Merge pull request #36 from simondeziel/qemu-nvme

Add NVMe test to `tests/storage-disks-vm`
canonical · Nov 10, 2023 · bb85485 · bb85485
2 parents 4a0fcff + 75dafa9
commit bb85485
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 10 deletions.
diff --git a/bin/openstack-run b/bin/openstack-run
@@ -21,7 +21,7 @@ shift 3
 KEY_NAME="ssh-key"
 FLAVOR="$(openstack flavor list -f value -c Name | grep -m1 'cpu8-ram32-disk20\b')"
 NETWORK="$(openstack network list -f value -c Name | grep -Fm1 "net_stg-lxd-cloud-testing")"
-IMAGE="$(openstack image list -f value -c Name --sort-column Name --sort-descending | grep -Fm1 "auto-sync/ubuntu-${serie}")"
+IMAGE="$(openstack image list -f value -c Name --sort-column Name --sort-descending | grep -m1 "auto-sync/ubuntu-${serie}-.*-amd64-")"
 NAME="lxd-ci-${test_name}-${serie}-$$"
 
 if ! [ -e ~/.ssh/id_ed25519 ]; then
@@ -37,6 +37,13 @@ wait_machine() {
         nc -w1 -z "${IP}" 22 && break
         sleep 1
     done
+
+    # Work around regression in cloud-init delaying SSH access
+    # https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/2039441
+    for _ in $(seq 30); do
+        ssh -o ConnectTimeout=1 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "ubuntu@${IP}" true && break
+	sleep 1
+    done
 }
 
 create() {

diff --git a/tests/main.sh b/tests/main.sh
@@ -15,3 +15,6 @@
 ./bin/openstack-run jammy default tests/pylxd latest/edge
 ./bin/openstack-run jammy default tests/pylxd 5.0/edge
 ./bin/openstack-run jammy default tests/pylxd 4.0/edge
+
+# storage
+./bin/openstack-run jammy default tests/storage-disks-vm
diff --git a/tests/storage-disks-vm b/tests/storage-disks-vm
@@ -1,8 +1,6 @@
 #!/bin/sh
 set -eux
 
-# This test uses openat2 which requires kernel >= 5.6 (so use Focal HWE).
-
 waitSnapdSeed() (
   set +x
   for i in $(seq 60); do # Wait up to 60s.
@@ -73,6 +71,11 @@ ln -s "${testRoot}/not-allowed1" "${testRoot}/allowed1/not-allowed1"
 ln -s "${testRoot}/allowed2" "${testRoot}/allowed1/not-allowed2"
 (cd "${testRoot}/allowed1" || false; ln -s foo1 foolink)
 
+# Create loop device to use as NVMe disk
+loopimg="$(mktemp)"
+truncate -s 100M "${loopimg}"
+loopdev="$(losetup --show --find "${loopimg}")"
+
 # Configure LXD
 lxc project switch default
 lxc network create lxdbr0
@@ -84,14 +87,13 @@ lxc project create restricted \
   -c restricted=true \
   -c restricted.devices.disk=allow \
   -c restricted.devices.disk.paths="${testRoot}/allowed1,${testRoot}/allowed2"
-  lxc project switch restricted
 lxc project switch restricted
 lxc profile device add default root disk path="/" pool=default
 lxc profile device add default eth0 nic network=lxdbr0
 lxc profile show default
 
 # Create instance and add check relative source paths are not allowed.
-lxc init images:ubuntu/20.04 v1 --vm
+lxc init ubuntu:22.04 v1 --vm
 ! lxc config device add v1 d1 disk source=foo path=/mnt || false
 
 # Check adding a disk with a source path above the restricted parent source path isn't allowed.
@@ -110,11 +112,11 @@ lxc config device add v1 d1 disk source="${testRoot}/allowed1/not-allowed1" path
 lxc config device set v1 d1 source="${testRoot}/allowed1" shift=true
 ! lxc start v1 || false
 
-# Check adding a disk with a source path that is allowed is allowed.
+# Check adding a disk with a source path that is allowed.
 lxc config device set v1 d1 source="${testRoot}/allowed1" shift=false
 lxc start v1
 waitVMAgent v1
-lxc exec v1 --project restricted -- ls /mnt/foo1
+lxc exec v1 -- ls -l /mnt/foo1
 lxc stop -f v1
 
 # Check adding a disk with a source path that is allowed that symlinks to another allowed source path isn't
@@ -126,7 +128,7 @@ lxc config device set v1 d1 source="${testRoot}/allowed1/not-allowed2"
 lxc config device set v1 d1 source="${testRoot}/allowed1/foolink" path=/mnt/foolink
 lxc start v1
 waitVMAgent v1
-[ "$(lxc exec v1 --project restricted  -- stat /mnt/foolink -c '%u:%g')" = "65534:65534" ] || false
+[ "$(lxc exec v1  -- stat /mnt/foolink -c '%u:%g')" = "65534:65534" ] || false
 lxc stop -f v1
 
 # Check usage of raw.idmap is restricted.
@@ -150,8 +152,8 @@ lxc config set v1 raw.idmap="both 1000 1000"
 lxc config device set v1 d1 source="${testRoot}/allowed1" path=/mnt
 lxc start v1 || (lxc info --show-log c1 ; false)
 waitVMAgent v1
-[ "$(lxc exec v1 --project restricted  -- stat /mnt/foo1 -c '%u:%g')" = "1000:1000" ] || false
-[ "$(lxc exec v1 --project restricted  -- stat /mnt/foo2 -c '%u:%g')" = "65534:65534" ] || false
+[ "$(lxc exec v1  -- stat /mnt/foo1 -c '%u:%g')" = "1000:1000" ] || false
+[ "$(lxc exec v1  -- stat /mnt/foo2 -c '%u:%g')" = "65534:65534" ] || false
 
 # Check security.secureboot setting is applied to running VM at next start up.
 lxc exec v1 -- mokutil --sb-state | grep -Fx "SecureBoot enabled"
@@ -160,6 +162,19 @@ lxc restart -f v1
 waitVMAgent v1
 lxc exec v1 -- mokutil --sb-state | grep -Fx "SecureBoot disabled"
 
+# Remove disk device restrictions and add a NVMe disk
+lxc stop -f v1
+lxc config device remove v1 d1
+lxc project unset restricted restricted.devices.disk
+lxc project unset restricted restricted.devices.disk.paths
+lxc project unset restricted restricted
+
+# Add a NVMe disk and check if a NVMe controller is added to the VM
+lxc config device add v1 nvme-ssd disk source="${loopdev}" io.bus=nvme
+lxc start v1
+waitVMAgent v1
+lxc exec v1 -- lspci | grep -F "QEMU NVM Express Controller"
+
 echo "==> Cleanup"
 lxc delete -f v1
 lxc project switch default
@@ -176,5 +191,7 @@ rmdir "${testRoot}/allowed1"
 rmdir "${testRoot}/allowed2"
 rmdir "${testRoot}/not-allowed1"
 rmdir "${testRoot}"
+losetup --detach "${loopdev}"
+rm "${loopimg}"
 
 FAIL=0