Podman IPv6 ULA addressing #19775
Podman IPv6 ULA addressing #19775
Conversation
pdostal
requested review from
grisu48,
jlausuch,
mloviska,
ricardobranco777,
asmorodskyi,
mpagot and
m-dati
as code owners
|
Great PR! Please pay attention to the following items before merging: Files matching
This is an automatically generated QA checklist based on modified files. |
data/publiccloud/terraform/ec2.tf
Outdated
| @@ -1,7 +1,7 @@ | |||
| terraform { | |||
| required_providers { | |||
| aws = { | |||
| version = "= 5.14.0" | |||
| version = "= 5.58.0" | |||
There was a problem hiding this comment.
That's quiet a version bump. We will require heavy testing for this one and I would recommend to not merge this at the end of the week.
There was a problem hiding this comment.
This has been discarded.
lib/publiccloud/provider.pm
Outdated
| @@ -352,6 +352,11 @@ sub create_instances { | |||
| # Install server's ssh publicckeys to prevent authenticity interactions | |||
| assert_script_run(sprintf('ssh-keyscan %s >> ~/.ssh/known_hosts', $instance->public_ip)); | |||
| } | |||
|
|
|||
| $instance->ssh_assert_script_run('sudo ip -6 a a ' . $instance->public_ip6 . '/128 dev eth0') if ($instance->public_ip6); | |||
There was a problem hiding this comment.
Shouldn't this be excluded for Azure? Because podman_ipv6 is excluded for Azure I assume that IPv6 is not available there
There was a problem hiding this comment.
no need for additional is_azure condition here . Call will be excluded just because $instance->public_ip6 is undefined for Azure
There was a problem hiding this comment.
This has been discarded.
lib/publiccloud/provider.pm
Outdated
| my $instance = publiccloud::instance->new( | ||
| public_ip => @{$ips}[$i], | ||
| public_ip6 => $ipv6_address, | ||
| #ip6_subnet => @{$ipv6_prefixes}[$i]->[0], |
There was a problem hiding this comment.
This has been discarded.
tests/containers/podman_ipv6.pm
Outdated
| @@ -27,6 +27,7 @@ sub _cleanup { | |||
| sub run { | |||
| my ($self, $args) = @_; | |||
|
|
|||
| die "This will work only on GCE and EC2. I'm sorry for the inconvenience :(" unless (is_ec2 || is_gce); | |||
There was a problem hiding this comment.
| die "This will work only on GCE and EC2. I'm sorry for the inconvenience :(" unless (is_ec2 || is_gce); | |
| die "IPv6 is not available on Azure" if (is_azure); |
Careful, we're mixing different exclusion styles. In main_containers.pm we have:
loadtest 'containers/podman_ipv6' if (!is_azure && is_sle('>=15-SP5'));
And here it is is_ec2 || is_gce. I recommend to unify the exclusion settings, or even better not have them in the test run at all. The test run is already excluded, so IMHO this die can be removed as a whole.
A comment in the summary is IMHO better suited.
tests/containers/podman_ipv6.pm
Outdated
| assert_script_run(sprintf('podman network create --ipv6 --subnet %s podman-ipv6', $subnet)); | ||
| assert_script_run("podman run --name test-ipv6 --network podman-ipv6 --ip6 $cont_addr -d -p 80:80 -p '[::]:80:80' $image sleep 999", timeout => 180); | ||
| assert_script_run("podman run --name test-ipv6 --network podman-ipv6 --ip6 $cont_addr -d $image sleep 999", timeout => 180); |
There was a problem hiding this comment.
Why don't we use a local network here? We can enable IPv6 for the default network or create a new one and then test the IPv6 connectivity from within the container without exposing a whole subnet.
By switching to ULA addresses we don't have to have subnet from CSP. This is because podman by default creates IPv6 NAT.
By switching to ULA addresses we don't have to have subnet from CSP.
This is because podman by default creates IPv6 NAT.