Add FreeBSD container support #7727
Conversation
|
I think I'd prefer to share code where possible. Even if the readibility suffers, it will reduce the liklihood we miss patches to one or the other |
The approach I took in Podman for some similar changes was to move e.g. |
d876214 to
49b17ae
Compare
|
I re-implemented this to keep as much of the code for container creation shared between Linux and FreeBSD. I kept the history fairly detailed to make it easier to see the sequence of small refactors clear. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7727 +/- ##
==========================================
+ Coverage 47.49% 47.50% +0.01%
==========================================
Files 154 156 +2
Lines 23125 23132 +7
==========================================
+ Hits 10983 10989 +6
- Misses 11072 11073 +1
Partials 1070 1070 |
49b17ae to
582f5a1
Compare
|
A friendly reminder that this PR had no activity for 30 days. |
|
Note: this iteration disables timezone support for FreeBSD - this can be removed if we update the vendor of github.com/containers/common to v0.58 but perhaps that should happen in a separate PR? |
|
@dfr, you might have to rebase this against |
I just rebased and updated the PR, thanks! |
|
there do seem to be some legitimate breakages here |
|
@dfr, could you rebase on top of the main branch to pick the |
Signed-off-by: Doug Rabson <[email protected]>
Signed-off-by: Doug Rabson <[email protected]>
a80f844 to
fad82e1
Compare
|
@dfr Thanks for your patience. |
…r_create.go This allows most of the container create logic to be shared between Linux and FreeBSD. Signed-off-by: Doug Rabson <[email protected]>
This field is not set on FreeBSD Signed-off-by: Doug Rabson <[email protected]>
fad82e1 to
8287e41
Compare
Done. |
|
It's not clear to me what should be working with this PR. There's no default runner, but there seem some 3rd party options. I think it's ok to disable some tests, but we can get better understanding what is remaining to fully support freebsd. |
I think that at this stage, I would be happy with a simple 'does it build' test. We did this in Podman and it has been quite helpful - this was easy in Podman since they use Cirrus CI which supports FreeBSD. I'm not sure what it would take to add a 3rd party FreeBSD runner. |
|
hmm, did you do any manual test on this change? or is this PR just a preliminary one for the future changes?
I believe we should have the e2e test for the freebsd functionality as soon as possible, but you made the point about 3rd party runner. we may as well not implement it for now. |
|
ideally, https://actuated.com/blog/kvm-in-github-actions should be the target. i.e. on linux, we deploy a minimal freebsd VM using kvm and do |
I have a small set of tests which use crictl to create pods and containers in a few configurations that cover creating simple containers, containers with volumes, etc. and I run them manually. I also have a two node FreeBSD Kubernetes cluster that uses cri-o with this PR and a few much smaller patches that I can use for ad-hoc testing.
If we can collectively figure out a way to run tests in a FreeBSD VM, I would be very happy. Possibly https://github.com/marketplace/actions/cross-platform-action would work for this? |
|
I just remembered that I actually added a FreeBSD cross build which runs on a Linux worker and helps to keep the tree buildable. I will see if this binary is functional, which it should be unless something in the build depends on CGO. |
|
/lgtm Feel free to remove the hold when it's ready. Thanks for being so patient and thorough here. I'm very excited about this! |
/unhold After some more testing, including with my experimental FreeBSD Kubernetes cluster, I'm happy with this change. I will follow up with a few much smaller pull requests to fill out the features needed for minimal Kubernetes support. |
|
/retest-required |
2 similar comments
|
/retest-required |
|
/retest-required |
|
seems like unrelated timeouts and not related to these changes? |
I think so - it usually takes a while to get this set of tests to pass. Unfortunately, they are important end-to-end tests ensuring that we can still bring up Kubernetes clusters etc. so we need them. I do wish they were less flaky though. |
|
/retest |
1 similar comment
|
/retest |
Following on from #7472, this adds support for creating containers inside a pod sandbox. This gives us a functioning cri-o for FreeBSD, missing pod and container stats and some features such as device support and privileged containers. Part of #6492.
Note: the FreeBSD implementation of createSandboxContainer was copied from the Linux implementation and modified for FreeBSD. Some code could be shared between the two platforms at the expense of reduced readability. Its not clear to me which approach is better and I would welcome feedback on this.
What type of PR is this?
/kind feature
What this PR does / why we need it:
Which issue(s) this PR fixes:
None
Special notes for your reviewer:
Does this PR introduce a user-facing change?