[pipeline] Add option --privileged for running slave docker#1067
Merged
lguohan merged 1 commit intosonic-net:masterfrom Jun 16, 2022
Merged
[pipeline] Add option --privileged for running slave docker#1067lguohan merged 1 commit intosonic-net:masterfrom
lguohan merged 1 commit intosonic-net:masterfrom
Conversation
lguohan
approved these changes
Jun 16, 2022
Contributor
|
@jimmyzhai Can that same be done for swss-common? https://github.com/Azure/sonic-swss-common/blob/master/.azure-pipelines/build-sairedis-template.yml |
Contributor
Author
Yes. |
Contributor
|
@jimmyzhai Does it only happen in AZP? Do we need to fix document like https://github.com/Azure/sonic-buildimage/blob/master/README.buildsystem.md? |
lguohan
pushed a commit
that referenced
this pull request
Jun 22, 2022
The fix #1067 is not enough. If docker user is non-root, set capability CAP_SYS_TIME for settimeofday success in syncd test, then test_watchdog_timer_clock_rollback can be run. Co-authored-by: junhuazhai <junhuazhai@contoso.com>
qiluo-msft
pushed a commit
to sonic-net/sonic-swss-common
that referenced
this pull request
Jun 22, 2022
…s' (#633) Following sonic-net/sonic-sairedis#1067 and sonic-net/sonic-sairedis#1068, it fixes the below failure at `make check` of building syncd in step 'Compile sonic sairedis': ``` Making check in syncd make[2]: Entering directory '/__w/1/s/syncd' make check-TESTS make[3]: Entering directory '/__w/1/s/syncd' tests: tests.cpp:843: void test_watchdog_timer_clock_rollback(): Assertion `settimeofday(¤tTime, NULL) == 0' failed. /bin/bash: line 5: 13004 Aborted (core dumped) ${dir}$tst FAIL: tests ```
itamar-talmon
pushed a commit
to itamar-talmon/sonic-swss-common
that referenced
this pull request
Jul 19, 2022
…s' (sonic-net#633) Following sonic-net/sonic-sairedis#1067 and sonic-net/sonic-sairedis#1068, it fixes the below failure at `make check` of building syncd in step 'Compile sonic sairedis': ``` Making check in syncd make[2]: Entering directory '/__w/1/s/syncd' make check-TESTS make[3]: Entering directory '/__w/1/s/syncd' tests: tests.cpp:843: void test_watchdog_timer_clock_rollback(): Assertion `settimeofday(¤tTime, NULL) == 0' failed. /bin/bash: line 5: 13004 Aborted (core dumped) ${dir}$tst FAIL: tests ```
pettershao-ragilenetworks
pushed a commit
to pettershao-ragilenetworks/sonic-sairedis
that referenced
this pull request
Nov 18, 2022
In azp run, the following failure always happens at the stage of `make check` of building syncd.
```
Making check in syncd
make[2]: Entering directory '/__w/1/s/syncd'
make check-TESTS
make[3]: Entering directory '/__w/1/s/syncd'
tests: tests.cpp:843: void test_watchdog_timer_clock_rollback(): Assertion `settimeofday(¤tTime, NULL) == 0' failed.
/bin/bash: line 5: 13004 Aborted (core dumped) ${dir}$tst
FAIL: tests
```
The execution of `settimeofday(¤tTime, NULL)` fails in slave docker with errno **EPERM**, because CAP_SYS_TIME capability is dropped in docker. Using option `--privileged` gives docker extended privileges for its success.
This failure has existed for a long time in azp build and is not exposed till sonic-net#1050.
pettershao-ragilenetworks
pushed a commit
to pettershao-ragilenetworks/sonic-sairedis
that referenced
this pull request
Nov 18, 2022
…net#1068) The fix sonic-net#1067 is not enough. If docker user is non-root, set capability CAP_SYS_TIME for settimeofday success in syncd test, then test_watchdog_timer_clock_rollback can be run. Co-authored-by: junhuazhai <junhuazhai@contoso.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In azp run, the following failure always happens at the stage of
make checkof building syncd.The execution of
settimeofday(¤tTime, NULL)fails in slave docker with errno EPERM, because CAP_SYS_TIME capability is dropped in docker. Using option--privilegedgives docker extended privileges for its success.This failure has existed for a long time in azp build and is not exposed till #1050.