From patchwork Wed Mar 2 17:06:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Owen Hilyard X-Patchwork-Id: 108492 Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9B690A04A4; Wed, 2 Mar 2022 18:06:53 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6E9FA42715; Wed, 2 Mar 2022 18:06:52 +0100 (CET) Received: from mail-il1-f225.google.com (mail-il1-f225.google.com [209.85.166.225]) by mails.dpdk.org (Postfix) with ESMTP id 529DF40141 for ; Wed, 2 Mar 2022 18:06:51 +0100 (CET) Received: by mail-il1-f225.google.com with SMTP id k7so1897890ilo.8 for ; Wed, 02 Mar 2022 09:06:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iol.unh.edu; s=unh-iol; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=naoA3C7oOawgJEwviOwHlgFOaNOgicJ8Nt5diFm8cKw=; b=Z7rhUw/dg5qPSy5gOE9EdhYCjFS0uZWbu2yG0bs041z6HNsLI1jkb7GFujV3OJKCRI 9mwC/tdo+eWDqCwQEROeEYMhzS7Gmffi7hgVYN4CmuTgpsMdVYvX7kk4vziV6mrPCdcg ivcZfsUz25Mn2evxFkmE7YwiO0JwZ4QlkNSkM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=naoA3C7oOawgJEwviOwHlgFOaNOgicJ8Nt5diFm8cKw=; b=bSiBp0/onBW8Fkmu+4uAudDtLKq9Ejjn38lYs0iyyPQYflCkcb/6sPHHNgTdoLRv7M pq6FlQylefpsosbQGpNLnN8qKIAz+qn2zma7rAxv3+DNzuHkvj327I3Glk5UfsuKqWD/ 5yHcfSclUF7nIr43DZbhs2QG1EiPSzbC8WXuALb+BYtsY2XIqMPtyMbPyPNi39ckPoVv FSE2vvpdw0mIHR/8RCl7n/mTRVotJgoNEIARHa8H8yovKrTPugAHk3pYJ70rxhwr9jTv 5Oxae5mIEXp93ZWKQNPIg9kzrv5Kr9HRxN5imXKxnB1+VBgGMORTabwAmjUbdUlsZY/2 rLLg== X-Gm-Message-State: AOAM531DENX8WVBSzgX7Pr1xFq5FYPsR1iI9xH12KOSYzKbteVN+dG1A gAxq6RHprF8v6GJm00wYPom/FbkOwDi5achFArfjInTVaIVFAYh1zAeQka3vV7FmYxTOeetBEtX nGqQbRTr+ZwM6g3WxU+vZoeLkPWR7KBk80nYGQlL8QSp4pdTMEb0HiFng4ZRqNi7rbTXeDjPAvM ZV7YzYCwxJ+9WMfw== X-Google-Smtp-Source: ABdhPJyYa7PtgMRiT5CRLrWfykxA+gvqrXOmBjBK2CI8NFC02MGDrajtbAgms84mgtjBZiuEfa0KVExLArID X-Received: by 2002:a05:6e02:18c5:b0:2c2:ac0e:4eca with SMTP id s5-20020a056e0218c500b002c2ac0e4ecamr24535261ilu.7.1646240810653; Wed, 02 Mar 2022 09:06:50 -0800 (PST) Received: from postal.iol.unh.edu (postal.iol.unh.edu. [2606:4100:3880:1234::84]) by smtp-relay.gmail.com with ESMTPS id q15-20020a0566380d0f00b00313f7c5132asm728754jaj.11.2022.03.02.09.06.50 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 02 Mar 2022 09:06:50 -0800 (PST) X-Relaying-Domain: iol.unh.edu Received: from iol.unh.edu (unknown [IPv6:2606:4100:3880:1257::105d]) by postal.iol.unh.edu (Postfix) with ESMTP id 18AB5605246B; Wed, 2 Mar 2022 12:06:50 -0500 (EST) From: ohilyard@iol.unh.edu To: dts@dpdk.org Cc: Owen Hilyard Subject: [PATCH] vm_images: Update to handle additional host configurations Date: Wed, 2 Mar 2022 12:06:37 -0500 Message-Id: <20220302170637.24095-1-ohilyard@iol.unh.edu> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-BeenThere: dts@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: test suite reviews and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dts-bounces@dpdk.org From: Owen Hilyard While doing testing on UNH's ARM system, there were a few edge cases. Namely that docker must be run in privileged mode. This is not due to ARM but SeLinux/AppArmor getting the way of accessing some of kvm's resources while in an unprivileged namespace. Issues with passing through the hardware clock resulted in both the addition of chronyd and trusting the ssl certificates on python's pip repositories while installing meson due to issues with SSL and the VM time starting at Jan 1, 1970. Signed-off-by: Owen Hilyard --- vm_images/Dockerfile | 2 +- vm_images/create_vm_image.py | 12 ++++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/vm_images/Dockerfile b/vm_images/Dockerfile index e3f1e0d9..ce4dbca4 100644 --- a/vm_images/Dockerfile +++ b/vm_images/Dockerfile @@ -6,4 +6,4 @@ RUN apt-get update && apt-get upgrade -y RUN apt-get install --no-install-recommends -y libguestfs-tools \ qemu linux-image-generic qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils \ - linux-image-unsigned-5.11.0-46-generic \ No newline at end of file + linux-image-unsigned-5.11.0-46-generic qemu-system-x86 diff --git a/vm_images/create_vm_image.py b/vm_images/create_vm_image.py index 88ffc7f9..8a010c99 100755 --- a/vm_images/create_vm_image.py +++ b/vm_images/create_vm_image.py @@ -153,7 +153,7 @@ def run_subprocess( "docker", "run", # The container needs to access QEMU/KVM - # "--privileged", + "--privileged", "-d", "--platform", ] @@ -262,14 +262,13 @@ def get_virt_customize_command( os_family_tags: Set[OsFamily], output_path: str, root_password: str ) -> str: commands = [ - f"virt-customize -a {output_path} --root-password password:{root_password} --update", + f"virt-customize -a {output_path} --root-password password:{root_password} --update" ] commands = commands + get_enable_additional_repos_commands(os_family_tags) packages = get_packages_for_os_family(os_family_tags) packagelist = ",".join(packages) - commands += (f"--run-command dhclient",) commands += (f"--install {packagelist}",) commands += (f"--run-command {get_install_meson_command(os_family_tags)}",) commands += (f"--run-command {get_setup_hugepages_command(os_family_tags)}",) @@ -324,6 +323,7 @@ def get_packages_for_os_family(os_family_tags: Set[OsFamily]) -> List[str]: "python3-setuptools", "python3-wheel", "iperf", + "chrony", ] elif OsFamily.RHEL in os_family_tags: return [ @@ -354,7 +354,9 @@ def get_packages_for_os_family(os_family_tags: Set[OsFamily]) -> List[str]: def get_install_meson_command(os_family_tags: Set[OsFamily]) -> str: if OsFamily.DEBIAN in os_family_tags or OsFamily.RHEL in os_family_tags: - return '"python3 -m pip install meson"' + # the "--trusted-host" flags are included because the date on the system will be Jan 1, 1970 due to the way + # guestfs-tools starts the vm. This breaks pip's ssl, so making these hosts trusted fixes that. + return '"python3 -m pip install --trusted-host pypi.org --trusted-host pypi.python.org --trusted-host files.pythonhosted.org meson"' else: error(f"Unknown command to install meson for {os_family_tags}") @@ -426,6 +428,8 @@ def get_image_info(base_image_path: str) -> (OsFamily, Arch): base_image_path, ] + print(" ".join(command)) + proc = subprocess.run(command, capture_output=True) if proc.returncode != 0: print(proc.stdout)