Commit graph

1400 commits

Author SHA1 Message Date
Ramakrishnan G
afe739ceed Fix disk image create errors behind proxy
This commit fixes errors while trying to create a
DIB ramdisk with ironic-agent element when built
behind proxy. It fixes the issue by making it install
latest versions of pip and setuptools which has the
fixes for them.

Change-Id: I1ffb832ebab009b2d77a46e6c8fc758dd9632359
Closes-Bug: 1449852
2015-05-04 21:17:47 -07:00
Gonéri Le Bouder
725f91078e force arch amd64 for EL7 elements
rhel7 and centos7 images are both only available on x86_64 arch.
if $ARCH is misconfigured, some strange error will happen during the build.
For example, DIB will try to install EPEL i386 on the 64bit root system.

For the record, tripleo-incubator $NODE_ARCH default value is i386. The
problem will happend as soon as the default value is used with one of
these root elements.

This commit ensure the $ARCH is set to amd64 as soon as the centos7 or
rhel7 root element are used.

Change-Id: Ie41fa2da48eac6bf89b96cfa137c0f572dae6734
2015-05-04 14:18:51 +02:00
Ramakrishnan G
45db8f1280 Add packages required for iscsi extension in agent
In Kilo, we added added an iscsi extension in
ironic-python-agent which requires tgtd and tgtadm.
This commit adds scsi-target-utils to the ramdisk for
this.

Also the git protocol for retrieving the source code is
changed to http.  Git protocol doesn't go through a proxy,
but http can.

Closes-Bug: 1449854
Change-Id: I8cf274913a16404941770d0c6115bd6feec1ccb8
2015-05-04 00:16:19 -07:00
Ramakrishnan G
91e9e0aef8 Package ldlinux.c32 along with isolinux.bin if it exists
Starting from syslinux 5.00, isolinux.bin is dependent on
ldlinux.c32 to boot for BIOS machine.  syslinux > 5.00 is
delivered with Fedora 21 cloud image which breaks the boot
from ISO if ldlinux.c32 doesn't exist.

Change-Id: If722f36aeaabc759d93ef6ae3f49b21bb840a92d
Closes-Bug: 1449882
2015-05-04 00:13:32 -07:00
Jenkins
d734899997 Merge "Mount with -o nouuid for XFS base images" 2015-05-04 00:42:21 +00:00
Gregory Haynes
28d32f1b5f Export DIB_RELEASE in centos
We export this variable by convention in the other OS elements.

Change-Id: I311a54ff614596fe7ee23bf44b44b55f9d04690d
2015-05-01 17:43:33 +00:00
Jenkins
4a1c833c27 Merge "Download of translations not properly disabled in APT" 2015-04-30 20:58:09 +00:00
Adam Gandelman
0afdb07445 debian-minimal: Remove -backport's restricted + universe
These are ubuntu-isms that do not exist on debian mirrors and cause
builds to break if they're based on a stable debian release.

Change-Id: I08c2826eba4aabd0be69955220624b2f179a15ee
Closes-bug: #1450198
2015-04-29 13:45:29 -07:00
Jenkins
ecdd551ce2 Merge "Use labels for virtual media dev in Ironic ramdisk" 2015-04-29 14:41:54 +00:00
Jenkins
37baf8b2b4 Merge "Generate locales in debian-based elements" 2015-04-28 23:00:00 +00:00
Jenkins
b7c22723d4 Merge "Fix to load only signed kernel in UEFI secure boot" 2015-04-28 11:02:52 +00:00
Jenkins
f8302171f5 Merge "Add element ubuntu-signed to provide signed kernel" 2015-04-28 11:02:44 +00:00
Jenkins
d2727fccf4 Merge "Split the debootstrap functions into an element" 2015-04-28 10:55:36 +00:00
Jenkins
8b002cba09 Merge "Clean up targetcli ramdisk installation" 2015-04-28 06:22:14 +00:00
Antoine Musso
8d052a54a7 Turn docs warnings into errors and fix issues
Set the pbr option 'warnerrors' to make build_sphinx turns warnings into
error. Fix all warnings.

`tox -edocs` will thus abort whenever someone introduce a new error.

Change-Id: Id6d09768a241866e1fdc1a1e2bf90336f5c5087d
2015-04-27 15:03:19 +00:00
Monty Taylor
d22cc0ce0d Generate locales in debian-based elements
Without generating locales, annoying warnings are spewed.

Change-Id: Ibb2f241a5eb398377967a77cd5dd8fe55719fdbf
2015-04-27 05:08:24 +00:00
Monty Taylor
23aa76dff0 Split the debootstrap functions into an element
debootstrap is not debian or ubuntu specific. We can make a debootstrap
element that knows how to do all of the things, and then a
debian-minimal and ubuntu-minimal image that use it. Finally, make
the debian element simply be a collection of the extra things we do to
make it look like a cloud-init based cloud image.

Change-Id: Iaf46c8e61bf1cac9a096cbfd75d6d6a9111b701e
2015-04-26 18:04:59 +00:00
Monty Taylor
c1d7cb4d6c Install glean from openstack source
glean is now moved into the openstack-infra repos, so the reference to
the originally temporary home can be discarded.

Change-Id: Ie89fff85e264a36d9bab15801314d5195b45031c
2015-04-25 08:45:10 -04:00
Jenkins
55fd6ab5e2 Merge "Port centos-minimal to yum-minimal" 2015-04-24 22:20:32 +00:00
Gregory Haynes
28c42fafdc Support arch-specific package-installs
In some cases, like linux-image-* on debian, we need to only install
packages for a specific target architecture.

Change-Id: Ic0009d0c1e121d6f3f1f21345c544e2d98f080f9
2015-04-24 21:58:05 +00:00
Jenkins
362cb398c8 Merge "Make troubleshoot work with dracut ramdisks" 2015-04-24 21:24:17 +00:00
Jenkins
c4072920ab Merge "Update cloud-init-datasources README" 2015-04-24 04:43:15 +00:00
Steve Baker
ea69fb9c47 Mount with -o nouuid for XFS base images
This change uses blkid to identify the fs type during redhat-common
extract-image. The image is mounted with -o nouuid for redhat/rhel
images that have XFS filesystems.

This is required when building images from the same base image
as the host VM to avoid "Filesystem has duplicate UUID" mount
failures.

Change-Id: I066289fbb27733a5a555242a0e2c363d58dd27d0
Closes-Bug: 1443706
2015-04-24 15:42:28 +12:00
Jenkins
49bc98dc7c Merge "Add generic devuser element" 2015-04-23 03:58:43 +00:00
Jenkins
74b777dae8 Merge "Fix dhclient in Fedora ramdisks" 2015-04-23 03:58:33 +00:00
Jenkins
c108943dd2 Merge "Generate the default en_US locale" 2015-04-23 03:55:19 +00:00
Jenkins
1f38bfad41 Merge "Allow setting DIB_PIP_RETRIES" 2015-04-23 03:51:57 +00:00
Jenkins
97c2432635 Merge "Use shorter temporary file names for kpartx" 2015-04-23 03:51:48 +00:00
Jenkins
26a11cddc1 Merge "Create the dracut directory if not existing already" 2015-04-23 03:46:53 +00:00
Monty Taylor
eadd79c2cb Port centos-minimal to yum-minimal
Now that we have a generic yum-minimal element, just use it in centos
instead of rinse. Adding base as an element-provides of yum-minimal
because this element conflicts with the base element.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I15275d821781171c118f21aa0c0bca55f65a65b3
2015-04-22 20:34:48 -04:00
Jenkins
c67ab571cb Merge "Add a yum-minimal element that just uses yum" 2015-04-22 22:26:15 +00:00
Jenkins
b0f41ac66f Merge "Add element to process config-drive network info" 2015-04-22 22:25:54 +00:00
Jenkins
1fc2cbff50 Merge "Break install-types out of base" 2015-04-22 19:40:02 +00:00
Jenkins
d2dcfbc3cf Merge "update the dib centos7 baseurl to use a mirrorlist" 2015-04-21 21:47:00 +00:00
Jenkins
e61ffb7fc8 Merge "Don't trace RHEL Registration scripts" 2015-04-21 14:29:02 +00:00
Pino Toscano
f35aace69f Use shorter temporary file names for kpartx
The loopback handling in the Linux kernel limits the filenames of
files associated to loopback devices, see also linux/loop.h.
This is reflected also on userspace, as kpartx will silently do nothing
(exiting with 0) when requesting to remove a filename longer than 64
characters, as that name will obviously not match the truncated
filename. The result of this is that, when extracting qcow2 images for
the first time, if the qcow2 filename is long enough then the loopback
device will not be removed, remaining as stale in the host.

As a workaround, use a temporary file name when convering a qcow2 image
to raw, instead of using the base name of the qcow2 file.
While this still will not fix the issue when manually using a long
temporary directory (e.g. TMP_DIR=/very/long/etc...), at least should
avoid it in other cases.

Change-Id: Ibf46cd313a9d89412c0e1068fa0993be6c5a29db
2015-04-21 10:36:33 +02:00
Jenkins
bb93df23b1 Merge "openSUSE update" 2015-04-21 03:55:25 +00:00
Jenkins
8b96cfd4bb Merge "Switch default Fedora image to F21" 2015-04-20 22:35:49 +00:00
Ramakrishnan G
1540e753dc Use labels for virtual media dev in Ironic ramdisk
This commit changes Ironic deploy ramdisk to find out
the virtual media device by using labels instead of
looking at the model of block device.  This helps in
finding out the device irrespective of the hardware.
Corresponding Ironic change is
If5b78d9af7048f2631d050ee5ce01ab7a67e2354.

Closes-Bug: #1429340
Change-Id: I5e8a706989bad13051eb47db0b1e762e6c672318
2015-04-18 04:58:03 +00:00
Jenkins
07da09b4f4 Merge "Update packages earlier" 2015-04-15 08:58:16 +00:00
Wesley Hayutin
7edf0f2a2d update the dib centos7 baseurl to use a mirrorlist
* replace baseurl with a centos mirrorlist
* fix typo in repoid

Change-Id: I028d1d7e9bf0b180ad73f750630adfbe41424512
2015-04-14 22:28:43 +00:00
Jenkins
b0e809cbca Merge "Do not export REG_HALT_UNREGISTER between hook scripts" 2015-04-14 20:50:35 +00:00
Thomas Bechtold
f411297e74 openSUSE update
Commit b4a1f1c190 wrongly changed the format of the available
images. There was a missconfiguration on the buildservice which produces
the images so no static links were available. That's fixed now so use
the correct names again.

Change-Id: Iac4cbc8672da67f5a89ac2f1be8bb9530215ea19
2015-04-14 21:53:38 +02:00
Monty Taylor
b5bcb3b60e Add a yum-minimal element that just uses yum
The centos-minimal approach of using rinse does not, it turns out, work
on centos. That's a bummer. It's also rather heavyweight. Instead, with
minor machinations, we can just use yum itself pointed at a chroot.

Also adding fedora-minimal element which creates a fedora image using
the new yum-minimal approach.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I026fd9d323e786dae5bb67824c6501067e1ceaa3
2015-04-14 13:39:18 -04:00
Monty Taylor
a33ddb89f1 Add element to process config-drive network info
If you don't want cloud-init, you may need to get a few things
from config-drive because you may be operating on a cloud with no DHCP.
In that case, simply reading some values from config-drive and writing
out either DHCP or static network info, in addition to grabbing ssh keys
is helpful. Both Infra and bifrost want this for their images.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I2746ed256b9783eab058b803130d3ccac484eaeb
2015-04-14 13:39:18 -04:00
Gregory Haynes
0c58eb11a0 Break install-types out of base
We support building elements without depending on the base element.
Breaking install-types out into its own element while making base depend
on it so elements can depend in it without base.

Change-Id: I104543d5482c76f60902e9fc32d91e196eeab51a
2015-04-14 13:39:18 -04:00
Dan Prince
208da5f605 Update packages earlier
Turns out that updating packages last causes some pretty
non-intuitive behaviour if you are trying to pin a package
to a specific version. Lets just update the base RPMs first...
subsequent installations should install the most updated version
anyways (unless they are pinned).

Also moves the package-installs script from the 00 step to 01 so
we can do the update first.

Co-Authored-By: Ben Nemec <bnemec@redhat.com>

Change-Id: I962046cc6048e852e6582fbc579f88bb73e23fdd
2015-04-13 21:50:10 +00:00
Shivanand Tendulker
f0315b4ed4 Fix to load only signed kernel in UEFI secure boot
This fix prevents loading of unsigned ubuntu kernel in UEFI secure
boot environment when image is created using 'iso' element.

'iso' element uses 'linux' and 'initrd' modules of grub2 to load
kernel and initrd respectively. The grub2 implementation of Ubuntu
can load unsigned kernel when these modules are used.

Ubuntu has Grub2 modules 'linuxefi' and 'initrdefi' which exits
boot process if unsigned kernel is used in UEFI secure boot mode.
The 'iso' element should use these modules in grub.cfg to prevent
loading of unsigned kernel when node is booted in the UEFI secure
boot environment.

'linuxefi' and 'initrdefi' works seamlessly when node is booted in
normal UEFI boot mode (non-secure).

Fedora do not have this issue. This fix has been tested in Fedora
environment. It works fine.

Closes-Bug: 1443114
Change-Id: If256ba1f7d7c149482d0f37fabcdfa8ed22e3f91
2015-04-13 13:20:12 +00:00
Shivanand Tendulker
06e3d7c767 Add element ubuntu-signed to provide signed kernel
ubuntu-signed element would install 'linux-signed-image-generic' that
provides signed kernel that can be used for deploy in UEFI secure boot mode.

Package 'linux-signed-image-generic' ships signed kernel with extension
'.efi.signed' (Ex. '/boot/vmlinuz-3.13.0-49-generic.efi.signed').

The kernel modules directory for signed kernel and unsigned kernel is same.
It is without 'efi.signed' extension to its name. This is different from normal
practice of directory naming in '/lib/modules' (Ex. For signed kernel
'vmlinuz-3.13.0-49-generic.efi.signed', modules directory is
'/lib/modules/3.13.0-49-generic').
This needed some changes in '/lib/ramdisk-functions' and 'ramdisk' element to
copy kernel modules.

The signed kernel package contains both signed and unsigned kernel. The
unsiged kernel is without extension '.efi.signed' (Ex.
'/boot/vmlinuz-3.13.0-49-generic'). This required change into
'/lib/img-functions' and 'baremetal' element to pick up signed kernel version
when this element is used.

Closes-Bug: 1443076
Change-Id: I60061cbea847b47fa752b9463cfd387e8e7f0635
2015-04-12 11:36:17 -07:00
Derek Higgins
51ff3bab65 Switch default Fedora image to F21
Fedora 21 was release 4 months ago, we should switch to use it as default
before it goes EOL.

Change-Id: I72686911cc21aeb75d61430878dd36c54edb6904
2015-04-10 16:22:18 +01:00
Jenkins
65ad6377a6 Merge "No markdown docs for elements" 2015-04-09 13:59:32 +00:00
Ben Nemec
9c27fae1e4 Clean up targetcli ramdisk installation
The targetcli element was triggering a bunch of errors from dracut
when we installed all of Python.  It turns out this is because there
were filenames with spaces in the find output and the loop didn't
handle that properly.  This switches to a while loop that can
handle odd filenames.

Change-Id: Iacbf16f26f2bc9991840250dc8ae7990db54d811
2015-04-08 15:26:06 -05:00
Ben Nemec
ffe825113e Make troubleshoot work with dracut ramdisks
Currently, calling the troubleshoot function in a ramdisk script
doesn't work as expected on dracut ramdisks.  This adds an alternate
troubleshoot implementation that will behave as intended.

I did not make it conditional on a kernel param as was done in the
original because dracut can behave strangely if you allow it to
continue after an error.  Always dropping to a shell immediately
should be less confusing.

Change-Id: I98000f4ac6d7890b1f44fe4d10394ac0ea332fcb
2015-04-08 12:54:32 -05:00
Pino Toscano
8d19032a4a Do not export REG_HALT_UNREGISTER between hook scripts
Do not rely on environment changes (like exporting REG_HALT_UNREGISTER)
to persist between different hooks run. This helps when the hooks are
run in different new environments every time.

Instead, in 99-unregister redo the same checks on REG_METHOD as done in
00-rhel-registration, still respecting REG_HALT_UNREGISTER in case the
user does not want to unregister the image generated.

Change-Id: Id594dcd72334f38a2fa96da21206da77a83d7a1a
Closes-Bug: #1434431
2015-04-08 09:28:47 +02:00
Gregory Haynes
031a7b03be Add generic devuser element
The devuser element is useful for configuring a generic utility user for
the built images.

Change-Id: Ifd9dcf3ba88d7abc98b1e44a93f6d9a6b4e764dd
2015-04-08 07:01:24 +00:00
Gregory Haynes
954b9de79b Update cloud-init-datasources README
Updating the README for this element to follow our new environment
variables convention.

Change-Id: I9cf21bd063ea2bfbea7244656af8f3d0e79f20b1
2015-04-08 06:57:44 +00:00
Gregory Haynes
8111fc40aa Improved apt-sources README
Cleaning up the apt-sources README to be easier to consume. Also
removing some tripleo references from the README.

Change-Id: I6937fd5cd51288b36890dde214701bcef1d61381
2015-04-07 23:05:38 +00:00
Ben Nemec
952915f25e Don't trace RHEL Registration scripts
We don't want to trace the RHEL registration scripts because that
is likely to log things like passwords and activation keys.  To
still allow for debugging failed runs, add sanitized logging of
the arguments passed to the registration commands, since that is
the part of the process where problems are most likely to manifest.

Change-Id: I0f661e9c152f43b814fda61211bd56ba93e3b9dc
2015-04-07 10:33:33 -05:00
Cédric Ollivier
3deb171a7a Generate the default en_US locale
The default locale set by cloud-init is now generated to prevent the
warning printed when the user is logged in.

Closes-Bug: 1440728
Change-Id: I2faff6c9d3ab8bb5f66d58e77bcf37f186bf501d
2015-04-06 15:31:04 +02:00
Gregory Haynes
cc308464c6 No markdown docs for elements
Sphinx does not support markdown, therefore all our element docs should
not be in this format.

Change-Id: I6fceb5c2c218e94a463f13d6d9050aea485e6c31
2015-04-02 23:55:19 +00:00
Jenkins
2888318eab Merge "Report status of boot loader installation to Ironic" 2015-04-02 13:07:40 +00:00
Pino Toscano
f7aefb1498 Create the dracut directory if not existing already
Make sure that the target directory for 50targetcli exists already, in
case there is no dracut installed at extra-data.d run time.

Change-Id: I85ade9e85e823b7564a5839c8b6181548a15ad41
2015-04-02 15:07:33 +02:00
Jenkins
5f0f296f58 Merge "Refactor deploy ramdisk to allow use of targetcli" 2015-04-01 21:20:59 +00:00
Jenkins
6446b2eebf Merge "Split dib-init-system into its own element" 2015-04-01 20:35:04 +00:00
Jenkins
88309de96b Merge "Handle non-cloud-init installs" 2015-04-01 04:01:39 +00:00
Jenkins
de0c663a1c Merge "Use find instead of ls" 2015-03-31 20:18:15 +00:00
Jenkins
64d2b3647e Merge "Run udevadm settle after kpartx -l" 2015-03-31 20:17:03 +00:00
Jenkins
60bafe6d93 Merge "Fedora: install redhat-rpm-config" 2015-03-31 19:55:41 +00:00
Ramakrishnan G
9fb2d14cf1 Report status of boot loader installation to Ironic
This commit changes the 80-deploy-ironic script of
deploy-ironic element to report back the status of
boot loader install (when boot_option == "local")
using a newly introduced vendorpassthru.

Closes-Bug: 1422723
Change-Id: I9c1d8643be7cb9e273d65ddd791715a5c271fd93
2015-03-31 16:41:24 +00:00
Derek Higgins
5671a38e8e Fix dhclient in Fedora ramdisks
Copy all of the necessary parts for a Fedora based dhclient to work. This
includes a number of network scripts. Also grab the ip command supplied by
the iproute package, the busybox "ip addr" command was missing the valid_lft
and preferred_lft options.

This will allow the dhcp to work in the ramdisk instead of getting passed the
PXE net config.

Related-Bug: #1417026
Change-Id: I8feee9a740855dab7b47162c5727bf91db77fcc6
2015-03-31 12:27:40 +01:00
Pino Toscano
516e3ae7d6 Use find instead of ls
The listing of *-$INSTALL_TYPE-install files currently uses ls, which
errors out when the glob matches no files, thus using true to not fail
it.
Instead, use find to collect the file list, so there is no need to
ignore the command errors.

Change-Id: Ic6888106858df320a1c90a84f1b9ec74d436b9e6
2015-03-31 13:24:29 +02:00
Gregory Haynes
89dd01e4a0 Run svc-map tests
We currently do not run these tests and they also fail.

Change-Id: I60c8cbd9495b52fb8b4c848549822a05f921664f
2015-03-29 04:11:41 +00:00
Mathieu Gagné
34a196b8e7 Download of translations not properly disabled in APT
The wrong APT config name is used to disable download of translations.
It's Acquire::Languages, not APT::Acquire::Languages.

Change-Id: Ie0c12d444bab19b4486845944ef51031e9133470
Closes-bug: #1436523
2015-03-25 15:23:45 -04:00
Monty Taylor
12165f7b25 Split dib-init-system into its own element
Other elements need this and don't necessarily need base.

Change-Id: I3a12611d7d891a1fb0476f4095be522210b60cba
2015-03-25 13:28:38 -04:00
Monty Taylor
05356cbc09 Handle non-cloud-init installs
Not all operating-system elements install cloud-init, but the base
element assumes its existence. Create the directory if it does not
exist.

Change-Id: I4bda8dc5d200825ea0c8163a4e5c44050a45083f
2015-03-25 13:28:12 -04:00
Pino Toscano
626ca9ad47 Run udevadm settle after kpartx -l
it may happen that if the system where disk-image-create runs is busy,
then the kpartx -l run may leave a stale autodelete loop device.

This is because kpartx -l first adds a new loop device, then does the
listing and removes the loop device. The latter may not end before the
end of the kpartx run, leaving a loop device marked as autodelete.
Such kind of loop device will automatically delete itself, so the
 rm -r $WORKING
after
 sudo umount -f $WORKING/mnt
in the EXIT trap will fail because $WORKING does not exist anymore.

To prevent this situation, just ask udev to finish its operations,
properly removing the (temporary) loop device.

Change-Id: I12246f3dbe6b5669e698767682a5a142f803823b
2015-03-23 10:38:21 +01:00
Jenkins
100959de8d Merge "Add no_timer_check to vm grub cmdline" 2015-03-20 13:05:03 +00:00
Jenkins
b30513f0a2 Merge "openSUSE update" 2015-03-20 09:34:15 +00:00
Jenkins
0a82b3ebcc Merge "Flagging ubuntu-minimal as untested" 2015-03-20 09:00:16 +00:00
Jenkins
e0e0159ef7 Merge "CentOS 6 Element" 2015-03-19 19:42:40 +00:00
Ben Nemec
c98a17222f Refactor deploy ramdisk to allow use of targetcli
RHEL 7 does not ship tgtadm or tgtd so they cannot be used in the
deploy ramdisk.  This change separates the tgt-specific parts of
the ramdisk into their own element, and adds a new one that supports
targetcli instead.

For now, the tgt implementation can only be used with traditional
busybox ramdisks and the targetcli one can only be used with dracut.
This is because dracut is primarily used for RHEL right now so it
makes sense to keep the dependencies simple.  If there is a future
desire to mix and match the implementations that could be done, but
it would require users to explicitly select between tgt and
targetcli.

Change-Id: I4f99c91016287e08d836095c2f2261de8b45abdc
Co-Authored-By: James Slagle <jslagle@redhat.com>
2015-03-18 11:42:00 -05:00
Ben Nemec
6377c723aa Allow elements to add drivers to dracut
It is reasonable that elements may need to include additional
kernel modules in a dracut ramdisk.  This is done with the
--add-drivers option to dracut, but previously the value passed
was hard-coded.

This change allows an element to put a file containing its desired
drivers in a dracut-drivers.d directory, and the list there will
be added to the list of drivers added.  This functions in
essentially the same way as the binary-deps.d directory that
already exists for including additional executables in a ramdisk.

Change-Id: Ie892b908d36c175a469f7cde7dd803ad4b1942b6
2015-03-18 11:40:20 -05:00
Dan Prince
ec0123554f Fedora: install redhat-rpm-config
This is required on Fedora 21 in order to build some
packages via source. Includes files like:

 /usr/lib/rpm/redhat/redhat-hardened-cc1

Specifically this fixed MySQL driver compilation issues on Fedora 21
for source builds.

Change-Id: I459f2203fa145049dda185da952813118193d573
2015-03-18 08:25:18 -04:00
Jenkins
a341ca84e7 Merge "redhat-common: Fix MariaDB-Galera-server case" 2015-03-18 02:32:34 +00:00
Jenkins
dd5a917571 Merge "Allow disabling apt-get clean" 2015-03-17 18:20:11 +00:00
Jenkins
a1c1470017 Merge "Convert leftover unconditional set -x to DIB_DEBUG_TRACE" 2015-03-17 16:58:34 +00:00
Jenkins
b2fc2cc358 Merge "Ironic: Deploy ramdisk to find the right root device" 2015-03-17 15:44:30 +00:00
Yanis Guenane
6b8421e0f9 redhat-common: Fix MariaDB-Galera-server case
Official MariaDB repositories offer the package : MariaDB-Galera-server.
This package has been now ported within Fedora (and also RDO), the
package is now called mariadb-galera-server. Yum install being case
sensitive hence this change.

Change-Id: Icd03877f17d01708b3916578991e42eef30a69e4
2015-03-17 10:56:01 +01:00
Jenkins
85a4d42879 Merge "Fix incorrect package name dmidecoded to dmidecode" 2015-03-16 16:28:04 +00:00
Spencer Krum
514181ce7f Flagging ubuntu-minimal as untested
Change-Id: I5f4973b9b81d97552d02ab3e64314bce827542f4
2015-03-14 12:52:21 -07:00
Jenkins
e94b90a2ab Merge "ironic-agent: exclude content of /tmp from initramfs" 2015-03-13 20:17:47 +00:00
Lucas Alvares Gomes
b95cbb14b1 Ironic: Deploy ramdisk to find the right root device
As part of the blueprint root-device-hints Ironic will pass some to the
deploy ramdisk some hints about which disk device it should pick to be
root device (the one where the image will be deployed on).

Before the deploy ramdisk would pick the first device it finds, but as the
machine could have more than one SATA, SCSI or IDE disk controllers the
order in which their corresponding device nodes are added is arbitrary
causing devices like /dev/sda and /dev/sdb switching around on each
boot time.

Plus, as people are adding support to build RAID arrays in Ironic we need
a way to tell it to use the just created device to be the root device.

The list of hints that could be passed to the deploy ramdisk so it finds
the right disk is:

* wwn (STRING): unique storage identifier
* serial (STRING): disk serial number
* model (STRING): device identifier
* vendor (STRING): device vendor
* size (INT): The size of the disk in GB

If not hints are passed, the deploy ramdisk will continue to do what it
did before to find the disk.

Change-Id: I8425f593e1a610af5a3697988702603ff218f2de
2015-03-13 14:09:40 +00:00
Jenkins
e70ffdd15e Merge "Ironic: uefi localboot support" 2015-03-13 02:00:30 +00:00
Jenkins
c680bab025 Merge "Fix check for installtype" 2015-03-13 01:55:59 +00:00
Ramakrishnan G
13c906059b Ironic: uefi localboot support
This commit adds support for uefi localboot in
deploy-ironic element. The change is to mount the efi
system partition (created by Ironic) in /boot/efi.

The corresponding Ironic change is
I00ac31da325676ea4ea1ac4185f5ac3a52c5809a

Implements: blueprint local-boot-support-with-partition-images
Change-Id: Idf7ac5987e14e1d31311834196ca7283deec15c6
2015-03-12 10:11:18 +00:00
Jenkins
f8872a48c1 Merge "Install Fedora kernel-modules pkg for iscsi_tcp" 2015-03-11 21:45:34 +00:00
Pino Toscano
6c1d8d28a3 Convert leftover unconditional set -x to DIB_DEBUG_TRACE
Commit 36b59c001c introduces
DIB_DEBUG_TRACE, to be checked in element scripts for enabling tracing.

In the aforementioned conversion, few scripts were left with
unconditional "set -x" calls: remove them, changing the default value
for unset DIB_DEBUG_TRACE from 0 to 1, to retain their older behaviour
(as it was done in 36b59c001c too).

Change-Id: I3d1a9290021bf63de7d4e7752e809852e784ac8b
2015-03-11 14:58:14 +01:00
Jenkins
f53bf5e77e Merge "UEFI secure boot support for iso element." 2015-03-11 06:34:57 +00:00
James Slagle
ba19541d47 Fix check for installtype
Previously, this code was not checking for the proper environment
variable for an element's installtype. There was a line replacing '-'
with '_' as is required, but that value was not actually used when
searching for the environment variable.

Change-Id: I0bbd56969188389db81844d9276269464870f776
2015-03-10 21:59:03 -04:00
YuikoTakada
07924b9761 Fix incorrect package name dmidecoded to dmidecode
When executing
"ramdisk-image-create -o discovery ubuntu ironic-discoverd-ramdisk",
below error occurs.

E: Unable to locate package dmidecoded

The reason why above command fails is incorrect package name.
(F) dmidecoded
(T) dmidecode

This patch set fix this bug.

Change-Id: I46d3dafce1eef1b017c4ac9121336aa68d749798
Closes-Bug: #1430599
2015-03-11 01:04:37 +00:00
Pino Toscano
92dab2c82a ironic-agent: exclude content of /tmp from initramfs
/tmp does not contain anything useful anyway, and excluding its content
makes the initramfs smaller too.

Change-Id: Ia72867e0cdebacf668ac1a1f551a965da0d69694
2015-03-10 19:03:04 +01:00
Jenkins
5617264aab Merge "Set DIB_RELEASE in ubuntu element" 2015-03-10 09:25:30 +00:00
Shivanand Tendulker
0bbe91af82 UEFI secure boot support for iso element.
This adds support to UEFI secure boot by copying signed shim and
grub bootloaders into ramdisk image.

Closes-Bug: 1419707
Change-Id: I1193cd3a9011855a6804966a31c7c0e28da90ada
2015-03-10 00:39:14 -07:00
Dan Prince
ea4b08cda0 Install Fedora kernel-modules pkg for iscsi_tcp
The newest stable Fedora splits out kernel modules into
a separate package. By default this is not installed in
the Fedora cloud image... and it contains some things we
need for Ironic (iscsi_tcp module) among other things that
might be very useful.

Change-Id: I3374ea278fecfeb6552e4664717ef3646d382c17
Closes-bug: #1429504
2015-03-07 21:45:33 -05:00
Gregory Haynes
d2f4c3b843 Allow disabling apt-get clean
Sometimes users want to maintain the apt cache in their images.

Change-Id: Id49a04896cf3eeaf1557f1d644e4d8ba64716392
2015-03-06 17:07:29 +00:00
Jenkins
c5cbc93693 Merge "Use package-installs on dpkg-based elements" 2015-03-05 01:14:07 +00:00
Jenkins
4074851682 Merge "Fix race in svc-map" 2015-03-05 00:11:19 +00:00
Gregory Haynes
8434e5afbf Set DIB_RELEASE in ubuntu element
The other distro elements set DIB_RELEASE which allows the other
elements to know what distro release is being built during the
extra-data or environment.d phases.

Change-Id: I00bf13410ded5b678ebc66ff191891ed3cc80f4f
2015-03-04 23:11:27 +00:00
Abel Lopez
8026dda8a0 CentOS 6 Element
This is the centos element, which builds CentOS 6.

There are a couple of modifications to redhat-common because
the version of tar in el6 doesn't support --xattrs-include.

There is a change to both pkg-map and svc-map to add 'centos'
to the 'redhat' family.

Also explicitly have to install cloud-utils growroot and
dracut growpart for proper fsresize at instance launch.

Also sets the DIB_EXTLINUX variable because there is no grub2
for this distro.

Change-Id: Iffd57bce1484c43c2cffcbdb37b602185216e63a
2015-03-03 23:09:45 -08:00
Jenkins
d3324cbb69 Merge "Fix unbound variables in apt-{preferences,sources}" 2015-03-04 02:49:34 +00:00
Jenkins
cec46c56a4 Merge "Standarise tracing for scripts" 2015-03-04 00:38:44 +00:00
Jan Grant
e88be20f1d Fix race in svc-map
The construction of the combined svc-map-services file uses the host's
/tmp directory to store a work-in-progress file. That file's left behind
after it's done with.

There's a potential race here; together with problems that may arise
if two users attempt to run devtest on the same system.

This patch fixes this by creating the temporary file specifically under
$TMP_MOUNT_PATH.

Change-Id: Iecbdc583e37bed542249c316919c3712c28c7440
2015-03-03 15:29:52 -08:00
Pino Toscano
4d716bcbc4 Use package-installs on dpkg-based elements
This allows them to install packages already specified in .yaml files
for them, which are not installed otherwise since the migration to .yaml
files.

Change-Id: Iac8c7eb55116938616e5299b84487cd52e0cbf6f
2015-03-03 09:24:14 +01:00
Jenkins
226eaa3e3f Merge "Dont fail if we have no old-style package-installs" 2015-02-28 18:05:27 +00:00
Abel Lopez
b4a1f1c190 openSUSE update
openSUSE appears to have redone their fs layout on the repo site
and also changed the naming scheme of their image file.

Change-Id: I75afe54b88ea531d3c1f3b7d85e5435cdacabed2
2015-02-26 15:19:25 -08:00
Jenkins
4037200552 Merge "Add wget to package-installs.yaml for epel" 2015-02-26 20:15:40 +00:00
Pino Toscano
7f410aaff2 package-installs: work with Python < 2.7
subprocess.check_output() has been introduced in Python 2.7, so the
script will fail when trying to install stuff in guests with Python 2.6
and older (like RHEL 6 / CentOS 6, for example).

Thus gracefully fallback to subprocess.Popen() when
subprocess.check_output() is not available.

Change-Id: I335148397932177810f095a942b993b249991107
Closes-Bug: #1415240
2015-02-25 17:46:08 +01:00
James Slagle
7550b6e5d3 Add wget to package-installs.yaml for epel
A recent commit (I29c73355a85112840b57f93b39a9eeda421875e6) updated the
epel element to rely on wget, but wget is not always installed. Since
wget is used in pre-install.d, we must install it in that phase.

Change-Id: Iad2a9c4f0081835a1aa78e6fd2f721f6afd44dc2
2015-02-24 16:54:47 -05:00
Martin André
2cd6f3fc3b Fix unbound variables in apt-{preferences,sources}
Also make the apt-sources element exit with a non-error status code
when the DIB_APT_SOURCES is not set.

This allows including the apt-preferences and apt-sources elements
even if DIB_DPKG_MANIFEST and DIB_APT_SOURCES are not exported.

Change-Id: I8507dd9c69d1371eab38f720dcfdd89aa5345e8b
2015-02-24 12:27:50 +00:00
Pino Toscano
6d5447afe8 pkg-map: respect --missing-ok also on missing pkg-map file
When there is no pkg-map file for the specified element, list the passed
packages if --missing-ok is specified.

This mirrors what is being done already later, when a pkg-map file
exists but it does not have the mapping for the requested package.

Change-Id: I50287f8e6a5e4335deb3de2252075b8bfdd53ce5
2015-02-23 19:08:09 +01:00
Jenkins
409f8ff131 Merge "Fix memory detection in ironic-discoverd-ramdisk" 2015-02-23 12:27:09 +00:00
Jerry Zhao
4e9525ddaa update epel version number in epel element
epel-release 7.2 has been superseded by 7.5, so update accordingly.
this time, detect the available epel-release package from the repo
instead of hardcoding version number which will break build each
time the version number gets bumped up.

Change-Id: I29c73355a85112840b57f93b39a9eeda421875e6
2015-02-20 18:26:22 -08:00
Gregory Haynes
533896812f Allow setting DIB_PIP_RETRIES
Pip now supports retries on failure. If setting multiple pypi mirrors a
fallback will not occure until the failures have finished for the first
mirror. This can cause a substantial delay if mirror fallback occurs a
lot.

Change-Id: Iad37a9015a2d5c861a345a111bd1725b965a42d3
2015-02-19 15:29:36 -08:00
Jenkins
2f4d5be6f3 Merge "Namespace PYPI_MIRROR_URL vars with DIB" 2015-02-19 18:39:14 +00:00
Ben Nemec
16f1de6115 Quote to handle empty DIB_RELEASE
We don't export DIB_RELEASE in the base distro scripts, so many
times it will be an unset variable in 51-bootloader from the vm
element.  Currently that script doesn't handle the situation
properly and we get errors like:

line 160: [: =: unary operator expected

This change quotes the references to DIB_RELEASE so that won't
happen anymore.

Change-Id: Ic8f91804334f8862c217f465be80e96d3116f5c8
2015-02-18 20:16:50 +00:00
Gregory Haynes
76ddfc439f Namespace PYPI_MIRROR_URL vars with DIB
We have a good pattern of namespacing env vars with DIB_. Add support
for DIB_PYPI_MIRROR_URL* and maintain backwards compat support.

Change-Id: I434c9d1b14cd571b20754c9ad7cd64c936f8399a
2015-02-18 19:12:26 +00:00
Dmitry Tantsur
2c15fd83ca Fix memory detection in ironic-discoverd-ramdisk
It was actually detecting total _possible_ size, not real one.

Change-Id: I9e96e0058d91734aa960d1b2f9663f8a9207f5d8
2015-02-16 11:41:30 +01:00
Jenkins
bbeafa80bf Merge "Fix type in DIB_DISTRIBUTION_MIRROR use" 2015-02-14 00:51:01 +00:00
Dmitry Tantsur
dca44b77a2 Simplify ironic-discoverd-ramdisk
As we started using jq it makes sento to use it everywhere when
building a resulting JSON.
Also removes some unneeded code.

Change-Id: Ib1391dc9f4e1463a9a3d0c13909ff60e3c993e82
2015-02-13 10:48:38 +01:00
Dmitry Tantsur
3a0cdeb310 Support assigning IPMI credentials in ironic-discoverd-ramdisk
When setting IPMI credentials is requested, ironic-discoverd
will return ipmi_setup_credentials=true, ipmi_username and ipmi_password
in response. Use ipmitool to set credentials in this case.

Change-Id: I8ace9e817e5ce9dbfb8564feec4a3ce6c0e1b233
2015-02-13 10:41:34 +01:00
Ian Wienand
36b59c001c Standarise tracing for scripts
There is a wide variety of tracing options through the various shell
scripts.  Some use "set -eux", others explicity set xtrace and others
do nothing.  There is a "-x" option to bin/disk-image-create but it
doesn't flow down to the many scripts it calls.

This adds a global integer variable set by disk-image-create
DIB_DEBUG_TRACE.  All scripts have a stanza added to detect this and
turn on tracing.  Any other tracing methods are rolled into this.  So
the standard header is

---
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
    set -x
fi
set -eu
set -o pipefail
---

Multiple -x options can be specified to dib-create-image, which
increases the value of DIB_DEBUG_TRACE.  If script authors feel their
script should only trace at higher levels, they should modify the
"-gt" value.  If they feel it should trace by default, they can modify
the default value also.

Changes to pachset 16 : scripts which currently trace themselves by
default have retained this behaviour with DIB_DEBUG_TRACE defaulting
to "1".  This was done by running [1] on patch set 15.  See the thread
beginning at [2]

dib-lint is also updated to look for the variable being matched.

[1] https://gist.github.com/ianw/71bbda9e6acc74ccd0fd
[2] http://lists.openstack.org/pipermail/openstack-dev/2014-November/051575.html

Change-Id: I6c5a962260741dcf6f89da9a33b96372a719b7b0
2015-02-12 10:41:32 +11:00
Lennart Regebro
a9b07487ef Fix the bootloader on UEFI machines
The fix for UEFI machines was only applied on Fedora, not RHEL or other distros.

Change-Id: I43b7a826b7049703b0ffd84ad44b93c912dc6b53
2015-02-11 15:38:53 +01:00
Jenkins
084d1dfc50 Merge "Use package-installs for ubuntu and base elements" 2015-02-11 11:12:35 +00:00
Gregory Haynes
c4bbb6f3bc Create docs site containing element READMEs
We currently do not have the ability to create a docs site which
outlines all the elements.

Change-Id: I77ccf61e0c4b1509b3e7ce9b8f15ea5ccfd50d9b
2015-02-10 11:45:35 -08:00
Monty Taylor
abcec5d024 Fix type in DIB_DISTRIBUTION_MIRROR use
It turns out, there is a 4th I in that varaible name.

Change-Id: I6a0aa011604fb5b46cf5352e6c69461a2494d5fd
2015-02-09 13:34:25 -05:00
Jenkins
1d33465e28 Merge "Enable vm element to create PowerPC image" 2015-02-09 18:27:54 +00:00
Dmitry Tantsur
4abf701484 Pass BOOTIF to ironic-discoverd from the ramdisk
Required for smarter decision on which ports to create in Ironic.

Change-Id: Ib9f3b49ffdf19f1199a34351037fe65415fed816
2015-02-09 14:51:11 +01:00
Jenkins
16b9bc7699 Merge "Ironic: Local boot" 2015-02-07 00:09:12 +00:00
Jenkins
5e0edc6ae3 Merge "Set http_proxy to retrieve the signed Release file" 2015-02-06 20:31:19 +00:00
Jenkins
41c0884967 Merge "Use sudo -E when squashing package installs files" 2015-02-06 20:30:59 +00:00
Jenkins
1a932b8ff9 Merge "Add minimal ubuntu and centos base elements" 2015-02-06 18:18:10 +00:00
Gregory Haynes
21799254a7 Use package-installs for ubuntu and base elements
Both ccache and linux-image-generic were being installed by
install-packages rather than using a package-installs.yaml.

Change-Id: Ib54c5b51d605278bb9d046a897be989c17c6fb0f
2015-02-06 10:13:08 -08:00
Jenkins
f5b2f6941a Merge "Add apt-get autoremove" 2015-02-06 16:24:14 +00:00
Gregory Haynes
74dca3734c Add apt-get autoremove
We end up with some unneeded packages by default, we should autoremove
them before were done.

Change-Id: Ib9e08e623d952ea3c04c764511dc860915d0abb2
2015-02-05 20:42:02 -08:00
Gregory Haynes
162f60edf0 Add install-static element
This element currently exists in tripleo-image-elements but it is plenty
useful without tripleo.

Change-Id: I2415f53191773fafece485bdd3c706a2625a0a47
2015-02-05 15:47:05 -08:00
yogananth subramanian
631cae1fee Enable vm element to create PowerPC image
Patch adds support to create PowerPC image with vm element.
It creates 2 partitions, one for PReP boot and other for root and
installs grub-ieee1275.

Change-Id: I4675ef2b82aa69b63e63a1cc7db01b0c0e6f9fff
Closes-Bug: 1418739
2015-02-06 03:39:36 +05:30
Ben Nemec
1ec93f43a8 Add no_timer_check to vm grub cmdline
no_timer_check prevents the kernel from probing for hardware timers,
which doesn't make sense in a virtual environment and can cause
hangs at boot [1] [2].

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1082030
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1102592

Change-Id: I1c42cc7fae7bba1dc6f4feb69f13760f4312e4d1
2015-02-05 11:53:48 -06:00
Gregory Haynes
fc1b5d8b6d Dont fail if we have no old-style package-installs
If there are no old-style package-installs and the package-installs
element is included we fail because we call install-packages with no
arguments.

Change-Id: I3c78b51d0a2673ecc581f9faded078974dbc27b7
2015-02-04 18:23:36 -08:00
Jenkins
807e89f063 Merge "setfiles consistently" 2015-02-04 22:56:15 +00:00
James Slagle
92b0125da1 Use sudo -E when squashing package installs files
Since the package-installs-squash script  relies on the defined
environment variables for figuring out what the values are for an
element's install type and the default install types, sudo -E must be
used to preserve the environment.

Change-Id: Ice5cf0bca65d8078f84daedbef123fc73d5a7b63
2015-02-04 13:25:48 -05:00
Jenkins
8e313b112f Merge "ramdisk-image-create: add support for vmlinux file" 2015-02-04 06:51:51 +00:00
Jenkins
d67e2de859 Merge "Add support for using local PowerPC VM image" 2015-02-04 06:40:06 +00:00
Jenkins
1b2017914c Merge "Use DIB_IMAGE_CACHE in dpkg element" 2015-02-03 20:56:27 +00:00
Abel Lopez
9009b18869 setfiles consistently
Working on host systems without selinux, where the guest image
does have selinux, creates a situation where the instance will
have about a 1 minute delay on first boot because it must relabel.
The previous check for sysfs assumes that the host system has
selinux, which is not needed for the guest setfiles to work.

Change-Id: Ic186a45991b6d80880ad635e9c80985612f53a05
Closes-bug: 1414200
2015-02-03 09:00:07 -08:00
Lucas Alvares Gomes
9880d16d47 Ironic: Local boot
This patch extends the deploy-ironic element to make it install a
bootloader on the disk in case the boot_option parameter passed in the
kernel command line is set to "local".

This parameter is set by Ironic as part of the
blueprint local-boot-support-with-partition-images

Change-Id: I5ebe6f364ae0ac408939399e5f28728b41c4766e
2015-02-03 14:36:25 +00:00
Jenkins
6665274553 Merge "Add installtype support to package-installs" 2015-02-03 03:45:44 +00:00
Gregory Haynes
3ff92589e1 Add installtype support to package-installs
Some packages should only be installed if a certain installtype is
specified.

Change-Id: Ia1a5af9ab4653e2646870ebd2d2db7e00a59305b
2015-01-28 20:11:51 -08:00
Dmitry Tantsur
04a542134f ironic-discoverd-ramdisk element cleanup
- Properly rename files
- Use new package-installs
- Properly check for discoverd_callback_url option
  (and return backward compatibility)

Change-Id: I2247047b9360945408e720329d5b134cfa384ae5
2015-01-27 10:59:37 +01:00
Jenkins
87b4bc7d51 Merge "Run Registration Once" 2015-01-24 19:02:13 +00:00
yogananth subramanian
15ccf776be Add support for using local PowerPC VM image
Patch adds support for PowerPC Big-endian and Little-endian local
fedora VM images and using VM images with two partitions,  PReP
boot and root partition. Since PowerPC requires PReP boot
partition to be present.

Change-Id: Iba03226e187609df898732c13b1aa5f895b156e3
Closes-Bug: 1413487
2015-01-23 05:11:08 +05:30
yogananth subramanian
57705694e7 ramdisk-image-create: add support for vmlinux file
ramdisk-image-create assumes the presence of vmlinuz file in OS image.
But ubuntu PPC LE images have only vmlinux file. This patch adds
support for using vmlinux file.

Change-Id: I5dd0b8ceb46b73be57d4c15b39b96f99b524fa3f
Closes-Bug: 1413362
2015-01-22 02:10:39 +05:30
Giulio Fidente
cde4cef215 Switch manage_etc_hosts from True to localhost
When set to true this cloud-init setting overwrites the /etc/hosts
file at reboot, breaking stuff in TripleO where controllers rely
on resolving each other by name. We still want cloud-init to add in
there a mapping for the local fqdn, so we switched to 'localhost' [1]

1. http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt#L470

Change-Id: I85468dece3b67f39841aa826f9b7ca4bf113027a
Closes-Bug: 1411594
2015-01-21 13:21:53 +01:00
Jenkins
302fdd57bb Merge "Add install section to Ironic agent systemd service file" 2015-01-21 08:58:23 +00:00
Jenkins
241b3155c0 Merge "Fallback to a boot_server kernel param if ip= not passed" 2015-01-21 08:56:55 +00:00
Jenkins
1162a3abe1 Merge "Fix Satellite Repo" 2015-01-20 17:55:59 +00:00
Jenkins
85c7a91666 Merge "Disable all interfaces on eni systems" 2015-01-20 00:40:22 +00:00
Cédric Ollivier
be95738739 Set http_proxy to retrieve the signed Release file
This commit adds http_proxy=$http_proxy to use apt-get update through a
http-proxy.

Change-Id: Iee589f6d11b84991512493d22f0e3dbfe60736ec
Closes-Bug: #1412314
2015-01-19 07:16:43 +01:00
Ryan Brady
c9af576e79 Run Registration Once
The rhel-common element has a script that uses subscription-manager
to register an instance of RHEL with the customer portal or Satellite.
If os-refresh-config runs this script more than once,
subscription-manager returns a non-zero value causing os-refresh-config
to fail.  Adding --force to the subscription-manager calls doesn't
properly unregister the image from Satellite and the result is multiple
content host registrations. This patch changes the registration to only
run once.

Change-Id: If372e7f59bbdc77e2b233024c1342f005004f2e5
2015-01-16 21:55:59 +00:00
Ryan Brady
297c734424 Fix Satellite Repo
Previous to the Sattelite 6 release, the katello-agent and it's
dependencies needed the rhel-7-server-rh-common-beta-rpms repo
enabled.  Since the the release of Satellite 6, the "beta" can
be safely dropped.  This fixes an error where registration to a
satellite instance fails due to a 404 for the beta repo.

Change-Id: Ia9879498c7db0c912bb58ea084d448b8b3915569
2015-01-16 16:52:11 -05:00
Clark Boylan
bab9595524 Use DIB_IMAGE_CACHE in dpkg element
The dpkg element was hardcoding ~/.cache/image-create as the cache path,
but elements should use DIB_IMAGE_CACHE as the root for the cache to
allow users to override the path. Replace the hardcoded path with one
that is rooted at $DIB_IMAGE_CACHE.

Change-Id: I76030654e7dfc7b7d4dfa87e082c14e7cee479b9
2015-01-13 14:22:10 -08:00
Jenkins
af4b290328 Merge "Fix for RHEL6" 2015-01-12 16:22:18 +00:00
Jenkins
bc4880fb91 Merge "Allow for disabling rhel registration" 2015-01-09 18:31:30 +00:00
Jenkins
2951b04cf7 Merge "Add rax-nova-agent element" 2015-01-09 18:28:07 +00:00
Jenkins
84463cf8da Merge "Add element for ubuntu-core" 2015-01-09 18:27:52 +00:00
Jenkins
89e9c01cd4 Merge "Deprecates username and password from boot time registration" 2015-01-09 15:17:57 +00:00
Jenkins
e304882e9d Merge "Fix repo enablement for RHEL during registration" 2015-01-09 15:17:43 +00:00
Jenkins
86edbd86fa Merge "dracut-ramdisk: fix support for elements with ramdisk-install.d" 2015-01-08 04:22:34 +00:00
Ryan Brady
d669d78528 Fix for RHEL6
The correct workflow for building RHEL6 images includes not using
the rhel-registration scripts in this element, but rather the 00-rhsm
script.  This patch updates the return value from 1 to 0 for the case
when the REG_METHOD is left unset.  This will allow the RHEL6 images
to build without needing to set REG_METHOD. This patch also improves
the note about RHEL6 image building.

This patch is the result of the discussion in the comments of [1].

[1] Iff7b9fc30d5a36231598a977a9edcd55229766c5

Change-Id: I2f35b8d7d8749d44d88f06e9e2c3116ff93b88fe
Closes-Bug: 1404364
2015-01-07 10:27:55 -05:00
James Slagle
697800987f Allow for disabling rhel registration
When using the rhel element, it can be uesful to disable registration.
For instance, if using an internal mirror repository that does not
require registration/authentication.

Change-Id: I42fa34e7f146137e5b1b9c5d7785702311e1dca1
2015-01-07 10:27:48 -05:00
Jenkins
c597e99f4e Merge "Ignore stderr from pkg-map" 2015-01-06 21:20:18 +00:00
Jenkins
ef0c043c85 Merge "Add Activation Key Support For Customer Portal" 2015-01-06 18:04:12 +00:00
Jenkins
76f5f199cb Merge "Don't trace RHEL registration scripts" 2015-01-02 18:37:22 +00:00
Jenkins
ebe166448f Merge "Allow absolute path to image with ironic-agent" 2014-12-23 23:08:50 +00:00
Erwan Velu
75b34baa98 dracut-ramdisk: fix support for elements with ramdisk-install.d
Copy all of TMP_MOUNT_PATH into the ramdisk so that
ramdisk-install.d actions are respected.

Includes a workaround for a bug in Dracut that caused the copy
to fail.

Also moves init instead of copying it so we don't conflict with
the Dracut init.

Change-Id: Ia8d7b210369fe7eb7ab239cbdb7f96841104a35d
Closes-Bug: 1403121
2014-12-18 11:46:49 +01:00
Ben Nemec
68394e134e Don't trace RHEL registration scripts
These scripts are littered with references to passwords and keys,
so rather than try to disable tracing in every one of those places
I propose we simply turn it off for the scripts.  This will likely
need to be revisited after the global tracing discussion is
resolved anyway.

Change-Id: I805015300bf01b2f8eec9f70ccfdf533dd9386b3
Related-Bug: 1298205
2014-12-17 16:39:27 -06:00
Abel Lopez
da7787069d Ignore stderr from pkg-map
The latest update to package-install captures both stderr and stdout
from pkg-map, unfortunately, pkg-map has a 'missing-ok' option
which causes it to print an error message on stderr.
The result is that package-install tries to look for packages named
"Missing", "package", "name", etc.

Change-Id: I86b3b71a64b29d533b42fd0cae020e8ecf22cac2
Closes-bug: 1402085
2014-12-17 10:08:08 -08:00
Clint Byrum
4dceacd5ed Allow absolute path to image with ironic-agent
The element was prepending the work directory forcibly, which will have
problems when the image name has an absolute path, which is allowed.

Change-Id: I0cb7b96e24daab8ee73611936af72074c70ac1aa
Closes-Bug: #1400405
2014-12-16 10:40:55 -08:00
Yuriy Zveryanskyy
26e2ec6faa Add install section to Ironic agent systemd service file
"Install" section is necessary for for "systemctl enable" command.

Change-Id: I590ac3a1b58a80e156967dd2787a1ba88e8a6fd5
2014-12-16 18:53:45 +02:00
Jenkins
9a53631e1c Merge "Fix rst rendering" 2014-12-16 13:51:59 +00:00
Monty Taylor
a281cca038 Add element for ubuntu-core
Ubuntu has recently release their "Snappy Ubuntu Core" which is a
minimal base-layer for running docker applications. Seems like the sort
of thing someone might want to use for tasks.

Change-Id: I6cb724451d1862121dee4ccf1f599ab8938f0b7f
2014-12-11 18:04:58 -08:00
Monty Taylor
cd3dfe7395 Add rax-nova-agent element
VMs on Rackspace Cloud need nova-agent installed to get networking
information set up properly. Add a nova-agent element so that dib can
be used to create images to use on Rackspace cloud.

Change-Id: I075a50e9a2d7ae7641905b66bbbc627ad708b5ea
2014-12-11 18:04:26 -08:00
Monty Taylor
af2862a2be Add minimal ubuntu and centos base elements
There are times when a much more stripped down base image is desired
over the distro cloud images. For instance, Infra would like some base
images that do not have cloud-init or really much of anything else. This
is easy to accomplish with debootstrap and rinse.

Change-Id: I44ff22457165afb048fdaea469210ae47d83dd3f
2014-12-11 13:27:36 -08:00
Monty Taylor
98d008c6af Rework package-installs to collapse on build host
Instead of doing the work in the image of parsing through the element's
package-install declarations, we can squash it on hostside, where we
have both YAML and JSON available to us, and then emit a single
pre-processed file into the target to be used later.

Change-Id: I3f182aa3aae0a79b2f3ea4e66c1878ad12878b0a
2014-12-11 00:05:32 -08:00
Adam Gandelman
441b30f89f Fallback to a boot_server kernel param if ip= not passed
Depending on bootloader and configuration, ramdisks may receive
a ip= kernel parameter that is used for manual network bring up
in the ramdisk.  This parameter contains the address of the boot
server.  In the absence of ip=, we want the ramdisk to DHCP and
proceed as normal.  However, in this case need to know the address
of the boot server.  This falls back to a 'boot_server' parameter
for this address if it is not provided via kernel cmdline.

Change-Id: Id1ed15ba125d91fa0a13d8e19d1385082ee5d9e9
Closes-bug: #1401289
Related-bug: #1401298
2014-12-10 15:36:15 -08:00
Jenkins
1273cd5532 Merge "Add some speedups to dpkg" 2014-12-10 19:45:34 +00:00
Monty Taylor
6be5c396d1 Add some speedups to dpkg
The docker build folks obsess about image size and speed a bit. Grab a
few of their optimizations from their debootstrap build process and
apply them to ours.

Change-Id: Ic3d3565423b0ae090896d99fd3bf1145eca6303d
2014-12-10 06:53:17 -08:00
Jenkins
5de977e575 Merge "Migrate to new package-installs" 2014-12-10 05:44:45 +00:00
Jenkins
b74bb649e2 Merge "Allow injecting arbitrary yum repo configuration" 2014-12-09 18:56:08 +00:00
Ryan Brady
2fb72d6ed9 Deprecates username and password from boot time registration
The username and password combination is considered insecure to store in
the metadata passed to the stack as they can easily be obtained and
possibly used in an unathorized manner by logging into one of the
registration systems. The use of an activation key is more desirable
as it can only be used in conjunction with subscription-manager to
register a RHEL system.

This patch deprecates the username and password support from the script
that registers RHEL with either Satellite or RH Customer Portal during
boot-time.  This patch also adds a warning if the username and password
combination is used in the stack metadata. The documentation and examples
have also been updated to warn operators of the deprecation of username
and password.

This patch does not affect the username and password support for
registration activities while building images with diskimage-builder.

Change-Id: I05b7a18e910d31ad2273042409f8657ad9dee36a
2014-12-09 10:56:55 -05:00
Ryan Brady
386a7a01d3 Fix repo enablement for RHEL during registration
Previously the REG_REPOS value was a space delimited list of repo
names, but the spaces were incompatible with passing through json.
If you pass a list in json through the heat parameter, the output
is the string representation of a python list of unicode vaules.
This patch changes the rhel-registration scripts to process the
REG_REPOS value as a comma delimited list which is more easily
passed through json.  Both scripts have been updated to remain
consistent.

Change-Id: I21b3fd115e53aa3b0fa4af9bbfb1f08b6fe163ab
2014-12-04 21:52:16 -05:00
James Slagle
70880780f0 Allow injecting arbitrary yum repo configuration
Allows specifying the path to a yum repo configuration file to be used
during the image build process. The repo configuration file is removed
at the end of the build. This is useful in that it allows using any
arbitrary repo configuration during an image build.

Change-Id: I7d5c67d74a0bb4722ffc60aacfd9fa7e80fb59d5
2014-12-04 15:08:57 -05:00
Abel Lopez
acccfaf181 Don't use lsb_release
Using lsb_release to figure out what distro and release an image is
is redundant, as the same information is available in DIB_ vars.
Further, it causes errors when creating new rhel7/centos7 images
like this: http://paste.openstack.org/show/144729/

Change-Id: I213ee581b8abfe119ffe3b783e6a3236e58e3e47
2014-12-04 11:07:24 -08:00
Abel Lopez
563d334105 Fix rst rendering
The file extention claims rst format, but it's plain text
as such, the online documentation doesn't render properly

Change-Id: I24accb45ab8c7803a25f2642ce1b2d479d5a6e9c
2014-12-03 12:30:28 -08:00
Ryan Brady
bf8b77a8ea Add Activation Key Support For Customer Portal
This patch adds support to register with the hosted customer portal
using activation keys.  If an activation key is present in either
the REG_ACTIVATION_KEY or rh_registration.activation_key, it will
use that value instead of username and password credentials when
registering with Satellite or the hosted Customer Portal.  This
patch also enforces that an org must be set in either the REG_ORG
or rh_registration.org to use the activation key.

Change-Id: If40dd78ba793d508afb1a5ab345470ee5929afb0
2014-12-03 12:46:58 -05:00
Jenkins
f1c90ae72a Merge "Add element for hardware discovery ramdisk for ironic-discoverd" 2014-12-02 16:18:30 +00:00
Gregory Haynes
2626606980 Migrate to new package-installs
We have a new package-installs file format. Migrating existing
package-installs files to the new format.

Change-Id: I57d4a007efee9624e60c41357cefa627d8c7373f
2014-12-01 21:32:13 -08:00
Gregory Haynes
e5b8656141 Add new package-installs system
We currently support package-installs definitions which has some
limitations and oddities. This new format requires only one definition
which does not reside in our run-parts directories and follows a
consistent naming scheme (package-installs.yaml).

Change-Id: Ie51a7c4fdc15634ae8e069728e5e07cc1dc36095
2014-12-01 21:29:47 -08:00
Jenkins
ef8121141a Merge "Remove the grub2 install from redhat-common" 2014-12-02 02:54:48 +00:00
Jenkins
2d7885a984 Merge "Remove use of sudo from yum pre and post elements" 2014-12-01 17:26:22 +00:00
Jenkins
c4ad904ee6 Merge "Unset requiretty if it exists in sudoers" 2014-11-28 19:13:42 +00:00
Monty Taylor
bec83686f4 Unset requiretty if it exists in sudoers
Fedora sets requiretty globally by default. This makes sense for
interactive machines with lots of password typing, but is pretty
attrocious for machines that might need users who remotely sudo to do
things. Just remove the setting.

Change-Id: Ic32bd92061a73f854683cc0d2d8919071dabe8cf
2014-11-28 11:35:00 -05:00
Monty Taylor
1b51e22f7d Remove the grub2 install from redhat-common
We immediately remove this, but the -grub2 causes a later attempt to
remove it again which fails. Don't install it in the first place.

Change-Id: I31d64abc9596707bdb8a0505d0dcbf7b82e1b82d
2014-11-28 11:01:40 -05:00
Monty Taylor
9cd5068854 Remove use of sudo from yum pre and post elements
sudo is not needed, since in-chroot elements are run in the context
of the root user. Furthermore, sudo in pre-install is problematic as
sudo may not have been installed yet (imagine a debootstrap build)

Change-Id: Ib5c7e176a90fe3b8fa9c3cd702d3d815df54f472
2014-11-28 11:01:40 -05:00
Dmitry Tantsur
13c6b6bdf1 Add element for hardware discovery ramdisk for ironic-discoverd
ironic-discoverd [1] is a StackForge project for conducting hardware properties
discovery via booting a special discovery ramdisk and interrogating hardware
from within it. It aims to be one of the official means of hardware properties
discovery for Ironic in Kilo release [2].

The ramdisk collects hardware information from the machine
it's booted on and posts it to the URL provided via
kernel argument 'discoverd_callback_url'.

[1] https://pypi.python.org/pypi/ironic-discoverd
[2] https://review.openstack.org/#/c/135605/

Co-Authored-By: Lucas Alvares Gomes <lucasagomes@gmail.com>
Change-Id: Ic81fe8b3bd0884971bb522b48658c7ee538a31f2
2014-11-27 10:51:44 +01:00
Jenkins
83c97e8129 Merge "Allow multiple identical sources" 2014-11-27 03:41:54 +00:00
Jenkins
37ec06cd0b Merge "Warning when using pypi element without a mirror" 2014-11-26 05:27:50 +00:00
Jenkins
ccf95e7857 Merge "Update RHEL Registration" 2014-11-25 22:17:52 +00:00
Ghe Rivero
91977e7c8f Warning when using pypi element without a mirror
Using only a local filesystem mirror could lead opaque errors.
Print a warning message in this situations.

Change-Id: I5f77151ea928868f4c441e8a1bb2eb0966b21832
Closes-Bug: #1297948
2014-11-25 11:41:11 +01:00
Jenkins
47b58526e7 Merge "Make some pkg-map errors soft" 2014-11-25 02:57:09 +00:00
Jenkins
3b0130ed79 Merge "Check python with flake8 instead of dib-lint" 2014-11-25 02:56:57 +00:00
Jenkins
019196ef7f Merge "Add deprecation warning when using map-services" 2014-11-22 14:48:33 +00:00
Gregory Haynes
b10cfa841a Make some pkg-map errors soft
An app using pkg-map (like package-installs) might want to distinguish
between a hard error (invalid pkg-map file) and a soft error (no
mapping found). Currently this is not possible because we only return
with error values of 1.

Also printing error messages to stderror so we can still make use of
stdout data during a soft error.

Change-Id: I8bef56d3a74e8530afb8c58ac50ca3e9f7700639
2014-11-21 12:49:49 -08:00
Gregory Haynes
fd0708286c Check python with flake8 instead of dib-lint
We check python files with dib-lint rather than flake8 which have
conflicting opinions. This means weve been (forcibly) writing non pep8
python.

Also fixing pep8 issues so tests pass.

Change-Id: Idc9db40334f6e15738a7802c06697270df68741c
2014-11-21 09:04:52 -08:00
Jenkins
d8b156dedf Merge "Add DIB_DEBOOTSTRAP_EXTRA_ARGS environment variable" 2014-11-21 13:32:06 +00:00
Jenkins
d506c42ec4 Merge "Deprecate map-packages, replaced by pkg-map" 2014-11-20 01:41:45 +00:00
Ryan Brady
81b4c00fdc Update RHEL Registration
This patch updates the 00-rhel-registration script to not
not fail a stack when metadata isn't found.

Change-Id: Ie305fed79e4baadf1a03c4a3d06a23cf36e92f77
2014-11-19 18:05:24 -05:00
Jenkins
04e8ce0ece Merge "Enable RHEL Registration" 2014-11-19 22:34:37 +00:00
Jenkins
a80ff47dec Merge "Simplify Dracut cmdline script" 2014-11-19 20:26:10 +00:00
Ryan Brady
4178c0c69d Deprecate map-packages, replaced by pkg-map
This patch writes a warning out to stderr to notify element authors
that may be using map-packages to migrate to pkg-map.  This patch
also prints out a warning during image-create that lists the specific
elements that are not using pkg-map.

Change-Id: I7e2a7611dd5650815736ce998aa94a7833193d06
2014-11-19 12:04:12 -05:00
Jon-Paul Sullivan
8dd97597ea Allow multiple identical sources
The source-repositories element puts source in place in the generated image
for later installation.  It is possible for two elements to define the same
source to later install, and as long as the remote location and reference to be
installed is identical, we should not error.

Change-Id: Ic7dfb1961486c59d2005b5c1e7587267ea42e999
2014-11-19 12:03:16 +00:00
Tim Potter
018b1d4147 Add DIB_DEBOOTSTRAP_EXTRA_ARGS environment variable
This allows extra arguments to be passed to the debootstrap
command when creating an image using the debian element.

Change-Id: I87eb856365ff6a17f051e2e56587235648328d57
Co-Authored-By: Ghe Rivero <ghe.rivero@gmail.com>
2014-11-19 11:22:16 +00:00
Jenkins
8986283d41 Merge "Remove duplicate binary-deps from dracut-ramdisk" 2014-11-19 09:59:37 +00:00
Ghe Rivero
830de28e96 deploy-kexec depends on deploy
It was depending only on deploy-baremetal. Changing it to 'deploy' could
be used with both baremetal and ironic deployments

Change-Id: Ia2600080b488f7d259a9baf111767e82b6cc933d
2014-11-18 15:29:53 +01:00
Ben Nemec
8ee66ec8ec Remove duplicate binary-deps from dracut-ramdisk
These are already listed in the respective deploy-* elements, and
if we include them here then they get added to every ramdisk built
with dracut.  That causes issues for elements that don't need
something like tgtd because it won't be installed and the
binary deps script will fail.

Change-Id: Ibdcf7d200d4f7136396b63404cd966f7557043e0
2014-11-14 12:43:49 -06:00
Yuriy Zveryanskyy
676b1b738d Add element for building ramdisk with ironic-python-agent
This element creates kernel and ramdisk files based on Fedora,
example:
disk-image-create -a i386 -o test fedora ironic-agent disable-selinux

Change-Id: Ifa133d1680b81cb87d32a405aa7d7b40fe91f835
2014-11-13 19:30:44 +02:00
Jenkins
ce67ce87ea Merge "Support installing packages by default" 2014-11-13 10:27:56 +00:00
Ben Nemec
f528aa316e Simplify Dracut cmdline script
We don't actually need a real value for the root kernel param, and
requiring one causes problems for things like the discovery ramdisk
that don't pass in a disk= parameter.  Dracut seems to be happy to
take /dev/zero as the value, so we can just always use that.

Change-Id: Ia724f0214c26aa18c6f8f41f2c48d7f25b52ee6c
2014-11-12 11:18:53 -06:00
Ryan Brady
1aecb41b7e Add deprecation warning when using map-services
This patch writes a warning out to stderr to notify element authors
that may be using map-services to migrate to svc-map.

Change-Id: Ic80db16c607958d025e89b3a4058a9cbb568938e
2014-11-12 17:03:49 +00:00
Derek Higgins
c26a9ee4b1 Install lsb_release from package
The URL we were using to download lsb_release from no longer works,
install from package so this is not affected by disappearing URL's
in future.

This was originally installed from a URL because the package dependencies
caused a 87M increase in the size of the base image. For fedora the
increase is now 27M which is a little more tolerable.

Change-Id: I6e56a4a81786b33c5c6b92df2bd8236cd3f19670
2014-11-10 11:28:49 +00:00
Ryan Brady
ac8514c089 Enable RHEL Registration
This patch documents the 00-rhsm script as <= RHEL6 as it doesn't
work with the latest release of Satellite.  The Red Hat Network
(RHN) method of registration is being phased out in favor of Red
Hat Customer Portal and Satellite 6.  The subscription-manager
command line tool is the preferred method of registration.

The registration of RHEL is required to enable repositories for
software installation during image creation time.

This element provides functionality for registering RHEL images
during the image build process with diskimage-builder's
disk-image-create script.  The RHEL image will register itself
with either the hosted Red Hat Customer Portal or Satellite to
enable software installation from official repositories. After
the end of the image creation process, the image will unregister
itself so an entitlement will not be decremented from the account.

Boot-time registration is supported through metadata.  Please see
the configuration in the README for more information.

Change-Id: Ia9ef377cc4ed9595633888bfb248a1224e04b542
2014-10-31 12:36:43 -04:00
Jenkins
cafad0a148 Merge "Update Debian repo to retrieve signed Release file" 2014-10-31 01:27:19 +00:00
Jenkins
d72435a86b Merge "Optimize speed of deletion in find command" 2014-10-30 12:53:28 +00:00
Jenkins
50085793cc Merge "Unset trap before dracut ramdisk build script exits" 2014-10-30 11:43:09 +00:00
Jenkins
1e5ec9adb3 Merge "Use binary-deps.d for dracut ramdisks" 2014-10-30 06:25:30 +00:00
Dan Prince
022cb2c1c2 Support installing packages by default
Adds new disk-image-create --install-type option which
can be used to enable alternate install types. The
default install type is 'source'.

The motivation is to eliminate elements like
enable-package-installs which require coupling and also
don't work with elements in multiple element repositories.

This patch does not prevent you from using the previous
DIB_INSTALLTYPE_ variables to customize the install type,
rather it just changes the default so you don't have to
set it so often when using things like packages.

Change-Id: Icee98440fc2251728f2dca30e7c4789a0fd89b93
2014-10-28 15:05:53 -04:00
AzherKhan
bb38d0e325 Optimize speed of deletion in find command
I would like to recommend to use + instead of \; in the find
command. As this will ensure the removal of all selected
directories in a single invocation.

Hence improve the speed of deletion.

Change-Id: I409fe11aae217afb6f790491591005c679264ed4
2014-10-27 21:04:09 -07:00
Jenkins
dbe2846264 Merge "package-installs assumes packages have a pkg-map" 2014-10-28 00:15:19 +00:00
Gregory Haynes
c27e32f769 package-installs assumes packages have a pkg-map
Our package-installs script fails when installing a package which does
not have a pkg-map but a pkg-map file exist for the element.

Change-Id: I3dab802e23bccfc916efcc1c70c6ce6c4a9ccf67
2014-10-27 09:42:58 -07:00
Jenkins
3c8cf6a724 Merge "Move busybox binary-dep to ramdisk element" 2014-10-27 08:30:48 +00:00
Jenkins
34c273d8df Merge "Make diskimage-builder work in Docker." 2014-10-24 20:13:45 +00:00