diff --git a/Makefile b/Makefile index 15c3fac67..df5663401 100644 --- a/Makefile +++ b/Makefile @@ -432,13 +432,8 @@ k3d-load: k3d # Push docker images to the k3d cluster. .PHONE: e2e-tools e2e-tools: k3d kind kubectl kuttl python-init ## Donwnload tools for e2e tests locally if necessary. -.PHONE: k3d-hack -k3d-hack: ## Apply k3d hack to the k3d cluster - $(KUBECTL) -n neonvm-system set env deployment/neonvm-controller K3D_HACK=true - $(KUBECTL) -n neonvm-system rollout status deployment neonvm-controller - .PHONE: e2e -e2e: check-local-context e2e-tools k3d-hack ## Run e2e kuttl tests +e2e: check-local-context e2e-tools ## Run e2e kuttl tests $(KUTTL) test --config tests/e2e/kuttl-test.yaml $(if $(CI),--skip-delete) rm -f kubeconfig diff --git a/k3d/config.yaml b/k3d/config.yaml index 1aa5d2f3b..29a41465c 100644 --- a/k3d/config.yaml +++ b/k3d/config.yaml @@ -2,7 +2,7 @@ apiVersion: k3d.io/v1alpha5 kind: Simple servers: 1 agents: 2 -image: rancher/k3s:v1.30.7-k3s1 +image: rancher/k3s:v1.30.6-k3s1 options: k3d: # k3d runtime settings diff --git a/pkg/neonvm/controllers/vm_controller.go b/pkg/neonvm/controllers/vm_controller.go index 9d361e9f2..a6379300b 100644 --- a/pkg/neonvm/controllers/vm_controller.go +++ b/pkg/neonvm/controllers/vm_controller.go @@ -27,7 +27,6 @@ import ( "os" "reflect" "strconv" - "strings" "time" nadapiv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" @@ -1340,7 +1339,7 @@ func podSpec( // Ensure restrictive context for the container // More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted SecurityContext: &corev1.SecurityContext{ - Privileged: lo.ToPtr(isK3D()), + Privileged: lo.ToPtr(false), Capabilities: &corev1.Capabilities{ Add: []corev1.Capability{ "NET_ADMIN", @@ -1673,18 +1672,6 @@ func (r *VMReconciler) tryUpdateVM(ctx context.Context, vm *vmv1.VirtualMachine) return r.Update(ctx, vm) } -// K3D has a problem where we can't configure TUN on 1.30, so if the hack is enabled, we enable -// privileged mode for the runner pod. -func isK3D() bool { - switch strings.ToLower(os.Getenv("K3D_HACK")) { - case "true", "1", "y", "yes", "on", "enable", "enabled": - fmt.Println("K3D_HACK is enabled, enabling privileged mode for the runner pod") - return true - default: - return false - } -} - // return Network Attachment Definition name with IPAM settings func nadIpamName() (string, error) { return getEnvVarValue("NAD_IPAM_NAME")