cloudutils: Do not configure selinux/apparmor when setup cloudstack agent

[weizhouapache]

Description

This PR disables security configurations during CloudStack agent setup:

• On Ubuntu, it disables AppArmor restrictions for libvirt
• On EL-based systems, it sets SELinux to permissive mode

However, users have different security and hardening requirements, and these decisions should not be enforced by the agent setup. For example:

• Some environments may require SELinux/AppArmor to remain in enforcing mode for stronger security hardening, and the system should still support such configurations.

• Some users may prefer to explicitly configure the libvirt security driver in /etc/libvirt/qemu.conf, replacing security_driver="none" with:

security_driver="selinux"
security_driver="apparmor"

Note that this configuration may not be compatible with certain VM or volume features and could require additional changes. If so, those cases are outside the scope of this PR and can be addressed in future improvements.

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• Build/CI
• Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

[weizhouapache]

@blueorangutan package

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 3.53%. Comparing base (6bc83a3) to head (1325b34).

Additional details and impacted files

@@          Coverage Diff           @@
##            main   #13281   +/-   ##
======================================
  Coverage   3.53%    3.53%           
======================================
  Files        464      464           
  Lines      40196    40196           
  Branches    7560     7560           
======================================
  Hits        1421     1421           
  Misses     38585    38585           
  Partials     190      190           

Flag	Coverage Δ
uitests	3.53% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[weizhouapache]

@blueorangutan package

[Copilot]

Pull request overview

This PR stops CloudStack KVM agent setup from actively disabling host security policy mechanisms during setup, leaving SELinux/AppArmor posture to operators.

Changes:

• Makes AppArmor and SELinux setup configuration methods return without modifying host policy.
• Removes the legacy setup_agent.sh script that also forced SELinux permissive mode.
• Removes stale Java comments referencing the deleted setup script.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
python/lib/cloudutils/serviceConfig.py	No-ops AppArmor/SELinux configuration during agent setup.
scripts/vm/hypervisor/kvm/setup_agent.sh	Deletes obsolete KVM agent setup helper script.
server/src/main/java/com/cloud/hypervisor/kvm/discoverer/LibvirtServerDiscoverer.java	Removes stale commented reference to setup_agent.sh.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[weizhouapache]

@blueorangutan package

[weizhouapache]

@DaanHoogland
yes, they are dead code.
I am running some tests, they will be removed after verification

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18086

[blueorangutan]

[SF] Trillian Build Failed (tid-16221)

[blueorangutan]

[SF] Trillian Build Failed (tid-16225)

[weizhouapache]

with the changes

ubuntu 24

root@pr13281-t16222-kvm-ubuntu24-kvm1:~# aa-status 
apparmor module is loaded.
113 profiles are loaded.
113 profiles are in enforce mode.
   /usr/bin/man
   /usr/lib/snapd/snap-confine
   /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
   /usr/sbin/chronyd
   1password
   Discord
   MongoDB Compass
   QtWebEngineProcess
   balena-etcher
   brave
   buildah
   cam
   ch-checkns
   ch-run
   chrome
   crun
   devhelp
   element-desktop
   epiphany
   evolution
   firefox
   flatpak
   foliate
   geary
   github-desktop
   goldendict
   ipa_verify
   kchmviewer
   keybase
   lc-compliance
   libcamerify
   libvirtd
   libvirtd//qemu_bridge_helper
   linux-sandbox
   loupe
   lsb_release
   lxc-attach
   lxc-create
   lxc-destroy
   lxc-execute
   lxc-stop
   lxc-unshare
   lxc-usernsexec
   man_filter
   man_groff
   mmdebstrap
   msedge
   notepadqq
   nvidia_modprobe
   nvidia_modprobe//kmod
   obsidian
   opam
   opera
   pageedit
   plasmashell
   plasmashell//QtWebEngineProcess
   podman
   polypane
   privacybrowser
   qcam
   qmapshack
   qutebrowser
   rootlesskit
   rpm
   rssguard
   rsyslogd
   runc
   sbuild
   sbuild-abort
   sbuild-adduser
   sbuild-apt
   sbuild-checkpackages
   sbuild-clean
   sbuild-createchroot
   sbuild-destroychroot
   sbuild-distupgrade
   sbuild-hold
   sbuild-shell
   sbuild-unhold
   sbuild-update
   sbuild-upgrade
   scide
   signal-desktop
   slack
   slirp4netns
   steam
   stress-ng
   surfshark
   swtpm
   systemd-coredump
   tcpdump
   thunderbird
   toybox
   transmission-cli
   transmission-daemon
   transmission-gtk
   transmission-qt
   trinity
   tup
   tuxedo-control-center
   ubuntu_pro_apt_news
   unix-chkpwd
   unprivileged_userns
   userbindmount
   uwsgi-core
   vdens
   virt-aa-helper
   virtiofsd
   vivaldi-bin
   vpnns
   vscode
   wike
   wpcom
0 profiles are in complain mode.
0 profiles are in prompt mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
4 processes have profiles defined.
4 processes are in enforce mode.
   /usr/sbin/chronyd (949) 
   /usr/sbin/chronyd (957) 
   /usr/sbin/libvirtd (13184) libvirtd
   /usr/sbin/rsyslogd (927) rsyslogd
0 processes are in complain mode.
0 processes are in prompt mode.
0 processes are in kill mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.

root@pr13281-t16222-kvm-ubuntu24-kvm1:~# grep ^security /etc/libvirt/qemu.conf 
security_driver="none"

debian12

root@pr13281-t16223-kvm-debian12-kvm1:~# aa-status 
apparmor module is loaded.
15 profiles are loaded.
15 profiles are in enforce mode.
   /usr/bin/man
   /usr/lib/NetworkManager/nm-dhcp-client.action
   /usr/lib/NetworkManager/nm-dhcp-helper
   /usr/lib/connman/scripts/dhclient-script
   /usr/sbin/chronyd
   /{,usr/}sbin/dhclient
   libvirtd
   libvirtd//qemu_bridge_helper
   lsb_release
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
   tcpdump
   virt-aa-helper
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
3 processes have profiles defined.
3 processes are in enforce mode.
   /usr/sbin/chronyd (1818) 
   /usr/sbin/chronyd (1819) 
   /usr/sbin/libvirtd (44766) libvirtd
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.

root@pr13281-t16223-kvm-debian12-kvm1:~# grep ^security /etc/libvirt/qemu.conf 
security_driver="none"

oraclelinux 8

[root@pr13281-t16220-kvm-ol8-kvm1 ~]# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      31

[root@pr13281-t16220-kvm-ol8-kvm1 ~]# grep ^security /etc/libvirt/qemu.conf 
security_driver="none"

suse15

pr13281-t16224-kvm-suse15-kvm1:~ # aa-status 
apparmor module is loaded.
64 profiles are loaded.
64 profiles are in enforce mode.
   /usr/bin/lessopen.sh
   apache2
   apache2//DEFAULT_URI
   apache2//HANDLING_UNTRUSTED_INPUT
   apache2//phpsysinfo
   avahi-daemon
   dnsmasq
   dnsmasq//libvirt_leaseshelper
   dovecot
   dovecot-anvil
   dovecot-auth
   dovecot-config
   dovecot-deliver
   dovecot-dict
   dovecot-director
   dovecot-doveadm-server
   dovecot-dovecot-auth
   dovecot-dovecot-lda
   dovecot-dovecot-lda//sendmail
   dovecot-imap
   dovecot-imap-login
   dovecot-lmtp
   dovecot-log
   dovecot-managesieve
   dovecot-managesieve-login
   dovecot-pop3
   dovecot-pop3-login
   dovecot-replicator
   dovecot-script-login
   dovecot-ssl-params
   dovecot-stats
   identd
   klogd
   libvirtd
   libvirtd//qemu_bridge_helper
   lsb_release
   mdnsd
   nmbd
   nscd
   ntpd
   nvidia_modprobe
   nvidia_modprobe//kmod
   php-fpm
   ping
   samba-bgqd
   samba-dcerpcd
   samba-rpcd
   samba-rpcd-classic
   samba-rpcd-spoolss
   smbd
   smbldap-useradd
   smbldap-useradd///etc/init.d/nscd
   syslog-ng
   syslogd
   traceroute
   unix-chkpwd
   virt-aa-helper
   virtqemud
   virtqemud//qemu_bridge_helper
   virtxend
   winbindd
   zgrep
   zgrep//helper
   zgrep//sed
0 profiles are in complain mode.
0 profiles are in kill mode.
0 profiles are in unconfined mode.
2 processes have profiles defined.
2 processes are in enforce mode.
   /usr/sbin/libvirtd (8137) libvirtd
   /usr/sbin/nscd (862) nscd
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.
0 processes are in kill mode.

pr13281-t16224-kvm-suse15-kvm1:~ # grep ^security /etc/libvirt/qemu.conf 
security_driver="none"

oraclelinux 9

[root@pr13281-t16227-kvm-ol9-kvm1 ~]# grep ^security /etc/libvirt/qemu.conf 
security_driver="none"
[root@pr13281-t16227-kvm-ol9-kvm1 ~]# 
[root@pr13281-t16227-kvm-ol9-kvm1 ~]# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Memory protection checking:     actual (secure)
Max kernel policy version:      33
[root@pr13281-t16227-kvm-ol9-kvm1 ~]# 

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18093

[blueorangutan]

[SF] Trillian test result (tid-16220)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 26503 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16220-kvm-ol8.zip
Smoke tests completed. 110 look OK, 2 have errors, 39 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_primary_storage_nfs	Error	0.25	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	Error	0.41	test_primary_storage.py
test_01_primary_storage_scope_change	Error	0.15	test_primary_storage_scope.py
all_test_routers_iptables_default_policy	Skipped	---	test_routers_iptables_default_policy.py
all_test_routers_network_ops	Skipped	---	test_routers_network_ops.py
all_test_routers	Skipped	---	test_routers.py
all_test_scale_vm	Skipped	---	test_scale_vm.py
all_test_secondary_storage	Skipped	---	test_secondary_storage.py
all_test_service_offerings	Skipped	---	test_service_offerings.py
all_test_set_sourcenat	Skipped	---	test_set_sourcenat.py
all_test_sharedfs_lifecycle	Skipped	---	test_sharedfs_lifecycle.py
all_test_snapshots	Skipped	---	test_snapshots.py
all_test_ssl_offloading	Skipped	---	test_ssl_offloading.py
all_test_ssvm	Skipped	---	test_ssvm.py
all_test_staticroles	Skipped	---	test_staticroles.py
all_test_storage_policy	Skipped	---	test_storage_policy.py
all_test_systemvm_userdata	Skipped	---	test_systemvm_userdata.py
all_test_templates	Skipped	---	test_templates.py
all_test_update_security_group	Skipped	---	test_update_security_group.py
all_test_usage_events	Skipped	---	test_usage_events.py
all_test_usage	Skipped	---	test_usage.py
all_test_vm_autoscaling	Skipped	---	test_vm_autoscaling.py
all_test_vm_deployment_planner	Skipped	---	test_vm_deployment_planner.py
all_test_vm_life_cycle	Skipped	---	test_vm_life_cycle.py
all_test_vm_lifecycle_unmanage_import	Skipped	---	test_vm_lifecycle_unmanage_import.py
all_test_vm_lifecycle_unmanage_kvm_import	Skipped	---	test_vm_lifecycle_unmanage_kvm_import.py
all_test_vm_lifecycle_with_snapshot_or_volume	Skipped	---	test_vm_lifecycle_with_snapshot_or_volume.py
all_test_vm_schedule	Skipped	---	test_vm_schedule.py
all_test_vm_snapshot_kvm	Skipped	---	test_vm_snapshot_kvm.py
all_test_vm_snapshots	Skipped	---	test_vm_snapshots.py
all_test_vm_strict_host_tags	Skipped	---	test_vm_strict_host_tags.py
all_test_vnf_templates	Skipped	---	test_vnf_templates.py
all_test_volumes	Skipped	---	test_volumes.py
all_test_vpc_conserve_mode	Skipped	---	test_vpc_conserve_mode.py
all_test_vpc_ipv6	Skipped	---	test_vpc_ipv6.py
all_test_vpc_redundant	Skipped	---	test_vpc_redundant.py
all_test_vpc_router_nics	Skipped	---	test_vpc_router_nics.py
all_test_vpc_vpn	Skipped	---	test_vpc_vpn.py
all_test_webhook_delivery	Skipped	---	test_webhook_delivery.py
all_test_webhook_lifecycle	Skipped	---	test_webhook_lifecycle.py
all_test_host_maintenance	Skipped	---	test_host_maintenance.py
all_test_hostha_kvm	Skipped	---	test_hostha_kvm.py

[blueorangutan]

[SF] Trillian test result (tid-16222)
Environment: kvm-ubuntu24 (x2), zone: Advanced Networking with Mgmt server u24
Total time taken: 59843 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16222-kvm-ubuntu24.zip
Smoke tests completed. 151 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[blueorangutan]

[SF] Trillian test result (tid-16224)
Environment: kvm-suse15 (x2), zone: Advanced Networking with Mgmt server s15
Total time taken: 64937 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16224-kvm-suse15.zip
Smoke tests completed. 126 look OK, 25 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_role_account_acls_multiple_mgmt_servers	Error	1.63	test_dynamicroles.py
test_query_async_job_result	Error	104.85	test_async_job.py
test_revoke_certificate	Error	0.01	test_certauthority_root.py
test_configure_ha_provider_invalid	Error	0.01	test_hostha_simulator.py
test_configure_ha_provider_valid	Error	0.01	test_hostha_simulator.py
test_ha_configure_enabledisable_across_clusterzones	Error	0.01	test_hostha_simulator.py
test_ha_disable_feature_invalid	Error	0.01	test_hostha_simulator.py
test_ha_enable_feature_invalid	Error	0.01	test_hostha_simulator.py
test_ha_list_providers	Error	0.01	test_hostha_simulator.py
test_ha_multiple_mgmt_server_ownership	Error	0.01	test_hostha_simulator.py
test_ha_verify_fsm_available	Error	0.01	test_hostha_simulator.py
test_ha_verify_fsm_degraded	Error	0.01	test_hostha_simulator.py
test_ha_verify_fsm_fenced	Error	0.01	test_hostha_simulator.py
test_ha_verify_fsm_recovering	Error	0.01	test_hostha_simulator.py
test_hostha_configure_default_driver	Error	0.01	test_hostha_simulator.py
test_hostha_configure_invalid_provider	Error	0.01	test_hostha_simulator.py
test_hostha_disable_feature_valid	Error	0.01	test_hostha_simulator.py
test_hostha_enable_feature_valid	Error	0.01	test_hostha_simulator.py
test_hostha_enable_feature_without_setting_provider	Error	0.01	test_hostha_simulator.py
test_list_ha_for_host	Error	0.01	test_hostha_simulator.py
test_list_ha_for_host_invalid	Error	0.01	test_hostha_simulator.py
test_list_ha_for_host_valid	Error	0.01	test_hostha_simulator.py
test_01_host_ping_on_alert	Error	0.06	test_host_ping.py
test_01_host_ping_on_alert	Error	0.07	test_host_ping.py
test_01_deploy_vm_from_iso_uefi_secure	Error	67.83	test_deploy_vm_iso_uefi.py
test_02_deploy_vm_from_iso_uefi_legacy	Error	11.44	test_deploy_vm_iso_uefi.py
test_03_deploy_windows_vm_from_iso_uefi_legacy	Error	12.45	test_deploy_vm_iso_uefi.py
test_04_deploy_windows_vm_from_iso_uefi_secure	Error	11.42	test_deploy_vm_iso_uefi.py
test_01_browser_migrate_template	Error	15.30	test_image_store_object_migration.py
test_01_invalid_upgrade_kubernetes_cluster	Failure	290.31	test_kubernetes_clusters.py
test_02_upgrade_kubernetes_cluster	Failure	249.44	test_kubernetes_clusters.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	253.67	test_kubernetes_clusters.py
test_04_autoscale_kubernetes_cluster	Failure	221.94	test_kubernetes_clusters.py
test_05_basic_lifecycle_kubernetes_cluster	Failure	226.27	test_kubernetes_clusters.py
test_06_delete_kubernetes_cluster	Failure	236.54	test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster	Failure	305.83	test_kubernetes_clusters.py
test_10_vpc_tier_kubernetes_cluster	Failure	228.29	test_kubernetes_clusters.py
test_11_test_unmanaged_cluster_lifecycle	Error	76.22	test_kubernetes_clusters.py
test_12_test_deploy_cluster_different_offerings_per_node_type	Failure	240.40	test_kubernetes_clusters.py
test_01_add_delete_kubernetes_supported_version	Error	0.13	test_kubernetes_supported_versions.py
login_test_saml_user	Error	2.01	test_login.py
test_01_deployVMInSharedNetwork	Error	54.43	test_network.py
test_03_destroySharedNetwork	Failure	1.08	test_network.py
ContextSuite context=TestSharedNetwork>:teardown	Error	2.17	test_network.py
test_oobm_issue_power_cycle	Error	3.30	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_off	Error	2.27	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_on	Error	3.26	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_reset	Error	3.28	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_soft	Error	3.26	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_status	Error	1.18	test_outofbandmanagement_nestedplugin.py
test_02_edit_primary_storage_tags	Error	0.02	test_primary_storage.py
test_01_primary_storage_scope_change	Error	0.07	test_primary_storage_scope.py
test_01_vpc_privategw_acl	Error	0.02	test_privategw_acl_ovs_gre.py
test_03_vpc_privategw_restart_vpc_cleanup	Error	0.02	test_privategw_acl_ovs_gre.py
test_05_vpc_privategw_check_interface	Error	0.02	test_privategw_acl_ovs_gre.py
test_01_vpc_privategw_acl	Error	51.54	test_privategw_acl.py
test_02_vpc_privategw_static_routes	Error	192.03	test_privategw_acl.py
test_03_vpc_privategw_restart_vpc_cleanup	Error	160.18	test_privategw_acl.py
test_04_rvpc_privategw_static_routes	Error	317.64	test_privategw_acl.py
test_01_purge_expunged_api_vm_start_date	Error	20.27	test_purge_expunged_vms.py
test_02_purge_expunged_api_vm_end_date	Error	13.43	test_purge_expunged_vms.py
test_03_purge_expunged_api_vm_start_end_date	Error	11.40	test_purge_expunged_vms.py
test_04_purge_expunged_api_vm_no_date	Error	13.42	test_purge_expunged_vms.py
test_05_purge_expunged_vm_service_offering	Error	239.28	test_purge_expunged_vms.py
test_06_purge_expunged_vm_background_task	Error	340.55	test_purge_expunged_vms.py
test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true	Failure	541.13	test_routers_network_ops.py
test_01_snapshot_root_disk	Error	4.33	test_snapshots.py
test_CreateTemplateWithDuplicateName	Error	24.85	test_templates.py
test_01_register_template_direct_download_flag	Error	0.31	test_templates.py
test_01_positive_tests_usage	Error	12.75	test_usage_events.py
test_01_ISO_usage	Error	1.09	test_usage.py
test_01_lb_usage	Error	4.22	test_usage.py
test_01_nat_usage	Error	8.31	test_usage.py
test_01_public_ip_usage	Error	1.06	test_usage.py
test_01_snapshot_usage	Error	18.52	test_usage.py
test_01_template_usage	Error	21.04	test_usage.py
test_01_vm_usage	Error	141.21	test_usage.py
test_01_volume_usage	Error	129.94	test_usage.py
test_01_vpn_usage	Error	8.44	test_usage.py
test_02_unsecure_vm_migration	Failure	276.15	test_vm_life_cycle.py
test_12_start_vm_multiple_volumes_allocated	Error	15.58	test_vm_life_cycle.py
test_01_vmschedule_create	Error	0.09	test_vm_schedule.py
test_disable_oobm_ha_state_ineligible	Error	0.06	test_hostha_kvm.py
test_hostha_configure_default_driver	Error	0.04	test_hostha_kvm.py
test_hostha_enable_ha_when_host_disabled	Error	0.04	test_hostha_kvm.py
test_hostha_enable_ha_when_host_disconected	Error	0.03	test_hostha_kvm.py
test_hostha_enable_ha_when_host_in_maintenance	Error	0.04	test_hostha_kvm.py
test_hostha_kvm_host_degraded	Error	0.04	test_hostha_kvm.py
test_hostha_kvm_host_fencing	Error	0.04	test_hostha_kvm.py
test_hostha_kvm_host_recovering	Error	0.03	test_hostha_kvm.py
test_remove_ha_provider_not_possible	Error	0.05	test_hostha_kvm.py

[blueorangutan]

[SF] Trillian test result (tid-16223)
Environment: kvm-debian12 (x2), zone: Advanced Networking with Mgmt server d12
Total time taken: 66932 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16223-kvm-debian12.zip
Smoke tests completed. 125 look OK, 26 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_role_account_acls_multiple_mgmt_servers	Error	2.54	test_dynamicroles.py
test_query_async_job_result	Error	88.02	test_async_job.py
test_revoke_certificate	Error	0.04	test_certauthority_root.py
login_test_saml_user	Error	4.73	test_login.py
ContextSuite context=TestClusterDRS>:setup	Error	0.00	test_cluster_drs.py
test_configure_ha_provider_invalid	Error	0.04	test_hostha_simulator.py
test_configure_ha_provider_valid	Error	0.03	test_hostha_simulator.py
test_ha_configure_enabledisable_across_clusterzones	Error	0.03	test_hostha_simulator.py
test_ha_disable_feature_invalid	Error	0.03	test_hostha_simulator.py
test_ha_enable_feature_invalid	Error	0.03	test_hostha_simulator.py
test_ha_list_providers	Error	0.03	test_hostha_simulator.py
test_ha_multiple_mgmt_server_ownership	Error	0.03	test_hostha_simulator.py
test_ha_verify_fsm_available	Error	0.03	test_hostha_simulator.py
test_ha_verify_fsm_degraded	Error	0.03	test_hostha_simulator.py
test_ha_verify_fsm_fenced	Error	0.03	test_hostha_simulator.py
test_ha_verify_fsm_recovering	Error	0.03	test_hostha_simulator.py
test_hostha_configure_default_driver	Error	0.03	test_hostha_simulator.py
test_hostha_configure_invalid_provider	Error	0.03	test_hostha_simulator.py
test_hostha_disable_feature_valid	Error	0.03	test_hostha_simulator.py
test_hostha_enable_feature_valid	Error	0.03	test_hostha_simulator.py
test_hostha_enable_feature_without_setting_provider	Error	0.03	test_hostha_simulator.py
test_list_ha_for_host	Error	0.03	test_hostha_simulator.py
test_list_ha_for_host_invalid	Error	0.03	test_hostha_simulator.py
test_list_ha_for_host_valid	Error	0.03	test_hostha_simulator.py
test_01_host_ping_on_alert	Error	0.16	test_host_ping.py
test_01_host_ping_on_alert	Error	0.17	test_host_ping.py
test_01_browser_migrate_template	Error	15.53	test_image_store_object_migration.py
test_01_invalid_upgrade_kubernetes_cluster	Failure	271.86	test_kubernetes_clusters.py
test_02_upgrade_kubernetes_cluster	Failure	270.69	test_kubernetes_clusters.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	283.76	test_kubernetes_clusters.py
test_04_autoscale_kubernetes_cluster	Failure	289.20	test_kubernetes_clusters.py
test_05_basic_lifecycle_kubernetes_cluster	Failure	244.39	test_kubernetes_clusters.py
test_06_delete_kubernetes_cluster	Failure	223.10	test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster	Failure	396.79	test_kubernetes_clusters.py
test_10_vpc_tier_kubernetes_cluster	Failure	286.29	test_kubernetes_clusters.py
test_11_test_unmanaged_cluster_lifecycle	Error	70.87	test_kubernetes_clusters.py
test_12_test_deploy_cluster_different_offerings_per_node_type	Failure	261.27	test_kubernetes_clusters.py
test_01_add_delete_kubernetes_supported_version	Error	2.11	test_kubernetes_supported_versions.py
test_01_deployVMInSharedNetwork	Error	67.33	test_network.py
test_03_destroySharedNetwork	Failure	1.12	test_network.py
ContextSuite context=TestSharedNetwork>:teardown	Error	2.25	test_network.py
test_oobm_issue_power_cycle	Error	2.41	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_off	Error	2.40	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_on	Error	2.42	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_reset	Error	2.42	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_soft	Error	2.44	test_outofbandmanagement_nestedplugin.py
test_oobm_issue_power_status	Error	2.35	test_outofbandmanagement_nestedplugin.py
test_oobm_background_powerstate_sync	Failure	20.89	test_outofbandmanagement.py
test_oobm_background_powerstate_sync	Error	20.90	test_outofbandmanagement.py
test_oobm_configure_default_driver	Error	0.11	test_outofbandmanagement.py
test_oobm_configure_invalid_driver	Error	0.09	test_outofbandmanagement.py
test_oobm_disable_feature_invalid	Error	0.09	test_outofbandmanagement.py
test_oobm_disable_feature_valid	Error	0.21	test_outofbandmanagement.py
test_oobm_enable_feature_invalid	Error	0.08	test_outofbandmanagement.py
test_oobm_enable_feature_valid	Error	0.18	test_outofbandmanagement.py
test_oobm_enabledisable_across_clusterzones	Error	2.98	test_outofbandmanagement.py
test_oobm_enabledisable_across_clusterzones	Error	2.98	test_outofbandmanagement.py
test_oobm_issue_power_cycle	Error	1.43	test_outofbandmanagement.py
test_oobm_issue_power_cycle	Error	1.43	test_outofbandmanagement.py
test_oobm_issue_power_off	Error	0.39	test_outofbandmanagement.py
test_oobm_issue_power_off	Error	0.40	test_outofbandmanagement.py
test_oobm_issue_power_on	Error	2.44	test_outofbandmanagement.py
test_oobm_issue_power_on	Error	2.44	test_outofbandmanagement.py
test_oobm_issue_power_reset	Error	1.40	test_outofbandmanagement.py
test_oobm_issue_power_reset	Error	1.40	test_outofbandmanagement.py
test_oobm_issue_power_soft	Error	1.41	test_outofbandmanagement.py
test_oobm_issue_power_soft	Error	1.41	test_outofbandmanagement.py
test_oobm_issue_power_status	Error	1.42	test_outofbandmanagement.py
test_oobm_issue_power_status	Error	1.42	test_outofbandmanagement.py
test_oobm_multiple_mgmt_server_ownership	Error	0.24	test_outofbandmanagement.py
test_oobm_multiple_mgmt_server_ownership	Error	0.25	test_outofbandmanagement.py
test_oobm_zchange_password	Error	0.25	test_outofbandmanagement.py
test_oobm_zchange_password	Error	0.25	test_outofbandmanagement.py
test_02_edit_primary_storage_tags	Error	0.05	test_primary_storage.py
test_01_primary_storage_scope_change	Error	0.11	test_primary_storage_scope.py
test_01_vpc_privategw_acl	Error	0.06	test_privategw_acl_ovs_gre.py
test_03_vpc_privategw_restart_vpc_cleanup	Error	0.05	test_privategw_acl_ovs_gre.py
test_05_vpc_privategw_check_interface	Error	0.05	test_privategw_acl_ovs_gre.py
test_01_vpc_privategw_acl	Error	55.85	test_privategw_acl.py
test_02_vpc_privategw_static_routes	Error	191.54	test_privategw_acl.py
test_03_vpc_privategw_restart_vpc_cleanup	Error	162.19	test_privategw_acl.py
test_04_rvpc_privategw_static_routes	Error	313.14	test_privategw_acl.py
test_01_purge_expunged_api_vm_start_date	Error	27.01	test_purge_expunged_vms.py
test_02_purge_expunged_api_vm_end_date	Error	18.24	test_purge_expunged_vms.py
test_03_purge_expunged_api_vm_start_end_date	Error	20.59	test_purge_expunged_vms.py
test_04_purge_expunged_api_vm_no_date	Error	18.31	test_purge_expunged_vms.py
test_05_purge_expunged_vm_service_offering	Error	239.87	test_purge_expunged_vms.py
test_06_purge_expunged_vm_background_task	Error	389.88	test_purge_expunged_vms.py
test_router_dhcphosts	Failure	33.03	test_router_dhcphosts.py
test_01_snapshot_root_disk	Error	3.42	test_snapshots.py
test_CreateTemplateWithDuplicateName	Error	19.06	test_templates.py
test_01_register_template_direct_download_flag	Error	0.23	test_templates.py
test_01_positive_tests_usage	Error	9.96	test_usage_events.py
test_01_ISO_usage	Error	1.19	test_usage.py
test_01_lb_usage	Error	6.40	test_usage.py
test_01_nat_usage	Error	10.60	test_usage.py
test_01_public_ip_usage	Error	1.14	test_usage.py
test_01_snapshot_usage	Error	29.20	test_usage.py
test_01_template_usage	Error	17.01	test_usage.py
test_01_vm_usage	Error	134.21	test_usage.py
test_01_volume_usage	Error	126.08	test_usage.py
test_01_vpn_usage	Error	8.68	test_usage.py
test_12_start_vm_multiple_volumes_allocated	Error	11.84	test_vm_life_cycle.py
test_01_vmschedule_create	Error	0.14	test_vm_schedule.py
test_disable_oobm_ha_state_ineligible	Error	0.12	test_hostha_kvm.py
test_hostha_configure_default_driver	Error	0.10	test_hostha_kvm.py
test_hostha_enable_ha_when_host_disabled	Error	0.10	test_hostha_kvm.py
test_hostha_enable_ha_when_host_disconected	Error	0.10	test_hostha_kvm.py
test_hostha_enable_ha_when_host_in_maintenance	Error	0.11	test_hostha_kvm.py
test_hostha_kvm_host_degraded	Error	0.10	test_hostha_kvm.py
test_hostha_kvm_host_fencing	Error	0.15	test_hostha_kvm.py
test_hostha_kvm_host_recovering	Error	0.10	test_hostha_kvm.py
test_remove_ha_provider_not_possible	Error	0.09	test_hostha_kvm.py

[blueorangutan]

[SF] Trillian test result (tid-16227)
Environment: kvm-ol9 (x2), zone: Advanced Networking with Mgmt server ol9
Total time taken: 58836 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16227-kvm-ol9.zip
Smoke tests completed. 149 look OK, 2 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_04_rvpc_privategw_static_routes	Failure	864.04	test_privategw_acl.py
test_04_rvpc_privategw_static_routes	Error	864.09	test_privategw_acl.py
test_01_vpn_usage	Error	0.06	test_usage.py

[blueorangutan]

[SF] Trillian test result (tid-16228)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 50955 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16228-kvm-ol8.zip
Smoke tests completed. 150 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
ContextSuite context=TestClusterDRS>:setup	Error	0.00	test_cluster_drs.py

[blueorangutan]

[SF] Trillian Build Failed (tid-16233)

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18112

[blueorangutan]

[SF] Trillian Build Failed (tid-16236)

[blueorangutan]

[SF] Trillian test result (tid-16232)
Environment: kvm-ol9 (x2), zone: Advanced Networking with Mgmt server ol9
Total time taken: 57074 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr13281-t16232-kvm-ol9.zip
Smoke tests completed. 150 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
ContextSuite context=TestClusterDRS>:setup	Error	0.00	test_cluster_drs.py

[weizhouapache]

@blueorangutan help

[blueorangutan]

@weizhouapache [SL] I understand these words: "help", "hello", "thanks", "package", "test"
Test command usage: test [mgmt os] [hypervisor] [keepEnv] [qemuEv] [basicZone|securityGroups]
Mgmt OS options: ['suse15', 'alma10', 'ol10', 'rocky10', 'alma9', 'centos7', 'centos6', 'rocky9', 'alma8', 'ubuntu18', 'ol9', 'ol8', 'ubuntu22', 'debian12', 'ubuntu20', 'rocky8', 'ubuntu24']
Hypervisor options: ['kvm-centos6', 'kvm-centos7', 'kvm-rocky8', 'kvm-rocky9', 'kvm-rocky10', 'kvm-ol8', 'kvm-ol9', 'kvm-ol10', 'kvm-alma8', 'kvm-alma9', 'kvm-alma10', 'kvm-ubuntu18', 'kvm-ubuntu20', 'kvm-ubuntu22', 'kvm-ubuntu24', 'kvm-debian12', 'kvm-suse15', 'vmware-55u3', 'vmware-60u2', 'vmware-65u2', 'vmware-67u3', 'vmware-70u1', 'vmware-70u2', 'vmware-70u3', 'vmware-80', 'vmware-80u1', 'vmware-80u2', 'vmware-80u3', 'vmware-80u3e', 'xenserver-65sp1', 'xenserver-71', 'xenserver-74', 'xenserver-84', 'xcpng74', 'xcpng76', 'xcpng80', 'xcpng81', 'xcpng82', 'xcpng83']
Note: when keepEnv is passed, you need to specify mgmt server os and hypervisor or use the matrix command.
when qemuEv is passed, it will deploy KVM hyperviosr hosts with qemu-kvm-ev, else it will default to stock qemu.
When basicZone and/or securityGroups are passed it will create a zone of the last type specified (default is Advanced)
Package command usage: package [all(default value),kvm,xen,vmware,hyperv,ovm] - a comma separated list can be passed with package command to bundle the required hypervisor's systemVM templates. Not passing any argument will bundle all - kvm,xen and vmware templates.

Blessed contributors for kicking Trillian test jobs: ['rohityadavcloud', 'shwstppr', 'Damans227', 'vishesh92', 'Pearl1594', 'harikrishna-patnala', 'nvazquez', 'DaanHoogland', 'weizhouapache', 'borisstoyanov', 'vladimirpetrov', 'kiranchavala', 'andrijapanicsb', 'NuxRo', 'rajujith', 'sureshanaparti', 'abh1sar', 'sudo87', 'RosiKyu']

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18182