Merge pull request #7344 from fidencio/topic/kata-deploy-add-a-debug-option

kata-deploy: Add a debug option to kata-deploy (and also use it as part of our CI)

tests/integration/gha-run.sh

@@ -77,6 +77,10 @@ function run_tests() {
     kubectl delete namespace kata-containers-k8s-tests &> /dev/null || true
 
     sed -i -e "s|quay.io/kata-containers/kata-deploy:latest|${DOCKER_REGISTRY}/${DOCKER_REPO}:${DOCKER_TAG}|g" "${tools_dir}/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml"
+
+    # Enable debug for Kata Containers
+    yq write -i "${tools_dir}/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml" 'spec.template.spec.containers[0].env[1].value' "\"yes\""
+
     if [ "${KATA_HOST_OS}" = "cbl-mariner" ]; then
         yq write -i "${tools_dir}/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml" 'spec.template.spec.containers[0].env[+].name' "HOST_OS"
         yq write -i "${tools_dir}/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml" 'spec.template.spec.containers[0].env[-1].value' "${KATA_HOST_OS}"

tools/packaging/kata-deploy/kata-cleanup/base/kata-cleanup.yaml

@@ -26,6 +26,8 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
+        - name: DEBUG
+          value: "no"
         securityContext:
           privileged: true
         volumeMounts:

tools/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml

@@ -28,6 +28,8 @@ spec:
           valueFrom:
             fieldRef:
               fieldPath: spec.nodeName
+        - name: DEBUG
+          value: "no"
         securityContext:
           privileged: true
         volumeMounts:

tools/packaging/kata-deploy/scripts/kata-deploy.sh

@@ -10,6 +10,7 @@ set -o nounset
 
 crio_drop_in_conf_dir="/etc/crio/crio.conf.d/"
 crio_drop_in_conf_file="${crio_drop_in_conf_dir}/99-kata-deploy"
+crio_drop_in_conf_file_debug="${crio_drop_in_conf_dir}/100-debug"
 containerd_conf_file="/etc/containerd/config.toml"
 containerd_conf_file_backup="${containerd_conf_file}.bak"
 
@@ -65,6 +66,16 @@ function install_artifacts() {
 	[ -d /opt/kata/runtime-rs/bin ] && \
 		chmod +x /opt/kata/runtime-rs/bin/*
 
+	# Allow enabling debug for Kata Containers
+	if [[ "${DEBUG:-"no"}" == "yes" ]]; then
+		config_path="/opt/kata/share/defaults/kata-containers/"
+		for shim in "${shims[@]}"; do
+			sed -i -e 's/^#\(enable_debug\).*=.*$/\1 = true/g' "${config_path}/configuration-${shim}.toml"
+			sed -i -e 's/^#\(debug_console_enabled\).*=.*$/\1 = true/g' "${config_path}/configuration-${shim}.toml"
+			sed -i -e 's/^kernel_params = "\(.*\)"/kernel_params = "\1 agent.log=debug initcall_debug"/g' "${config_path}/configuration-${shim}.toml"
+		done
+	fi
+
 	# Allow Mariner to use custom configuration.
 	if [ "${HOST_OS:-}" == "cbl-mariner" ]; then
 		config_path="/opt/kata/share/defaults/kata-containers/configuration-clh.toml"
@@ -212,6 +223,14 @@ function configure_crio() {
 	for shim in "${shims[@]}"; do
 		configure_crio_runtime $shim
 	done
+
+
+	if [ "${DEBUG:-"no"}" == "yes" ]; then
+		cat <<EOF | tee -a $crio_drop_in_conf_file_debug
+[crio]
+log_level = "debug"
+EOF
+	fi
 }
 
 function configure_containerd_runtime() {
@@ -250,6 +269,18 @@ EOF
     ConfigPath = "${config_path}"
 EOF
 	fi
+
+	if [ "${DEBUG:-"no"}" == "yes" ]; then
+		if grep -q "\[debug\]" $containerd_conf_file; then
+			sed -i 's/level.*/level = \"debug\"/' $containerd_conf_file
+		else
+			cat <<EOF | tee -a "$containerd_conf_file"
+[debug]
+  level = "debug"
+EOF
+		fi
+
+	fi
 }
 
 function configure_containerd() {
@@ -292,6 +323,9 @@ function cleanup_cri_runtime() {
 
 function cleanup_crio() {
 	rm $crio_drop_in_conf_file
+	if [[ "${DEBUG:-"no"}" == "yes" ]]; then
+		rm $crio_drop_in_conf_file_debug
+	fi
 }
 
 function cleanup_containerd() {