Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ISO: Add packaging for crun #11679

Merged
merged 7 commits into from
Mar 28, 2022
Merged

ISO: Add packaging for crun #11679

merged 7 commits into from
Mar 28, 2022

Conversation

afbjorklund
Copy link
Collaborator

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jun 17, 2021
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Jun 17, 2021
@afbjorklund afbjorklund mentioned this pull request Jun 17, 2021
Closed
2 tasks
@afbjorklund afbjorklund changed the title Add packaging for crun ISO: Add packaging for crun Jun 19, 2021
@ilya-zuyev
Copy link
Contributor

Why do we need crun?

@afbjorklund
Copy link
Collaborator Author

CRI-O defaults to crun under certain conditions, mostly Cgroups V2 I think

@medyagh

This comment has been minimized.

Sign in to view
@minikube-bot

This comment has been minimized.

Sign in to view
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 29, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 5, 2021
@afbjorklund afbjorklund changed the title ISO: Add packaging for crun ISO: Add packaging for crun, version 0.20.1 Aug 5, 2021
@afbjorklund

This comment has been minimized.

Sign in to view
@minikube-bot

This comment has been minimized.

Sign in to view
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 6, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 14, 2021
@afbjorklund

This comment has been minimized.

Sign in to view
@minikube-bot

This comment has been minimized.

Sign in to view
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 17, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 17, 2021
@afbjorklund
Copy link
Collaborator Author

ok-to-build-iso

@minikube-bot
Copy link
Collaborator

Hi @afbjorklund, building a new ISO failed.
See the logs at: https://storage.cloud.google.com/minikube-builds/logs/11679/iso-84/iso_build.txt

@afbjorklund afbjorklund changed the title ISO: Add packaging for crun, version 0.20.1 ISO: Add packaging for crun Dec 4, 2021
@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 24, 2022
edited
Loading

KIC is currently including crun 1.2 from kubic, hopefully both are compatible with podman ?

      crun |  100:1.2-2 | http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04  Packages

EDIT: Reverted the upgrade

@afbjorklund
Copy link
Collaborator Author

ok-to-build-iso

@minikube-bot
Copy link
Collaborator

Hi @afbjorklund, we have updated your PR with the reference to newly built ISO. Pull the changes locally if you want to test with them or update your PR further.

@spowelljr
Copy link
Member

ok-to-build-iso

@minikube-bot
Copy link
Collaborator

Hi @afbjorklund, we have updated your PR with the reference to newly built ISO. Pull the changes locally if you want to test with them or update your PR further.

@spowelljr
Copy link
Member

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Mar 28, 2022
@minikube-pr-bot
Copy link

kvm2 driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 11679) |
+----------------+----------+---------------------+
| minikube start | 53.5s    | 52.1s               |
| enable ingress | 28.4s    | 29.6s               |
+----------------+----------+---------------------+

Times for minikube (PR 11679) start: 52.0s 52.8s 50.6s 52.4s 52.7s
Times for minikube start: 57.7s 52.1s 54.4s 51.3s 51.8s

Times for minikube ingress: 29.0s 29.0s 29.5s 25.1s 29.6s
Times for minikube (PR 11679) ingress: 29.6s 29.0s 31.1s 29.0s 29.1s

docker driver with docker runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 11679) |
+----------------+----------+---------------------+
| minikube start | 26.3s    | 26.1s               |
| enable ingress | 22.3s    | 23.8s               |
+----------------+----------+---------------------+

Times for minikube start: 26.0s 27.0s 26.5s 26.3s 25.6s
Times for minikube (PR 11679) start: 26.7s 25.7s 25.5s 26.0s 26.8s

Times for minikube ingress: 22.9s 22.4s 20.4s 22.9s 22.9s
Times for minikube (PR 11679) ingress: 25.9s 22.4s 22.9s 25.9s 21.9s

docker driver with containerd runtime

+----------------+----------+---------------------+
|    COMMAND     | MINIKUBE | MINIKUBE (PR 11679) |
+----------------+----------+---------------------+
| minikube start | 42.8s    | 43.2s               |
| enable ingress | 21.3s    | 22.3s               |
+----------------+----------+---------------------+

Times for minikube start: 47.5s 41.7s 42.1s 41.3s 41.3s
Times for minikube (PR 11679) start: 41.3s 41.7s 41.0s 46.2s 45.9s

Times for minikube ingress: 17.9s 21.9s 22.4s 21.9s 22.4s
Times for minikube (PR 11679) ingress: 21.9s 21.9s 22.4s 17.9s 27.4s

@minikube-pr-bot
Copy link

These are the flake rates of all failed tests.

Environment Failed Tests Flake Rate (%)
Docker_Linux_containerd TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Docker_Linux TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Docker_macOS TestDownloadOnly/v1.23.5/preload-exists (gopogh) n/a
Docker_macOS TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Docker_Windows TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Hyperkit_macOS TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Hyper-V_Windows TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
KVM_Linux_containerd TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
KVM_Linux TestDownloadOnly/v1.23.6-rc.0/cached-images (gopogh) n/a
Docker_Linux TestNoKubernetes/serial/StartNoArgs (gopogh) 2.47 (chart)
Docker_macOS TestMissingContainerUpgrade (gopogh) 3.85 (chart)
Docker_macOS TestDownloadOnlyKic (gopogh) 8.33 (chart)
Docker_macOS TestCertExpiration (gopogh) 10.90 (chart)
Docker_macOS TestKubernetesUpgrade (gopogh) 15.38 (chart)
Docker_macOS TestStoppedBinaryUpgrade/MinikubeLogs (gopogh) 15.38 (chart)
Docker_macOS TestStoppedBinaryUpgrade/Upgrade (gopogh) 15.38 (chart)
Docker_Windows TestPause/serial/Pause (gopogh) 17.50 (chart)
Docker_Windows TestStartStop/group/embed-certs/serial/SecondStart (gopogh) 17.98 (chart)
Docker_macOS TestNoKubernetes/serial/StartWithK8s (gopogh) 18.59 (chart)
Docker_macOS TestPause/serial/Start (gopogh) 18.59 (chart)
Docker_macOS TestNetworkPlugins/group/auto/Start (gopogh) 20.28 (chart)
Docker_macOS TestNetworkPlugins/group/cilium/Start (gopogh) 20.28 (chart)
Docker_macOS TestNetworkPlugins/group/enable-default-cni/Start (gopogh) 20.28 (chart)
Docker_macOS TestNetworkPlugins/group/false/Start (gopogh) 20.28 (chart)
Docker_macOS TestNoKubernetes/serial/ProfileList (gopogh) 20.42 (chart)
Docker_macOS TestNoKubernetes/serial/StartNoArgs (gopogh) 20.42 (chart)
Docker_macOS TestNoKubernetes/serial/Stop (gopogh) 20.42 (chart)
Docker_Cloud_Shell TestStartStop/group/cloud-shell/serial/UserAppExistsAfterStop (gopogh) 21.28 (chart)
Docker_macOS TestNoKubernetes/serial/Start (gopogh) 22.07 (chart)
Docker_macOS TestNoKubernetes/serial/StartWithStopK8s (gopogh) 25.64 (chart)
More tests... Continued...

Too many tests failed - See test logs for more details.

To see the flake rates of all tests by environment, click here.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: afbjorklund, spowelljr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [afbjorklund,spowelljr]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@spowelljr spowelljr merged commit d38da0b into kubernetes:master Mar 28, 2022
@jesperpedersen
Copy link

Any work planned for crun 1.2+, like crun 1.4.4 ?

@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 29, 2022
edited
Loading

Currently there are no Ubuntu 20.04 binaries after Podman 3.4.2 and crun 1.2, so left it the same in the ISO... Might have to use binaries also in KIC, if we want to bump to 3.4.4 and 1.4.x

Is there anything important?

@jesperpedersen
Copy link

@afbjorklund Ok, good to know -- just interested in when the fixed CVEs were going to be included

@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 29, 2022
edited
Loading

It seems like podman gave up on packaging mid-air, so I think we will have to use some PPA or do our own packages

https://build.opensuse.org/project/show/devel:kubic:libcontainers:stable

  • podman 3.4.2

  • crun 1.2

@jesperpedersen
Copy link

I think it is left to each OS vendor, because

https://koji.fedoraproject.org/koji/packageinfo?packageID=9688

@afbjorklund
Copy link
Collaborator Author

minikube uses podman for building images and for loading images, so normally it is cri-o runc that is the runtime.

Using minikube to run containers with podman is probably unsupported. Can use podman machine for that instead.

@afbjorklund
Copy link
Collaborator Author

afbjorklund commented Mar 29, 2022
edited
Loading

I think it is left to each OS vendor, because

https://koji.fedoraproject.org/koji/packageinfo?packageID=9688

Yeah well, it seems that it would require changing distribution

https://packages.ubuntu.com/focal/crun

Currently we are using vendor packages, but they stopped updating them.

So might have to reconsider that.

@jesperpedersen
Copy link

Note, https://podman.io/blogs/2022/03/06/why_no_podman4_f35.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spowelljr spowelljr spowelljr approved these changes

@RA489 RA489 Awaiting requested review from RA489

@sharifelgamal sharifelgamal Awaiting requested review from sharifelgamal

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@afbjorklund @ilya-zuyev @medyagh @minikube-bot @spowelljr @minikube-pr-bot @k8s-ci-robot @jesperpedersen