Age | Commit message (Collapse) | Author |
|
#5274 broke `make load-basic_fsstress` target. It works locally but for some
inconceivable reason it fails to build on Kokoro.
Error message:
```
Step 1/12 : FROM alpine
---> 1fca6fe4a1ec
Step 2/12 : RUN apk add git
---> Running in 109a5326259a
standard_init_linux.go:207: exec user process caused "no such file or directory"
The command '/bin/sh -c apk add git' returned a non-zero code: 1
make: *** [load-basic_fsstress] Error 1
tools/images.mk:149: recipe for target 'load-basic_fsstress' failed
```
Copied the approach from the following issue to achieve the same goal:
https://github.com/nodejs/docker-node/issues/586#issue-273737852.
PiperOrigin-RevId: 352602945
|
|
Updates #5273
PiperOrigin-RevId: 352088736
|
|
It isn't used on aarch64.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
make BAZEL_CONFIG=aarch64 arm-qemu-smoke-test
Signed-off-by: Andrei Vagin <avagin@gmail.com>
|
|
A few images were broken with respect to aarch64. We should now
be able to run push-all-images with ARCH=aarch64 as part of the
regular continuous integration builds, and add aarch64 smoke tests
(via user emulation for now) to the regular test suite (future).
PiperOrigin-RevId: 346685462
|
|
Recursive make is difficult to follow and debug. Drop this by using
internal functions, which, while difficult, are easier than trying to
following recursive invokations.
Further simplify the Makefile by collapsing the image bits and removing
the tools/vm directory, which is effectively unused.
Fixes #4952
PiperOrigin-RevId: 346569133
|
|
PiperOrigin-RevId: 346101076
|
|
This has no effect on the continuous integration system, and simply
publishes a cached container image containing the agent and metrics
agent with known provenance.
PiperOrigin-RevId: 345274375
|
|
This change also simplifies and documents the build_cmd pipeline, and
reduces general noise for debugging Makefile issues.
It also drops the mapping for /etc/docker/daemon.json, which if it
does not exist initially will create this as a directory (causing lots
of confusion and breaks).
PiperOrigin-RevId: 343932456
|
|
PiperOrigin-RevId: 339913577
|
|
Also fixes the docker_image bazel rule, and website-server make target.
Fixes #3273
PiperOrigin-RevId: 338606668
|
|
PiperOrigin-RevId: 337415009
|
|
This change allows Dockerfiles named Dockerfile.$(ARCH) and makes list-images
list only supported architectures.
Updates #2847
PiperOrigin-RevId: 336108293
|
|
Changes in Nginx Benchmarks in network_tests also affect Startup/Size
Nginx Benchmarks. Make sure the commands line up.
PiperOrigin-RevId: 333543697
|
|
PiperOrigin-RevId: 332477119
|
|
- Skip `docker inspect`; `docker pull` is idempotent
- Remove unnecessary CMD directives in Dockerfiles
- Run bazel before building images to catch errors sooner
PiperOrigin-RevId: 331107815
|
|
Adds a syntax highlighting theme css so that code snippets are highlighted
properly.
PiperOrigin-RevId: 330733737
|
|
blaze test <test_name>_fuchsia_test will run the corresponding packetimpact
test against fuchsia.
PiperOrigin-RevId: 329835290
|
|
Adds docs to nginx and refactors both Httpd and Nginx benchmarks.
Key changes:
- Add docs and make nginx tests the same as httpd (reverse, all docs, etc.).
- Make requests scale on c * b.N -> a request per thread. This works well
with both --test.benchtime=10m (do a run that lasts at least 10m) and
--test.benchtime=10x (do b.N = 10).
-- Remove a doc from both tests (1000Kb) as 1024Kb exists.
PiperOrigin-RevId: 329751091
|
|
PiperOrigin-RevId: 325500772
|
|
PiperOrigin-RevId: 325497346
|
|
Updates #1198
PiperOrigin-RevId: 325350818
|
|
PiperOrigin-RevId: 324918229
|
|
PiperOrigin-RevId: 324833018
|
|
This change:
- Ports the nginx benchmark.
- Switches the Httpd benchmark to use 'hey' as a client.
- Moves all parsers to their own package 'tools'.
Parsers are moved to their own package because 1) parsing output of a command
is often dependent on the format of the command (e.g. 'fio --json'), 2) to
enable easier reuse, and 3) clean up and simplify actual running benchmarks
(no TestParser functions and ugly sample output in benchmark files).
PiperOrigin-RevId: 324144165
|
|
9P2000.L is silent as to how readdir RPCs interact with directory mutation. The
most performant option is for Treaddir with offset=0 to restart iteration,
avoiding needing to walk+open+clunk a new directory fid between invocations of
getdents64(2), and the VFS2 gofer client assumes this is the case. Make this
actually true for the runsc fsgofer.
Fixes #3344, #3345, #3355
PiperOrigin-RevId: 324090384
|
|
PiperOrigin-RevId: 324071377
|
|
PiperOrigin-RevId: 323810654
|
|
PiperOrigin-RevId: 323810235
|
|
PiperOrigin-RevId: 323633737
|
|
PiperOrigin-RevId: 323508910
|
|
PiperOrigin-RevId: 323383320
|
|
PiperOrigin-RevId: 323381964
|
|
Using "--no-cache-dir" flag in pip install ,make sure dowloaded packages
by pip don't cached on system . This is a best practise which make sure
to fetch ftom repo instead of using local cached one . Further , in case
of Docker Containers , by restricing caching , we can reduce image size.
In term of stats , it depends upon the number of python packages
multiplied by their respective size . e.g for heavy packages with a lot
of dependencies it reduce a lot by don't caching pip packages.
Further , more detail information can be found at
https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6
|
|
For some reason these tests were broken when run via the bazel docker
container. The mechanism used was a bit crazy (self-extracting bundle),
so convert them to use straight-forward starlark rules. This has the
added advantaged that they are now independent tests.
|
|
PiperOrigin-RevId: 322265513
|
|
- Fixes some html validation issues.
- Fixes links on security basics blog post.
- Adds rel=noopener to links with target=_blank and adds a check to
htmlproofer.
- Add favicon check to htmlproofer.
Fixes #3286
Fixes #3284
PiperOrigin-RevId: 321892602
|
|
PiperOrigin-RevId: 321887956
|
|
PiperOrigin-RevId: 321478001
|
|
PiperOrigin-RevId: 321021071
|
|
PiperOrigin-RevId: 314855924
|
|
optimize the git clone using --depth flag in term of size of clone
and also in term's of time taken to fetch the files and commit history
of whole repository .
More detail can be found at blog
https://www.atlassian.com/git/tutorials/big-repositories
Signed-off-by: Pratik Raj <rajpratik71@gmail.com>
|
|
PiperOrigin-RevId: 313478820
|
|
Split check for file in /tmp from working directory test.
Fix readonly case which should not fail to create working
dir.
PiperOrigin-RevId: 312702930
|
|
Linux 4.18 and later make reads and writes coherent between pre-copy-up and
post-copy-up FDs representing the same file on an overlay filesystem. However,
memory mappings remain incoherent:
- Documentation/filesystems/overlayfs.rst, "Non-standard behavior": "If a file
residing on a lower layer is opened for read-only and then memory mapped with
MAP_SHARED, then subsequent changes to the file are not reflected in the
memory mapping."
- fs/overlay/file.c:ovl_mmap() passes through to the underlying FD without any
management of coherence in the overlay.
- Experimentally on Linux 5.2:
```
$ cat mmap_cat_page.c
#include <err.h>
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <sys/mman.h>
#include <unistd.h>
int main(int argc, char **argv) {
if (argc < 2) {
errx(1, "syntax: %s [FILE]", argv[0]);
}
const int fd = open(argv[1], O_RDONLY);
if (fd < 0) {
err(1, "open(%s)", argv[1]);
}
const size_t page_size = sysconf(_SC_PAGE_SIZE);
void* page = mmap(NULL, page_size, PROT_READ, MAP_SHARED, fd, 0);
if (page == MAP_FAILED) {
err(1, "mmap");
}
for (;;) {
write(1, page, strnlen(page, page_size));
if (getc(stdin) == EOF) {
break;
}
}
return 0;
}
$ gcc -O2 -o mmap_cat_page mmap_cat_page.c
$ mkdir lowerdir upperdir workdir overlaydir
$ echo old > lowerdir/file
$ sudo mount -t overlay -o "lowerdir=lowerdir,upperdir=upperdir,workdir=workdir" none overlaydir
$ ./mmap_cat_page overlaydir/file
old
^Z
[1]+ Stopped ./mmap_cat_page overlaydir/file
$ echo new > overlaydir/file
$ cat overlaydir/file
new
$ fg
./mmap_cat_page overlaydir/file
old
```
Therefore, while the VFS1 gofer client's behavior of reopening read FDs is only
necessary pre-4.18, replacing existing memory mappings (in both sentry and
application address spaces) with mappings of the new FD is required regardless
of kernel version, and this latter behavior is common to both VFS1 and VFS2.
Re-document accordingly, and change the runsc flag to enabled by default.
New test:
- Before this CL: https://source.cloud.google.com/results/invocations/5b222d2c-e918-4bae-afc4-407f5bac509b
- After this CL: https://source.cloud.google.com/results/invocations/f28c747e-d89c-4d8c-a461-602b33e71aab
PiperOrigin-RevId: 311361267
|
|
PiperOrigin-RevId: 311184385
|
|
|
|
This adapts the merged website repository to use the image and bazel
build framework. It explicitly avoids the container_image rules provided
by bazel, opting instead to build with direct docker commands when
necessary.
The relevant build commands are incorporated into the top-level
Makefile.
|
|
This change moves all Docker images to a standard location, and abstracts the
build process so that they can be maintained in an automated fashion. This also
allows the images to be architecture-independent.
All images will now be referred to by the test framework via the canonical
`gvisor.dev/images/<name>`, where `<name>` is a function of the path within the
source tree.
In a subsequent change, continuous integration will be added so that the images
will always be correct and available locally.
In the end, using `bazel` for Docker containers is simply not possible. Given
that we already have the need to use `make` with the base container (for
Docker), we extend this approach to get more flexibility.
This change also adds a self-documenting and powerful Makefile that is intended
to replace the collection of scripts in scripts. Canonical (self-documenting)
targets can be added here for targets that understand which images need to be
loaded and/or built.
PiperOrigin-RevId: 308322438
|