l k8s-app=kube-dns | |
"$HELPER" kubectl get nodes -o wide | |
"$HELPER" kubectl get pods -A | |
- name: Export logs | |
if: always() | |
run: | | |
"$HELPER" kind export logs /tmp/kind/logs | |
mkdir -p /tmp/kind/logs/lima | |
cp -a ~/.lima/default/*.log /tmp/kind/logs/lima || true | |
"$HELPER" tar cC /tmp/kind/logs . | tar xC /tmp/kind/logs | |
- name: Upload logs | |
if: always() | |
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 | |
with: | |
name: kind-logs-${{ env.JOB_NAME }}-${{ github.run_id }} | |
path: /tmp/kind/logs |