Add new extension for sandboxed-containers #2456
Conversation
|
/hold |
|
NOTE: As it's right now, this is a test to see whether we can easiler supersede #2376, if needed. |
openshift-ci-robot
added
the
do-not-merge/hold
fidencio
changed the title
fidencio
force-pushed
the
wip/add-sandboxed-containers-extensions
branch
3 times, most recently
from
198e081 to
70b4912
Compare
fidencio
force-pushed
the
wip/add-sandboxed-containers-extensions
branch
from
70b4912 to
d404023
Compare
|
I've updated the PR according to @sinnykumari's review. (thanks!) |
fidencio
force-pushed
the
wip/add-sandboxed-containers-extensions
branch
from
d404023 to
0b06a80
Compare
|
@sinnykumari, as this one supersedes #2376, can we have the 4.8 label added to this one? |
|
/retest |
added 4.8 label. Once you have machine-os-content updated with correct set of packages, let us know in the PR. |
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. Last but not least, I've explicitly mentioned where each dependency is coming from (either advanced-virt, or appstream), so we know all the packages we're dealing with and where those come from. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. Last but not least, I've explicitly mentioned where each dependency is coming from (either advanced-virt, or appstream), so we know all the packages we're dealing with and where those come from. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. Last but not least, I've explicitly mentioned where each dependency is coming from (either advanced-virt, or appstream), so we know all the packages we're dealing with and where those come from. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. Last but not least, I've explicitly mentioned where each dependency is coming from (either advanced-virt, or appstream), so we know all the packages we're dealing with and where those come from. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
fidencio
force-pushed
the
wip/add-sandboxed-containers-extensions
branch
from
0b06a80 to
3625f08
Compare
|
This PR has been updated, and depends on openshift/os#525 (which depends on a downstream PR). |
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. Last but not least, I've explicitly mentioned where each dependency is coming from (either advanced-virt, or appstream), so we know all the packages we're dealing with and where those come from. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
fidencio
force-pushed
the
wip/add-sandboxed-containers-extensions
branch
from
3625f08 to
5d9dbeb
Compare
This reworks af93514 as, since it was merged, a few changes happened in the enhancement proposal and it's been decided to go with a "sandboxed-containers" extensions instead. As the "qemu-kiwi" extension is no longer needed, we're removing it (well, reworking it) and adding the "sandboxed-containers" one instead. The sandboxed-containers extension is added to the MCO with by the following PR: openshift/machine-config-operator#2456 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
|
/retest |
4 similar comments
|
/retest |
|
/retest |
|
/retest |
|
/retest |
sinnykumari
left a comment
sinnykumari
left a comment
There was a problem hiding this comment.
looks clean, thanks for the PR!
/lgtm
openshift-ci-robot
added
lgtm
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: fidencio, JAORMX, sinnykumari The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/test e2e-agnostic-upgrade |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
4 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/test e2e-aws-serial |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
4 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
@fidencio: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
7 participants
- What I did
This adds support for a new RHCOS extension called
"sandboxed-containres". It will install kata-containers and its
dependencies, 9 RPMs with a total size of ~55MB when downloaded, ~150MB
when installed.
It will allow users to run kernel isolated containers via the Sandboxed
Containers operator.
- How to verify it
TBD
- Description for the changelog
Added support for a new RHCOS extension to install
sandboxed-containers.IMPORTANT:
Let me add a big note here that I'm experimenting with the fact of having a kata-containers extension, superseding #2376, and it comes from a suggestion made by @cgwalters while reviewing openshift/enhancements#677 (comment) (also, refer to: https://coreos.slack.com/archives/CK1AE4ZCK/p1614974860056400).
While modifying openshift/enhancements#677 according to the reviewers suggestions, I'm experimenting, I'm trying to have all the pieces together, so we can make the proposal solid and based on work that's either done or close to be done, rather than basing it on what we think that should be done.