Open wainersm opened 7 months ago
I'm not sure the debug is set correctly. kata-deploy expects an environment variable exported as DEBUG=true|false
whereas the generated ccruntime deployment has spec/config/debug set:
[wmoschet@wainer-laptop operator]$ ./kustomize build config/samples/ccruntime/default/
apiVersion: confidentialcontainers.org/v1beta1
kind: CcRuntime
metadata:
name: ccruntime-sample
spec:
ccNodeSelector:
matchLabels:
node.kubernetes.io/worker: ""
config:
cleanupCmd:
- /opt/kata-artifacts/scripts/kata-deploy.sh
- reset
debug: false
defaultRuntimeClassName: kata-qemu
environmentVariables:
- name: INSTALL_OFFICIAL_CONTAINERD
value: "false"
installCmd:
- /opt/kata-artifacts/scripts/kata-deploy.sh
- install
installDoneLabel:
<SNIP>
I'm not sure the debug is set correctly. kata-deploy expects an environment variable exported as
DEBUG=true|false
whereas the generated ccruntime deployment has spec/config/debug set:[wmoschet@wainer-laptop operator]$ ./kustomize build config/samples/ccruntime/default/ apiVersion: confidentialcontainers.org/v1beta1 kind: CcRuntime metadata: name: ccruntime-sample spec: ccNodeSelector: matchLabels: node.kubernetes.io/worker: "" config: cleanupCmd: - /opt/kata-artifacts/scripts/kata-deploy.sh - reset debug: false defaultRuntimeClassName: kata-qemu environmentVariables: - name: INSTALL_OFFICIAL_CONTAINERD value: "false" installCmd: - /opt/kata-artifacts/scripts/kata-deploy.sh - install installDoneLabel: <SNIP>
Actually controllers/ccruntime_controller.go
converts the spec/config/debug
into an environment variable.
Once the operator is installed then it should be checked that kata-deploy emit debugging messages. How? Maybe grep'ing the messages of the installer pod?
Is there a clean way to do this by checking for any logs with priority level == debug? If not, maybe that's a longer term goal to improve our logging.
Hi @portersrc !
Once the operator is installed then it should be checked that kata-deploy emit debugging messages. How? Maybe grep'ing the messages of the installer pod?
Is there a clean way to do this by checking for any logs with priority level == debug? If not, maybe that's a longer term goal to improve our logging.
Just after opening this issue I looked at kata-deploy's code again, now I have a better understanding of what it enables in terms of debugging. It is not that kata-deploy script itself will emit debug messages, but rather it will enable debugging of the following components:
Good eyes. Well, one passing condition could be to check that all 3 of those files have debug enabled. It's a little error-prone, crude, etc., but that would work for now.
Good eyes. Well, one passing condition could be to check that all 3 of those files have debug enabled. It's a little error-prone, crude, etc., but that would work for now.
Yep, I had the same thing in mind :)
Test Case
Use case: As an user installing CoCo via operator I want to switch on the debugging messages so that I can debug errors on the installation.
Add a new test case to the operator tests to check the condition
debug=true
.Split out of https://github.com/confidential-containers/operator/issues/247
Implementation
In order to switch debugging on/off , you should change the kustomization file on the corresponding ccruntime's overlay directory. For example, in the default ccruntime kustomization file:
Questions: