diff --git a/charms/worker/lxd-profile.yaml b/charms/worker/lxd-profile.yaml deleted file mode 100644 index 6b4c696d..00000000 --- a/charms/worker/lxd-profile.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2024 Canonical Ltd. -# See LICENSE file for licensing details. -description: "LXD profile for Canonical Kubernetes" -config: - linux.kernel_modules: ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,ip_tables,ip6_tables,iptable_raw,netlink_diag,nf_nat,overlay,br_netfilter,xt_socket - raw.lxc: | - lxc.apparmor.profile=unconfined - lxc.mount.auto=proc:rw sys:rw cgroup:rw - lxc.cgroup.devices.allow=a - lxc.cap.drop= - security.nesting: "true" - security.privileged: "true" -devices: - aadisable: - path: /dev/kmsg - source: /dev/kmsg - type: unix-char diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py index 322d4dbe..e9a5d49b 100644 --- a/tests/integration/conftest.py +++ b/tests/integration/conftest.py @@ -162,6 +162,17 @@ def switch(self, name: str, path: Path): app["channel"] = None +async def cloud_profile(ops_test: OpsTest): + """Apply lxd-profile to the model if the juju cloud is lxd.""" + controller = await ops_test.model.get_controller() + cloud = await controller.cloud() + if cloud.cloud.type_ == "lxd": + lxd = LXDSubstrate(None, None) + profile_name = f"juju-{ops_test.model.name}" + lxd.remove_profile(profile_name) + lxd.apply_profile("k8s.profile", profile_name) + + @contextlib.asynccontextmanager async def deploy_model( request: pytest.FixtureRequest, @@ -193,6 +204,7 @@ async def deploy_model( config=config, ) with ops_test.model_context(model_name) as the_model: + await cloud_profile(ops_test) async with ops_test.fast_forward("60s"): await the_model.deploy(bundle.render) await the_model.wait_for_idle( diff --git a/tests/integration/cos_substrate.py b/tests/integration/cos_substrate.py index d2650b49..982df321 100644 --- a/tests/integration/cos_substrate.py +++ b/tests/integration/cos_substrate.py @@ -54,7 +54,8 @@ def apply_profile( target_profile_name (Optional[str]): Name of the target profile. Defaults to 'cos-profile'. """ profile_path = Path("tests/integration/data") / profile_name - with open(profile_path) as file: + + with profile_path.open() as file: try: raw_profile = yaml.safe_load(file) config = raw_profile.get("config", {}) @@ -62,7 +63,7 @@ def apply_profile( self.client.profiles.create(target_profile_name, config=config, devices=devices) log.info(f"Profile {target_profile_name} applied successfully.") except (yaml.YAMLError, Exception) as e: - log.error(f"Failed to read or apply LXD profile: {e}") + log.exception(f"Failed to read or apply LXD profile: {e}") def create_container(self, name: str): """Create a container. diff --git a/charms/worker/k8s/lxd-profile.yaml b/tests/integration/data/k8s.profile similarity index 95% rename from charms/worker/k8s/lxd-profile.yaml rename to tests/integration/data/k8s.profile index 6b4c696d..861f529e 100644 --- a/charms/worker/k8s/lxd-profile.yaml +++ b/tests/integration/data/k8s.profile @@ -2,6 +2,7 @@ # See LICENSE file for licensing details. description: "LXD profile for Canonical Kubernetes" config: + boot.autostart: "true" linux.kernel_modules: ip_vs,ip_vs_rr,ip_vs_wrr,ip_vs_sh,ip_tables,ip6_tables,iptable_raw,netlink_diag,nf_nat,overlay,br_netfilter,xt_socket raw.lxc: | lxc.apparmor.profile=unconfined diff --git a/tests/integration/data/test-bundle-etcd.yaml b/tests/integration/data/test-bundle-etcd.yaml index b4b75a4d..9a99e86f 100644 --- a/tests/integration/data/test-bundle-etcd.yaml +++ b/tests/integration/data/test-bundle-etcd.yaml @@ -20,6 +20,11 @@ applications: num_units: 1 options: datastore: etcd + k8s-worker: + charm: k8s-worker + channel: latest/edge + num_units: 1 relations: + - [k8s, k8s-worker:cluster] - [etcd, easyrsa:client] - [etcd, k8s:etcd]