[Pulp-dev] Using nested virtualization for SELinux/FIPS CI testing on Travis & GHA
Mike DePaulo
mikedep333 at redhat.com
Thu Feb 13 23:14:26 UTC 2020
I've only tested Travis so far, but this is very promising.
Hardware KVM virtualization appears to be working on Travis, via pulplift
(which uses vagrant, libvirt & KVM), without any hacks!
My current theory is that Travis uses either OpenVZ or KVM, and that the
"svm" warning is a limitation of nested virtualization working properly.
I'm going to investigate Travis a little further before trying out GHA. (Or
test them in parallel with same commands.) Including making 100% sure it is
not falling back to unaccelerated qemu emulation.
$ uname -a
Linux travis-job-7dcf26ac-24c0-462e-8418-69c466817f8e 5.0.0-1026-gcp
#27~18.04.1-Ubuntu SMP Fri Nov 15 07:40:39 UTC 2019 x86_64 x86_64 x86_64
GNU/Linux
$ sudo virt-what
kvm
$ sudo qemu-system-x86_64 -machine accel=kvm -vnc 127.0.0.1:1
qemu-system-x86_64: warning: host doesn't support requested feature:
CPUID.80000001H:ECX.svm [bit 2]
^C
$ sudo vagrant ssh fedora31
Last login: Thu Feb 13 22:55:40 2020 from 192.168.121.1
$ uname -a
Linux localhost.localdomain 5.3.7-301.fc31.x86_64 #1 SMP Mon Oct 21
19:18:58 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/redhat-release
Fedora release 31 (Thirty One)
-Mike
--
Mike DePaulo
He / Him / His
Service Reliability Engineer, Pulp
Red Hat <https://www.redhat.com/>
IM: mikedep333
GPG: 51745404
<https://www.redhat.com/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-dev/attachments/20200213/37ddf103/attachment.htm>
More information about the Pulp-dev
mailing list