guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#77578] [PATCH] tests: docker-system: Use only guix-daemon service.

From: Oleg Pykhalov
Subject: [bug#77578] [PATCH] tests: docker-system: Use only guix-daemon service.
Date: Wed, 16 Apr 2025 16:53:12 +0300
User-agent: Gnus/5.13 (Gnus v5.13) 
Hi Ludovic,

Thank you for review.

Ludovic Courtès <ludo@gnu.org> writes:

> Oleg Pykhalov <go.wigust@gmail.com> skribis:
>
>> The test run-docker-system-test was hanging on:
>>
>> (docker-cli "exec" container
>>              "/run/current-system/profile/bin/herd"
>>              "status")
>>
>> This occurred because %test-docker-system specified more services than
>> gnu/system/examples/docker-image.tmpl, which may have caused conflicts or
>> unexpected behavior.
>>
>> * gnu/tests/docker.scm (%test-docker-system): Simplify by using only the
>> guix-daemon service to prevent test hangs.
>
> It’s not clear to me why ‘herd status’ was blocking in the first
> place—it’s never supposed to happen.  Do you have ideas?

The docker create command creates a container with a limited set of
privileges by default. These default privileges are insufficient for
certain configuration tasks such as networking setup or hostname
configuration.

Guix inside the container attempts to configure networking itself,
whereas containerd and other container runtimes typically handle
networking internally or with the help of CNI (Container Network
Interface). I don’t think Guix should configure networking by default in
containers, as this is already managed by the runtime.


Adding the --privileged flag to docker create may allow the test to
pass, note that herd status will report a failure for the 'loopback'
service (though this is non-blocking and won't prevent the test from
passing).


Regards,
Oleg.

Attachment: signature.asc
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]