Commit graph

3186 commits

Author SHA1 Message Date
Jenkins
a52a82036e Merge "DIB element to support cinder local attach/detach functionality" 2016-12-13 23:58:36 +00:00
Jenkins
5db62528f5 Merge "Put MKFS_OPTS after filesystem type" 2016-12-13 23:58:30 +00:00
Jenkins
8ddbc6425d Merge "Make dib-python use the default python for distro" 2016-12-13 23:28:50 +00:00
Ian Wienand
8e3e66dfbd Speed up chroot checking loop
It was noticed on a very busy system this can take about 1s per loop.
This starts to add up on thousands of processes.

Firstly, prune out all the kernel threads.  Then introduce a very
small inline python script to find any pids that seem to be in the
chroot without forking to examine each one.  After that the existing
loop just kills anything as before.

Change-Id: Icc7bc7eda80ffcd636f97e6542d70c220e9c225e
2016-12-13 12:47:46 +11:00
Ben Nemec
bf5af6155c Don't set the executable bit on dhcp-interface@.service
systemd doesn't like it when service files have the executable bit
so this causes it to spam the journal with messages like:

Configuration file /usr/lib/systemd/system/dhcp-interface@.service is
marked executable. Please remove executable permission bits.
Proceeding anyway.

Removing the executable bit from the install permissions should
eliminate those messages.

Change-Id: Ie1bc39465b3fcb55dcda5cee9e46a128a6ccffcb
2016-12-12 10:55:03 -06:00
Gregory Haynes
6278371eaa Make dib-python use the default python for distro
Right now dib-python works by trying to find any python on a system in
an order of precedence. A much better way is if we are explicit about
the python we intend to be there which will allow us to make better
decisions in other elements (such as allowing for package-installs to
take into account DIB_PYTHON_VERSION) as well as allow for users to
specify a preferred python version.

Co-Authored-By: Adam Harwell <flux.adam@gmail.com>
Change-Id: Ie609de51cc5fcde701296c9474e315981d9778a2
2016-12-09 09:25:37 -08:00
Gregory Haynes
cd1965f7b7 Allow disto-specific mirror settings
Most of our distros support DIB_DISTRIBUTION_MIRROR for setting the
mirror to be used when building. This has a major downside where if
someone would like to create a static configuration for building various
distro images it cannot set DIB_DISTRIBUTION_MIRROR (think of the case
where we want to run our tests).

By adding support for DIB_$DISTRO_DISTRIBUTION_MIRROR this problem is
resolved.

Change-Id: I92964b17ec3e47cf97e3a3091f054b2a205ac768
2016-12-08 16:02:15 -08:00
Ian Wienand
5e2330d89c Put MKFS_OPTS after filesystem type
mkfs's arguments are

 mkfs [options] [-t type] [fs-options] device [size]

So it seems our MKFS_OPTS are really supposed to be fs-options, rather
than options to mkfs itself.

Why didn't we notice?  It's quite a trap -- mkfs.ext2 has a "-t"
option, so when we're calling

 $ mkfs -i 4096 ... -t ext4 ...

We actually just fall-back to the default from the mkfs wrapper which
is mkfs.ext2 which works!  But when you make that, say, xfs, we're not
calling the right wrapper at all.

Also update documentation

Closes-Bug: #1648287
Change-Id: I3ea5807088ab361bd9c235c07fb1553fbaf9178b
2016-12-09 07:22:38 +11:00
Aparna
cb3e1076e3 Update hpssacli to ssacli in proliant-tools element
This commit updates the CLI utility name hpssacli to
ssacli  as part of company name change from HP to HPE.
ssacli will work seamlessly for all the cases where
hpssacli is used.

It also updates the custom URL location for ssacli
utility with new location.

Change-Id: I2de4d3430e7308d25e36dc6960783699aa17dfae
2016-12-07 15:56:41 +00:00
Michael Johnson
2e82d7f214 Update sysctl-write-value to do conflict checking
Adds conflict checking to the sysctl-write-value script
to detect settings from multiple elements conflicting.

Change-Id: If312d199388036d6f4103e94dca99249cb3bcbaf
2016-12-06 22:58:20 +00:00
Jenkins
8c74c8e409 Merge "Delete deprecated Hacking in tox.ini" 2016-12-06 03:18:58 +00:00
Jenkins
b25044fe11 Merge "elements: Drop executable bits from environment files" 2016-12-06 03:18:33 +00:00
Jenkins
e19a3d823a Merge "add option to configure cloud-init to allow password authentication" 2016-12-05 06:54:50 +00:00
gengchc2
b2c3a3afdd Delete deprecated Hacking in tox.ini
Some hacking have been removed,so we can delete them.
More details:
    https://github.com/openstack-dev/hacking/blob/master/setup.cfg

Change-Id: I2ba6b00aa2a968ffb53d1061f895a593ea57a063
2016-12-04 13:04:50 +08:00
Jenkins
fc7b7cf46d Merge "Changed author and author-email" 2016-12-02 17:02:58 +00:00
Jenkins
753ac91ec8 Merge "Replace six.iteritems() with .items()" 2016-12-02 16:38:22 +00:00
Markos Chandras
e22faa0f77 elements: Drop executable bits from environment files
Files in $element/environment.d are meant to be sourced, so drop
the executable bit. Moreover, drop the executable bit from a couple
of other scripts that are either meant to be sourced or simply because
they are configuration files.

Change-Id: I7f724dd9d409f4a835a136f12f48a84aa9acc41e
2016-12-01 23:06:56 +00:00
Jenkins
ef1effd202 Merge "elements: Drop unneeded DIB_INIT_SYSTEM usage" 2016-12-01 19:44:47 +00:00
Jenkins
f7e095e880 Merge "elements: pip-and-virtualenv: Add python-xml dependency" 2016-12-01 07:34:55 +00:00
Jenkins
ff688c67c5 Merge "elements: zypper-minimal: Add ca-certificates-mozilla package" 2016-12-01 05:28:32 +00:00
Ian Wienand
5adfc9365a Fix --version display
We do not have the concept of "not installed" in v2, so remove the
obsolete code looking for a now non-existent variable.

Also, log the version at startup.  This can help when
debugging from logs

Change-Id: I964c4cf207c10666afc5bc7ab9f2bfb9b1897c1e
2016-12-01 04:37:04 +00:00
Jenkins
c867c8cdb5 Merge "Trace package install in package-installs-v2" 2016-12-01 01:52:03 +00:00
Anshul Jain
34bdc7df90 DIB element to support cinder local attach/detach functionality
This element adds python-brick-cinderclient-ext to the make customized image
to support cinder local attach/detach functionality. Currently it has the
dependency on known bug<https://launchpad.net/bugs/1623549>, which would be
resolved with next release of python-brick-cinderclient-ext.

Change-Id: Idfe83bafa2843c781c18b83f1a3aece3ae852f78
2016-11-30 08:46:13 +00:00
Jenkins
fffe15e763 Merge "Perform package install outside of debootstrap" 2016-11-30 05:32:09 +00:00
Jenkins
389b372976 Merge "Improve checksum performance for images" 2016-11-30 05:07:21 +00:00
Jenkins
3e68c5aaa5 Merge "Fix a typo" 2016-11-30 04:20:56 +00:00
Gregory Haynes
45df304d48 Perform package install outside of debootstrap
Debootstrap only supports one apt repository to install packages from.
As a result, we do not consider the updates repo during debootstrap
causing us install a second kernel when we do an apt-get dist-upgrade
during build.

Lets use debootstrap to get us a minimal chroot, then add our repos and
install the correct packages from the start.

We also have to reorder the dpkg root.d scripts which configure apt so
they run before we perform our package installs.

Change-Id: I6a592db6f0a01d3b19d8e0786e63f1315a1ef647
Closes-Bug: #1637516
2016-11-30 15:16:46 +11:00
Paul Belanger
22952b7ea0 Improve checksum performance for images
Do md5 and sha256 in parallel to speed things up for larger images.

Change-Id: Ib782fe54e4286ba2749a7ab7247f5d41a887a370
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-11-30 03:42:24 +00:00
Ian Wienand
04208e7c79 Activate virtualenv in disk-image-create
Because we're still fundamentally a python program calling a
shell-script, there's some oddities like not having the virtualenv
bin/ in the $PATH if we call disk-image-create directly.

We can detect this, however, and activate the virtualenv before we
fork the disk-image-create shell script so everything "just works".

See also nodepool change I0537cbf167bb18edf26f84ac269cbd9c8a1ea6a2

Change-Id: Ibfea6cf6a6fd0c7f1e468d501c61ae0b58992042
2016-11-30 06:11:09 +11:00
Markos Chandras
35e878b6d9 elements: zypper-minimal: Add ca-certificates-mozilla package
It's important to have the CA certificates on the target for ssl
crypto apps to work. Plus it's also important during bootstrapping
with diskimage-builder as tools like 'pip' etc need the certificates
in place in order to work properly. This fixes opensuse-minimal
image generation with the 'simple-init' element which was causing the
following error:

Download error on https://pypi.python.org/simple/: [SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)

Change-Id: Ie94cd3556f8ae523f60ce0155ba18ed752e6fbb6
2016-11-29 16:14:53 +00:00
Cao Xuan Hoang
cdfd757ae9 Changed author and author-email
Changed author to OpenStack and author_email to
author-email

Change-Id: Id1a398bfd644e8db41a8ab816c8c6ff3c322f7b4
2016-11-29 11:04:52 +07:00
Ian Wienand
448a2602fe Merge remote-tracking branch 'origin/master' into merge-branch
Change-Id: I05cc51c699008018d557ed3874d71af26fd60240
2016-11-29 07:43:46 +11:00
Jenkins
7644681815 Merge "elements: Add new openssh-server element" 2016-11-28 17:09:15 +00:00
Jenkins
0a453febc6 Merge "Fedora AArch64 (64-bit ARM) support in diskimage-builder" 2016-11-25 12:09:21 +00:00
Jenkins
73a9591632 Merge "yum-minimal: add systemd to initial install" 2016-11-25 11:19:09 +00:00
Ian Wienand
08d6a9f93d yum-minimal: add systemd to initial install
It seems in the grub cleanup in
Iafe3611f4eec3c6357587a6cae6a30a261686ead I managed to unintentionally
drop systemd from the yum-minimal builds.  By not pre-installing grub
we dropped some dependencies; the path is tortured ... grub2 ->
os-prober -> udev -> systemd-udev -> systemd (we don't even want
os-prober!  So this whole thing was working by accident).

This manifests in *very* confusing ways.

Currently centos-minimal builds are failing late in the build with
services unable to enabled.  dib-init-system was actually trying to
tell us that it didn't know what init was installed (because systemd
wasn't actually installed), but unfortunately it was not really
failing.  This meant the service files were not copied correctly from
other elements, and thus fail to be enabled.  I have corrected this
with I076c08190d40c315ad6a6d96a3823e9fc52630be which would at least
alert us earlier.

For Fedora 24, due to a bug in dracut dependencies [1], missing the
systemd-udev package fails the build of the initrd during the kernel
install.  This then results in an initrd-less, unbootable system (see
also Ibaaa81124098f3c6febe48e455d3e1cd0a5f1761).

Add these dependencies explicitly.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1398505

Change-Id: I24ce648485c3d6f3c27ab8f87a638516b3727017
2016-11-25 21:09:11 +11:00
Ian Wienand
ff79dc9793 Catch errors in DIB_INIT_SYSTEM export
When you source a file that just does

 export FOO=$(bar)

you miss any invalid return codes from "bar" (even under -e) because
bash returns the value of the "export", which is 0

On centos-minimal, we stopped bringing in systemd early and this was
causing dib-init-system to not know what init was available.  Since it
did not fail correctly, it lead to confusing errors much later in the
build when service files were not copied correctly.  See also
I24ce648485c3d6f3c27ab8f87a638516b3727017

A dib-lint check is added.  One minor fixup is in 00-set-apt-sources
(this one is less likely to cause problems).  I have run dib-lint over
project-config elements and none use this pattern.

Change-Id: I076c08190d40c315ad6a6d96a3823e9fc52630be
2016-11-23 23:03:50 +00:00
Luong Anh Tuan
29d50bc69b Replace six.iteritems() with .items()
We should avoid using six.iteritems/keys achieve iterators. We can use
dict.items/keys instead, as it will return iterators in PY3 as well.
And dict.items/keys will more readable.

In py2, the performance about list should be negligible, see
https://wiki.openstack.org/wiki/Python3 and
http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html

Change-Id: I6353f0a1b423c6dbd0c71343f7919fd0de440e34
2016-11-23 12:03:05 +00:00
Ian Wienand
bc6be85424 Trace package install in package-installs-v2
When running the package install, trace the output so we can see what
packages were installed.

Change-Id: I5442f544ff0ef3ddffdbe6b898d178548d699a41
2016-11-23 19:58:45 +11:00
Ian Wienand
f15550f9fe Special case dib-python in dib-lint
It seems that on Xenial, it does not take much to confuse "file" and
it's mime guessing such that it thinks some files are not python.

"package-installs-v2" is a good example, since it has an interpreter
"dib-python" that "file" doesn't know about, and no extension.  While
looking at this, I've added emacs vars here so it opens in python
mode.

Change-Id: I01994b08c5ad8987925f1eec4062f5b6ee72eb8f
2016-11-23 19:58:43 +11:00
Markos Chandras
e4868d9ad6 elements: Drop unneeded DIB_INIT_SYSTEM usage
DIB_INIT_SYSTEM is exported by the dib-init-system element and contains
the output of the dib-init-system script so there is no need to
re-initialize it during various phases.

Change-Id: I09d6d10742689efe3d8eb9d64b539d6599b46227
2016-11-22 10:47:43 +00:00
Markos Chandras
bbcc22751f elements: Add new openssh-server element
Add new 'openssh-server' element to ensure that openssh server
is installed and enabled during boot. This is mostly useful for
*-minimal images which do not come with openssh installed and/or
enabled in order to keep a small dependency footprint.

Change-Id: Ide15ee04f5de123dbc8ce4bb56d638d8a167c341
2016-11-22 10:07:14 +00:00
Noam Angel
55b6101e1b add option to configure cloud-init to allow password authentication
This patch will configure cloud-init to allow password authentication.
This is usefull in case you use "devuser" element and want to ssh guest
image.

Change-Id: I00e38aa2753f26b4cdd34d0fd85fc8e0de78171f
2016-11-22 09:33:58 +00:00
Markos Chandras
d84df60345 elements: pip-and-virtualenv: Add python-xml dependency
SUSE packages the 'xml' python module as a separate package so make
sure it's pulled in before we attempt to install the pip module
since the latter depends on it. Fixes the following problem when
building with the opensuse-minimal and pip-and-virtualenv elements:

Traceback (most recent call last):
  File "/tmp/get-pip.py", line 19177, in <module>
    main()
  File "/tmp/get-pip.py", line 194, in main
    bootstrap(tmpdir=tmpdir)
  File "/tmp/get-pip.py", line 82, in bootstrap
    import pip
  File "/tmp/tmpOiESjX/pip.zip/pip/__init__.py", line 16, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/vcs/subversion.py", line 9, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/index.py", line 32, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/__init__.py", line 16, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/html5parser.py", line 6, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/inputstream.py", line 10, in <module>
  File "/tmp/tmpOiESjX/pip.zip/pip/_vendor/html5lib/utils.py", line 10, in <module>
ImportError: No module named xml.etree.ElementTree

Change-Id: I1bec12dfcde05fb07f41bcec994148c3eacbb287
2016-11-21 15:54:18 +00:00
Jenkins
09cab0fa65 Merge "Turn off tracing around pid/chroot check" 2016-11-21 00:31:49 +00:00
Clark Boylan
c5ec1348c3 Fix runtime ssh host keys script
The script is set -e and set -o pipefail, unfortauntely this intersects
with `yes n`'s non zero exit code behavior when it receives an interrupt
like sigpipe. As a result stop setting pipefail so that we treat those
errors as "normal" and only fail if ssh-keygen fails.

Change-Id: I5447df97c9888cae3007e235e2fea44df61af28e
2016-11-19 18:02:33 -05:00
Ian Wienand
e0c346d479 Turn off tracing around pid/chroot check
In the error case, we get a spew of output as this check goes though
every pid checking if its in the chroot.  Disable tracing around the
call.

Change-Id: Ie84f12974755c0c2c51d7e7697337ed9b32a4a1c
2016-11-18 14:51:20 +11:00
Ian Wienand
7d5afecfd9 Merge remote-tracking branch 'origin/master' into merge-branch
Change-Id: Ibab1bb95521292ae818bd91f7073c3749a2cc0cb
2016-11-18 13:53:56 +11:00
gecong1973
f9244a8fce Fix a typo
TrivialFix

Change-Id: Iebe82e616eed2d9b9a99a9714230d480adbd055b
2016-11-18 10:48:05 +08:00
Jenkins
eeb9e0e4a6 Merge "Disable all repos in os-refresh-config too" 2016-11-18 00:23:04 +00:00