github.com/cilium/cilium@v1.16.2/test/Vagrantfile (about) 1 # -*- mode: ruby -*- 2 # vi: set ft=ruby Vagrant.require_version ">= 2.2.0" 3 4 # The source of truth for vagrant box versions. 5 # Sets SERVER_BOX, SERVER_VERSION, NETNEXT_SERVER_BOXET and NEXT_SERVER_VERSION 6 # Accepts overrides from env variables 7 require_relative '../vagrant_box_defaults.rb' 8 $SERVER_BOX = (ENV['SERVER_BOX'] || $SERVER_BOX) 9 $SERVER_VERSION= (ENV['SERVER_VERSION'] || $SERVER_VERSION) 10 $NETNEXT_SERVER_BOX = (ENV['NETNEXT_SERVER_BOX'] || $NETNEXT_SERVER_BOX) 11 $NETNEXT_SERVER_VERSION= (ENV['NETNEXT_SERVER_VERSION'] || $NETNEXT_SERVER_VERSION) 12 13 $BUILD_NUMBER = ENV['BUILD_NUMBER'] || "0" 14 $JOB_NAME = ENV['JOB_BASE_NAME'] || "LOCAL" 15 $K8S_VERSION = ENV['K8S_VERSION'] || "1.30" 16 $K8S_NODES = (ENV['K8S_NODES'] || "2").to_i 17 $NFS = ENV['NFS']=="0"? false : true 18 $NFS_OPTS = (ENV['NFS_OPTS'] || "nolock").split(",") 19 $IPv6=(ENV['IPv6'] || "0") 20 $CONTAINER_RUNTIME=(ENV['CONTAINER_RUNTIME'] || "docker") 21 $CNI_INTEGRATION=(ENV['CNI_INTEGRATION'] || "") 22 $CILIUM_IMAGE = ENV['CILIUM_IMAGE'] || "" 23 $CILIUM_TAG = ENV['CILIUM_TAG'] || "" 24 $CILIUM_OPERATOR_IMAGE = ENV['CILIUM_OPERATOR_IMAGE'] || "" 25 $CILIUM_OPERATOR_TAG = ENV['CILIUM_OPERATOR_TAG'] || "" 26 $HUBBLE_RELAY_IMAGE = ENV['HUBBLE_RELAY_IMAGE'] || "" 27 $HUBBLE_RELAY_TAG = ENV['HUBBLE_RELAY_TAG'] || "" 28 $PRELOAD_VM = ENV['PRELOAD_VM'] || "false" 29 $PROVISION_EXTERNAL_WORKLOAD = ENV['PROVISION_EXTERNAL_WORKLOAD'] || "false" 30 $SKIP_K8S_PROVISION = ENV['SKIP_K8S_PROVISION'] || "false" 31 $NO_CILIUM_ON_NODES = ENV['NO_CILIUM_ON_NODES'] || ENV['NO_CILIUM_ON_NODE'] || "" 32 $KUBEPROXY = (ENV['KUBEPROXY'] || "1") 33 $RACE = ENV['RACE'] || "" 34 $LOCKDEBUG = ENV['LOCKDEBUG'] || "" 35 $BASE_IMAGE = ENV['BASE_IMAGE'] || "" 36 $DOCKER_LOGIN = ENV['DOCKER_LOGIN'] || "" 37 $DOCKER_PASSWORD = ENV['DOCKER_PASSWORD'] || "" 38 $CILIUM_REGISTRY = ENV['CILIUM_REGISTRY'] || "" 39 40 # RAM and CPU settings 41 $MEMORY = (ENV['VM_MEMORY'] || "4096").to_i 42 $CPU = (ENV['VM_CPUS'] || "2").to_i 43 44 if ENV['NETNEXT'] == "true" || ENV['NETNEXT'] == "1" || ENV['KERNEL'] == "net-next" then 45 $SERVER_BOX = $NETNEXT_SERVER_BOX 46 $SERVER_VERSION = $NETNEXT_SERVER_VERSION 47 elsif ENV['KERNEL'] != nil && ENV['KERNEL'] != "" then 48 $SERVER_BOX = instance_variable_get("@v"+ ENV['KERNEL'] + "_SERVER_BOX") 49 $SERVER_VERSION = instance_variable_get("@v"+ ENV['KERNEL'] + "_SERVER_VERSION") 50 end 51 52 # Workaround issue as described here: 53 # https://github.com/cilium/cilium/pull/12520 54 class VagrantPlugins::ProviderVirtualBox::Action::Network 55 def dhcp_server_matches_config?(dhcp_server, config) 56 true 57 end 58 end 59 60 $cleanup = <<SCRIPT 61 i=1 62 k8s_nodes="${K8S_NODES:-2}" 63 while [ "$i" -le "$k8s_nodes" ]; do 64 VBoxManage natnetwork add --netname natnet$i --network 192.168.0.0/16 --ipv6 on --enable 65 i=$((i+1)) 66 done 67 68 res=0 69 while [ "$res" == "0" ]; do 70 VBoxManage natnetwork remove --netname natnet$i 71 res=$? 72 i=$((i+1)) 73 done 74 75 VBoxManage natnetwork list 76 SCRIPT 77 78 $bootstrap = <<SCRIPT 79 set -o errexit 80 set -o nounset 81 set -o pipefail 82 83 # Add an exception for the cilium repo for the root user to fix the 84 # "fatal: unsafe repository ('/home/vagrant/go/src/github.com/cilium/cilium' is owned by someone else)" 85 # error condition when running `sudo make install` 86 git config --global --add safe.directory /home/vagrant/go/src/github.com/cilium/cilium 87 88 if [ -x /home/vagrant/go/src/github.com/cilium/cilium/.devvmrc ] ; then 89 echo "----------------------------------------------------------------" 90 echo "Executing .devvmrc" 91 /home/vagrant/go/src/github.com/cilium/cilium/.devvmrc || true 92 fi 93 echo "----------------------------------------------------------------" 94 sudo sed -i 's/^mesg n$/tty -s \\&\\& mesg n/g' /root/.profile 95 echo 'export GOPATH=$(go env GOPATH)' >> /home/vagrant/.bashrc 96 SCRIPT 97 98 Vagrant.configure("2") do |config| 99 cilium_dir = '../' 100 cilium_path = '/home/vagrant/go/src/github.com/cilium/cilium' 101 if ENV["SHARE_PARENT"] == "2" then 102 cilium_dir = '../../..' 103 cilium_path = '/home/vagrant/go/src/github.com' 104 elsif ENV["SHARE_PARENT"] then 105 cilium_dir = '../..' 106 cilium_path = '/home/vagrant/go/src/github.com/cilium' 107 end 108 109 config.trigger.before :up, :provision do |trigger| 110 trigger.run = {inline: "bash -c '#{$cleanup}'"} 111 end 112 113 config.vm.define "runtime" do |server| 114 server.vm.provider "virtualbox" do |vb| 115 vb.customize ["modifyvm", :id, "--hwvirtex", "on"] 116 vb.cpus = $CPU 117 vb.memory= $MEMORY 118 vb.linked_clone = true 119 vb.default_nic_type = "virtio" 120 # Prevent VirtualBox from interfering with host audio stack 121 vb.customize ["modifyvm", :id, "--audio", "none"] 122 # Enable HPET, the Go scheduler heavily relies on accurate timers. 123 vb.customize ["modifyvm", :id, "--hpet", "on"] 124 end 125 126 server.vm.box = "#{$SERVER_BOX}" 127 server.vm.box_version = $SERVER_VERSION 128 server.vm.boot_timeout = 600 129 server.vm.hostname = "runtime" 130 131 server.vm.network "private_network", 132 ip: "192.168.56.10", 133 virtualbox__intnet: "cilium-k8s#{$BUILD_NUMBER}-#{$JOB_NAME}-#{$K8S_VERSION}" 134 server.vm.network "private_network", 135 ip: "192.168.57.10", 136 virtualbox__intnet: "cilium-k8s-2#{$BUILD_NUMBER}-#{$JOB_NAME}-#{$K8S_VERSION}" 137 138 # @TODO: Clean this one when https://github.com/hashicorp/vagrant/issues/9822 is fixed. 139 server.vm.provision "ipv6-config-primary", 140 type: "shell", 141 run: "always", 142 inline: "ip -6 a a fd04::1/96 dev enp0s8 || true" 143 server.vm.provision "ipv6-config-secondary", 144 type: "shell", 145 run: "always", 146 inline: "ip -6 a a fd05::1/96 dev enp0s9 || true" 147 148 # This network is only used by NFS 149 if $NFS 150 # This network is only used by NFS 151 server.vm.network "private_network", ip: "192.168.58.10" 152 server.vm.synced_folder cilium_dir, cilium_path, type: "nfs", nfs_udp: false, mount_options: $NFS_OPTS 153 else 154 server.vm.synced_folder cilium_dir, cilium_path 155 end 156 157 # Provision section 158 server.vm.provision "bootstrap", type: "shell", inline: $bootstrap 159 server.vm.provision "file", source: "provision/", destination: "/tmp/" 160 server.vm.provision "shell" do |sh| 161 sh.path = "./provision/runtime_install.sh" 162 sh.env = { 163 "RACE" => "#{$RACE}", 164 "LOCKDEBUG" => "#{$LOCKDEBUG}", 165 "BASE_IMAGE" => "#{$BASE_IMAGE}", 166 "PROVISION_EXTERNAL_WORKLOAD" => "#{$PROVISION_EXTERNAL_WORKLOAD}", 167 "CILIUM_IMAGE" => "#{$CILIUM_IMAGE}" 168 } 169 end 170 end 171 172 (1..$K8S_NODES).each do |i| 173 config.vm.define "k8s#{i}-#{$K8S_VERSION}" do |server| 174 server.vm.provider "virtualbox" do |vb| 175 vb.customize ["modifyvm", :id, "--hwvirtex", "on"] 176 vb.cpus = $CPU 177 vb.memory = $MEMORY 178 no_cilium_nodes = $NO_CILIUM_ON_NODES.split(',') 179 if no_cilium_nodes.include? "k8s#{i}" 180 vb.memory = $MEMORY / 2 181 vb.cpus = 1 182 end 183 vb.linked_clone = true 184 vb.default_nic_type = "virtio" 185 # Prevent VirtualBox from interfering with host audio stack 186 vb.customize ["modifyvm", :id, "--audio", "none"] 187 # Enable HPET, the Go scheduler heavily relies on accurate timers. 188 vb.customize ["modifyvm", :id, "--hpet", "on"] 189 190 if ENV['PRELOAD_VM'] == "false" then 191 # Use serial ports if the VM is no longer accessible via SSH 192 vb.customize ["modifyvm", :id, "--uart1", "0x3F8", "4"] 193 vb.customize ["modifyvm", :id, "--uartmode1", "server", "k8s#{i}-#{$K8S_VERSION}-ttyS0.sock"] 194 end 195 end 196 197 server.vm.box = "#{$SERVER_BOX}" 198 server.vm.box_version = $SERVER_VERSION 199 server.vm.hostname = "k8s#{i}" 200 server.vm.boot_timeout = 600 201 if i == 1 then 202 # grafana 203 server.vm.network "forwarded_port", guest: 3000, host: 3000, 204 auto_correct: true 205 server.vm.network "forwarded_port", guest: 6443, host: 9443, 206 auto_correct: true 207 end 208 server.vm.network "private_network", 209 ip: "192.168.56.1#{i}", 210 virtualbox__intnet: "cilium-k8s#{$BUILD_NUMBER}-#{$JOB_NAME}-#{$K8S_VERSION}" 211 server.vm.network "private_network", 212 ip: "192.168.57.1#{i}", 213 virtualbox__intnet: "cilium-k8s-2#{$BUILD_NUMBER}-#{$JOB_NAME}-#{$K8S_VERSION}" 214 215 # @TODO: Clean this one when https://github.com/hashicorp/vagrant/issues/9822 is fixed. 216 server.vm.provision "ipv6-config-primary", 217 type: "shell", 218 run: "always", 219 inline: "ip -6 a a fd04::1#{i}/96 dev enp0s8 || true" 220 server.vm.provision "ipv6-config-secondary", 221 type: "shell", 222 run: "always", 223 inline: "ip -6 a a fd05::1#{i}/96 dev enp0s9 || true" 224 225 if $NFS 226 # This network is only used by NFS 227 server.vm.network "private_network", ip: "192.168.58.1#{i}" 228 server.vm.synced_folder cilium_dir, cilium_path, type: "nfs", nfs_udp: false, mount_options: $NFS_OPTS 229 else 230 server.vm.synced_folder cilium_dir, cilium_path 231 end 232 233 # Interface for the IPv6 NAT Service. The IP address doesn't matter 234 # as it won't be used. We use an IPv4 address as newer versions of 235 # VBox reject all IPv6 addresses. 236 server.vm.network "private_network", 237 ip: "192.168.59.15" 238 server.vm.provider "virtualbox" do |vb| 239 vb.customize ["modifyvm", :id, "--nic5", "natnetwork"] 240 vb.customize ["modifyvm", :id, "--nat-network5", "natnet#{i}"] 241 end 242 server.vm.provision "ipv6-nat-config", 243 type: "shell", 244 run: "always", 245 inline: "ip -6 r a default via fd17:625c:f037:2::1 dev enp0s16 || true" 246 247 # Provision section 248 server.vm.provision "bootstrap", type: "shell", inline: $bootstrap 249 server.vm.provision :shell, 250 :inline => "sudo sysctl -w net.ipv6.conf.all.forwarding=1" 251 server.vm.provision "file", source: "provision/", destination: "/tmp/" 252 server.vm.provision "shell" do |sh| 253 sh.path = "./provision/k8s_install.sh" 254 sh.args = [ 255 "k8s#{i}", "192.168.56.1#{i}", "#{$K8S_VERSION}", 256 "#{$IPv6}", "#{$CONTAINER_RUNTIME}", "#{$CNI_INTEGRATION}"] 257 sh.env = {"CILIUM_IMAGE" => "#{$CILIUM_IMAGE}", 258 "CILIUM_TAG" => "#{$CILIUM_TAG}", 259 "CILIUM_OPERATOR_IMAGE" => "#{$CILIUM_OPERATOR_IMAGE}", 260 "CILIUM_OPERATOR_TAG" => "#{$CILIUM_OPERATOR_TAG}", 261 "HUBBLE_RELAY_IMAGE" => "#{$HUBBLE_RELAY_IMAGE}", 262 "HUBBLE_RELAY_TAG" => "#{$HUBBLE_RELAY_TAG}", 263 "PRELOAD_VM" => "#{$PRELOAD_VM}", 264 "SKIP_K8S_PROVISION" => "#{$SKIP_K8S_PROVISION}", 265 "KUBEPROXY" => "#{$KUBEPROXY}", 266 "RACE" => "#{$RACE}", 267 "LOCKDEBUG" => "#{$LOCKDEBUG}", 268 "BASE_IMAGE" => "#{$BASE_IMAGE}", 269 "DOCKER_LOGIN" => "#{$DOCKER_LOGIN}", 270 "DOCKER_PASSWORD" => "#{$DOCKER_PASSWORD}", 271 "CILIUM_REGISTRY" => "#{$CILIUM_REGISTRY}" 272 } 273 end 274 end 275 end 276 end