1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
|
#!/usr/bin/env bash
set -euo pipefail
declare -A VERSIONS=(
["cni-plugins"]=v1.3.0
["runc"]=v1.1.14
["crun"]=1.17
["bats"]=v1.9.0
)
main() {
set -x
prepare_system
install_packages
install_conmon
install_bats
install_critools
install_runc
install_crun
install_cni_plugins
install_testdeps
setup_etc_subid
}
prepare_system() {
sudo systemctl stop docker
sudo ufw disable
# enable necessary kernel modules
sudo ip6tables --list >/dev/null
# enable necessary sysctls
sudo sysctl -w net.ipv4.conf.all.route_localnet=1
sudo sysctl -w net.ipv4.ip_forward=1
# needed for crictl test
sudo sysctl -w net.bridge.bridge-nf-call-iptables=1
sudo iptables -t nat -I POSTROUTING -s 127.0.0.0/8 ! -d 127.0.0.0/8 -j MASQUERADE
}
remove_packages() {
sudo apt-get remove \
conmon \
containernetworking-plugins
}
install_packages() {
. /etc/os-release
CRIU_REPO="https://download.opensuse.org/repositories/devel:/tools:/criu/xUbuntu_$VERSION_ID"
curl -fSsL $CRIU_REPO/Release.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/criu.gpg
echo "deb $CRIU_REPO/ /" | sudo tee /etc/apt/sources.list.d/criu.list
sudo apt update
sudo apt install -y \
autoconf \
automake \
conntrack \
criu \
libaio-dev \
libapparmor-dev \
libbtrfs-dev \
libcap-dev \
libdevmapper-dev \
libfuse-dev \
libgpgme11-dev \
libglib2.0-dev \
libnet1-dev \
libnl-3-dev \
libprotobuf-c-dev \
libprotobuf-dev \
libseccomp-dev \
libsystemd-dev \
libtool \
libudev-dev \
libyajl-dev \
sed \
socat \
uuid-dev
}
install_conmon() {
sudo make install
conmon --version
}
install_bats() {
git clone https://github.com/bats-core/bats-core
pushd bats-core
git checkout "${VERSIONS["bats"]}"
sudo ./install.sh /usr/local
popd
rm -rf bats-core
mkdir -p ~/.parallel
touch ~/.parallel/will-cite
}
install_critools() {
URL=https://github.com/kubernetes-sigs/cri-tools
git clone $URL
pushd cri-tools
sudo -E PATH="$PATH" make BINDIR=/usr/bin install
popd
sudo rm -rf cri-tools
sudo critest --version
sudo crictl --version
}
install_cni_plugins() {
URL=https://github.com/containernetworking/plugins/releases/download
TARBALL=cni-plugins-linux-amd64-${VERSIONS["cni-plugins"]}.tgz
CNI_DIR=/opt/cni/bin
sudo mkdir -p "$CNI_DIR"
wget -O "$TARBALL" $URL/"${VERSIONS["cni-plugins"]}"/"$TARBALL"
sudo tar xf "$TARBALL" -C "$CNI_DIR"
rm "$TARBALL"
ls -lah "$CNI_DIR"
}
install_runc() {
URL=https://github.com/opencontainers/runc/releases/download/"${VERSIONS["runc"]}"
BINARY=/usr/sbin/runc
sudo wget -O "$BINARY" "$URL"/runc.amd64
sudo chmod +x "$BINARY"
# Verify the SHA256
SUMFILE=runc.sha256sum
wget "$URL"/$SUMFILE
grep -qw "$(sha256sum "$BINARY" | awk '{ print $1 }')" $SUMFILE
rm $SUMFILE
runc --version
}
install_crun() {
URL=https://github.com/containers/crun/releases/download/"${VERSIONS["crun"]}"/crun-"${VERSIONS["crun"]}"-linux-amd64
BINARY=/usr/bin/crun
sudo wget -O "$BINARY" "$URL"
sudo chmod +x "$BINARY"
crun --version
}
install_testdeps() {
CLONE_PATH=$(go env GOPATH)/src/github.com/cri-o
mkdir -p "$CLONE_PATH"
pushd "$CLONE_PATH"
URL=https://github.com/cri-o/cri-o
git clone $URL
pushd cri-o
make "$(pwd)"/build/bin/ginkgo
sudo cp build/bin/ginkgo /usr/bin
ginkgo version
sudo mkdir -p /etc/containers/registries.d
sudo cp test/policy.json /etc/containers
sudo cp test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
sudo cp test/registries.conf /etc/containers/registries.conf
popd
popd
}
setup_etc_subid() {
echo "containers:200000:65536" | sudo tee -a /etc/subuid
echo "containers:200000:65536" | sudo tee -a /etc/subgid
}
main "$@"
|
