One of the cool things you can do when implementing integration testing is staging the test dependencies using an OCI image. And scheduling integration tests in Openshift is also nice. For tests that integrate a full operating system, you need to start up one or more VMs running that operating system. Tests then interact with those VMs. It's easy to run VMs from inside of a privileged container that contains /dev/kvm. But I want to be able to run full operating system integration tests on an Openshift cluster without enabling privileged containers on all nodes. So I've been playing with this, and hacked together: https://github.com/stefwalter/oci-kvm-hook This allows use of KVM inside any container running on a system where the hook is installed. The use of a hook for this is purely pragmatic. A far better solution would be to change kubelet to have a --enable-kvm option ... similar to the --experimental-nvidia-gpus support I see there [1]. But since changes into kubernetes and then Openshift have a really long lead time, this lets us play with this before hand. Stef [1] https://kubernetes.io/docs/admin/kubelet/
Attachment:
signature.asc
Description: OpenPGP digital signature