Commit graph

1839 commits

Author SHA1 Message Date
Antoine Musso
2209d34372 debootstrap: avoid duplicate network configuration
On Debian network configuration can be done via /etc/network/interfaces.
It can accept a statement to load additional files, which varied in
history:

Wheezy only supports 'source' (see b822581)
Jessie supports 'source-directory' and comes with the statement by
default.

However since 754dd05 we inconditionally inject 'source', thus on Jessie
the configuration ends up with:

 source-directory /etc/network/interfaces.d/*
 source /etc/network/interfaces.d/*

When networking is started, 'ifup -a' parses the list of interfaces
twice. When configured with dhcp, that causes two dhclient to spawn
which might conflict with each other.

Inject the source statement only if there is neither a source or
source-directory with the same path.

Change-Id: Iefa9c9584f676e50481c621b4111eded3125a50b
2016-12-21 10:23:32 +01:00
Jenkins
b25044fe11 Merge "elements: Drop executable bits from environment files" 2016-12-06 03:18:33 +00:00
Jenkins
e19a3d823a Merge "add option to configure cloud-init to allow password authentication" 2016-12-05 06:54:50 +00:00
Jenkins
753ac91ec8 Merge "Replace six.iteritems() with .items()" 2016-12-02 16:38:22 +00:00
Markos Chandras
e22faa0f77 elements: Drop executable bits from environment files
Files in $element/environment.d are meant to be sourced, so drop
the executable bit. Moreover, drop the executable bit from a couple
of other scripts that are either meant to be sourced or simply because
they are configuration files.

Change-Id: I7f724dd9d409f4a835a136f12f48a84aa9acc41e
2016-12-01 23:06:56 +00:00
Jenkins
ef1effd202 Merge "elements: Drop unneeded DIB_INIT_SYSTEM usage" 2016-12-01 19:44:47 +00:00
Jenkins
f7e095e880 Merge "elements: pip-and-virtualenv: Add python-xml dependency" 2016-12-01 07:34:55 +00:00
Jenkins
ff688c67c5 Merge "elements: zypper-minimal: Add ca-certificates-mozilla package" 2016-12-01 05:28:32 +00:00
Jenkins
c867c8cdb5 Merge "Trace package install in package-installs-v2" 2016-12-01 01:52:03 +00:00
Jenkins
fffe15e763 Merge "Perform package install outside of debootstrap" 2016-11-30 05:32:09 +00:00
Jenkins
3e68c5aaa5 Merge "Fix a typo" 2016-11-30 04:20:56 +00:00
Gregory Haynes
45df304d48 Perform package install outside of debootstrap
Debootstrap only supports one apt repository to install packages from.
As a result, we do not consider the updates repo during debootstrap
causing us install a second kernel when we do an apt-get dist-upgrade
during build.

Lets use debootstrap to get us a minimal chroot, then add our repos and
install the correct packages from the start.

We also have to reorder the dpkg root.d scripts which configure apt so
they run before we perform our package installs.

Change-Id: I6a592db6f0a01d3b19d8e0786e63f1315a1ef647
Closes-Bug: #1637516
2016-11-30 15:16:46 +11:00
Markos Chandras
35e878b6d9 elements: zypper-minimal: Add ca-certificates-mozilla package
It's important to have the CA certificates on the target for ssl
crypto apps to work. Plus it's also important during bootstrapping
with diskimage-builder as tools like 'pip' etc need the certificates
in place in order to work properly. This fixes opensuse-minimal
image generation with the 'simple-init' element which was causing the
following error:

Download error on https://pypi.python.org/simple/: [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)

Change-Id: Ie94cd3556f8ae523f60ce0155ba18ed752e6fbb6
2016-11-29 16:14:53 +00:00
Jenkins
7644681815 Merge "elements: Add new openssh-server element" 2016-11-28 17:09:15 +00:00
Jenkins
0a453febc6 Merge "Fedora AArch64 (64-bit ARM) support in diskimage-builder" 2016-11-25 12:09:21 +00:00
Jenkins
73a9591632 Merge "yum-minimal: add systemd to initial install" 2016-11-25 11:19:09 +00:00
Ian Wienand
08d6a9f93d yum-minimal: add systemd to initial install
It seems in the grub cleanup in
Iafe3611f4eec3c6357587a6cae6a30a261686ead I managed to unintentionally
drop systemd from the yum-minimal builds.  By not pre-installing grub
we dropped some dependencies; the path is tortured ... grub2 ->
os-prober -> udev -> systemd-udev -> systemd (we don't even want
os-prober!  So this whole thing was working by accident).

This manifests in *very* confusing ways.

Currently centos-minimal builds are failing late in the build with
services unable to enabled.  dib-init-system was actually trying to
tell us that it didn't know what init was installed (because systemd
wasn't actually installed), but unfortunately it was not really
failing.  This meant the service files were not copied correctly from
other elements, and thus fail to be enabled.  I have corrected this
with I076c08190d40c315ad6a6d96a3823e9fc52630be which would at least
alert us earlier.

For Fedora 24, due to a bug in dracut dependencies [1], missing the
systemd-udev package fails the build of the initrd during the kernel
install.  This then results in an initrd-less, unbootable system (see
also Ibaaa81124098f3c6febe48e455d3e1cd0a5f1761).

Add these dependencies explicitly.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1398505

Change-Id: I24ce648485c3d6f3c27ab8f87a638516b3727017
2016-11-25 21:09:11 +11:00
Luong Anh Tuan
29d50bc69b Replace six.iteritems() with .items()
We should avoid using six.iteritems/keys achieve iterators. We can use
dict.items/keys instead, as it will return iterators in PY3 as well.
And dict.items/keys will more readable.

In py2, the performance about list should be negligible, see
https://wiki.openstack.org/wiki/Python3 and
http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html

Change-Id: I6353f0a1b423c6dbd0c71343f7919fd0de440e34
2016-11-23 12:03:05 +00:00
Ian Wienand
bc6be85424 Trace package install in package-installs-v2
When running the package install, trace the output so we can see what
packages were installed.

Change-Id: I5442f544ff0ef3ddffdbe6b898d178548d699a41
2016-11-23 19:58:45 +11:00
Ian Wienand
f15550f9fe Special case dib-python in dib-lint
It seems that on Xenial, it does not take much to confuse "file" and
it's mime guessing such that it thinks some files are not python.

"package-installs-v2" is a good example, since it has an interpreter
"dib-python" that "file" doesn't know about, and no extension.  While
looking at this, I've added emacs vars here so it opens in python
mode.

Change-Id: I01994b08c5ad8987925f1eec4062f5b6ee72eb8f
2016-11-23 19:58:43 +11:00
Markos Chandras
e4868d9ad6 elements: Drop unneeded DIB_INIT_SYSTEM usage
DIB_INIT_SYSTEM is exported by the dib-init-system element and contains
the output of the dib-init-system script so there is no need to
re-initialize it during various phases.

Change-Id: I09d6d10742689efe3d8eb9d64b539d6599b46227
2016-11-22 10:47:43 +00:00
Markos Chandras
bbcc22751f elements: Add new openssh-server element
Add new 'openssh-server' element to ensure that openssh server
is installed and enabled during boot. This is mostly useful for
*-minimal images which do not come with openssh installed and/or
enabled in order to keep a small dependency footprint.

Change-Id: Ide15ee04f5de123dbc8ce4bb56d638d8a167c341
2016-11-22 10:07:14 +00:00
Noam Angel
55b6101e1b add option to configure cloud-init to allow password authentication
This patch will configure cloud-init to allow password authentication.
This is usefull in case you use "devuser" element and want to ssh guest
image.

Change-Id: I00e38aa2753f26b4cdd34d0fd85fc8e0de78171f
2016-11-22 09:33:58 +00:00
Markos Chandras
d84df60345 elements: pip-and-virtualenv: Add python-xml dependency
SUSE packages the 'xml' python module as a separate package so make
sure it's pulled in before we attempt to install the pip module
since the latter depends on it. Fixes the following problem when
building with the opensuse-minimal and pip-and-virtualenv elements:

Traceback (most recent call last):
  File "/tmp/get-pip.py", line 19177, in <module>
    main()
  File "/tmp/get-pip.py", line 194, in main
    bootstrap(tmpdir=tmpdir)
  File "/tmp/get-pip.py", line 82, in bootstrap
    import pip
  File "/tmp/tmpOiESjX/pip.zip/pip/__init__.py", line 16, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/vcs/subversion.py", line 9, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/index.py", line 32, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/__init__.py", line 16, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/html5parser.py", line 6, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/inputstream.py", line 10, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/utils.py", line 10, in <module>
ImportError: No module named xml.etree.ElementTree

Change-Id: I1bec12dfcde05fb07f41bcec994148c3eacbb287
2016-11-21 15:54:18 +00:00
Clark Boylan
c5ec1348c3 Fix runtime ssh host keys script
The script is set -e and set -o pipefail, unfortauntely this intersects
with `yes n`'s non zero exit code behavior when it receives an interrupt
like sigpipe. As a result stop setting pipefail so that we treat those
errors as "normal" and only fail if ssh-keygen fails.

Change-Id: I5447df97c9888cae3007e235e2fea44df61af28e
2016-11-19 18:02:33 -05:00
gecong1973
f9244a8fce Fix a typo
TrivialFix

Change-Id: Iebe82e616eed2d9b9a99a9714230d480adbd055b
2016-11-18 10:48:05 +08:00
Jenkins
eeb9e0e4a6 Merge "Disable all repos in os-refresh-config too" 2016-11-18 00:23:04 +00:00
Jenkins
0fbf131550 Merge "Cleanup yumdownloader repos" 2016-11-18 00:23:00 +00:00
Jenkins
27bd4741bf Merge "debian: install dialog package" 2016-11-18 00:21:23 +00:00
Jenkins
f5d23c975a Merge "Change path for dnf arch override so basearch is not overwritten." 2016-11-18 00:20:50 +00:00
Jenkins
0ea4ea5bed Merge "Don't use ssh-keygen -A for init scripts" 2016-11-17 19:54:25 +00:00
d.marlin
8d7362aa9b Change path for dnf arch override so basearch is not overwritten.
After writing the basearch value to /etc/dnf/vars/basearch the
arch value was overwriting the same file.  This appears to be
incorrect, so changing it to write /etc/dnf/vars/arch, which
matches the subsequent 'yum' code paths.

Change-Id: I5da54f03224c11f9e286f16b68533936c4174c2a
2016-11-17 03:36:54 -05:00
d.marlin
9b4d2a22e4 Fedora AArch64 (64-bit ARM) support in diskimage-builder
Add some checks for AArch64 to avoid the "Unknown architecture" or
"architecture not supported" messages, and allow builds to complete.

Change-Id: I89ba609abaeeb7019eb317cf13473929b2065230
2016-11-16 21:47:26 -05:00
Ben Nemec
fb8cf95b6f Disable all repos in os-refresh-config too
This change was made for pre-install so it applies during the
image build, but wasn't applied to the os-refresh-config script
that would run after deployment.  The same problems apply there,
so we should do the same thing.

Change-Id: I4b8534cc9586eeb588b5c358550e76e27d40556a
Closes-Bug: 1629922
2016-11-16 16:27:24 -06:00
Jenkins
be1e563524 Merge "simplify ARCH param for rhel/centos param can be x86_64 and amd64" 2016-11-15 00:44:00 +00:00
Noam Angel
e88d6b37df add support for SUSE in dhcp-all-interfaces
This patch will add support for SUSE network scripts,
network script in SUSE saved under "/etc/sysconfig/network/ifcfg-*"
see: https://www.suse.com/documentation/sled11/book_sle_admin/data/sec_basicnet_manconf.html

Change-Id: I87ac2e327cee4945c15da9f2e4adc0a8b7650712
2016-11-15 10:20:09 +11:00
Noam Angel
d07d7ed15d simplify ARCH param for rhel/centos param can be x86_64 and amd64
for fedora/rhel/centos the main supported ARCH is x86_64. This patch allow
to call diskimage-builder with the above distro's with param ARCH=x86_64,
And also retain same behaiver when call with ARCH=amd64 as it translate
anyway to x86_64. Doing so wil simplify user expirience.

Change-Id: I229e0912434109b1b48a030bd35ad8dc1096a629
2016-11-15 10:18:14 +11:00
Jenkins
80976d9d44 Merge "Add element for setting sysctl values" 2016-11-14 17:19:04 +00:00
Saverio Proto
5d9d3d5cf0 debian: install dialog package
Without the dialog package is not possible
to properly use an interactive frontend.

debconf will print the following errors:

debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed,
so the dialog based frontend cannot be used. at
/usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76, <> line 1.)

Change-Id: I0c7142f717cacf7437dbac1e1696f39b00cb4c49
2016-11-14 15:37:39 +01:00
Jenkins
77e14e9313 Merge "elements: runtime-ssh-host-keys: Add openssh-client mapping for SUSE" 2016-11-14 10:01:11 +00:00
Jenkins
a0a19cbbfa Merge "elements: opensuse-minimal: Add support for building Tumbleweed images" 2016-11-14 10:01:05 +00:00
Jenkins
6224824bde Merge "Fix ironic-python-agent image not loading vfat mod" 2016-11-14 09:41:35 +00:00
Jenkins
cc8ab5f4b6 Merge "Avoid disabling rhel-7-server-rh-common-rpms" 2016-11-14 09:32:28 +00:00
Jenkins
5c546ed565 Merge "Install lsb package by map name instead of package name" 2016-11-14 07:13:52 +00:00
Jenkins
3bfff8f905 Merge "elements: zypper-minimal: Mount common pseudo filesystems" 2016-11-14 07:08:23 +00:00
Jenkins
aec2128b38 Merge "elements: zypper-minimal: Refresh repositories after adding the cache" 2016-11-14 07:01:13 +00:00
Ben Nemec
79c27199f2 Install lsb package by map name instead of package name
We have a pkg-map entry for lsb_release, but in package-installs.yaml
we refer to the actual package name instead.  This will happen to
work on Red Hat platforms, but it's actually wrong.

Change-Id: Idb248f96e75fa1090422fa08e5fbb2385cc1f517
2016-11-11 14:30:21 -06:00
Ian Wienand
7e60540c0d Cleanup yumdownloader repos
yumdownloader has to have all the repo XML files, etc, which adds up
to a not totally insignificant 150MiB or so.  Currently we're leaking
this directory for every build, which adds up on regualar builders
like nodepool.

Isolate the call with a separate TMPDIR so we can clean it up after
the initial download.

Change-Id: Ic65e8ca837cc76b7a1bb9f83027b4a5bdd270f75
2016-11-10 17:02:53 +11:00
Jenkins
587d14feed Merge "dhcp-all-interfaces: support Centos/RHEL 6" 2016-11-08 11:21:51 +00:00
Luca Lorenzetto
c7219a5a60 Avoid disabling rhel-7-server-rh-common-rpms
while using disk-image-builder for building overcloud images for TripleO
using RDO, this repository is (in my opinion) wrongly disabled because
contains certain dependencies needed by RDO packages.
Example: python-cheetah is required for python-nova, but is not
available through RDO repository but only from
rhel-7-server-rh-common-rpms

Closes-Bug: #1638938
Change-Id: I76824c8ec02590397f1ff1d4f177ad061c7bf441
Signed-off-by: Luca Lorenzetto <lorenzetto.luca@gmail.com>
2016-11-03 15:15:42 +01:00