Commit graph

1932 commits

Author SHA1 Message Date
Mark Hamzy
76bf793a39 dmidecode does not exist for ppc64/ppc64el
Adding three separate lines because the arch tag does not support a list.

Change-Id: Icf8a075224833fcfbbe2128e8802ff41c39f3c09
2016-06-29 16:51:46 -05:00
Jenkins
14152b1657 Merge "Run RHEL system unregister element earlier" 2016-06-28 09:32:53 +00:00
Jenkins
4493aadbd1 Merge "Clean more from ironic-agent ramdisk image" 2016-06-27 15:13:55 +00:00
Gregory Haynes
fd5fbdd4b5 Make xenial the ubuntu default
This is the new LTS.

Change-Id: I42a6c0520dde8be21df396e7c2e6fb5ae55d2025
2016-06-25 04:20:47 +00:00
Ben Nemec
4e5dcdd9cf Clean more from ironic-agent ramdisk image
While we already clean a number of things off the ironic-agent
ramdisk, there are a few more significant ones that we should add
to the list.

First is the kernel source.  If you're rebuilding your kernel on
the agent ramdisk after the initial image build, then you need to
re-examine your life choices. ;-)

Second is /var/cache.  On yum-based distros, this contains a large
number of yum cache files that take up significant space.  We don't
really want to be copying around caches when booting a ramdisk
anyway, so cleaning this is the right thing to do regardless.

Third is all *.pyc or *.pyo files.  There are a lot of these, so
they eat up significant space and bloat the number of files in the
ramdisk, which makes it take longer to build.  the only purpose for
the files is to slightly speed up Python app startup, and we
probably lose more time transferring the files over the network
than we would gain in quicker start times.  Note that we were
already trying to remove these, but for some reason I was still
seeing them show up in my final images.  It makes more sense to
put them in the same pruning command as all the others anyway.

Fourth is /usr/include.  These are files only needed for
compilation.  See above for my thoughts on compiling in a ramdisk.

These changes have reduced the agent ramdisk from 391 MB to 333 MB
in my local centos 7 builds, and have reduced the number of files
in the ramdisk by over 18000.

Change-Id: I550f9904b9afd12d48da9ba24559acb23133d076
2016-06-24 13:21:32 -05:00
Ian Wienand
1b4e6eb5f7 Handle locales install on Fedora 24
Fedora 24 has split locales into separate packages.  Testing revealed
what is possibly a bug in the choosing of default packages, so add a
small work-around to ensure the minimal locale pack is installed.

This appears to be the only change required for fedora-minimal with
Fedora 24; at least to build with the project-config infra elements.

Change-Id: I64438c34c572ed96211384ae1bfb45b2949e4318
2016-06-24 10:28:06 +10:00
Bernard Cafarelli
87379da56a Run RHEL system unregister element earlier
This does not need to be the last finalise step, and some late finalise
steps can disable the network (for example, Octavia amphora DIB cleans
resolv.conf at 99) Moving it to 60 also aligns it with rhsm-unregister
rhel6 element, and still allows to run subscription-manager steps
before.

Also fix an unbound variable error that appeared when both
BASE_IMAGE_FILE and DIB_CLOUD_IMAGES are unset.

Change-Id: Icb0e20b01479fea345e01309fc4bf3f7f639900c
2016-06-22 17:10:04 +02:00
Jenkins
f9d3bf0b1c Merge "Pre-install pip/virtualenv packages" 2016-06-17 05:05:11 +00:00
Ian Wienand
a85ce75d6b Pre-install pip/virtualenv packages
If we're installing pip/virtualenv from source, we need to make sure
we pre-install the packaged versions before the upstream
versions. Otherwise, CI jobs later on that depend on packaged versions
of pip/virtualenv can bring them in and overwrite the upstream
versions we have installed, which leads to a heck of a mess and
usually very confusing failures.

I have also moved in a small hack from system-config:install_puppet.sh
that we found was necessary when using pip versions from upstream.

Note this is not as much of an issue on Debian/Ubuntu, as they keep
their pip packages in a separate place to the system packages, so you
don't have these overwite conflicts as much.

Change-Id: Ib40708c07b939b84661c44df88a5a308fd0c7216
2016-06-17 09:20:57 +10:00
stephane
7eb72c0874 Ironic agent kernel should be owned by user building image
The initramfs file created by the ironic-agent element is
owned by the user running disk-image-create; ensure that
the other files created by the element are also owned by
the user.

Change-Id: I829db5b8e8bf1fc68face9cd2bda52d2a5ccdd4f
Closes-Bug: 1593010
2016-06-16 14:28:23 -07:00
Jenkins
d9525cfee9 Merge "Add cinder-backup mappings" 2016-06-10 01:20:45 +00:00
Ian Wienand
b9fdc70e32 Move pkg-map to dib-python
The latest Fedora/Ubuntu images don't ship python2 by default, so we
need to use our dib-python wrapper for this so we work in python3 only
environments.

Closes-bug: 1577105
Change-Id: I1048ceef35f269960216066924986eec6117ca00
2016-06-08 21:16:50 +00:00
Erno Kuvaja
6fd6b3bb25 Add cinder-backup mappings
'cinder-backup' to 'openstack-cinder-backup' mappings where necessary

Change-Id: I5f57401295d655112f0ad1d6442268df149daa7e
2016-06-07 14:15:47 +02:00
Jenkins
fb92e61082 Merge "Add cloud-initramfs-growroot for Precise" 2016-06-07 01:14:10 +00:00
Jenkins
dc149ec9fd Merge "Add release to pkg-map" 2016-06-07 01:01:09 +00:00
Jenkins
fb6fa48f85 Merge "Export FS_TYPE and remove hardcoded ext4 values" 2016-06-07 01:01:04 +00:00
Jenkins
13323c9495 Merge "Export die() function" 2016-06-07 01:00:50 +00:00
Jenkins
536e8a2dd2 Merge "Cleanup source-repositories output" 2016-06-07 00:59:02 +00:00
Ian Wienand
74d0185dde Cleanup source-repositories output
This element takes up a *huge* part of the logs of openstack-infra
builds as we go and cache every git tree.

This silences most of the noise which will reduce the mess
in the logs considerably.

Note that we've had logging on this turned down since
I91c5e55814ba9840769357261d203f4850e2eba6 but it has been
ineffective in stopping the log-spew output, see the
dependency change.

Change-Id: I60f06f84d57087c82b3907575bff125015d35171
Depends-On: I1e39822f218dc0322e2490a770f3dc867a55802c
2016-06-06 15:57:39 +10:00
Jenkins
38dcce0fc4 Merge "Fix variable unbound error while REPOREF="*"" 2016-06-02 05:20:37 +00:00
Jenkins
419568884c Merge "Rework yum-minimal locale cleanup" 2016-05-31 06:42:20 +00:00
Ian Wienand
f5dff9c52a Rework yum-minimal locale cleanup
It turns out our manual locale cleanup is causing issues (see
I54490b17a7f8b2f977369044fcc6bb49cc13768e).  Upon further
investigation, I think this is a better approach than manually
deleting repos.

glibc on Fedora obeys the %_install_langs macro for reducing the
installed locales (as mentioned in the comments, F24 has moved to
having different packages, but worry about that later).

So our existing clear-out is really only required for CentOS, whose
glibc does not have any way to indicate to build less locales.
However, %_install_langs is still correct there, as it restricts some
of the translation files and other things installed with the %lang
macro in spec files.

This is complicated by us having to set this at glibc-common install
time, which happens with the "yum" from outside the chroot (i.e. on
trusty).  Since this is too old to have flags to pass this, we need to
fiddle with rpmmacros.

I've tested this with fedora-minimal builds and the locales file is
about 2MiB, which is what it was after the cleanups, and the listed
locales are only those we expect (i.e. it appears to be working).

Change-Id: I528a68beeb7b2ceec25ccbec1900670501608158
2016-05-31 15:14:24 +10:00
Andreas Florath
9fbc462e00 Remove Fedora 21 from test-build
Because Fedora 21 is EOL, the appropriate cloud images were
removed from the mirrors during the last days.
Because of the removal, currently all CI tests are failing.

This patch removes the Fedora 21 CI tests.

(Adding and supporting Fedora 23 is done with another patch -
because some additional changes are needed here.)

Change-Id: Ib85bb6fafd4f56ecc55dd420048f4d9e6e6969f3
Signed-off-by: Andreas Florath <andreas@florath.net>
2016-05-30 22:54:58 +02:00
Ian Wienand
7550d25db0 Export die() function
I realised I'd been using die() in a few places assuming it was
available, but it wasn't exported.  I guess it didn't matter because
whatever was wrong, we were failing anyway :)

This exports the function to make it available to sub-processes, which
should remove the need to source it as done in several places.

Change-Id: I7b9a5a6db406e160099b6ed9fde80455ae227327
2016-05-27 09:25:22 +10:00
Jenkins
5f4cac3303 Merge "Add a best-effort sudo safety check" 2016-05-26 17:31:00 +00:00
Liu Qing
d3255835d1 Fix variable unbound error while REPOREF="*"
If REPOREF="*", HAS_REF will be used without initialization. As -u is set
the script will terminate with error.

Change-Id: Ic1d88415adfef66dfc6c1d92610a45a9eb6359f3
Signed-off-by: Liu Qing <liuqing@chinac.com>
2016-05-26 09:24:59 +08:00
Jiri Stransky
1e9cf3a1c8 Remove deprecated overriding of cloud-init defaults
The "set to localhost by default" behavior for manage_etc_hosts has been
deprecated for more than a year now by change
Ia8582883f737548e2911d3f36a1943e5b236281b.

Setting that value to "localhost" is still possible, but it won't be the
default anymore. If the previous behavior of assigning the hostname and
FQDN to 127.0.0.1 is still desired in some environments, it can be
achieved by setting the DIB_CLOUD_INIT_ETC_HOSTS environment variable,
as the deprecation warning message suggested.

Change-Id: I5a19d46e2f305769a0c89c9d25d2e6be02910221
2016-05-23 17:44:32 +02:00
Jenkins
f0b57d5efd Merge "Fix apt-sources configuration for debian-minimal" 2016-05-21 20:10:18 +00:00
Ian Wienand
244f0a0001 Add cloud-initramfs-growroot for Precise
Add a pkg-map to install cloud-initramfs-growroot on Precise, as it is
required there because the kernel is too old to use growroot on a live
file-system.  This was generically removed in
e23b087505.

Change-Id: I5e6cbc4b74dc72a6f23f73a018c028f3ff7c0157
2016-05-20 14:32:41 +10:00
Ian Wienand
716b8e14fe Add release to pkg-map
Add ability to filter in pkg-map on release, which defaults to
DIB_RELEASE.  As per the examples, release is a more specific target
than distro, but distro still has to match.

Added a debug flag and ability to use a pkg-map directly for
debugging/development.

Change-Id: Ie282f96966e46236b06bc276de0168fc7a66c5da
2016-05-20 14:26:25 +10:00
Paul Belanger
be521bdec6 Export FS_TYPE and remove hardcoded ext4 values
Export FS_TYPE from img-defaults and use it to remove hard-coded
defaults in the debootstrap mounting.  Also, cleanup the suse element
as it should have access to the exported variable.

Change-Id: Ie9b671ca9336060a5ad294be48aa7eff442bf066
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-05-19 17:33:36 +10:00
Jenkins
95c874abb9 Merge "Add dhcp-all-interfaces.target for syncing units" 2016-05-18 19:39:10 +00:00
Jenkins
2fffc9f892 Merge "Fix path issue for locale-archive.tmpl" 2016-05-16 22:01:47 +00:00
Jenkins
02822dc6b9 Merge "Add centos7 test" 2016-05-16 21:43:28 +00:00
Paul Belanger
0478fb15db
Fix path issue for locale-archive.tmpl
Change-Id: Id589c16aab46d447b3c21f00f3acfd06890e43d2
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-05-16 09:23:58 -04:00
Sam Betts
eb99fe7144 Add dhcp-all-interfaces.target for syncing units
Currently there is no way for a service to become aware that
dhcp-all-interfaces is finished configuring all the interfaces at
boot time. This causes problems for applications like the
ironic-python-agent which scans the interfaces when it first starts as
part of the inspection stage and can race against dhcp-all-interfaces
bringing up the interfaces, leading to inconsistent results.

This patch ensures that the dhcp-all-interfaces script runs before any
network interface is configured and brought up by the rest of the
system, and also ensures that the ironic-agent element also waits for
the network to be online before starting. This is done by using the
network targets provided by systemd.

Change-Id: Id9583b7f54361aa603a6229da598ad6a0f0f7938
2016-05-16 10:15:53 +01:00
Ian Wienand
5d23abb338 centos-minimal: can be used with base
I'm not sure why this comment is here.  base works with centos-minimal
(we changed it in I2956aaa49ba3137a799f97e0983ab4b7c93a0a0c) and we've
got images deployed with such a configuration.

Update the comment

Change-Id: I3207f87dc29280183c0960ea863533a4d441081c
2016-05-16 13:36:55 +10:00
Jenkins
d253a94187 Merge "Do not remove sudo in ironic-agent" 2016-05-16 01:41:08 +00:00
vmud213
45628993e8 Do not remove sudo in ironic-agent
"ironic-agent" element is currently removing sudo, which breaks other
elements such as devuser.  There appears to be no security or other
reason to do this, it's just the way it has always been.  Leave sudo
in as it is considered part of the base cloud images.

Change-Id: Ida9b1885f745146071e4b2d85ae59341ac85d5c8
Closes-Bug: #1572486
2016-05-16 10:39:04 +10:00
Andreas Florath
92355004d9 Fix apt-sources configuration for debian-minimal
The apt-sources element did not work with debian-minimal, because
the later one overwrote the /etc/apt/sources.list file created by
the apt-sources element.

Two changes were made:
o the debian-minimal uses now files inside the /etc/apt/sources.list.d
  directory.  Therefore there is no possibilty for clashes between those
  two elements any more.
o instead of only adding backports, also the updates and the security
  repository is added by default which gives perfect initial
  configuration for a stable system.
  If you want to use local mirrors with other naming schemas or an
  unstable tree, there is the possibility to fully specify the
  repositories.

Change-Id: I69dbaa34be3db3d667e6bd8450ef4ce04a751c70
Signed-off-by: Andreas Florath <andreas@florath.net>
2016-05-13 09:26:49 +02:00
Jenkins
77d03556df Merge "Add EPEL as requirement of centos-minimal" 2016-05-13 03:18:58 +00:00
Jenkins
0a3d9999d6 Merge "Add install-bin element" 2016-05-13 03:00:25 +00:00
Jenkins
36a86afdad Merge "Install proliantutils in IPA's virtualenv" 2016-05-13 01:54:06 +00:00
Gregory Haynes
642f906476 Add install-bin element
The various distro elements include a copy of this script which installs
all files in the bin/ dir of the copied element hooks in to
/usr/local/bin. Lets share code rather than repeating ourselves.

Change-Id: I354382f8c42ede2e9b8c548b7df8367c03e6836e
2016-05-13 11:52:23 +10:00
Jenkins
8cb8806227 Merge "yum-minimal : better cleanup of initial yum failure" 2016-05-13 01:04:33 +00:00
Jenkins
88a9365816 Merge "yum-minimal: strip locale archive" 2016-05-13 01:04:27 +00:00
Jenkins
5657852b22 Merge "Fix up EPEL element" 2016-05-13 01:04:24 +00:00
Ian Wienand
672705831f Add a best-effort sudo safety check
As motivation for this; we have had two breakouts of dib in recent
memory.  One was a failure to unmount through symlinks in the core
code (I335316019ef948758392b03e91f9869102a472b9) and the other was
removing host keys on the build-system
(Ib01d71ff9415a0ae04d963f6e380aab9ac2260ce).

For the most part, dib runs unprivileged.  Bits of the core code are
hopefully well tested (modulo bugs like the first one!).  We give free
reign inside the chroot (although there is still some potential there
for adverse external affects via bind mounts).  Where we could be a
bit safer (and could have prevented at least the second of these
breakouts) is with some better checking that the "sudo" calls
*outside* the chroot at least looked sane.

This adds a basic check that we're using chroot or image paths when
calling sudo in those parts of elements that run *outside* the chroot.
Various files are updated to accomodate this check; mostly by just
ignoring it for existing code (I have not audited these calls).

Nobody is pretending this type of checking makes dib magically safe,
or removes the issues with it needing to do things as root during the
build.  But this can help find egregious errors like the key removal.

Change-Id: I161a5aea1d29dcdc7236f70d372c53246ec73749
2016-05-09 15:41:38 +10:00
Colleen Murphy
b5f51322a3 Fix OpenSUSE support
The dhcp-all-interfaces and simple-init elements did not have the ISC
DHCP Client package mapped for OpenSUSE, which caused DIB to fail with
"'isc-dhcp-client' not found in package names. Trying capabilities."

Similarly, the bootloader element did not have the grub-pc package
properly mapped for OpenSuse, which caused DIB to fail with "Package
'grub-pc' not found.".

This patch adds the package mappings for these elements so that the
opensuse element can be created and booted successfully.

Change-Id: Ife478158fec3a95de73a9206b38dcc6511d56cc8
2016-05-03 22:23:51 -07:00
Jenkins
83b607557e Merge "Remove cloud-initramfs-growroot package" 2016-05-03 13:24:53 +00:00
Nisha Agarwal
9d397d2568 Install proliantutils in IPA's virtualenv
The proliant-tools element helps to do RAID
configuration in ironic for HPE servers.
This fix proposes to install the proliantutils
in ironic-python-agent's virtualenv created
using ironic-agent element.

Closes-Bug: 1563648
Change-Id: If63c725a42740ab244a2b4004797cba09d0f154e
2016-05-02 01:56:26 -07:00
Ian Wienand
11128b0673 Use generic "dhcp-client" name
Every platform has a different name for their DHCP client, so use a
generic name "dhcp-client" in the package name and let everyone choose
their sub-name.  This also brings some consistency across simple-init
& dhcp-all-interfaces

Change-Id: I797aa7aacb13dfb7f35700463dc11d55552eb108
2016-04-22 11:31:54 +10:00
Gregory Haynes
a078e780ca dhcp-all-interfaces depends on dib-init-system
This element uses the dib-init-system command and therefore depends on
the element.

Change-Id: I1374500fb5b79e0f0c9c41346b5b7baf3f7755aa
2016-04-22 09:23:11 +10:00
Gregory Haynes
e096337a21 dhcp-all-interfaces depends on dhcp
Add package dependency for dhcp client

Change-Id: I63683485a5c5dbe65bfc38c8d64a88ee5549fda8
2016-04-22 09:23:09 +10:00
Jenkins
33d7e8b25e Merge "Add Gentoo to the dhcp-all-interfaces element" 2016-04-21 23:03:24 +00:00
Matthew Thode
de0cddc390
Add Gentoo to the dhcp-all-interfaces element
This makes use of the dhcpcd package and it's ability to run on all
interfaces by default.  We disable the privacy extensions and dhcp
overriding the hostname (both are enabled by default).  Other than
that it 'just works' and was the method used to bring up interfaces
on Gentoo Openstack images before we switched to building with DIB.

Change-Id: I02c14927d70b22f560c6fc149fefca0f93933f56
2016-04-21 16:40:06 -05:00
Jenkins
45afd99012 Merge "Handle unconfigured interfaces for dhcp-all-ifaces" 2016-04-21 05:23:37 +00:00
Jenkins
874fef9fe9 Merge "Really remove all interfaces in dhcp-all-ifaces" 2016-04-21 05:23:31 +00:00
Ian Wienand
7aa9157c33 yum-minimal: strip locale archive
Rather than removing all locale related stuff in cleanup, strip the
locale archive and rebuild it.

Building just en_US (along with POSIX/C) brings things inline with
debootstrap.  As discussed in the bug referenced, this is about the
best we can do for Centos7.

Fedora 24 has split languages out into packages so we don't have to do
this, but I have not dealt with that yet.  A guard is put in place so
we make sure we revisit this when we try to build F24.

Change-Id: I3f384d23e52effd6a09f47134746caa4a5c586be
2016-04-21 15:00:13 +10:00
Jenkins
a6754a5c3a Merge "Move selinux restore to end of finalise" 2016-04-21 04:30:08 +00:00
Abel Lopez
b2a2368844 Change to latest CentOS-6 image
cloud.centos.org appears to have changed their naming for images.
This latest iteration drops the YYYYMMDD in favor for YYMM, but
also has a 'latest' available without the date stamp.

This change will mean we no longer have to submit new code reviews
whenever centos changes.

Change-Id: I5a6a0de822561c1d0681abb9487993acf55918f1
2016-04-20 10:44:09 -07:00
Ian Wienand
6a1eb2457c Move selinux restore to end of finalise
After a bit of spelunking, I90d0c96d5659326ba67d6119b96d9a4113adf7fe
was the original change that introduced the setfiles here rather than
autorelabel at boot time.

Touching the autorelabel file probably makes sense somewhere low, but
when we start relabling the file system we really should be doing that
as late as possible so we fix up everything that has come before.
Move this to 90 to capture this.

Change-Id: Iae0afe850f52ec3b59c49507fa9bbcc1c8f8cfa1
2016-04-20 13:52:37 +10:00
Ian Wienand
e2c0d16f84 yum-minimal : better cleanup of initial yum failure
If the initial yum install into the chroot fails, we can leave behind
a lockfile and an incorrectly modified rpmmacros.

Change this so we run the cleanup unconditionally.

Change-Id: Ia9f9c4c845e5f34d33ff9a4ab7226c9175283757
2016-04-20 09:42:42 +10:00
Jenkins
1fabb01a4f Merge "Prioritize venv python on host" 2016-04-18 23:17:28 +00:00
Jenkins
146be596f6 Merge "simple-init: Fix path for /etc/ssh test" 2016-04-18 19:37:35 +00:00
Jenkins
20def6a0cb Merge "dib-run-parts: make cp to target root more robust" 2016-04-18 19:37:29 +00:00
Jenkins
4dced6e90d Merge "Fix add-apt-repository package for precise" 2016-04-18 19:17:09 +00:00
Ian Wienand
a8d8724e3c Add EPEL as requirement of centos-minimal
I guess I hadn't tried centos-minimal without the puppet elements that
install this for us.  But the "base" element wants dkms, which is only
in EPEL for centos.  But it's a helpful convenience so is globally
useful.

Change-Id: Ia9af97efdbd855fb8202353196ad649093788cb8
2016-04-16 07:03:39 +10:00
Ian Wienand
2dc4154724 Fix up EPEL element
For whatever reason, RHEL identifies itself with DISTRO "rhel" for 6
and "rhel7" for 7, but centos just uses "centos" and DIB_RELEASE.  So
this was wrong and installing EPEL6 on centos7.

But we can simplify it completely for centos because that comes with
the epel-release package already included.

Change-Id: I2b8f5d30b850fef46b4a5ba32a917abcbf25932c
2016-04-15 12:37:22 +10:00
Jenkins
4f6ce09385 Merge "Support to add certificate in ironic-agent" 2016-04-14 18:30:04 +00:00
Aparna
cd66aebf40 Support to add certificate in ironic-agent
This commits provides support to add certificate while
building the image using ironic-agent element. The
certificate can be CA certificate or self-signed certificate.

The certificate is set to the environment variable
'DIB_IPA_CERT' which in turn is used by the ironic-agent
element while building the image.

Change-Id: I648f7934d4787dcc3030885cfca771b642a9595e
2016-04-14 13:42:36 +00:00
Clint Byrum
4ceb40e13d simple-init: Fix path for /etc/ssh test
The cleanup path was fixed, but not the actual test.

Change-Id: If9ff4ee55604fa317a9a5bda0eee0b2783ef079a
2016-04-13 14:53:21 -07:00
Jenkins
67bef7ed16 Merge "Debian: dont set always the hostname to debian" 2016-04-11 08:31:55 +00:00
Jenkins
a6dd8d6b5a Merge "Turn down tracing for source-repo cache" 2016-04-11 06:12:49 +00:00
Jenkins
69c811870c Merge "Fix ssh key cleanup to run in chroot" 2016-04-06 19:12:56 +00:00
Ben Kero
e64a6f8c9a Fix add-apt-repository package for precise
Running 'disk-image-create -a amd64 -o precise vm precise' will fail to
build with the following error [1]. To fix this, we should split out the
switch-case to allow base to install the 'software-properties-common'
package.

[1]

dib-run-parts Fri Mar 18 18:43:16 UTC 2016 Running /tmp/in_target.d/pre-install.d/03-baseline-tools
Hit:1 http://mirrors.cat.pdx.edu/ubuntu precise InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package python-software-properties is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  software-properties-common

  E: Package 'python-software-properties' has no installation candidate

Change-Id: I011f02fcf70df9d1d6fa30ed89907fbc2588937e
2016-04-06 11:08:07 -07:00
Jenkins
74822636c3 Merge "Revert "Skip centos functional testing"" 2016-04-06 17:21:21 +00:00
Gregory Haynes
00d9a9d396 Fix ssh key cleanup to run in chroot
Right now this removes the ssh keys on the build host. Obviously this is
not what we want.

Change-Id: Ib01d71ff9415a0ae04d963f6e380aab9ac2260ce
2016-04-06 17:11:59 +00:00
Saverio Proto
0d364d49cf Debian: dont set always the hostname to debian
If we dont force the hostname to be debian, the hostname will
be the one choosen when creating the instance with horizon

This bug was introduced when the debian element was split
into debian and debian-minimal and debootstrap in commit 23aa76df

Change-Id: I007a3531f6876890a2e113082211889ec5ead1a1
2016-04-06 11:05:53 +02:00
Clark Boylan
677619b1cc Remove ssh host keys when using simple init
In order for glean to operate properly and regenerate ssh host keys it
needs to start on a host without any ssh host keys. We hadn't been doing
this meaning that new host keys were not generated on images using
simple-init. Fix this by having simple-init delete any host keys found
in /etc/ssh late in the build process.

This should force glean/sshd to generate new host keys on first boot
depending on the distro.

Change-Id: Ic917387d92febf21c2cc37dfc1fa83fcf0c8e469
2016-04-06 05:47:37 +00:00
Antoine Musso
33cd0fb40f dib-run-parts: make cp to target root more robust
The dib-run-parts/root.d/90-base-dib-run-parts script would mysteriously
fail whenever the dib-run-parts is not in the path.  The install
commands complaining with:

install: missing destination file operand after
'/tmp/image.ILFTBYVy/mnt/usr/local/bin/dib-run-parts'

The reason is chaining a command in exec bypasses set -e. For example:

 exec /bin/ls $(which doesnotexist)

Will works and continue.

Handle the which lookup in a variable to have the script abort
immediately whenever dib-run-parts is not found.

Left an inline comment to make sure the fix is kept around in the
future.

Signed-off-by: Dan Duvall <dduvall@wikimedia.org>
Change-Id: Ibb5d7342b0d06483b84f9dd567e1cc0bf90f194e
2016-04-05 16:29:57 +02:00
Jenkins
792036ec62 Merge "ironic-agent postinst fails on systemd with no iptables" 2016-04-04 19:35:42 +00:00
Jenkins
fd806e9f42 Merge "Set tgtd not auto-start on OS boot time." 2016-04-02 16:28:43 +00:00
Jenkins
f80aff3645 Merge "ironic-python-agent should use console output" 2016-03-31 23:54:23 +00:00
zhangjian
fd7ccf97ee Set tgtd not auto-start on OS boot time.
Tgtd starts after OS boots up automatically, listens on the port 3260,
which cause lio fails to bind the same port later.
This patch removes the auto-start script of tgtd.

In IPA service, lio or tgtd would be used to create iscsi target.
If tgtd be chosen, IPA will start tgtd before iscsi setting.
IF lio be chosen, tgtd would keep not running.

Change-Id: Ic62055ac2f9252df832739631bfcbabfac0f9c4e
Closes-Bug: #1554987
2016-03-29 06:29:38 -04:00
Jenkins
81633f69c8 Merge "add pkg-map to pip-and-virtualenv element" 2016-03-24 05:12:13 +00:00
Jenkins
caf0c404cc Merge "Set default locale to image in debootstrap element" 2016-03-23 06:52:49 +00:00
Gregory Haynes
6bdb810f38 Handle unconfigured interfaces for dhcp-all-ifaces
On ubuntu, if an interface exists but is unconfigured then ifquery
$iface will return 0 but no output. This will cause dhcp-all-interfaces
to not attempt to dhcp on that interface.

Change-Id: Ic1532728ae9ca6d759714392f727d25b814ef336
2016-03-23 06:00:49 +00:00
Gregory Haynes
4f4fab979e Really remove all interfaces in dhcp-all-ifaces
As the doc says, we want to remove all interfaces that come by default
in cloud images. Cloud images also come with an eth1 though, so lets
just remove all interfaces.

Change-Id: I49c74a3285e6a610ac723bdf976f3727d2736749
2016-03-23 05:57:56 +00:00
Jenkins
683757e572 Merge "Remove all interface configs for simple-init" 2016-03-22 16:08:29 +00:00
Jenkins
3db1f42220 Merge "Note requirement for parted on gentoo hosts" 2016-03-22 07:41:00 +00:00
stephane
dd7648277f ironic-agent postinst fails on systemd with no iptables
Where the base install for the image uses systemd but
the iptables service is not present, the postinstall
script for the ironic-agent element can fail. This is
due to 'systemctl disable iptables.service' returning
an error status when the service isn't present. Check
whether the service is enabled using 'systemctl
list-unit-files'.

Change-Id: I8069b062a27caead4097747d7aeae24a5262e117
2016-03-21 19:27:57 -07:00
Matthew Thode
66c90cac9b
add pkg-map to pip-and-virtualenv element
Add a pkg-map file so that Gentoo can avoid polluting the FS with
files not tracked in the package manager.

Changed the directory name so that the source-install method would
actually be disabled when DIB_INSTALLTYPE_pip_and_virtualenv=package
is set.  Also changed source-repository line to be consistent with
the element name.

Change-Id: I5225bd7113ff2588c755ad4cd4ae9a2d78fff196
2016-03-21 20:12:37 -05:00
Ian Wienand
8c837409b8 Turn down tracing for source-repo cache
If you check logs like [1] it's literally thousands of lines of the
same thing over-and-over as the git caching happens.  It is basically
all just noise unless you're debugging it specifically.  Up this to
tracing level 2 ("-x -x") to see it.  Add a note in the help about
multiple flags, which has always been intended but not documented.

Image builds should continue to run with single "-x", but we could
probably greatly increase signal:noise ratio in the logs with a little
more judicial use of this to turn down some of the very noisy &
repetitive parts.

[1] anything in http://nodepool.openstack.org/

Change-Id: I91c5e55814ba9840769357261d203f4850e2eba6
2016-03-22 09:57:30 +11:00
Gregory Haynes
6f542c7c32 ironic-python-agent should use console output
It is standard to IPA to log to the console for easy debugging by
watching the server console.

Change-Id: I2beb75a99824f0cf1ec88d0ecb54baa4e73f6f15
2016-03-21 20:31:31 +00:00
Jenkins
29d9eeaa7f Merge "Add psmisc to the packages for ironic-agent" 2016-03-21 18:42:07 +00:00
Jenkins
ac94cf2a4e Merge "Add testing for the Gentoo element" 2016-03-21 07:59:55 +00:00
Nisha Agarwal
55ea2b5633 Add psmisc to the packages for ironic-agent
This commit adds 'psmisc' and 'dosfstools' to the required
packages for ironic-agent element which in turn
installs ironic-python-agent and ironic-lib.
The ironic-lib requires the fuser command to be executed,
which needs the package 'psmisc'. Similarly mkfs with
'vfat' requires 'dosfstools' package.

Closes-Bug: 1554075
Change-Id: If421f2394c34bb938813d0e15e5085d093215921
2016-03-21 00:01:57 -07:00
Ben Kero
71cf0662e2 Add new posix element.
This element installs package to ensure that the resulting image
provides the binaries outlined in posix specification [1]. This solves
some problems such as cron missing from the ubuntu-minimal images, and
hopefully minimizing the problems from similar problems in the future.

This is the image size difference:

Resulting qcow image sizes:

                Ubuntu      Ubuntu-Minimal    Debian    Centos7
        None    334MB       330MB             352MB     470MB
        Posix   353MB       375MB
        Posix+  354MB       374MB             406MB     471MB

        Posix+ = Posix + gcc + cssc

[1] http://pubs.opengroup.org/onlinepubs/9699919799/idx/utilities.html

Change-Id: I2a8f77bf8a0fdb04b328e56425d43a60eb3f7eed
2016-03-20 10:42:34 -07:00
Jenkins
9c5cd224a5 Merge "Add lshw package to ironic-agent" 2016-03-20 15:08:03 +00:00
Matthew Thode
8fc5a17f3a
Note requirement for parted on gentoo hosts
The vm element makes use of parted.  In order to create partitions
parted needs to be installed, growroot does not work without partitions.

Change-Id: Ib46cb818e0116f050de01f9a19e6041328d6d478
2016-03-19 22:04:05 -05:00
Gregory Haynes
3cb4273590 Remove all interface configs for simple-init
We are currently removing only eth0 network config in the simple-init
element (since simple-init is responsible for networking if you are
using it). We install an eth1 as well in elements such as debootstrap.
Lets just rm eth*.

Change-Id: Id9ea8c5e402f3a06b9064a939ad4b2e168cd6223
2016-03-19 04:17:34 +00:00
Yolanda Robla
af84759e12 Set default locale to image in debootstrap element
Set is to C.UTF-8 as default, to reuse what is
available on this base image.

Change-Id: I3d2517582b836b2c6ec05538e6f9c58cada66965
2016-03-18 10:04:50 +01:00
Gregory Haynes
71eab09539 Make ubuntu-core support releases
Right now we hard code in a path for an alpha release image. There are
release of ubuntu-core now so lets support them.

Change-Id: Ice989d32e0910cbbfb711e06adb33b07682856c9
2016-03-17 16:40:10 +00:00
Matthew Thode
9707cf5282
Add testing for the Gentoo element
This commit adds testing for the gentoo element based off of the debian
element.  In adding testing support a couple of additional errors were
found and corrected, namely the following.

* shm is not in /proc/mounts though it is valid for use based off of
  the sticky flag.
* The path in ELEMENTS_PATH needs to be pruned to be usable.
* Added uuidgen-runtime to the list of packages installed for Ubuntu
  as the new ubuntu-trusty image does not ship with it.

Change-Id: I0d2768a912b350e1b2cf40d2fd227fdc767b1bcb
2016-03-17 00:13:32 -05:00
Jenkins
3fca968164 Merge "Don't cache debootstrap rootfs by default" 2016-03-16 00:06:18 +00:00
Jenkins
b7957e29fe Merge "centos-minimal does not provide base" 2016-03-14 03:27:56 +00:00
Jenkins
9b3d7504c5 Merge "yum-minimal: clear our rpm/dnf/yum data in chroot" 2016-03-13 23:44:49 +00:00
Jenkins
2a10525efe Merge "Create new partitioning-sfdisk element." 2016-03-12 20:00:12 +00:00
Jenkins
4216b23654 Merge "Adding InfiniBand Support" 2016-03-12 19:21:19 +00:00
Jenkins
1308ec4bc2 Merge "debian-minimal: configurable debootstrap components" 2016-03-12 19:13:03 +00:00
Jenkins
63336d1f6f Merge "Add force-confdef in debian package install" 2016-03-12 19:05:00 +00:00
Jenkins
6d1bc6f1c3 Merge "Refactor growroot for debuggabilty" 2016-03-12 19:04:22 +00:00
Jenkins
48587b3e93 Merge "Depend on ifupdown in simple-init" 2016-03-12 19:04:04 +00:00
Ian Wienand
204da89128 centos-minimal does not provide base
The "base" element is included by default, and if centos-minimal tries
to provide it then we die because two elements are providing the same
thing.

Change-Id: I2956aaa49ba3137a799f97e0983ab4b7c93a0a0c
2016-03-10 13:51:08 +11:00
Moshe Levi
9074f5f1fc Add lshw package to ironic-agent
This patch add the lshw utils to allow the agent
to retrive the vendor name. It also keeps the
/usr/share/misc/pci.ids file for Ubuntu distro.

Change-Id: I2828a7e585449f63887ad5a2e338b4e043d68e63
2016-03-09 12:54:57 +02:00
Ian Wienand
6f622fb7c9 yum-minimal: clear our rpm/dnf/yum data in chroot
I have seem some occasional odd failures coming from the "dnf -y
update" done by elements/base/install.d/00-up-to-date.

dnf seems to sometimes think a package is not installed when it really
is.  It then seems to try and re-install them, but notices they are
installed, and then bails with a failure exit [1].  The packages that
seem to cause this vary, but the common thread is that they seem to
have all been installed during the initial phase of installing the
package manager in the chroot.

I suspect that when we are building the chroot, we do our initial
install with the "external" yum & rpm.  Then we start using the
dnf/yum in the chroot, but we're actually using meta-data created by
the *external* tools -- which could be vastly different versions or
who-knows-what.  While I honestly I don't have an exact root cause,
empirically I've found rebuilding the rpm db always seems to fix
things up.

So this change takes care to rebuild the rpm db with the chroot
version of rpm, and clear out the package metadata for a refresh with
"update".  This should hopefully put us in a consistent state.

[1] http://paste.openstack.org/show/487356/

Change-Id: I565df23897ae511356c4861fdbe63823fa6b6ff9
2016-03-08 14:53:52 +11:00
Yolanda Robla
e083686e00 Create new partitioning-sfdisk element.
This element is similar to vm, but allows more flexibility
on disk partitioning. It receives a DIB_PARTITIONING_SFDISK_SCHEMA
setting, allowing to partition the disk according to project needs.

Change-Id: I01dca5d5fd670d317f7761911a1549507de6e97d
2016-03-07 19:50:55 +01:00
Jenkins
8b0d124a0e Merge "Fix spurious = in dib-python readme" 2016-03-07 04:59:22 +00:00
Jenkins
700445b3db Merge "Fix cloud-init-disable-resizefs README title" 2016-03-07 04:49:53 +00:00
Gregory Haynes
fbabe0b663 Fix spurious = in dib-python readme
Change-Id: I51e7961fab7f3eeaf3ce4eeb1dd5e6981eefb154
2016-03-07 04:47:35 +00:00
Jenkins
6e29b45d90 Merge "Replace sfdisk partitioning with parted" 2016-03-03 12:35:50 +00:00
Gregory Haynes
6ee7da704d Fix cloud-init-disable-resizefs README title
Element readme's need to start with a title that matches the element
name.

Change-Id: Idf48f70e112af1f17d398155a317872b1d569f21
2016-03-01 21:49:10 -08:00
Matthew Thode
175e292ec1 Add Gentoo to the list of supported distributions
We also document any additional package needed.

Change-Id: I7b9193fa5711138287f587935fc864fee4f95856
2016-02-29 12:20:50 +00:00
Gregory Haynes
cb15e7ef33 Prioritize venv python on host
If we are being run from a python 3 virtualenv where python2 is also
available on the host we will use the hosts' python2 over the virtualenv
python3 (even if the virtualenv is higher precedence in PATH).

Change-Id: I9a25b9e45845a4121aab8250fd53c6f006825742
2016-02-28 20:50:02 -08:00
Jenkins
103b7dea6d Merge "Fix building on gentoo hosts" 2016-02-27 14:44:46 +00:00
Jenkins
de4d0392d5 Merge "Install IPA in a virtual environment" 2016-02-26 16:23:37 +00:00
Jenkins
cebdba1f9c Merge "Revert "Correct rhel-common for rhel6"" 2016-02-22 16:57:40 +00:00
Matthew Thode
dacfc23c36
Fix building on gentoo hosts
This patch fixes the profile autodetect.  If the profile was passed at install
time, it would overridden by the environment.d script.  This was fixed by
accepting the value passed by the user, if one was passed.

The enviroment.d file is run outside of chroot, because of this eselect will
not be available on non-gentoo systems.  We change the behavior to work
elsewhere, it was not working on non-gentoo systems and giving bad results on
gentoo systems (returing values from the host, not the guest being built).

This patch also fixes shm detection by checking if it is mounted already.

Change-Id: Ie58d8e19529a731bfbc9eeb4bb246988d1aaa772
2016-02-21 22:46:13 -06:00
Monty Taylor
74487a383c Depend on ifupdown in simple-init
Newer distros, such as debian jessie and ubuntu xenial, do not provide
ifupdown by default, but simple-init depends on it. Add it to the pile.

Change-Id: I6f4876863c67c65a82464d4e0593015cdc839c5c
2016-02-20 08:19:21 -06:00
Jenkins
05edfb6d20 Merge "Don't remove python3 & grubby in 99-remove-extra-packages" 2016-02-19 01:46:38 +00:00
Ben Nemec
a342036e75 Revert "Correct rhel-common for rhel6"
This is breaking deployments that use registration.  I
believe os-refresh-config scripts don't source environment.d
files, so the variable is unset there.

Given that this a blocking issue for RHEL deployments, I'm
pushing a quick revert and we can come up with a proper fix
when this isn't stopping other work.

This reverts commit 71bd8b3a33.

Change-Id: I87504660352220d45f5445bb933edc1c28885fcb
2016-02-17 22:17:11 +00:00
Moshe Levi
14b900d3c9 Adding InfiniBand Support
This patch update the find_interface to lookup
for InfiniBand interface according to it's BOOTIF

Closes-Bug: #1532534

Change-Id: I21b91cfd10888ac036f6347a0a44cdca422830a6
2016-02-17 04:43:29 +00:00
Jenkins
352e58ceb7 Merge "yum-minimal: pre-install base packages" 2016-02-17 00:25:08 +00:00
Yolanda Robla
d5a6a7cb44 Add force-confdef in debian package install
In certain cases, with packages cached that need an upgrade,
when performing that action the system hangs waiting for
a prompt.
Add force-confdef option, that will let dpkg overwrite
configuration packages that were not modified. In combination
with already existing force-confold flag, it will allow
to avoid any conffile prompt.

Change-Id: Ifb177f9ac2c9ad29f8b92309c5b8cfe8e60a4e14
2016-02-16 14:10:19 +01:00
Lucas Alvares Gomes
006b3e6228 Install IPA in a virtual environment
In order to avoid conflict with installing dependencies for IPA from
pypi and distribution packages this patch propose installing IPA in a
virtual environment.

Closes-Bug: #1506792
Change-Id: I6a4c6403813d86f4110e98449ddd874109101b9e
2016-02-16 11:17:12 +00:00
Gregory Haynes
2678209e94 Don't cache debootstrap rootfs by default
By default we create a tarball of any debootstrap rootfs we create. For
the majority of use cases this is a large performance hit for no
benefit. Lets make this an opt-in feature.

Change-Id: I58fc485aacacaa17243bf9ce760ed91256d1f182
2016-02-16 07:55:19 +00:00
Ian Wienand
b960614c9c Don't remove python3 & grubby in 99-remove-extra-packages
python3 is a hard requirement of dnf so can't be removed [1]

grubby is also required for kernel installs on Fedora.  For too much
detail see I1a6e45d04755515286b3d49f8280c16b527e2f48; but the kernel,
via dracut, now has this as a "recommends" due to people removing it
and making unbootable systems.

[1] http://logs.openstack.org/76/248976/2/check/gate-dib-dsvm-functests-devstack-f21/734c8bd/console.html

Change-Id: I5867ecd57834eece9477aa9ea4b8bdd70e238084
2016-02-16 13:40:01 +11:00
Jenkins
9e16c8c5f1 Merge "Use dnf to cleanup old kernels" 2016-02-15 22:56:12 +00:00
Jenkins
99d9373eca Merge "Fix dpkg element for Ubuntu Xenial" 2016-02-15 20:33:35 +00:00
Antoine Musso
ee58c5b1cc debian-minimal: configurable debootstrap components
The debian-minimal element creates /etc/apt/sources.list solely with
the 'main' component. I need to add 'non-free' and 'contribs'. I tried
to pass them via DIB_DEBIAN_COMPONENTS but it is not recognized.

Make debian-minimal to honor DIB_DEBIAN_COMPONENTS. Note that it is
comma separated for 'debootstrap', so replace commas with spaces to fit
the needs of sources.list.

Example usage:

 DIB_DEBIAN_COMPONENTS='main,non-free,contrib'

Will debootstrap with the three components then when debian-minimal is
realized pre install a sources.list that has:

  deb http://example.org/debian jessie main contrib non-free

Change-Id: I1dca2e8ffd31044a6b441ccb277298601e62f67c
2016-02-12 22:57:58 +01:00
Jenkins
afd2eec60e Merge "Remove eclean-dist as it's not available by default" 2016-02-12 16:31:26 +00:00
Jenkins
e88792a3ed Merge "Increase interface has link retries to 20" 2016-02-12 08:26:09 +00:00
Jenkins
dcf2c4f261 Merge "Reorder the package-uninstall action" 2016-02-12 04:04:14 +00:00
Jenkins
5036ad6baf Merge "Do not remove python-dev from ironic-agent image" 2016-02-12 04:04:08 +00:00
Jenkins
4136479bd0 Merge "Fix startup race with growroot/systemd" 2016-02-12 04:03:55 +00:00
Matthew Thode
0ab0f69ce3 Remove eclean-dist as it's not available by default
Gentoo provides eclean-dist via the gentoolkit package
eclean-dist isn't needed anyway was /usr/portage is removed anyway

Removed redundant package update in cleanup.

Change-Id: Icf4f9ed549b9a6d923448d927d7c42bcf8d6091b
2016-02-12 00:31:27 +00:00
Matthew Thode
22ef95c1a1
Reorder the package-uninstall action
This action has been reordered so cleanup can occur before copy to blockdev
occurs.  Documentation has been added about the ordering of this element in
relation to cleanup actions as well.

Change-Id: I3f9334a3669ee588d7fa7129202c97fa22fdb050
2016-02-11 18:30:05 -06:00
Dmitry Tantsur
1f9e669dbc Do not remove python-dev from ironic-agent image
While it does save 1MiB of space, it might also pull python packages
depending on it. E.g. it makes impossible to install python-hardware
on the IPA image for advanced introspection.

Change-Id: Iab80dde63e6de62a5e45dcf404b4f9f633e50ac3
2016-02-11 13:47:31 +01:00
Jenkins
1cd7ca70d8 Merge "Correct rhel-common for rhel6" 2016-02-11 04:49:35 +00:00
Ian Wienand
349e8db2f7 yum-minimal: pre-install base packages
We were getting some subtle issues in fedora-minimal builds that
turned out to be because /var/run was not a symlink to /run.

Upon further investigation, it turns out that yum is creating a
/var/run directory for it's pid file when it starts working in the
empty chroot (which I verified by stracing it)

---
5905  stat("/home/ubuntu/tmp/dib-tmp/image.Ac4VZZsl/mnt/var/run", 0x7ffddffa0330) = -1 ENOENT (No such file or directory)
5905  mkdir("/home/ubuntu/tmp/dib-tmp/image.Ac4VZZsl/mnt/var/run", 0755) = 0
5905  open("/home/ubuntu/tmp/dib-tmp/image.Ac4VZZsl/mnt/var/run/yum.pid", O_WRONLY|O_CREAT|O_EXCL, 0644) = 6
---

Because this happens *before* we install "filesystem" (the package),
we mess up it's symlinking.

To work-around this, pre-install the trio of base packages (setup,
basesystem, filesystem) with rpm from outside the chroot.

Change-Id: I411b6ec9d91d95d3a0f98e76853086af3b70abe8
2016-02-11 15:42:10 +11:00
Jenkins
536b86fe09 Merge "Mark ironic-discoverd-ramdisk as deprecated in favor of ironic-agent" 2016-02-10 22:48:42 +00:00
Jenkins
910a99c3ca Merge "Fix growroot for Gentoo's openrc" 2016-02-10 21:50:50 +00:00
Colleen Murphy
a9b38d0b60 Fix dpkg element for Ubuntu Xenial
The Ubuntu Xenial cloud server images set the mode of
/var/lib/apt/lists/partial to 700, so when mounted it's inaccessible to
an unprivileged user, resulting in an error:

  find: `/tmp/image.aDQKdkRi/mnt/var/lib/apt/lists/partial': Permission denied

There's no reason an image should come with anything already in
/var/lib/apt/lists/partial, so just avoid trying to descend into that
directory when fixing the apt translations packages.

Change-Id: Id27f0166bfb09d67200f337a5ffff2f2037b7c1c
2016-02-10 12:50:43 -08:00
Jenkins
b13512a7f4 Merge "Only match #!/bin/bash in scripts" 2016-02-10 08:35:09 +00:00
Ian Wienand
63182a02e4 Refactor growroot for debuggabilty
This is a slight refactor I found useful when debugging.  The
udevadmin info query will be visbile in the output of "set -x" which
helps, and is the logs/journal.

We can also reduce some calls by keeping the value and just grepping
with a herefile.

This also does some error checking and bails out if it does not see
what it needs to continue.

Change-Id: I39c4d262f9c5ce53f6b83d95b1363a74834cf2c8
2016-02-10 14:02:28 +11:00
Ian Wienand
9cd35c36e4 Fix startup race with growroot/systemd
Tucked away in systemd-udev-settle.service is the following comment

 # This service can dynamically be pulled-in by legacy services which
 # cannot reliably cope with dynamic device configurations, and
 # wrongfully expect a populated /dev during bootup.

The info that the growroot script is querying is populated via udev,
particularly the blkid bits of [1].  This creates a race-condition
where sometimes udev has been triggered and the rules have applied and
sometimes not.  Obviously in the first case, the root disk is not
grown correctly.

systemd-udev-settle is mostly disabled on distros because it can cause
an increase in boot-time for systems with lots of disks; this is not
our situation so it makes basically no difference.

That said, I will investigate if some systemd people know even better
ways to do this (possibly the service should depend on block .device
targets in systemd, and then filter out and only apply to the root
disk?)

[1] https://github.com/systemd/systemd/blob/master/rules/60-persistent-storage.rules#L66

Change-Id: I453e3afcd953dfc29ab6c42ddc81e940cfa70ee0
2016-02-10 13:47:18 +11:00
Jenkins
a69dd548a7 Merge "Make dkms element depend on dkms package" 2016-02-08 20:17:26 +00:00
Ben Kero
41f503fef3 Replace sfdisk partitioning with parted
A TODO was placed on the partitioning section of the vm element to
replace sfdisk with a saner (and less arcane) way of partitioning. It
suggested parted for replacement. This changeset should reproduce the
same disk label and partition layout as sfdisk, but with less ioctl
errors and version dependency. It will also ensure partition alignment.

Change-Id: I5d8d75131458b73bfb05f80f1bfa7e2970e004b3
2016-02-08 12:15:50 -08:00
Gregory Haynes
6ab5078d0f Switch simple-init to pip-and-virtualenv element
We currently install pip from package in the simple-init element.
We should really allow users to select whether to install pip from
git or package.

Change-Id: Ia5e62b9635af90d81227274a1dd8f20474cdbf73
2016-02-08 16:58:14 +11:00
Ian Wienand
d5155254cb Revert "Skip centos functional testing"
This reverts commit d10871534f.

This is a place-holder so I don't forget to revert this when [1] is
resolved

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1303660

Change-Id: I18c8aa6e7233f74c680d23b573fe9c3817a5779a
2016-02-08 15:55:29 +11:00
Ian Wienand
cb0e0e903d Use dnf to cleanup old kernels
As described in the comment, there is a dnf equivalent of this command
that doesn't require us installing yum-utils (which drags in yum on
dnf-only systems such as f23)

This is a small consequence to this -- due to us not installing
yum-utils some installs will now be completely yum free.  This causes
a breakage in ironic-agent 99-remove-extra-packages where we remove
the yum package.  There is a long-standing bug/feature where missing
packages in a group of packages do not cause yum/dnf to exit with
failure, but uninstalling a single package will.  Because we have made
the systems yum-free, the uninstall of yum can fail in this corner
case.

It has always been like this, so I'm in favour of the "ain't broke"
approach.  To work-around this, I have just put yum into the existing
list of packages to be cleaned up.  I have added a note to the yum
installer taking note of this behaviour for future reference.

Change-Id: I8bbdc07ccdb89a105b4fc70d5a215077c42fcd03
2016-02-08 14:20:56 +11:00
Moshe Levi
a1d32c6d51 Increase interface has link retries to 20
InfiniBand interface takes more time to bring up then
Ethernet interface. This patch just increase the retries
to 20 times, to make it work for InfiniBand as well.

Change-Id: I5c4842696207885552413ea2d053f2e90bd6803c
2016-02-07 16:28:52 +02:00
Matthew Thode
9878469a53
Fix growroot for Gentoo's openrc
Let dib-init-system's postinstall handle enabling init scripts.

Change-Id: I7b0d235327021b7f478cdb9715d533b444843699
2016-02-04 23:41:45 -06:00
Jenkins
5ee1cbac4a Merge "Add support for OpenRC to dib-init-system" 2016-02-05 04:15:53 +00:00
Jenkins
50f7b00a54 Merge "Add support for gentoo to simple-init" 2016-02-04 08:00:47 +00:00
Jenkins
1dcd65fb9e Merge "Print unparsable file in pkg-map" 2016-02-04 04:47:20 +00:00
Matthew Thode
265b31e6b5
Add support for OpenRC to dib-init-system
Adds a post-install function that enables installed initscripts,
as that is not done by default in gentoo.

Change-Id: I04e8d506ddcbefa8a983dd31ad16df5e13cb26e7
Closes-Bug: 1539276
2016-02-02 17:23:35 -06:00
Jenkins
4526cf23ec Merge "Fix Gentoo hardened support" 2016-02-02 20:49:30 +00:00
Jenkins
66184b7b40 Merge "Add new cloud-init element" 2016-02-02 20:49:03 +00:00
Jenkins
cd3c704fbf Merge "Fix package-installs for python3" 2016-02-02 03:16:12 +00:00
Jenkins
893b452b11 Merge "Add Gentoo support to growroot" 2016-02-02 03:15:22 +00:00
Jenkins
4cb6bed971 Merge "Add support for Gentoo to source-repositories" 2016-02-02 03:15:16 +00:00
Matthew Thode
a2d4af9541
Add new cloud-init element
Allows for composable builds from a minimal source.

Change-Id: I16f560ca4b1737c0928f3f3b15ea2580df820e97
Closes-Bug: 1539272
2016-02-01 21:03:03 -06:00
Matthew Thode
01fce7b70c
Fix Gentoo hardened support
This checks the profile, if it has hardened in it's name it needs xattr support
unfortunately xattr support cannot yet be relied on everywhere, so it needs to
be disabled for hardened profile builds to correctly pax-mark.

Change-Id: I7fb855249a9e6c9b6497ab5061b4ea3c014f5081
Closes-Bug: 1537177
2016-02-01 20:56:37 -06:00
Ian Wienand
d10871534f Skip centos functional testing
Due to upstream bug [1] there are uninstallable packages which mean
our functional tests don't work.  We will revert this when things are
working upstream.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1303660

Change-Id: I93c2990472e88ab3e5ff14db56b4ff1b4dd965ef
2016-02-02 10:34:18 +11:00
Matthew Thode
c6ef183975 Fix package-installs for python3
subprocess.check_call() returns a byte-string which needs to be turned
into a unicode string for python3 compatability.

Also some minor refactoring while we're here.

Closes-Bug: 1536462
Change-Id: Icd957bc4d93ccad94b1246ad62e6e02ee14d9ca5
2016-02-01 22:22:15 +00:00
Matthew Thode
4480b5edef Add support for gentoo to simple-init
Needed to remove interface config

Depends-On: Id1487bc82ee4b03aa57258f71f48ca7d377afc47
Change-Id: Iaa1a16b0f65c088f03c9b440ef16427e93ec9b03
Closes-Bug: 1537453
2016-02-01 22:14:48 +00:00
Dmitry Tantsur
3d133a3eaf Mark ironic-discoverd-ramdisk as deprecated in favor of ironic-agent
Also fix no longer correct parts of its README.

Change-Id: I00cbe5b4f65f9909ae63b7eb4bbac0ba82c145d1
2016-02-01 16:47:37 +01:00
Jenkins
48ae802c5a Merge "Remove zero length files" 2016-02-01 05:46:44 +00:00
Matthew Thode
92de91476e Add Gentoo support to growroot
Add missing growroot initscript and pkg-map entries for Gentoo.

growpart was added to Gentoo with [1]

Update the readme to reflect reality too (fedora added with
I5630dc638f85b1e80795826ef36a306632075460)

[1] https://packages.gentoo.org/packages/sys-fs/growpart

Closes-Bug: #1539273
Change-Id: I29056c7297489ec04f37757dbe33976901eceb49
2016-02-01 10:55:03 +11:00
Matthew Thode
2afb99db10 Add support for Gentoo to source-repositories
As mentioned in package-installs.yaml, git is a transitive dependency
for pbr in this element.  Add pkg-map for the Gentoo package.

Change-Id: I7f2fe1663152ea66b941594e86f1da93ddd21677
Closes-Bug: 1539278
2016-02-01 10:02:32 +11:00
Ian Wienand
d8abe72537 Only match #!/bin/bash in scripts
Our dib-lint checking is only considering scripts with #!/bin/bash.
While there's nothing really wrong with some other shebang line like
"#!/usr/bin/env bash" let's keep things consistent.

We can use the same regex match to reduce a few forks in the main
checking.

Also a minor cleanup to the file matching

Change-Id: I609721b2671e704ea26075dad7e5b39a8b858f6b
2016-01-29 15:49:10 +11:00
Jenkins
4b1b813a68 Merge "Fix debian-minimal image building" 2016-01-29 04:32:24 +00:00
Jenkins
c31a59a2c9 Merge "Revert "Use pip 7 for ironic"" 2016-01-28 23:54:36 +00:00
Igor Belikov
78278405ce Fix debian-minimal image building
'locales' package gets installed before '12-debian-locale-gen' is executed
and generates effectively empty /etc/locales.gen in debian, which makes
dpkg-reconfigure call to locales ignore the values set by
debconf-set-selections.
* Remove /etc/locale.gen generated by 'locales' installation to ensure
  proper locales generation on debian images
* Remove 'locales-all' package installation from debian element since
  it's not needed anymore to build the image and cosnumes additional
  ~120MB of space
* Remove unused 'package-installs' dependency from debian-minimal
  element

Change-Id: Ic39ba2b5ceb5018efb75742547b2babf80827e56
Closes-Bug: #1452400
2016-01-28 16:41:35 +03:00
Ian Wienand
9305ea4b6d Add systemd/fedora support to growroot
Add systemd/fedora support to growroot element.  This involves
installing the correct packages, shipping the systemd service file and
ensuring it is enabled.

Note the required growfs/resize packages for Ubuntu/Debian are
installed in other places.  This is probably a bug in that path, but I
have not addressed that here.

I have tested this with a F23 build with all openstack-infra elements,
uploaded to RAX, and it boots and resizes the main file-system.

Change-Id: I5630dc638f85b1e80795826ef36a306632075460
2016-01-25 17:40:52 +11:00
Ben Nemec
46ef8e3f93 Revert "Use pip 7 for ironic"
Supposedly pip 8.0.1 fixes this.  Trying a revert to verify.

This reverts commit f068230a5f.

Change-Id: I35b88668bf16ad6205ec678f87e3981aebab32e9
2016-01-22 15:34:46 +00:00
Jenkins
d8b3acf816 Merge "Force dib-python symlink creation" 2016-01-22 01:04:47 +00:00
Jenkins
d79ecfd076 Merge "Use pip 7 for ironic" 2016-01-21 23:05:32 +00:00
Ben Nemec
1b0ca07d86 Force dib-python symlink creation
The undercloud actually has dib run twice on it - once to create
the instack image, and again when we run instack itself.  The
first run creates the dib-python symlink, and the second blows up
because the link already exists.  Force the link creation so the
script is idempotent.

Change-Id: I78f9e6f5afcf8ebe6d7911a7a434525ba7c737cf
2016-01-21 13:25:33 -06:00
Paul Belanger
b7f6527a0e Remove zero length files
This is to aid with Fedora packaging, since rpmlint complains about
including empty files.

Change-Id: I4ad867cd21304880a571e46805ab56044542400c
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-01-20 19:08:54 -05:00
Gregory Haynes
f068230a5f Use pip 7 for ironic
pip8 cannot install the ironic requirements due to
https://github.com/pypa/pip/issues/3384.

Change-Id: Ic0c70baca83b91cb55ddf4f787c4ff25aaefc062
2016-01-20 18:02:39 +00:00
Jenkins
9ad78ced3c Merge "Add pkg-map for redhat" 2016-01-19 21:37:06 +00:00
Jenkins
af85ea066a Merge "Run package-intalls with py3k if we must" 2016-01-19 05:58:58 +00:00
Jenkins
e52fbdc598 Merge "Revert "Fix discoverd bug when dmidecode reports GB"" 2016-01-17 14:26:58 +00:00
Abel Lopez
fe6e78147b Add pkg-map for redhat
The bootloader element lacks the mapping for grub-pc and extlinux
This adds it.

Change-Id: Ic7b82903f02faaab143d2bd682876bf4853fd90d
Closes-Bug: 1534387
2016-01-15 12:06:16 -08:00
Dmitry Tantsur
994e78209c Revert "Fix discoverd bug when dmidecode reports GB"
While the patch looks sane and the change worked locally,
it has broke the ironic-inspector gate. As we're close
to deprecating the DIB ramdisk in favor of IPA, I suggest
reverting it.

This reverts commit 802f14862c.

Change-Id: I0525e545cb2fe8ce184312a2f9bbe3763904f61a
Closes-Bug: #1534648
2016-01-15 16:07:58 +00:00
Ian Wienand
c110a56ea9 Print unparsable file in pkg-map
As you can see in the CI failures for
Ib11b9df84b593ab25232729a570c812f1b4b8774, you can not see what file
is causing the problems when the parser fails.  Add a print, but raise
the error as it contains the cause.

Change-Id: I127ff7d57d2d898969195464c6e774d496e872e6
2016-01-14 16:21:25 +11:00
Gregory Haynes
cd9fdf05e9 Fill out bootloader pkg-map
Our bootloader install fails on non-gentoo builds due to missing pkg-map
for grub-pc. This map should really live in the bootloader element, so
move it there and fill it out.

Change-Id: Ib11b9df84b593ab25232729a570c812f1b4b8774
2016-01-14 15:31:50 +11:00
Jenkins
d5da803ff8 Merge "Prune old branches when updating cache" 2016-01-14 00:03:28 +00:00
Matthew Thode
176ae7bff6
Initial add of gentoo support for diskimage-builder
uses upstream's stage4 images, includes all the needed bells and
whistles for openstack on kvm.

Change-Id: Ibca43173c30c2a74a73a2e2d9dd6d6d832c62694
Closes-Bug: 1530911
2016-01-12 19:15:00 -06:00
Jenkins
023cfc3541 Merge "Add pip-and-virtualenv element" 2016-01-12 10:37:11 +00:00
Jenkins
8903a7bc65 Merge "deploy-ironic: Fix syntax error when checking for root device hints" 2016-01-12 00:55:49 +00:00
Ian Wienand
4573d0d930 Prune old branches when updating cache
dib builds are failing in nodepool at the moment trying to download a
really old Fedora image.  What happens is that the devstack cache
script [1] goes through all the branches of the devstack checkout and
uses the inbuilt image-list tool [2] to get its list of images to
pre-download.  One of the old Fedora images required on the retired
branches has now gone, so the build halts with a 404 trying to get it.

Thus make sure we do a --prune when we fetch changes so that old
branches are removed from the cache.

[1] https://git.openstack.org/cgit/openstack-infra/project-config/tree/nodepool/elements/cache-devstack/extra-data.d/55-cache-devstack-repos
[2] https://git.openstack.org/cgit/openstack-dev/devstack/tree/tools/image_list.sh

Change-Id: Ieb6a6e9f55bd93f63c3d0a71828c276c2d02e1b9
2016-01-12 11:25:43 +11:00
Abel Lopez
71bd8b3a33 Correct rhel-common for rhel6
Hardcoding subscription-manager to use rhel-7-server-rpms causes
users building rhel6 with Satellite6 to fail. This setting cannot
be overridden with environment variables, therefore needs to be
smarter. Setting RHEL_MAJ_VER in the rhel/rhel7 environment fixes.

Change-Id: Ifbd88bc76ef8b38a739272ba6e045a12849d68df
Closes-Bug: 1404364
2016-01-11 12:03:45 -08:00
Jenkins
14560600a6 Merge "Fix discoverd bug when dmidecode reports GB" 2016-01-08 01:22:54 +00:00
Lucas Alvares Gomes
5064026b73 deploy-ironic: Fix syntax error when checking for root device hints
This patch is fixing a syntax error in the 70-ironic-root-device init
script for the deploy-ironic element.

Change-Id: I767486ca5893605720fba41bee3af72725a26377
Closes-Bug: #1531835
2016-01-07 12:06:19 +00:00
Gregory Haynes
db3ee03672 Add pip-and-virtualenv element
This element allows installation of pip and virtualenv from either
distro packages or git.

Change-Id: Id294f0936c8fef8a3b27a415bfcc93b3f327e104
Depends-On: I731cc8a0f5bfeda8f17a78c33b9f44062323a361
2016-01-06 18:39:19 +00:00
Gregory Haynes
d1e32f80a6 Run package-intalls with py3k if we must
Use dib-python to run package-installs using the provided python
version. Automatically detect the python version for our
package-installs-squash since that runs outside the chroot.

Change-Id: I926022bcf8cbcd81b051026ffd5d6477650045ad
2016-01-04 23:37:30 +00:00
Ryan Hallisey
2b28993fb8 The mirror for installing epel is timing out
Fedora has changed the location of epel, shorting the link
from 'download.fedoraproject.org' to 'dl.fedoraproject.org'.
This change updates the epel mirror to prevent it from timing
out.

Change-Id: I87090282a2f5f757495daec6ad14123b436b1aa0
2016-01-04 07:45:34 -05:00
Gregory Haynes
09888ebd5b Make dkms element depend on dkms package
It currently does not and it is, obviously, a needed dependency.

Change-Id: I0c94573bd0878a84fccb3c2675c0bcaeeb5088fb
2015-12-26 22:07:19 +00:00
Joey D
802f14862c Fix discoverd bug when dmidecode reports GB
This fix uses dmidecode and awk to simply multiply by 1024 when
the value is represented in GB, otherwise it returns the given
value.  I should note that I've only observered this occurence
on "some" SuperMicro Hardware

Closes-Bug: #1486689

Change-Id: I352b1891326f72af3a56c7bbe8b7f3c422169404
2015-12-22 16:34:41 -06:00
Jenkins
59456684e7 Merge "Extend root device hints for different types of WWN" 2015-12-22 22:22:42 +00:00
Jenkins
7b20224cd6 Merge "Don't print trace unless trace is on in pkg-map" 2015-12-22 22:02:09 +00:00
Jenkins
3027093644 Merge "Package installs defaults to tracing off" 2015-12-22 22:02:03 +00:00
Jenkins
96d56efccc Merge "Fix growroot device detection" 2015-12-22 22:01:57 +00:00
Jenkins
b0eff0df07 Merge "yum-minimal : install selinux policy packages" 2015-12-22 20:16:11 +00:00
Jenkins
d450751617 Merge "yum-minimal: leave behind dummy /etc/resolv.conf" 2015-12-22 20:16:05 +00:00
Ian Wienand
fd2f55ee41 yum-minimal : install selinux policy packages
Install selinux policy packages as part of the base-installs.  selinux
is part of the base-system and the kernel boots by default in selinux
mode.

Without both of these, we can get in a situation where later scripts
(particuarly, some of the infra scripts) might install systemd-policy
without a base policy (targeted), leading to a messed up situation
where systemd will halt during boot due to missing policy files.

Change-Id: I6bf156304d1134fb328fba9b12dc364701b13696
2015-12-22 08:45:20 +11:00
Ian Wienand
1f499360fc yum-minimal: do not configure eth0 & eth1 for DHCP automatically
Add an environment variable to control the creation of eth0/1
interface enablement scripts.

With a tool such as glean, the presence of these scripts will indicate
the interface is configured and configuration-drive settings will not
be applied.  This means in a non-dhcp situation like on Rackspace,
network is broken.

On Fedora, where later systemd provides "predictable network interface
names" [1] eth0 & eth1 ironically aren't predictable so this just
confuses things.  You really need cloud-init or glean or something to
bring up your interfaces in a sane fashion.

This maintains the status-quo on centos-minimal, but disables creation
for fedora-minimal.

[1] http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

Change-Id: I3f1ffeb6de3b1f952292a144efab9554f7f99a5f
2015-12-22 08:39:04 +11:00
Ian Wienand
5f3855f6f5 yum-minimal: leave behind dummy /etc/resolv.conf
As described in the comment, systemd will create a broken
/etc/resolv.conf link if there is no file in the base-image (as you
can read in the bug, it is debated if this is a bug or a feature).

The solution is to leave a dummy /etc/resolv.conf file in the image.
Whatever network manager you choose (NetworkManager, glean,
cloud-config, etc) will overwrite this anyway.

It's just that some tools, such as dhclient, get confused with the
broken symlink.  This affects you if you're using glean to configure
the network in a DHCP situation, for example -- dhclient won't
configure nameservers and everything goes to heck.

Change-Id: I734834d03e7fdb13f9ab2e86f877b07bf4a84ff9
2015-12-21 15:28:52 +11:00
Gregory Haynes
858fc3db30 Fix growroot device detection
We are incorrectly detecting major/minor device numbers for the growroot
rootfs. This can also be simplified by querying udev for partition
information.

Change-Id: I68059bf11f2563872f6b4d0e23fa09a15de980a8
2015-12-20 08:23:54 +00:00
Gregory Haynes
40799839e0 Package installs defaults to tracing off
There isn't a good reason we should be defaulting to trace on for these
scripts.

Change-Id: I1b9ac9388f51a49e6912d800914a0e0f2faec604
2015-12-20 00:03:51 +00:00
Gregory Haynes
6def86562a Don't print trace unless trace is on in pkg-map
The detection logic in pkg-map for DIB_DEBUG_TRACE assumes that this
variable being unset means tracing is on, when in fact this means
tracing is off.

Change-Id: I584a634c57bbe03e26a6ee94cef473e634616885
2015-12-19 23:50:15 +00:00
Jenkins
3a110bf96f Merge "Split vm and bootloader elements" 2015-12-16 16:22:56 +00:00
Jenkins
a72d59c862 Merge "Fix fedora-minimal on CentOS builds" 2015-12-16 01:25:13 +00:00
Jenkins
134d38f74c Merge "Allow grub2 to build with opensuse" 2015-12-16 01:25:10 +00:00
Jenkins
d716893e30 Merge "Add dib-python element" 2015-12-15 23:24:25 +00:00
Yolanda Robla
c54b335fcc Split vm and bootloader elements
In order to add more flexibility to the vm and bootloader
elements, split the functionality in two different ones, and
make vm depend on bootloader element.
This will allow to construct more elements that depend on
bootloader, and develop both elements independently.

Change-Id: Iad2503b7b8fe53b768a3bc79e4cb839700fbd747
2015-12-15 20:49:03 +01:00
Jenkins
be5b669af1 Merge "Add a new element hpdsa" 2015-12-10 21:46:06 +00:00
Jenkins
3ebd0ba902 Merge "Follow up patch for 25d3ee547176528e86d42eb026c99a134dff9452" 2015-12-10 21:25:03 +00:00
Jenkins
aabf5b6ad7 Merge "Add proliant-tools element" 2015-12-10 21:24:27 +00:00
Nisha Agarwal
4509e6f826 Add a new element hpdsa
This element enables creation of Ubuntu deploy ramdisk and
user images which could be used to deploy the HP Proliant
Servers with Dynamic Smart Array Controllers. Without this driver
the disk with the Dynamic Smart Array Controller is
not visible to the ramdisk.

Closes bug: #1492803

Change-Id: Ibb3b298cd379cd7333279484df6ae30e9d7f6aaa
2015-12-10 20:12:14 +00:00
Gregory Haynes
3afbeeaf4e Add dib-python element
Creating an element which we can use in #! lines to refer to either
python2 or python3 depending on what it available.

Change-Id: Ic47e18ad21c33ab9f0d11c04260a33725aeee814
2015-12-10 19:39:38 +00:00
Robert Li
1b8a53ff3a Allow grub2 to build with opensuse
Specify grub2 in grub2 element pkg-map

Change-Id: Ia8bc1cbe11b35802f5c979ab4bb03e4e75077e83
Closes-Bug: #1519209
2015-12-10 17:29:52 +00:00
Jenkins
a95b96f57f Merge "Use ironic-agent for source-repositories" 2015-12-09 23:18:58 +00:00
Jenkins
da7b125fea Merge "Add kmod to package-installs of ironic-agent" 2015-12-09 16:22:23 +00:00
Dmitry Tantsur
901344ef7c Add kmod to package-installs of ironic-agent
The modprobe utility is required by the rtslib package (iSCSI Linux-IO).
It will also be required for inspection.

Change-Id: I6760c86160d1ceba45aedde62597a711bcb4543d
2015-12-09 14:27:21 +00:00
Jenkins
a9c8e6d55d Merge "Load the 8021q kernel module in simple-init" 2015-12-09 01:31:40 +00:00
Jenkins
93a54e32b9 Merge "Fix grub-efi-amd64-signed install failure" 2015-12-09 01:07:35 +00:00
Colleen Murphy
808e8f8bdc Load the 8021q kernel module in simple-init
Vlan support was recently added to glean. However, if the 8021q module
is not loaded, glean will fail to bring up a tagged interfaced defined
in /etc/network/interfaces.d/. Manually attempting to bring up the
interface results in an error[1]. This patch ensures that the 8021q
module is loaded so that tagged interfaces can be brought up at boot.

[1] http://paste.openstack.org/show/480027/

Change-Id: I15d805c07d4b5e1161d831f0393d027e4325137f
2015-12-08 12:59:06 -08:00
Paul Belanger
2be1bdc701 Add openssh-server package-install to local-config
Since we are modifing SSH keys, it should be safe to assume
openssh-server should be installed too.

Change-Id: I17ff05642bb2f0868d4c17819cd91b179068399a
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2015-12-07 15:23:00 -05:00
Jane.zhang
7eb70becd3 Fix grub-efi-amd64-signed install failure
When build ubuntu iso image, it will install grub-efi-amd64-signed
and grub-efi-amd64 packages. Both of the postinst script will try
to find root device and install grub which will definitely fail in
such a chroot environment.
So the workaround is to skip error and remove postinst script.
And confirm the package be installed successfully at last.

Change-Id: Ie0aecb212b22362046db55b5ad8c64c3211c28e5
Closes-Bug: #1491280
Co-Authored-By: Jane.zhang <jian.zhang8@hpe.com>
2015-12-01 23:53:35 -08:00
Ian Wienand
ce781fbbc4 Fix fedora-minimal on CentOS builds
As described in the comments, CentOS overrides the "distroverpkg"
variable in yum.conf.  This is the package that yum queries to
establish the value of the $releasever variable.  On other platforms,
this defaults to "redhat-release" (which "fedora-release" provides) so
everything works.  It is only when the base-system "distroverpkg"
refers to a package not in the chroot we hit the issue.

We can avoid this by setting the releasever variable via the
commandline.

Change-Id: I231c3277960992cd479b8aff7838f246397936f2
2015-12-02 12:16:43 +11:00
Jenkins
3a3e4e4787 Merge "Add dynamic-login element" 2015-12-01 14:27:01 +00:00
Lucas Alvares Gomes
40197fa7f1 Follow up patch for 25d3ee5471
This patch is a follow up patch fixing some nits left by the review
25d3ee5471.

It does:

* Fix the README file to say that the password *must* be encrypted and
  the option values *must* be quoted

* Adds Type=oneshot in the upstart service config file so that upstart
  will not try to restart the service over and over.

* Enable setu, sete and setpipefail in the dynamic-login script

Change-Id: Iee5d75daef24469ccf47ca12de6ead37bf9d8d6f
2015-12-01 14:11:40 +00:00
Gregory Haynes
6857452a62 Add centos7 test
We should test that centos7 builds work

Change-Id: I2c7a69c09f6bfa83eed7eabb1193acbe65f8b420
2015-11-25 17:35:29 +00:00
Paul Belanger
35b363698b Add DIB_LOCAL_CONFIG_USERNAME to local-config
Allow a user to override the username on where .ssh/authorized_keys is
installed.

Change-Id: I030d5a89260aed8b23a35c4cdc2d67629934b076
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2015-11-24 10:42:14 -05:00
Dan Prince
d9dc8f1334 Use ironic-agent for source-repositories
I recently built a ramdisk for IPA and was confused by
the fact that the source-repositories name did not
match the element name. (this is a convention,
confusing when they don't match but certainly not
required).

This patch makes it so you can use DIB_REPOREF_ironic_agent to
customize the IPA ramdisk sources when building ramdisks.

For backwards compat if DIB_REPOREF_agent is set it automatically
sets the new DIB_REPOREF_ironic_agent to that value as well.

Change-Id: I082d989d0d85601f5984dc7c3767b8d66a3d5438
2015-11-22 15:03:31 -05:00
Lucas Alvares Gomes
25d3ee5471 Add dynamic-login element
Troubleshooting an image can be quite hard, specially if you can not get
a prompt you can enter commands to find out what went wrong. By default,
the images (specially ramdisks) doesn't have any SSH key or password for
any user. Of course one could use the ``devuser`` element to generate
an image with SSH keys and user/password in the image but that would be
a massive security hole and very it's discouraged to run in production
with a ramdisk like that.

This commit is adding a new element called dynamic-login, which inserts
a helper script into the image to allow operators to inject a SSH key
and/or change the root password dynamically when it boots via parameters
in the kernel command line.

Those parameters are:

sshkey = If the operator append sshkey="$PUBLIC_SSH_KEY" to the kernel
command line on boot, the helper script will append this key to the root
user authorized_keys.

rootpwd = If the operator append rootpwd="$ENCRYPTED_PASSWORD" to the
kernel command line on boot, the helper script will set the root password
to the one specified by this option. Note that this password should be
an encrypted password.

Change-Id: I6b87a1b90163d79745f30dfacd37516051fa0aea
2015-11-20 17:02:54 +00:00
Ian Wienand
1d476dd994 Remove fedora-minimal/install.d/99-ramdisk
When the kernel gets installed on Fedora, the rpm post scripts call
"/bin/kernel-install" [1] to install it.  This is a script provided by
systemd.

However, in [2], Fedora ships a patch to kernel-install that makes a
call-out to /sbin/new-kernel-pkg -- the install script provided by
grubby [3]

Without grubby installed, systemd's kernel-install script goes off and
runs dracut plugins directly [4], which eventually creates the initrd.
For reasons that are not clearly explained, the initrd will end up in
a a "machine-id" sub-directory of /boot (possibly, so you can symlink
it?).  It is also called "initrd", even though it's an initramfs, for
historical reasons in dracut I think.

It is at this point that I think 99-ramdisk has been written to move
the generated initrd file back into /boot.  Later on, when we build
the image, we run grub-install and it picks up the kernel and the
initrd and installs everything.

grubby's new-kernel-pkg [6] it's very similar -- it uses dracut to
make the initramfs ... but in this case it is put in /boot and is
actually called initramfs.

The subtle change that led me down this path is that dracut has been
modified to have a "Recommends" for grubby for >F22 [7].  After
discussing this change with the author, it turns out it was *always*
intended to use the grubby-based kernel install scripts for Fedora --
our builds have been incorrect in not including the package.  The
author got sick of people removing the package and making unbootable
systems, hence the change.

Thus this removes the workarounds in 99-ramdisk and replace it with an
install of the grubby package.  grubby's kernel install script will
put the kernel & generated initramfs in /boot, and it will be
installed correctly via the usual grub install later when we build the
disk image.

I have built F22 & F23 fedora-minimal images with this and they boot.

[1] http://pkgs.fedoraproject.org/cgit/kernel.git/tree/kernel.spec#n1832
[2] http://pkgs.fedoraproject.org/cgit/systemd.git/tree/kernel-install-grubby.patch
[3] http://linux.die.net/man/8/new-kernel-pkg
[4] https://github.com/haraldh/dracut/blob/master/50-dracut.install
[5] 81516adcb7
[6] https://github.com/rhinstaller/grubby/blob/master/new-kernel-pkg
[7] 47ff68e78b

Change-Id: I1a6e45d04755515286b3d49f8280c16b527e2f48
2015-11-19 21:03:45 +11:00
Gregory Haynes
e23b087505 Remove cloud-initramfs-growroot package
This package seems to be broken and isnt useful for recent releases
(where the rootfs can be resized online). Therefore this should be
optional so people can use things like the growroot element.

Change-Id: I6e3c8d095d9fc188094f3b8811f06be0847ef08c
2015-11-17 23:00:17 +00:00
Lucas Alvares Gomes
ff988ac45c Extend root device hints for different types of WWN
This patch is extending the root device hints to also look at
ID_WWN_WITH_EXTENSION and ID_WWN_VENDOR_EXTENSION from udev.

Prior to this patch the bash ramdisk only cared about ID_WWN but in some
systems in some platforms with a RAID controller, this ID can be same
even if they are different disks (see bug 1516641).

Related-Bug: #1516641
Change-Id: I45b3910d03d164d880b32169b91e94e88812e183
2015-11-17 22:42:44 +00:00
Jenkins
2ff566b80a Merge "Selectively prune /root for ironic-agent ramdisk" 2015-11-13 03:28:13 +00:00
Jenkins
5e571d9f44 Merge "Fixup RPM db path when building Fedora on Ubuntu" 2015-11-10 11:03:22 +00:00
Ian Wienand
3f3850aa0f Fixup RPM db path when building Fedora on Ubuntu
On Debian/Ubuntu installs of RPM, /usr/lib/rpm/macros sets

  %_dbpath  %(echo $HOME/.rpmdb)

which makes quite a bit of sense, because RPM is not the system
packager and thus RPM is setup to install things into a hierarchy in
the users homedir.

However, this messes things up when building a Fedora chroot on an
Ubuntu platform.

We use RPM & yum from the base-system to bootstrap the Fedora chroot.
While both obey --root flags, they still pick up the %_dbpath macro
and so end up creating the RPM database in <chroot>/home/user/.rpmdb

After we have bootstrapped yum/dnf, we execute further installation
commands from inside the chroot -- where we now have the Fedora
version of /usr/lib/rpm/macros and hence have _dbpath set to
/var/lib/rpm -- except there is no rpm database there.

Should anyone be finding this in the future, the actual issue that
appears is

  $ sudo chroot /opt/dib_tmp/image.b6B5S3f6/mnt dnf makecache
   Error: Failed to synchronize cache for repo 'fedora' from \
    'https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=x86_64': \
    Cannot prepare internal mirrorlist: file "repomd.xml" was not found in metalink

Note the issue there is that $releasever is not expanded, because the
rpmdb where this info is kept is not populated.

The trick is to make sure we override this value when using the host
rpm/yum to setup the chroot.  The bare rpm calls, which we use to
install the repos, have a --dbpath argument where we can override
this.  yum does not however, so we override this in the global
~/.rpmmacros while we are installing the packaging tools and
dependencies into the chroot.

Copious comments are included, because this is super-confusing.

Change-Id: I20801150ea02d1c64f118eb969fb2aec473476f7
2015-11-10 08:54:44 +00:00
Ian Wienand
8ee21cb9fd Remove unused RELEASE_RPMS variable
It was noticed during reviews of
Ic7aa8cbe13e4347b447e84bb9c12483a4e125228 these are unused

Change-Id: I9e0fa9d3e4864e54c6fe23f8b6e781e8d5d24bda
2015-11-10 07:17:52 +00:00
Jenkins
e90be5a595 Merge "Fix fedora-minimal kernel-install on older platforms" 2015-11-10 05:14:28 +00:00
Jenkins
6f21f47850 Merge "Clarify what fedora-minimal/install.d/99-ramdisk is doing" 2015-11-10 05:14:25 +00:00
Ramakrishnan G
2ebfb12b84 Add proliant-tools element
This new element installs hpssacli utility (for configuring
RAID) and installs proliantutils python module (which has
ironic-python-agent hardware manager for HP ProLiant hardware).

This module also exposes a new environment variable DIB_HPSSACLI_URL
which allows operator to pass a custom HTTP(S) URL for RPM of hpssacli
utility.

NOTE: This module currently supports only installing from source.

Change-Id: I0494e3db623fdd7ea9182ffba21c0652aaad113c
2015-11-09 07:58:00 +00:00
Jenkins
dfb40eb5aa Merge "Add --force to grub-install" 2015-11-09 07:14:13 +00:00
Jenkins
8c42e60df5 Merge "Fix uniqueness check of initrd in fedora-minimal" 2015-11-05 03:36:13 +00:00
Jenkins
63610993ed Merge "debian: cloud hostname ignored by Jessie" 2015-11-04 21:46:54 +00:00
Jenkins
29f42e2f15 Merge "Add support for Xen PV disks" 2015-11-04 21:07:25 +00:00
Jenkins
654d80a40f Merge "Define a default for $YUM" 2015-11-03 20:33:38 +00:00
Ian Wienand
f307bb4d8b Fix fedora-minimal kernel-install on older platforms
fedora-minimal fails to build on Ubuntu Trusty due do being unable to
find the initrd (see Id4c04d7ae20068643df34d2fa31068e8a917a52d).

This is a rather obscure problem that comes from the intersection of
several things.

The first thing to note is that the post-install scripts of the
kernel-core package use kernel-install [1].  For whatever reason, this
installs the kernel to /boot/MACHINE-ID/KERNEL-VERSION

MACHINE-ID comes from /etc/machine-id; a UUID that should have been
created by the systemd post-inst scripts with systemd-machine-id-setup
[2].

The chroot environment provided for root.d elements has no kernel
file-systems like /proc or /dev mounted.  This is where differences in
the base-system come into play -- on more recent systems that
implement getrandom() systemd does not need /dev/urandom to generate
the machine-id [3]; we get a value and /etc/machine-id is populated.

On older platforms (Trusty), systemd-machine-id-setup fails (unable to
access /dev/urandom) and we end up with a blank /etc/machine-id.  This
ends up making kernel-install (the script) fail during yum's
installation of kernel-core, which means the initrd is not installed
correctly.

We end up bailing out in fedora-minimal/install.d/99-ramdisk, where we
try to put the installed ramdisk in /boot for the later grub install
scripts to find.

The solution here is to mount the standard kernel file-systems within
the chroot before we try installing.

[1] http://www.freedesktop.org/software/systemd/man/kernel-install.html
[2] http://www.freedesktop.org/software/systemd/man/systemd-machine-id-setup.html
[3] https://github.com/systemd/systemd/blob/master/src/basic/random-util.c

Change-Id: Ibcce35da928f64e6a719b070bcc833346ee7ee92
2015-11-04 06:23:17 +11:00
Ian Wienand
a67ee17d62 Clarify what fedora-minimal/install.d/99-ramdisk is doing
Clarify what this script is doing.  It currently fails on some
platforms due to earlier errors, see
Ibcce35da928f64e6a719b070bcc833346ee7ee92

Change-Id: Id4c04d7ae20068643df34d2fa31068e8a917a52d
2015-11-04 06:23:17 +11:00
Martin André
d8a0e13261 Fix uniqueness check of initrd in fedora-minimal
The check suffered from various flaws.

First, due to missing quotes around $initrd, 'wc -l' would always see
1 line no matter how many results the find returned.

Second, echo adds a line break making 'wc -l' count 1 even for empty
string. We need to add a check for empty string.

Change-Id: Ib2c67960f566dbdc471d9585a4cef1beb1cc38ab
Closes-Bug: #1506692
2015-11-04 06:23:17 +11:00
Jenkins
449b4e205e Merge "Preserve env when calling yum with sudo" 2015-11-03 10:36:33 +00:00
Jenkins
ce16f9d38c Merge "Remove quotes from subshell call in bash script" 2015-11-02 21:07:20 +00:00
Jenkins
727b4cddf6 Merge "Prettyfy source-repositories doc" 2015-11-02 20:14:10 +00:00
Antoine Musso
23be09ce35 debian: cloud hostname ignored by Jessie
5af25b5f fixed the hostname of Debian images to "debian" since a lack of
hostname definition set the hostname to "(None)".

It has been done by introducing /etc/cloud/cloud.cfg.d/01_hostname.cfg
with content:

  hostname: debian

Review supposed the hostname would be overriden by cloud meta-data. That
might have stand true for Wheezy but it is not the case for Jessie.

cloud-init 0.7.6 ignores cloud metadata whenever "hostname" or "fqdn"
are set in a config file. Roughly:

    # no fqdn set, get fqdn from cloud
    # get hostname from cfg if available otherwise cloud
    fqdn = cloud.get_hostname(fqdn=True)
    if "hostname" in cfg:
        # hashar: set from config file NOT cloud
        hostname = cfg['hostname']
    else:
        # fallback to cloud
        hostname = cloud.get_hostname()

Relevant code is
https://github.com/number5/cloud-init/blob/0.7.6/cloudinit/util.py#L839-L860

Only inject "hostname: debian" for the Wheezy release.

Bug: https://phabricator.wikimedia.org/T117283
Change-Id: I6e2522bd725cbf9651f11c76ecdc72ecbc92f402
2015-10-30 22:34:10 +01:00
Martin André
bc2199144e Selectively prune /root for ironic-agent ramdisk
Previously all files in /root were ignored when building the
ironic-agent ramdisk. This prevented for example to use the
local-config element to connect to the ramdisk via ssh as root user.

This commit change the exclude rule on /root to only ignore the
/root/.cache directory.

Change-Id: I18d839e8d97636f5f2164ba407f252407d9bc956
Closes-Bug: #1451668
2015-10-26 11:19:28 +09:00
Ian Wienand
94a7a7cf67 Create YUM_CACHE_DIR in yum-minimal
yum-minimal/root.d/08-yum-chroot runs before yum/root.d/50-yum-cache,
and thus if run on a completely fresh system will fail in
08-yum-chroot as the YUM_CACHE directory isn't made.

This is probably hidden by testing & nodepool builds, because it sets
DIB_IMAGE_CACHE.  It was hidden from me because locally I have done
builds using the "yum" element previously, which had created the
cache.

Change-Id: I333f5f7e67d198f75a522cc296c118c2e94a5ecb
2015-10-23 15:17:18 +11:00
Derek Higgins
0c0c7275a9 Use DIB_EPEL_MIRROR when finding the epel-release package
download.fedoraproject.org uses dns round robin and occasionally
hits a bad server. Using DIB_EPEL_MIRROR when finding the
epel-release package will allow us to avoid it e.g. in ci.

Change-Id: I756223b3e669532476663c05e79c238449b8a0db
2015-10-20 17:25:58 +01:00
Jenkins
b902189eaa Merge "Fix devuser pubkey defaults" 2015-10-20 01:41:16 +00:00
Bob Ball
b5794f3665 Add support for Xen PV disks
Xen paravirtualised disks (supported by most modern kernels) have the
"xvd" prefix (e.g. xvda0).  The functions to strip partitions need to
match on Xen PV disks otherwise the device name is discarded.

Change-Id: I5539d2afba3fae30d1ddb49dcbf077113d38bbf7
Closes-Bug: #1498576
2015-10-19 15:38:00 +01:00
Gregory Haynes
757b8cee3b Add --force to grub-install
Grub fails to install the bootloader due to it being on the root
partition of a block device. This is not actually a problem for us, so
we need to force it to succeed.

Change-Id: I335ef04ca8a8a8a5c242d3444b09bcce0a9f51e7
2015-10-18 02:26:31 +00:00
Derek Higgins
63641aa2ce Preserve env when calling yum with sudo
In particular we need [http|https]_proxy to be preserved.

Change-Id: I5bcd1b1deac917a1be8d8155f1283e330e3d5862
2015-10-16 17:36:09 +01:00
Derek Higgins
614661ec5b Define a default for $YUM
This is set by elements that require it not to be yum.

Change-Id: Ie01f357eef382bd1549fbe2b911129a3c48818e0
2015-10-16 09:55:00 +01:00
Jenkins
21f5e6146c Merge "Reset yum/dnf cache to correct location" 2015-10-15 13:21:57 +00:00
Jenkins
2ed4c1d860 Merge "Remove extra install of release pkgs in fedora-minimal" 2015-10-15 04:01:08 +00:00
Jenkins
654fb0311d Merge "Update default fedora-minimal to f22" 2015-10-15 04:01:05 +00:00
Jenkins
98bbd432a9 Merge "Update rhel7 element readme" 2015-10-14 19:03:38 +00:00
Colleen Murphy
a6e6570102 Fix devuser pubkey defaults
Without this patch, the devuser element attempts to find public keys by
iterating over the string "rsa dsa". When two keys are grouped together
in quotes, a bash for loop treats it as a single key. You can see the
issue this causes when debug output is turned on:

   + for fmt in '"rsa dsa"'
   + '[' -f '/home/krinkle/.ssh/id_rsa dsa.pub' ']'

This is not a reasonably named key to look for, so this patch removes
the quotes so that the loop will look for id_rsa.pub and id_dsa.pub
separately.

Change-Id: I0b5b1abd14013de85d90e76a95918a8071a5e013
2015-10-13 17:54:09 -07:00
Ian Wienand
283c9705c0 Reset yum/dnf cache to correct location
Make sure we reset the yum/dnf cache to /var/cache/${YUM}, not just
/var/cache/yum

This was resulting in the F22 fedora-minimal image being larger than
the base-image.  Because F22 fedora-minimal does some installs with
dnf when bootstrapping the chroot before we set "cachedir=" to the
bind-mounted external cache, we have "/var/cache/dnf" created and and
populated with the package meta-data, etc.

When we globally point dnf to /var/cache/yum here, we effectively
orphan the /var/cache/dnf created in those first steps.  dnf doesn't
care, but we end up with two copies of all the package metadata, etc
in "/var/cache/dnf" & "/var/cache/yum".

This also cleans up the sed a bit, by just replacing the lines.

Change-Id: Icc98fe30c34cb941aed4b987647ab67ac34af15a
2015-10-14 06:36:06 +11:00
Ian Wienand
c40aa76d83 Remove extra install of release pkgs in fedora-minimal
I'm not sure why we try to do an extra install of these, it is done
inside the chroot in _install_repos.  Currently it just gets skipped
saying the packages are already installed.

Change-Id: Ic7aa8cbe13e4347b447e84bb9c12483a4e125228
2015-10-14 06:36:06 +11:00
Ian Wienand
b00258cfc1 Update default fedora-minimal to f22
Testing shows this works

 $ ./bin/disk-image-create -x vm fedora-minimal
 [wait]
 $ ls -lh image.qcow2
 -rw-r--r--. 1 545M Sep 24 14:11 image.qcow2

Change-Id: Ifab2afa439e62e9ee2909460ac6bb4b07bc41662
2015-10-14 06:36:06 +11:00
Ian Wienand
ebdf48623e Add Fedora 22 support to yum-minimal
Add basic F22/dnf support to yum-minimal path.  We extract common
code, add some comments and reduce duplication.

Change-Id: If4bd5f88e26bd6f2168958f1ec1efff1072de7ba
2015-10-14 06:35:22 +11:00
Ben Nemec
e23274921d Update rhel7 element readme
Evidently the readme file hasn't been updated since rhel7 finished
beta, so this is long overdue.

In addition, since it's not possible to download the base image
file directly, let's stop pretending we can and bail out if the user
didn't set the necessary env vars.

Also updated the README to use the new table format instead of free text

Co-Authored-By: Augustina Ragwitz <aragwitz+lp@pobox.com>
Change-Id: Ie8343ee2ce1715583c28de7f59daed7e58c8ca0f
2015-10-12 15:31:09 -05:00
Jenkins
89d1eaf5a5 Merge "Adds debian support to iso element" 2015-10-12 20:15:07 +00:00
Jenkins
bf4c57dfb8 Merge "Update apt-preferences element README from free text to table formatting" 2015-10-12 19:26:06 +00:00
Jenkins
32a96a536f Merge "Update apt-conf elements README from free text to table formatting" 2015-10-12 19:23:45 +00:00
Jenkins
caaf20926a Merge "Move yum-based install into function" 2015-10-10 00:22:22 +00:00
Ian Wienand
829d626f0a Move yum-based install into function
Move yum-based install into a function, to make way for a second
related function where use dnf later

Change-Id: Iad09f3753ecdfa0c10cb8a0970a3c8e5a2dccab1
2015-10-09 12:03:19 +11:00
Jenkins
ff6abe3e8a Merge "Fix title of env vars section of redhat-common README to match template" 2015-10-09 00:51:19 +00:00
Augustina Ragwitz
b1958bfbbe Update apt-preferences element README from free text to table formatting
Change-Id: Iae04b809c8008487fabe1a173123928ab157c78d
2015-10-08 17:14:16 -07:00
Augustina Ragwitz
b3c448e765 Update apt-conf elements README from free text to table formatting
Change-Id: Ie89ce94fd063e04d57158a2e0faf11719537d450
2015-10-08 17:12:46 -07:00
Augustina Ragwitz
b4cc1a59ec Fix title of env vars section of fedora README to match template
Change-Id: I5cfc977dd21eb6f6b737fa272469a34e6cbc5e24
2015-10-08 17:10:05 -07:00