Update gvisor-tap service by using nmcli and binary from container image

[praveenkumar]

This patch do following

• Create a tap device using nmcli with a hard coded mac address, this mac address is mapped in the crc daemon lease which provide 192.168.127.2 IP address to the VM.
• copy the vm binary from container image and put it to /usr/local/bin
• modify gvisor-tap-vsock service to use the vm binary instead running the container using podman

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from praveenkumar. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[praveenkumar]

Trying this patch right now with microshift bundle and so far so good tried 3 time start/stop in loop and worked everytime have to test this in system mode networking and also for podman/openshift preset.

/hold

[praveenkumar]

With the current change now it takes around 40-50 sec extra. I have to dig more. ( still hold)

[cfergeau]

Had these comments around, never posted them apparently :(

[cfergeau]

Does ETE have any special meaning/is this typical to use this?

[gbraad]

first time I see this

[cfergeau]

When the network-online target is reached, it means the system has some kind of external network connectivity. In our bundles, with usermode networking, gvisor-tap-vsock is required before we have external network connectivity.
This unit file tells systemd to first wait for network-online.target, and then to start gvisor-tap-vsock.service, I don't think this is correct, the order should be the opposite.

[cfergeau]

containers/gvisor-tap-vsock#202 is exploring something similar.

[cfergeau]

I've done some work on this in https://github.com/cfergeau/snc/tree/gvisor_service
However for testing I used the podman branch and https://github.com/cfergeau/snc/tree/podman-gvisor-service , which worked fine. I'll have to test the openshift changes ^^

[openshift-ci]

@praveenkumar: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-snc	45c5117	link	true	/test e2e-snc
ci/prow/e2e-microshift	45c5117	link	true	/test e2e-microshift

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.