Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test/e2e: track the libvirt tests failing with cri-o #2100

Open
wainersm opened this issue Oct 8, 2024 · 1 comment
Open

test/e2e: track the libvirt tests failing with cri-o #2100

wainersm opened this issue Oct 8, 2024 · 1 comment
Labels
bug Something isn't working e2e-test

Comments

@wainersm
Copy link
Member

wainersm commented Oct 8, 2024

Describe the bug

An outcome of #2068 (issue #1981) is the following tests failing:

TestLibvirtCreatePeerPodContainerWithExternalIPAccess
TestLibvirtPodToServiceCommunication
TestLibvirtPodsMTLSCommunication

TestLibvirtPodToServiceCommunication and TestLibvirtPodsMTLSCommunication fail with the same symptom: cannot access a service by name from within the container. Both are client/server test case style.

The TestLibvirtCreatePeerPodContainerWithExternalIPAccess fail because from the container it's not able to resolve the www.google.com address.

Worth noting:

  1. @littlejawa was able to pass TestLibvirtPodToServiceCommunication on OCP 4.17 with OSC 1.17. It might indicate a problem on kubernetes setup on our e2e tests for libvirt, that leverages kcli
  2. TestLibvirtPodToServiceCommunication, TestLibvirtPodsMTLSCommunication and TestLibvirtCreatePeerPodContainerWithExternalIPAccess fail on CI (running on github actions) even with containerd; however they pass when running on dev's workstation. Unlikely, with CRI-O, it fails on both scenarios.

How to reproduce

N/A

CoCo version information

N/A

What TEE are you seeing the problem on

None

Failing command and relevant log output

No response
@wainersm wainersm added bug Something isn't working e2e-test labels Oct 8, 2024
@wainersm wainersm mentioned this issue Oct 8, 2024
Open
wainersm added a commit to wainersm/cc-cloud-api-adaptor that referenced this issue Oct 8, 2024
@wainersm
test/e2e: skip libvirt tests for CRI-O
711ee01 
These test are already skipped on CI, also disabled them when running
locally because they fail.

Related-to: confidential-containers#2100
Signed-off-by: Wainer dos Santos Moschetta <[email protected]>
@littlejawa
Copy link

Adding some more information on TestLibvirtPodToServiceCommunication:

I was able to reproduce the issue using kcli to run a cluster with cri-o, and using runc as the runtime.
As you mentioned, the test pass on OCP, and it passes on a K8S cluster using containerd as the engine. So this is something that kcli misses when setting up cri-o. I've raised the question with the maintainer of kcli, and with people on the cri-o side, to understand what's wrong in the cluster setup. I will continue digging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working e2e-test
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@littlejawa @wainersm