Age | Commit message (Collapse) | Author |
|
It would be preferrable to test iptables via syscall tests, but there are some
problems with that approach:
* We're limited to loopback-only, as syscall tests involve only a single
container. Other link interfaces (e.g. fdbased) should be tested.
* We'd have to shell out to call iptables anyways, as the iptables syscall
interface itself is too large and complex to work with alone.
* Running the Linux/native version of the syscall test will require root, which
is a pain to configure, is inherently unsafe, and could leave host iptables
misconfigured.
Using the go_test target allows there to be no new test runner.
PiperOrigin-RevId: 285274275
|
|
We seem to be getting some compiler errors when using the Kythe
extractors.bazelrc.
I'm not able to reproduce this on my local machine, so I'm hoping copying the
cxxopt from gvisor.dev/pr/1350 will fix the build.
PiperOrigin-RevId: 285054258
|
|
Apparently our Kokoro VM images don't have pyenv -- I previously tested this on
the Kokoro QA shared pool.
PiperOrigin-RevId: 284855160
|
|
PiperOrigin-RevId: 284835614
|
|
PiperOrigin-RevId: 284308422
|
|
PiperOrigin-RevId: 281617882
|
|
PiperOrigin-RevId: 279406266
|
|
junitparser will be used to merge junit xml files.
PiperOrigin-RevId: 279387305
|
|
This fixes a number of issues with the repository build process:
* Fix the overall structure of the repository.
* Fix the debian package description.
* Fix the broken version number for packages.
* Update the digest algorithm used for signing the release.
I've validated that installation works from a separate staging bucket.
Updates #852
PiperOrigin-RevId: 278716914
|
|
We don't know how stable they are, so let's start with warning.
PiperOrigin-RevId: 278484186
|
|
PiperOrigin-RevId: 277607217
|
|
Right now, we send each tcp packet separately, we call one system
call per-packet. This patch allows to generate multiple tcp packets
and send them by sendmmsg.
The arguable part of this CL is a way how to handle multiple headers.
This CL adds the next field to the Prepandable buffer.
Nginx test results:
Server Software: nginx/1.15.9
Server Hostname: 10.138.0.2
Server Port: 8080
Document Path: /10m.txt
Document Length: 10485760 bytes
w/o gso:
Concurrency Level: 5
Time taken for tests: 5.491 seconds
Complete requests: 100
Failed requests: 0
Total transferred: 1048600200 bytes
HTML transferred: 1048576000 bytes
Requests per second: 18.21 [#/sec] (mean)
Time per request: 274.525 [ms] (mean)
Time per request: 54.905 [ms] (mean, across all concurrent requests)
Transfer rate: 186508.03 [Kbytes/sec] received
sw-gso:
Concurrency Level: 5
Time taken for tests: 3.852 seconds
Complete requests: 100
Failed requests: 0
Total transferred: 1048600200 bytes
HTML transferred: 1048576000 bytes
Requests per second: 25.96 [#/sec] (mean)
Time per request: 192.576 [ms] (mean)
Time per request: 38.515 [ms] (mean, across all concurrent requests)
Transfer rate: 265874.92 [Kbytes/sec] received
w/o gso:
$ ./tcp_benchmark --client --duration 15 --ideal
[SUM] 0.0-15.1 sec 2.20 GBytes 1.25 Gbits/sec
software gso:
$ tcp_benchmark --client --duration 15 --ideal --gso $((1<<16)) --swgso
[SUM] 0.0-15.1 sec 3.99 GBytes 2.26 Gbits/sec
PiperOrigin-RevId: 276112677
|
|
PiperOrigin-RevId: 272286122
|
|
One would reasonably assume that a field named "regex" would expect
a regular expression. However, in this case, one would be wrong.
The "regex" field actually requires "FileSet" [1] syntax.
?\_(?)_/?
[1] http://ant.apache.org/manual/Types/fileset.html
PiperOrigin-RevId: 271917356
|
|
We don't want to upload packages from the presubmit jobs.
This will fix the error:
[11:01:34][ERROR] Cannot inject environment variables into
the build without allowed_env_vars regexes.
PiperOrigin-RevId: 271622996
|
|
scripts/build.sh uses sha512sum, not sha256sum.
PiperOrigin-RevId: 270713604
|
|
PiperOrigin-RevId: 269468986
|
|
PiperOrigin-RevId: 268947847
|
|
PiperOrigin-RevId: 268604220
|
|
The credentials must be explicitly refreshed for pushing to
the repository on the Go branch.
PiperOrigin-RevId: 268589817
|
|
PiperOrigin-RevId: 268486127
|
|
A recent Kokoro change pointed to go_tests.cfg (in line with the
other configurations), which unfortunately broke the presubmits.
This change also enabled the KVM tests, which were still using a
remote execution strategy.
This fixes both of these issues and allows presubmits to pass.
One additional test was caught with this case, which seems to
have been broken. It's unclear why this was not being caught.
PiperOrigin-RevId: 268166291
|
|
The simple test script has gotten out of control. Shard this script into
different pieces and attempt to impose order on overall test structure. This
change helps lay some of the foundations for future improvements.
* The runsc/test directories are moved into just test/.
* The runsc/test/testutil package is split into logical pieces.
* The scripts/ directory contains new top-level targets.
* Each test is now responsible for building targets it requires.
* The install functionality is moved into `runsc` itself for simplicity.
* The existing kokoro run_tests.sh file now just calls all (can be split).
After this change is merged, I will create multiple distinct workflows for
Kokoro, one for each of the scripts currently targeted by `run_tests.sh` today,
which should dramatically reduce the time-to-run for the Kokoro tests, and
provides a better foundation for further improvements to the infrastructure.
PiperOrigin-RevId: 267081397
|
|
PiperOrigin-RevId: 266467361
|
|
PiperOrigin-RevId: 266073190
|
|
PiperOrigin-RevId: 266066839
|
|
The /tmpfs directory needs to be writable, and kokoro needs passwordless sudo
access to execute the test scripts.
PiperOrigin-RevId: 266063723
|
|
These scripts generated the following images:
gvisor-kokoro-testing/image-a53bac71541a209e (ubuntu 18.04)
gvisor-kokoro-testing/image-f5b20c5fbd23f448 (ubuntu 16.04)
Any modifications to these scripts should generate new images.
PiperOrigin-RevId: 265843929
|
|
As a convenience for debugging, also factor the scripts such that
can be run without Kokoro. In the future, this may be used to add
additional presubmit hooks that run without Kokoro.
PiperOrigin-RevId: 251474868
|
|
The WORKSPACE go_repositories can be generated from a standard go.mod file. Add
the necessary gazelle hooks to do so, and include a test that sanity checks
there are no changes. This go.mod file will be used in a subsequent commit to
generate a go gettable branch of the repository.
This commit also adds a tools/go_branch.sh script, which given an existing go
branch in the repository, will add an additional synthetic change to the branch
bringing it up-to-date with HEAD.
As a final step, a cloudbuild script is included, which can be used to automate
the process for every change pushed to the repository. This may be used after
an initial go branch is pushed, but this is manual process.
PiperOrigin-RevId: 251095016
|
|
PiperOrigin-RevId: 250970783
|
|
PiperOrigin-RevId: 250329795
|
|
PiperOrigin-RevId: 248367340
Change-Id: Id792afcfff9c9d2cfd62cae21048316267b4a924
|
|
We want to know that our environment set up properly
and docker tests pass with a native runtime.
PiperOrigin-RevId: 248229294
Change-Id: I06c221e5eeed6e01bdd1aa935333c57e8eadc498
|
|
WaitForHTTP tries GET requests on a port until the call succeeds or timeout.
But we want to be sure that one of our attempts will not stuck for
the whole timeout.
All timeouts are increased to 30 seconds, because test cases with smaller
timeouts fail sometimes even for the native container runtime (runc).
PiperOrigin-RevId: 247888467
Change-Id: I03cfd3275286bc686a78fd26da43231d20667851
|
|
bazel has a lot of dependencies and users don't want to install them
just to build gvisor.
These changes allows to run bazel in a docker container.
A bazel cache is on the local file system (~/.cache/bazel), so
incremental builds should be fast event after recreating a bazel
container.
Here is an example how to build runsc:
make BAZEL_OPTIONS="build runsc:runsc" bazel
Change-Id: I8c0a6d0c30e835892377fb6dd5f4af7a0052d12a
PiperOrigin-RevId: 246570877
|
|
PiperOrigin-RevId: 246542315
Change-Id: Ia9ba2bc104e0af3277d3b6102122c13d320ea802
|
|
Based on the guidelines at
https://opensource.google.com/docs/releasing/authors/.
1. $ rg -l "Google LLC" | xargs sed -i 's/Google LLC.*/The gVisor Authors./'
2. Manual fixup of "Google Inc" references.
3. Add AUTHORS file. Authors may request to be added to this file.
4. Point netstack AUTHORS to gVisor AUTHORS. Drop CONTRIBUTORS.
Fixes #209
PiperOrigin-RevId: 245823212
Change-Id: I64530b24ad021a7d683137459cafc510f5ee1de9
|
|
The file layout in the bucket is changed a little bit recently to support both v1 shim and v2 shim.
PiperOrigin-RevId: 243682904
Change-Id: Ic1373c6dc088ef41f829e7ce3ea3762e1e2b0292
|
|
This CL merges all RBE-specific configuration from .bazelrc_rbe into .bazelrc
so that it will be picked up by default by users running bazel.
It also checks in a bazelrc from the upstream bazel-toolchains repository, and
imports that into our repo-specific .bazelrc. This makes it easier to maintain
and update the bazelrc going forward.
Documentation was added to the README.
PiperOrigin-RevId: 242208733
Change-Id: Iea32de9be85b024bd74f88909b56b2a8ab34851a
|
|
It isn't required with a new vm image.
PiperOrigin-RevId: 237915203
Change-Id: I813e7f1801d0766cec598413718e5ddd4c3d8cdf
|
|
* open_create_test_runsc_ptrace_shared doesn't expect the write access to /
* exec_test_runsc_ptrace_shared could not find /usr/share/zoneinfo/
* clock_gettime_test_runsc_ptrace_shared didn't expect that
a thread cpu time can be zero.
* affinity_test_runsc_ptrace_shared expected minimum 3 cpus
PiperOrigin-RevId: 237509429
Change-Id: I477937e5d2cdf3f8720836bfa972abd35d8220a3
|
|
There is no need to run the simple tests with RBE.
PiperOrigin-RevId: 236682573
Change-Id: I6c7fa25a33ef5e4d0b2cc2badc12ff9e1a70f015
|
|
Remove allocation from vCPU.die() to save stack space.
Closes #131
PiperOrigin-RevId: 236238102
Change-Id: Iafca27a1a3a472d4cb11dcda9a2060e585139d11
|
|
We need to update the package lists, otherwise apt-get
install can request an old package which has been
removed from repositories.
PiperOrigin-RevId: 233879031
Change-Id: I2e1b3afd9d01008f774f10efd8852fd3f5e1c882
|
|
PiperOrigin-RevId: 233458853
Change-Id: I92c734b8075aa31e040fe7b4770bcf608e271e7a
|
|
We no longer need to depend on master, since v1.2.2 contains a commit to work
around "malformed input path" bug:
https://github.com/containerd/containerd/commit/27c6449c2c50f7e66076a4186e81aa3167e0dd5a
PiperOrigin-RevId: 229790405
Change-Id: Ia93b66959e6433bf096d6742be6064c1d7ed8b18
|
|
We now build all packages (including //test/...) with RBE as part of the Kokoro
presubmit.
The tests do not yet use RBE, because there are some failures. The Golang unit,
integration, and image tests still run locally.
The syscall test suite needs even more work to make it pass on RBE. Those will
be enabled in follow-up CLs. They currently are not enabled at all on Kokoro.
PiperOrigin-RevId: 226562208
Change-Id: Idd2b81b3e8f07bf300c77e68990493ba97d16e23
|
|
PiperOrigin-RevId: 226552586
Change-Id: I078502d46e2e4a8252ef0477309af8d3ffbbf88d
|
|
PiperOrigin-RevId: 225883292
Change-Id: I7e7f139d5865914c51866ea1d23220fcf221748c
|