From 4aa40378db36f1b322d59ef8d5880162bd29f882 Mon Sep 17 00:00:00 2001 From: Ram Lavi Date: Wed, 31 Jul 2024 08:58:38 +0300 Subject: [PATCH 1/4] mco: Set OVS links to MACAddressPolicy none Due to a bug [0] in networkManager, when set to MACAddressPolicy=persistent links can get reapplied. This can result with unexpected behaviors like the node getting a new IP lease from DHCP. In order to prevent this, changing the MACAddressPolicy to none on ovs links. On newer releases the policy is already set to none [1] so this change will only matter in old releases. [0] https://issues.redhat.com/browse/RHEL-40683 [1] https://fedoraproject.org/wiki/Changes/MAC_Address_Policy_none Signed-off-by: Ram Lavi --- mco_ovs_supervisor.yml.tmpl | 6 ++++++ mco_ovs_workers.yml.tmpl | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/mco_ovs_supervisor.yml.tmpl b/mco_ovs_supervisor.yml.tmpl index b72fc7a..d261972 100644 --- a/mco_ovs_supervisor.yml.tmpl +++ b/mco_ovs_supervisor.yml.tmpl @@ -28,3 +28,9 @@ spec: filesystem: root mode: 484 path: /var/init-interfaces.sh + - contents: + compression: "" + source: data:,%5BMatch%5D%0ADriver%3Dopenvswitch%0A%5BLink%5D%0AMACAddressPolicy%3Dnone%0A + mode: 420 + overwrite: true + path: /etc/systemd/network/50-ovs-mac-policy-none.link diff --git a/mco_ovs_workers.yml.tmpl b/mco_ovs_workers.yml.tmpl index 049979e..470706b 100644 --- a/mco_ovs_workers.yml.tmpl +++ b/mco_ovs_workers.yml.tmpl @@ -28,3 +28,9 @@ spec: filesystem: root mode: 484 path: /var/init-interfaces.sh + - contents: + compression: "" + source: data:,%5BMatch%5D%0ADriver%3Dopenvswitch%0A%5BLink%5D%0AMACAddressPolicy%3Dnone%0A + mode: 420 + overwrite: true + path: /etc/systemd/network/50-ovs-mac-policy-none.link From 2a8b28913e88d5aed982a33cbc73f4b9c01a8a34 Mon Sep 17 00:00:00 2001 From: Ram Lavi Date: Thu, 1 Aug 2024 11:11:41 +0300 Subject: [PATCH 2/4] tests: Bump to run with OCP 4.14 Signed-off-by: Ram Lavi --- tests/test-coreos.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test-coreos.sh b/tests/test-coreos.sh index 8bd77cf..666b7d0 100755 --- a/tests/test-coreos.sh +++ b/tests/test-coreos.sh @@ -3,7 +3,7 @@ set -ex COREOS_ASSEMBLER_REPO_URL=https://github.com/coreos/coreos-assembler.git -OPENSHIFT_VERSION=${OPENSHIFT_VERSION:-"4.13"} +OPENSHIFT_VERSION=${OPENSHIFT_VERSION:-"4.14"} COREOS_ASSEMBLER_REPO_BRANCH=${COREOS_ASSEMBLER_REPO_BRANCH:-"origin/rhcos-${OPENSHIFT_VERSION}"} IMAGE_INSTALLER_BRANCH=${IMAGE_INSTALLER_BRANCH:-"release-${OPENSHIFT_VERSION}"} RHCOS_SLB_TEST_PATH=mantle/kola/tests/misc/network.go From 19b2410180f2fcac2b029c32df26073e6d0ed51a Mon Sep 17 00:00:00 2001 From: Ram Lavi Date: Thu, 1 Aug 2024 11:34:33 +0300 Subject: [PATCH 3/4] tests: Change jq dockerized URL Former container failed to load due to manifest v1 deprecated. Signed-off-by: Ram Lavi --- tests/test-coreos.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/test-coreos.sh b/tests/test-coreos.sh index 666b7d0..20eab41 100755 --- a/tests/test-coreos.sh +++ b/tests/test-coreos.sh @@ -47,7 +47,7 @@ fetch_latest_rhcos_image() { wget -nv -O "${image_path}/${image_menu}" "${image_menu_url}" local image_gz_url - image_gz_url=$(< "${image_path}/${image_menu}" docker run --rm -i stedolan/jq '.architectures.x86_64.artifacts.qemu.formats["qcow2.gz"].disk.location' | tr -d '"') + image_gz_url=$(< "${image_path}/${image_menu}" docker run --rm -i ghcr.io/jqlang/jq:latest '.architectures.x86_64.artifacts.qemu.formats["qcow2.gz"].disk.location' | tr -d '"') if [[ -z "${image_gz_url}" ]]; then echo "failed to get the image.gz name. check url and json path" exit 1 @@ -58,7 +58,7 @@ fetch_latest_rhcos_image() { image_name=${image_gz_name%.gz} local gz_shasum - gz_shasum=$(< "${image_path}/${image_menu}" docker run --rm -i stedolan/jq '.architectures.x86_64.artifacts.qemu.formats["qcow2.gz"].disk.sha256' | tr -d '"') + gz_shasum=$(< "${image_path}/${image_menu}" docker run --rm -i ghcr.io/jqlang/jq:latest '.architectures.x86_64.artifacts.qemu.formats["qcow2.gz"].disk.sha256' | tr -d '"') if [[ -z "${gz_shasum}" ]]; then echo "failed to get the latest image shasum. check url and json path" exit 1 From c0c15d06cd4f9c7ab9b916969cc133f578777d42 Mon Sep 17 00:00:00 2001 From: Ram Lavi Date: Thu, 1 Aug 2024 12:04:19 +0300 Subject: [PATCH 4/4] tests: Fix qemu import Signed-off-by: Ram Lavi --- tests/network.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/network.go b/tests/network.go index da5d2e0..2571c10 100644 --- a/tests/network.go +++ b/tests/network.go @@ -26,7 +26,7 @@ import ( "github.com/coreos/coreos-assembler/mantle/kola/register" "github.com/coreos/coreos-assembler/mantle/platform" "github.com/coreos/coreos-assembler/mantle/platform/conf" - "github.com/coreos/coreos-assembler/mantle/platform/machine/unprivqemu" + "github.com/coreos/coreos-assembler/mantle/platform/machine/qemu" ) func init() { @@ -223,7 +223,7 @@ func setupWithInterfacesTest(c cluster.TestCluster, primaryMac, secondaryMac str // the golang compiler no longer checks that the individual types in the case have the // NewMachineWithQemuOptions function, but rather whether platform.Cluster // does which fails - case *unprivqemu.Cluster: + case *qemu.Cluster: m, err = pc.NewMachineWithQemuOptions(userdata, options) default: panic("unreachable") @@ -467,7 +467,7 @@ func setupMultipleNetworkTest(c cluster.TestCluster, primaryMac, secondaryMac st // the golang compiler no longer checks that the individual types in the case have the // NewMachineWithQemuOptions function, but rather whether platform.Cluster // does which fails - case *unprivqemu.Cluster: + case *qemu.Cluster: m, err = pc.NewMachineWithQemuOptions(userdata, options) default: panic("unreachable")