tests: add a runc based test

Submitted by Adrian Reber on July 5, 2018, 5:32 p.m.

Details

Message ID 1530811932-15643-1-git-send-email-adrian@lisas.de
State New
Series "tests: add a runc based test"
Headers show

Commit Message

Adrian Reber July 5, 2018, 5:32 p.m.
From: Adrian Reber <areber@redhat.com>

Using runc with CRIU does currently not work if /tmp is read-only.

To detect runc breakage earlier this introduces a runc based CRIU
test. It can be run standalone:

 # make -C test/others/runc run

and requires runc to be installed locally. It is also run by travis.

Currently, to let the test pass, the runc container is running with
a read-write root file system. This should be changed to read-only once
CRIU has been fixed to work like it used to before 3.8.

Related: #520

Signed-off-by: Adrian Reber <areber@redhat.com>
---
 .travis.yml               |   2 +
 scripts/travis/Makefile   |   6 +++
 test/others/runc/Makefile |   9 ++++
 test/others/runc/run.sh   | 102 ++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 119 insertions(+)
 create mode 100644 test/others/runc/Makefile
 create mode 100755 test/others/runc/run.sh

Patch hide | download patch | download mbox

diff --git a/.travis.yml b/.travis.yml
index 1afc394..07e0351 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -20,6 +20,7 @@  env:
   - TR_ARCH=ppc64le     CLANG=1
   - TR_ARCH=alpine      CLANG=1
   - TR_ARCH=docker-test
+  - TR_ARCH=runc-test
   - TR_ARCH=fedora-rawhide
   - TR_ARCH=fedora-rawhide-aarch64
   - TR_ARCH=phaul-test
@@ -28,6 +29,7 @@  env:
 matrix:
   allow_failures:
     - env: TR_ARCH=docker-test
+    - env: TR_ARCH=runc-test
     - env: TR_ARCH=fedora-rawhide
     - env: TR_ARCH=fedora-rawhide-aarch64
     - env: TR_ARCH=s390x
diff --git a/scripts/travis/Makefile b/scripts/travis/Makefile
index 52c1838..5c294ce 100644
--- a/scripts/travis/Makefile
+++ b/scripts/travis/Makefile
@@ -37,5 +37,11 @@  phaul-test:
 docker-test:
 	./docker-test.sh
 
+runc-test:
+	SKIP_TRAVIS_TEST=1 ./travis-tests
+	curl -o runc -sSL https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
+	install -D -m0755 runc /usr/local/sbin/runc
+	$(MAKE) -C ../../test/others/runc run
+
 %:
 	$(MAKE) -C ../build $@$(target-suffix)
diff --git a/test/others/runc/Makefile b/test/others/runc/Makefile
new file mode 100644
index 0000000..6040e8e
--- /dev/null
+++ b/test/others/runc/Makefile
@@ -0,0 +1,9 @@ 
+
+
+run:
+	./run.sh
+.PHONY: run
+
+clean:
+	rm -f test
+.PHONY: clean
diff --git a/test/others/runc/run.sh b/test/others/runc/run.sh
new file mode 100755
index 0000000..7f85a2f
--- /dev/null
+++ b/test/others/runc/run.sh
@@ -0,0 +1,102 @@ 
+#!/bin/bash
+
+if [ `uname -m` != "x86_64" ]; then
+	echo "runc test only works on x86_64. Exiting."
+	exit 0
+fi
+
+BUSYBOX='https://github.com/docker-library/busybox/raw/a0558a9006ce0dd6f6ec5d56cfd3f32ebeeb815f/glibc/busybox.tar.xz'
+
+TMPDIR=${TMPDIR:-/tmp}
+BUSYBOX_DEST=${TMPDIR}/busybox.tar
+
+TEST_DIR=`mktemp -d`
+
+CT_NAME=`basename ${TEST_DIR}`
+
+RUNC="runc --criu `pwd`/../../../criu/criu"
+
+trap 'rm -fr ${TEST_DIR}' EXIT
+
+restore() {
+	echo "Restoring runc container #$i"
+	${RUNC} restore --work-path . -d ${CT_NAME}
+	if [ $?  -ne 0 ]; then
+		echo "Restoring runc container failed."
+		tail restore.log
+		echo "Aborting."
+		exit 1
+	fi
+
+	${RUNC} list
+	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
+	if [ $?  -ne 0 ]; then
+		echo "runc container not running. Aborting."
+		exit 1
+	fi
+}
+
+cleanup() {
+	echo "Cleaning up #$i"
+	${RUNC} kill ${CT_NAME} 9 --all
+	while `${RUNC} list | grep -e "^${CT_NAME}.*running*" -q`; do sleep 0.1; done
+	${RUNC} delete ${CT_NAME}
+	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
+	if [ $?  -eq 0 ]; then
+		echo "runc container still running. Aborting."
+		exit 1
+	fi
+	${RUNC} list
+}
+
+if [ ! -e ${BUSYBOX_DEST} ]; then
+	echo "Downloading busybox"
+	curl -o ${BUSYBOX_DEST} -sSL ${BUSYBOX}
+fi
+
+mkdir -p ${TEST_DIR}/rootfs
+tar --exclude './dev/*' -C ${TEST_DIR}/rootfs -xf ${BUSYBOX_DEST}
+
+cd ${TEST_DIR}
+echo "Creating config.json"
+${RUNC} spec
+sed -i 's;"sh";"sh", "-c", "sleep 2000";' config.json
+sed -i 's;"terminal": true,;"terminal": false,;' config.json
+
+# This should not be necessary, but CRIU is broken
+sed -i 's;"readonly": true;"readonly": false;' config.json
+
+for i in `seq 50`; do
+	echo "Starting runc container #$i"
+	${RUNC} run ${CT_NAME} -d &> /dev/null < /dev/null
+	if [ $?  -ne 0 ]; then
+		echo "Starting runc container failed. Aborting."
+		exit 1
+	fi
+	${RUNC} list
+	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
+	if [ $?  -ne 0 ]; then
+		echo "runc container not running. Aborting."
+		exit 1
+	fi
+
+	echo "Checkpointing runc container #$i"
+	${RUNC} checkpoint --work-path . ${CT_NAME}
+	if [ $?  -ne 0 ]; then
+		echo "checkpointing runc container failed."
+		tail dump.log
+		echo "Aborting."
+		exit 1
+	fi
+	${RUNC} list
+	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
+	if [ $?  -eq 0 ]; then
+		echo "runc container still running. Aborting."
+		exit 1
+	fi
+
+	restore
+	cleanup
+	restore
+	cleanup
+done

Comments

Andrey Vagin July 10, 2018, 10:24 p.m.
On Thu, Jul 05, 2018 at 05:32:12PM +0000, Adrian Reber wrote:
> From: Adrian Reber <areber@redhat.com>
> 
> Using runc with CRIU does currently not work if /tmp is read-only.
> 
> To detect runc breakage earlier this introduces a runc based CRIU
> test. It can be run standalone:
> 
>  # make -C test/others/runc run
> 
> and requires runc to be installed locally. It is also run by travis.
> 
> Currently, to let the test pass, the runc container is running with
> a read-write root file system. This should be changed to read-only once
> CRIU has been fixed to work like it used to before 3.8.
> 
> Related: #520
> 
> Signed-off-by: Adrian Reber <areber@redhat.com>
> ---
>  .travis.yml               |   2 +
>  scripts/travis/Makefile   |   6 +++
>  test/others/runc/Makefile |   9 ++++
>  test/others/runc/run.sh   | 102 ++++++++++++++++++++++++++++++++++++++++++++++
>  4 files changed, 119 insertions(+)
>  create mode 100644 test/others/runc/Makefile
>  create mode 100755 test/others/runc/run.sh
> 
> diff --git a/.travis.yml b/.travis.yml
> index 1afc394..07e0351 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -20,6 +20,7 @@ env:
>    - TR_ARCH=ppc64le     CLANG=1
>    - TR_ARCH=alpine      CLANG=1
>    - TR_ARCH=docker-test
> +  - TR_ARCH=runc-test
>    - TR_ARCH=fedora-rawhide
>    - TR_ARCH=fedora-rawhide-aarch64
>    - TR_ARCH=phaul-test
> @@ -28,6 +29,7 @@ env:
>  matrix:
>    allow_failures:
>      - env: TR_ARCH=docker-test
> +    - env: TR_ARCH=runc-test

Why is it allowed to fail?

>      - env: TR_ARCH=fedora-rawhide
>      - env: TR_ARCH=fedora-rawhide-aarch64
>      - env: TR_ARCH=s390x
> diff --git a/scripts/travis/Makefile b/scripts/travis/Makefile
> index 52c1838..5c294ce 100644
> --- a/scripts/travis/Makefile
> +++ b/scripts/travis/Makefile
> @@ -37,5 +37,11 @@ phaul-test:
>  docker-test:
>  	./docker-test.sh
>  
> +runc-test:
> +	SKIP_TRAVIS_TEST=1 ./travis-tests
> +	curl -o runc -sSL https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
> +	install -D -m0755 runc /usr/local/sbin/runc
> +	$(MAKE) -C ../../test/others/runc run
> +
>  %:
>  	$(MAKE) -C ../build $@$(target-suffix)
> diff --git a/test/others/runc/Makefile b/test/others/runc/Makefile
> new file mode 100644
> index 0000000..6040e8e
> --- /dev/null
> +++ b/test/others/runc/Makefile
> @@ -0,0 +1,9 @@
> +
> +
> +run:
> +	./run.sh
> +.PHONY: run
> +
> +clean:
> +	rm -f test
> +.PHONY: clean
> diff --git a/test/others/runc/run.sh b/test/others/runc/run.sh
> new file mode 100755
> index 0000000..7f85a2f
> --- /dev/null
> +++ b/test/others/runc/run.sh
> @@ -0,0 +1,102 @@
> +#!/bin/bash
> +
> +if [ `uname -m` != "x86_64" ]; then
> +	echo "runc test only works on x86_64. Exiting."
> +	exit 0
> +fi
> +
> +BUSYBOX='https://github.com/docker-library/busybox/raw/a0558a9006ce0dd6f6ec5d56cfd3f32ebeeb815f/glibc/busybox.tar.xz'
> +
> +TMPDIR=${TMPDIR:-/tmp}
> +BUSYBOX_DEST=${TMPDIR}/busybox.tar
> +
> +TEST_DIR=`mktemp -d`
> +
> +CT_NAME=`basename ${TEST_DIR}`
> +
> +RUNC="runc --criu `pwd`/../../../criu/criu"
> +
> +trap 'rm -fr ${TEST_DIR}' EXIT
> +
> +restore() {
> +	echo "Restoring runc container #$i"
> +	${RUNC} restore --work-path . -d ${CT_NAME}
> +	if [ $?  -ne 0 ]; then
> +		echo "Restoring runc container failed."
> +		tail restore.log
> +		echo "Aborting."
> +		exit 1
> +	fi
> +
> +	${RUNC} list
> +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> +	if [ $?  -ne 0 ]; then
> +		echo "runc container not running. Aborting."
> +		exit 1
> +	fi
> +}
> +
> +cleanup() {
> +	echo "Cleaning up #$i"
> +	${RUNC} kill ${CT_NAME} 9 --all
> +	while `${RUNC} list | grep -e "^${CT_NAME}.*running*" -q`; do sleep 0.1; done
> +	${RUNC} delete ${CT_NAME}
> +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> +	if [ $?  -eq 0 ]; then
> +		echo "runc container still running. Aborting."
> +		exit 1
> +	fi
> +	${RUNC} list
> +}
> +
> +if [ ! -e ${BUSYBOX_DEST} ]; then
> +	echo "Downloading busybox"
> +	curl -o ${BUSYBOX_DEST} -sSL ${BUSYBOX}
> +fi
> +
> +mkdir -p ${TEST_DIR}/rootfs
> +tar --exclude './dev/*' -C ${TEST_DIR}/rootfs -xf ${BUSYBOX_DEST}
> +
> +cd ${TEST_DIR}
> +echo "Creating config.json"
> +${RUNC} spec
> +sed -i 's;"sh";"sh", "-c", "sleep 2000";' config.json
> +sed -i 's;"terminal": true,;"terminal": false,;' config.json

It is not required. "runc checkpoint" can checkpoint a container with
terminal

> +
> +# This should not be necessary, but CRIU is broken

How is it broken? We have to fix this. Please file a bug.

> +sed -i 's;"readonly": true;"readonly": false;' config.json
> +
> +for i in `seq 50`; do

RunC has tests to check C/R, maybe we can reuse them instread of
creating a new one?


> +	echo "Starting runc container #$i"
> +	${RUNC} run ${CT_NAME} -d &> /dev/null < /dev/null
> +	if [ $?  -ne 0 ]; then
> +		echo "Starting runc container failed. Aborting."
> +		exit 1
> +	fi
> +	${RUNC} list
> +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> +	if [ $?  -ne 0 ]; then
> +		echo "runc container not running. Aborting."
> +		exit 1
> +	fi
> +
> +	echo "Checkpointing runc container #$i"
> +	${RUNC} checkpoint --work-path . ${CT_NAME}
> +	if [ $?  -ne 0 ]; then
> +		echo "checkpointing runc container failed."
> +		tail dump.log
> +		echo "Aborting."
> +		exit 1
> +	fi
> +	${RUNC} list
> +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> +	if [ $?  -eq 0 ]; then
> +		echo "runc container still running. Aborting."
> +		exit 1
> +	fi
> +
> +	restore
> +	cleanup
> +	restore
> +	cleanup
> +done
> -- 
> 1.8.3.1
>
Adrian Reber July 11, 2018, 5:24 a.m.
On Tue, Jul 10, 2018 at 03:24:15PM -0700, Andrei Vagin wrote:
> On Thu, Jul 05, 2018 at 05:32:12PM +0000, Adrian Reber wrote:
> > From: Adrian Reber <areber@redhat.com>
> > 
> > Using runc with CRIU does currently not work if /tmp is read-only.
> > 
> > To detect runc breakage earlier this introduces a runc based CRIU
> > test. It can be run standalone:
> > 
> >  # make -C test/others/runc run
> > 
> > and requires runc to be installed locally. It is also run by travis.
> > 
> > Currently, to let the test pass, the runc container is running with
> > a read-write root file system. This should be changed to read-only once
> > CRIU has been fixed to work like it used to before 3.8.
> > 
> > Related: #520
> > 
> > Signed-off-by: Adrian Reber <areber@redhat.com>
> > ---
> >  .travis.yml               |   2 +
> >  scripts/travis/Makefile   |   6 +++
> >  test/others/runc/Makefile |   9 ++++
> >  test/others/runc/run.sh   | 102 ++++++++++++++++++++++++++++++++++++++++++++++
> >  4 files changed, 119 insertions(+)
> >  create mode 100644 test/others/runc/Makefile
> >  create mode 100755 test/others/runc/run.sh
> > 
> > diff --git a/.travis.yml b/.travis.yml
> > index 1afc394..07e0351 100644
> > --- a/.travis.yml
> > +++ b/.travis.yml
> > @@ -20,6 +20,7 @@ env:
> >    - TR_ARCH=ppc64le     CLANG=1
> >    - TR_ARCH=alpine      CLANG=1
> >    - TR_ARCH=docker-test
> > +  - TR_ARCH=runc-test
> >    - TR_ARCH=fedora-rawhide
> >    - TR_ARCH=fedora-rawhide-aarch64
> >    - TR_ARCH=phaul-test
> > @@ -28,6 +29,7 @@ env:
> >  matrix:
> >    allow_failures:
> >      - env: TR_ARCH=docker-test
> > +    - env: TR_ARCH=runc-test
> 
> Why is it allowed to fail?

I was just following the docker-test.

> >      - env: TR_ARCH=fedora-rawhide
> >      - env: TR_ARCH=fedora-rawhide-aarch64
> >      - env: TR_ARCH=s390x
> > diff --git a/scripts/travis/Makefile b/scripts/travis/Makefile
> > index 52c1838..5c294ce 100644
> > --- a/scripts/travis/Makefile
> > +++ b/scripts/travis/Makefile
> > @@ -37,5 +37,11 @@ phaul-test:
> >  docker-test:
> >  	./docker-test.sh
> >  
> > +runc-test:
> > +	SKIP_TRAVIS_TEST=1 ./travis-tests
> > +	curl -o runc -sSL https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
> > +	install -D -m0755 runc /usr/local/sbin/runc
> > +	$(MAKE) -C ../../test/others/runc run
> > +
> >  %:
> >  	$(MAKE) -C ../build $@$(target-suffix)
> > diff --git a/test/others/runc/Makefile b/test/others/runc/Makefile
> > new file mode 100644
> > index 0000000..6040e8e
> > --- /dev/null
> > +++ b/test/others/runc/Makefile
> > @@ -0,0 +1,9 @@
> > +
> > +
> > +run:
> > +	./run.sh
> > +.PHONY: run
> > +
> > +clean:
> > +	rm -f test
> > +.PHONY: clean
> > diff --git a/test/others/runc/run.sh b/test/others/runc/run.sh
> > new file mode 100755
> > index 0000000..7f85a2f
> > --- /dev/null
> > +++ b/test/others/runc/run.sh
> > @@ -0,0 +1,102 @@
> > +#!/bin/bash
> > +
> > +if [ `uname -m` != "x86_64" ]; then
> > +	echo "runc test only works on x86_64. Exiting."
> > +	exit 0
> > +fi
> > +
> > +BUSYBOX='https://github.com/docker-library/busybox/raw/a0558a9006ce0dd6f6ec5d56cfd3f32ebeeb815f/glibc/busybox.tar.xz'
> > +
> > +TMPDIR=${TMPDIR:-/tmp}
> > +BUSYBOX_DEST=${TMPDIR}/busybox.tar
> > +
> > +TEST_DIR=`mktemp -d`
> > +
> > +CT_NAME=`basename ${TEST_DIR}`
> > +
> > +RUNC="runc --criu `pwd`/../../../criu/criu"
> > +
> > +trap 'rm -fr ${TEST_DIR}' EXIT
> > +
> > +restore() {
> > +	echo "Restoring runc container #$i"
> > +	${RUNC} restore --work-path . -d ${CT_NAME}
> > +	if [ $?  -ne 0 ]; then
> > +		echo "Restoring runc container failed."
> > +		tail restore.log
> > +		echo "Aborting."
> > +		exit 1
> > +	fi
> > +
> > +	${RUNC} list
> > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > +	if [ $?  -ne 0 ]; then
> > +		echo "runc container not running. Aborting."
> > +		exit 1
> > +	fi
> > +}
> > +
> > +cleanup() {
> > +	echo "Cleaning up #$i"
> > +	${RUNC} kill ${CT_NAME} 9 --all
> > +	while `${RUNC} list | grep -e "^${CT_NAME}.*running*" -q`; do sleep 0.1; done
> > +	${RUNC} delete ${CT_NAME}
> > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > +	if [ $?  -eq 0 ]; then
> > +		echo "runc container still running. Aborting."
> > +		exit 1
> > +	fi
> > +	${RUNC} list
> > +}
> > +
> > +if [ ! -e ${BUSYBOX_DEST} ]; then
> > +	echo "Downloading busybox"
> > +	curl -o ${BUSYBOX_DEST} -sSL ${BUSYBOX}
> > +fi
> > +
> > +mkdir -p ${TEST_DIR}/rootfs
> > +tar --exclude './dev/*' -C ${TEST_DIR}/rootfs -xf ${BUSYBOX_DEST}
> > +
> > +cd ${TEST_DIR}
> > +echo "Creating config.json"
> > +${RUNC} spec
> > +sed -i 's;"sh";"sh", "-c", "sleep 2000";' config.json
> > +sed -i 's;"terminal": true,;"terminal": false,;' config.json
> 
> It is not required. "runc checkpoint" can checkpoint a container with
> terminal

Just as it is? Or do I need to use --console-socket?

I did not work for me without --console-socket.

> > +
> > +# This should not be necessary, but CRIU is broken
> 
> How is it broken? We have to fix this. Please file a bug.

https://github.com/checkpoint-restore/criu/issues/520

> > +sed -i 's;"readonly": true;"readonly": false;' config.json
> > +
> > +for i in `seq 50`; do
> 
> RunC has tests to check C/R, maybe we can reuse them instread of
> creating a new one?

I am actually just repeating what the runc test suite is doing. But all
their tests are bats based and we could pull it in, but for a simple
check if runc is working with the latest CRIU it felt enough to just use
a simple shell script. It would, however, not be as simple as just
including checkpoint.bats from runc as we would need to require some of
their bats infrastructure. It is doable.

> > +	echo "Starting runc container #$i"
> > +	${RUNC} run ${CT_NAME} -d &> /dev/null < /dev/null
> > +	if [ $?  -ne 0 ]; then
> > +		echo "Starting runc container failed. Aborting."
> > +		exit 1
> > +	fi
> > +	${RUNC} list
> > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > +	if [ $?  -ne 0 ]; then
> > +		echo "runc container not running. Aborting."
> > +		exit 1
> > +	fi
> > +
> > +	echo "Checkpointing runc container #$i"
> > +	${RUNC} checkpoint --work-path . ${CT_NAME}
> > +	if [ $?  -ne 0 ]; then
> > +		echo "checkpointing runc container failed."
> > +		tail dump.log
> > +		echo "Aborting."
> > +		exit 1
> > +	fi
> > +	${RUNC} list
> > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > +	if [ $?  -eq 0 ]; then
> > +		echo "runc container still running. Aborting."
> > +		exit 1
> > +	fi
> > +
> > +	restore
> > +	cleanup
> > +	restore
> > +	cleanup
> > +done
> > -- 
> > 1.8.3.1
> >
Andrey Vagin July 11, 2018, 6:12 a.m.
On Wed, Jul 11, 2018 at 07:24:18AM +0200, Adrian Reber wrote:
> On Tue, Jul 10, 2018 at 03:24:15PM -0700, Andrei Vagin wrote:
> > On Thu, Jul 05, 2018 at 05:32:12PM +0000, Adrian Reber wrote:
> > > From: Adrian Reber <areber@redhat.com>
> > > 
> > > Using runc with CRIU does currently not work if /tmp is read-only.
> > > 
> > > To detect runc breakage earlier this introduces a runc based CRIU
> > > test. It can be run standalone:
> > > 
> > >  # make -C test/others/runc run
> > > 
> > > and requires runc to be installed locally. It is also run by travis.
> > > 
> > > Currently, to let the test pass, the runc container is running with
> > > a read-write root file system. This should be changed to read-only once
> > > CRIU has been fixed to work like it used to before 3.8.
> > > 
> > > Related: #520
> > > 
> > > Signed-off-by: Adrian Reber <areber@redhat.com>
> > > ---
> > >  .travis.yml               |   2 +
> > >  scripts/travis/Makefile   |   6 +++
> > >  test/others/runc/Makefile |   9 ++++
> > >  test/others/runc/run.sh   | 102 ++++++++++++++++++++++++++++++++++++++++++++++
> > >  4 files changed, 119 insertions(+)
> > >  create mode 100644 test/others/runc/Makefile
> > >  create mode 100755 test/others/runc/run.sh
> > > 
> > > diff --git a/.travis.yml b/.travis.yml
> > > index 1afc394..07e0351 100644
> > > --- a/.travis.yml
> > > +++ b/.travis.yml
> > > @@ -20,6 +20,7 @@ env:
> > >    - TR_ARCH=ppc64le     CLANG=1
> > >    - TR_ARCH=alpine      CLANG=1
> > >    - TR_ARCH=docker-test
> > > +  - TR_ARCH=runc-test
> > >    - TR_ARCH=fedora-rawhide
> > >    - TR_ARCH=fedora-rawhide-aarch64
> > >    - TR_ARCH=phaul-test
> > > @@ -28,6 +29,7 @@ env:
> > >  matrix:
> > >    allow_failures:
> > >      - env: TR_ARCH=docker-test
> > > +    - env: TR_ARCH=runc-test
> > 
> > Why is it allowed to fail?
> 
> I was just following the docker-test.

Let's look how stable it will be. If it will be unstable, we will add it
to this list.

> 
> > >      - env: TR_ARCH=fedora-rawhide
> > >      - env: TR_ARCH=fedora-rawhide-aarch64
> > >      - env: TR_ARCH=s390x
> > > diff --git a/scripts/travis/Makefile b/scripts/travis/Makefile
> > > index 52c1838..5c294ce 100644
> > > --- a/scripts/travis/Makefile
> > > +++ b/scripts/travis/Makefile
> > > @@ -37,5 +37,11 @@ phaul-test:
> > >  docker-test:
> > >  	./docker-test.sh
> > >  
> > > +runc-test:
> > > +	SKIP_TRAVIS_TEST=1 ./travis-tests
> > > +	curl -o runc -sSL https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64
> > > +	install -D -m0755 runc /usr/local/sbin/runc
> > > +	$(MAKE) -C ../../test/others/runc run
> > > +
> > >  %:
> > >  	$(MAKE) -C ../build $@$(target-suffix)
> > > diff --git a/test/others/runc/Makefile b/test/others/runc/Makefile
> > > new file mode 100644
> > > index 0000000..6040e8e
> > > --- /dev/null
> > > +++ b/test/others/runc/Makefile
> > > @@ -0,0 +1,9 @@
> > > +
> > > +
> > > +run:
> > > +	./run.sh
> > > +.PHONY: run
> > > +
> > > +clean:
> > > +	rm -f test
> > > +.PHONY: clean
> > > diff --git a/test/others/runc/run.sh b/test/others/runc/run.sh
> > > new file mode 100755
> > > index 0000000..7f85a2f
> > > --- /dev/null
> > > +++ b/test/others/runc/run.sh
> > > @@ -0,0 +1,102 @@
> > > +#!/bin/bash
> > > +
> > > +if [ `uname -m` != "x86_64" ]; then
> > > +	echo "runc test only works on x86_64. Exiting."
> > > +	exit 0
> > > +fi
> > > +
> > > +BUSYBOX='https://github.com/docker-library/busybox/raw/a0558a9006ce0dd6f6ec5d56cfd3f32ebeeb815f/glibc/busybox.tar.xz'
> > > +
> > > +TMPDIR=${TMPDIR:-/tmp}
> > > +BUSYBOX_DEST=${TMPDIR}/busybox.tar
> > > +
> > > +TEST_DIR=`mktemp -d`
> > > +
> > > +CT_NAME=`basename ${TEST_DIR}`
> > > +
> > > +RUNC="runc --criu `pwd`/../../../criu/criu"
> > > +
> > > +trap 'rm -fr ${TEST_DIR}' EXIT
> > > +
> > > +restore() {
> > > +	echo "Restoring runc container #$i"
> > > +	${RUNC} restore --work-path . -d ${CT_NAME}
> > > +	if [ $?  -ne 0 ]; then
> > > +		echo "Restoring runc container failed."
> > > +		tail restore.log
> > > +		echo "Aborting."
> > > +		exit 1
> > > +	fi
> > > +
> > > +	${RUNC} list
> > > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > > +	if [ $?  -ne 0 ]; then
> > > +		echo "runc container not running. Aborting."
> > > +		exit 1
> > > +	fi
> > > +}
> > > +
> > > +cleanup() {
> > > +	echo "Cleaning up #$i"
> > > +	${RUNC} kill ${CT_NAME} 9 --all
> > > +	while `${RUNC} list | grep -e "^${CT_NAME}.*running*" -q`; do sleep 0.1; done
> > > +	${RUNC} delete ${CT_NAME}
> > > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > > +	if [ $?  -eq 0 ]; then
> > > +		echo "runc container still running. Aborting."
> > > +		exit 1
> > > +	fi
> > > +	${RUNC} list
> > > +}
> > > +
> > > +if [ ! -e ${BUSYBOX_DEST} ]; then
> > > +	echo "Downloading busybox"
> > > +	curl -o ${BUSYBOX_DEST} -sSL ${BUSYBOX}
> > > +fi
> > > +
> > > +mkdir -p ${TEST_DIR}/rootfs
> > > +tar --exclude './dev/*' -C ${TEST_DIR}/rootfs -xf ${BUSYBOX_DEST}
> > > +
> > > +cd ${TEST_DIR}
> > > +echo "Creating config.json"
> > > +${RUNC} spec
> > > +sed -i 's;"sh";"sh", "-c", "sleep 2000";' config.json
> > > +sed -i 's;"terminal": true,;"terminal": false,;' config.json
> > 
> > It is not required. "runc checkpoint" can checkpoint a container with
> > terminal
> 
> Just as it is? Or do I need to use --console-socket?
> 
> I did not work for me without --console-socket.

I don't remember details, there is a test to check this in the runc test
suite

> 
> > > +
> > > +# This should not be necessary, but CRIU is broken
> > 
> > How is it broken? We have to fix this. Please file a bug.
> 
> https://github.com/checkpoint-restore/criu/issues/520
> 
> > > +sed -i 's;"readonly": true;"readonly": false;' config.json
> > > +
> > > +for i in `seq 50`; do
> > 
> > RunC has tests to check C/R, maybe we can reuse them instread of
> > creating a new one?
> 
> I am actually just repeating what the runc test suite is doing. But all
> their tests are bats based and we could pull it in, but for a simple
> check if runc is working with the latest CRIU it felt enough to just use
> a simple shell script. It would, however, not be as simple as just
> including checkpoint.bats from runc as we would need to require some of
> their bats infrastructure. It is doable.

Could you try to run checkpoint.bats? I think it should not be hard.
There are good tests, which cover all supported features.

You don't need to move checkpoint.bats into our repo, you can clone the
runc tree.

If it would require a lot of things, I agree to have a simple script
like this one.

> 
> > > +	echo "Starting runc container #$i"
> > > +	${RUNC} run ${CT_NAME} -d &> /dev/null < /dev/null
> > > +	if [ $?  -ne 0 ]; then
> > > +		echo "Starting runc container failed. Aborting."
> > > +		exit 1
> > > +	fi
> > > +	${RUNC} list
> > > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > > +	if [ $?  -ne 0 ]; then
> > > +		echo "runc container not running. Aborting."
> > > +		exit 1
> > > +	fi
> > > +
> > > +	echo "Checkpointing runc container #$i"
> > > +	${RUNC} checkpoint --work-path . ${CT_NAME}
> > > +	if [ $?  -ne 0 ]; then
> > > +		echo "checkpointing runc container failed."
> > > +		tail dump.log
> > > +		echo "Aborting."
> > > +		exit 1
> > > +	fi
> > > +	${RUNC} list
> > > +	${RUNC} list | grep -e "^${CT_NAME}.*running.*" -q
> > > +	if [ $?  -eq 0 ]; then
> > > +		echo "runc container still running. Aborting."
> > > +		exit 1
> > > +	fi
> > > +
> > > +	restore
> > > +	cleanup
> > > +	restore
> > > +	cleanup
> > > +done
> > > -- 
> > > 1.8.3.1
> > >
Adrian Reber July 11, 2018, 1 p.m.
On Tue, Jul 10, 2018 at 11:12:12PM -0700, Andrei Vagin wrote:
[...]
> > > RunC has tests to check C/R, maybe we can reuse them instread of
> > > creating a new one?
> > 
> > I am actually just repeating what the runc test suite is doing. But all
> > their tests are bats based and we could pull it in, but for a simple
> > check if runc is working with the latest CRIU it felt enough to just use
> > a simple shell script. It would, however, not be as simple as just
> > including checkpoint.bats from runc as we would need to require some of
> > their bats infrastructure. It is doable.
> 
> Could you try to run checkpoint.bats? I think it should not be hard.
> There are good tests, which cover all supported features.
> 
> You don't need to move checkpoint.bats into our repo, you can clone the
> runc tree.

Good point, I was checking out runc before but I had trouble building
runc in our travis setup, but checking out runc and using just the criu
related tests sounds like a good idea. I will try that.

		Adrian