The last patch to do this only handled the case of SHA256SUM being
stale, but the image is more likely to be stale in the default
configuration as the hash file is downloaded over HTTPS.
Change-Id: I6531fa684e560cad48c3696394d48a600680c875
Closes-Bug: #1336067
Some users on corp networks are finding that cloud images appear in
their proxies before SHA256SUMS files.
We now try to force any to upstream proxies to update their copy and
retry the checksum, rather than immediately failing.
We also now add proper argument parsing to cache-url, and associated
help functionality, since we have now grown our first argument.
Change-Id: I44d44b62db8d1df990606fdf087ec1b837f491f6
Closes-Bug: #1336067
The DIB_CLOUD_IMAGES variable in ubuntu's root.d is already used
everywhere with a /, so we can safely drop it from the default
value.
Change-Id: I39dbd3f4004052fcccb4131dc838759f4c82312a
While an end user would never use both redhat-common and ubuntu
elements at the same time we should always use unique names
for things per DIB conventions.
Change-Id: I2cabc583a1fd41d4fe7fbf8cf93127d49e26aff4
Now that issues associated with this bump have been addressed
elsewhere, reinstate trusty as the default DIB_RELEASE for
the ubuntu element. Also adds a note about memory requirements
to the ramdisk element.
Change-Id: Ia89c83ba0ee4ad3bd89b833ba0db08135eac63ed
Default to only having cloud-init query Ec2 on first boot for Ubuntu,
until cloud-init has been SRU'd to fix the CloudSigma data source issue
that causes Trusty boots to hang.
Change-Id: Icb3734d5ae78f4a0a6c0fae1af4a2ce3c809308c
Partial-bug: #1316475
Updates the various operating system elements so that we
set the DISTRO_NAME variable for each distro.
This env var is used by bin/pkg-map to set the default
distribution name for package name mappings.
Change-Id: Ib4b05eb7191dd50d25799a0bac51fd15c01b74cb
A few scripts were added without set -o pipefail since the original
change to add that everywhere. This will get the dib-lint check
passing again.
Change-Id: I96bef45cc10ff9bbcf2c4f1b796b8cd188e10485
When the cache tarball gets fail the output doesn't indicate
what url is failing. Adding '-x' displays the urls attempted.
Change-Id: I71b2dbfd712e72c591410ca9b68edc76d493ad6e
As with the previous similar changes, this is intended to catch
problems as they happen instead of ignoring them and continuing on
to potentially fail later. Setting this on all existing scripts
will allow us to enforce use via Jenkins.
Change-Id: Iad2d490c86dceab148ea9ab08f457c49a5d5352e
DIB's map-services is currently used in TIE's os-svc-config
binaries to support service name lookups. Many of the systemd
specific functions require bin/map-services to exist.
This change adds bin/map-services files that are noops
to both the debian and ubuntu elements so that as those
distros move towards using systemd they can make use
of the functions we already have in place.
Change-Id: If8d61f3858b11de86c3292e840d033e5e3cecedb
Using set -e in all of our scripts will prevent some subtle bugs
from slipping in, and will allow us to enforce use of set -e with
tooling.
This change also adds -u and set -o pipefail in the less complex
scripts where it is unlikely to cause problems. A follow-up change
will enable those options in the complex scripts so that if it
breaks something it can be reverted easily.
Change-Id: I0ad358ccb98da7277a0ee2e9ce8fda98438675eb
Trusty ramdisks do not boot, failing to exec init. This reverts
the default DIB_RELEASE back to Saucy until Trusty ramdisks have
been properly tested.
Change-Id: I5ac81822b78805275268cecc021a74a62c22ef58
Use "operating-system" to denote that an element provides that to the
image being created. This can then be used to specify an abstract
dependency in other elements to assist in build-time image verification.
Change-Id: Ic125803da65e0f8f8c20ef90b08815f4f7d09762
The current method to rewrite the mirror URL in the ubuntu element will
only rewrite archive.ubuntu.com, which leaves the security URL alone.
This is probably not intended for people who are creating images behind
firewalls.
Change-Id: I54a867e0e9d5a7c94324a5c00ff1a83b4e6e4524
Add a script to ubuntu's pre-install.d that will change
archive.ubuntu.com to a mirror specified in $DIB_DISTRIBUTION_MIRROR.
Change-Id: Idfd5a40ec8a1912a5de5dcdcaf9795946b0b53b8
In tests, saucy has been able to match raring for the ability to bring
up clouds, so we can roll forwards and switch the default to saucy.
Change-Id: I4df35d40f902c0daa7b2761d7afea8db25526753
The Ubuntu build for ARM breaks when the pre-install step attempts to remove
grub components. This change gates those package removals based on whether
they are currently installed.
Change-Id: Ie169dbf12213e69b3713b3b1f9a68ae224f9fd31
Since we are using bash syntax in some of the element fragments,
we should make sure we use bash for all of them, so that things don't
break on systems where /bin/sh != /bin/bash.
Change-Id: If2f043c57aa4e1492b7f9839213ef6123f683612
The command `sudo rmdir $TARGET_ROOT/lost+found` will fail
if `$TARGET_ROOT/lost+found` directory doesn't exist,
e.g. when you use non-default image.
Fixes bug #1245856
Change-Id: I48c8f2f201b29912a726249023ca7d20893cc958
When extracting the base image without --numeric-owner, user and group
names in the tarball are mapped to uid/gid by the host. This can cause
problems when building an image for some other distro than you're
running yourself. For example, building an Ubuntu image on openSUSE
ends up with /var/cache/man in the image owned by 'proxy' (uid 13)
instead of 'man' (uid 6), because the host (openSUSE) uses uid 13 for
the 'man' user. This particular man/proxy discrepancy results in
"fopen: Permission denied" errors when apt-get does its "Processing
triggers for man-db" thing in the Ubuntu system. I wouldn't be
surprised if there were other kinks caused by this uid/gid mapping
discrepancy too, but that's the one I found so far.
The same thing can also happen with Fedora, but seems to be less likely,
or at least less obvious to me when building Fedora images on openSUSE.
But, IMO, it's better to be safe and just use --numeric-owner on all
base image untarring outside the chroot.
Change-Id: I9da5ac66dd182e7278fe4fee932093f61d35673a
DIB_IMAGE_CACHE will be a user override for the location where images
are cached. Default location is ~/.cache/image-create
Change-Id: I3e9b9f970864d555c9ec9436344b53f6d3d66dfa
This package recently caused us some very large headaches when it
was updated for a security issue. It is completely unnecessary and
should be removed.
Note that we have recommended that it be removed from the cloud images
in launchpad bug #1227425.
fixes bug #1227420
Change-Id: Ic0d4efa7b44c46271d19576f5191c9421d07c015
The dynamic kernel module system is not available on RHEL, CentOS,
Scientific Linux, or SUSE. Make it part of the distro post-install
rather then base post-install.
Change-Id: Ic2c345bf9f0738dadae611194e263d3a5d424a3e
Ubuntu 13.04 has been released now for 3 months. The updated libvirt,
openvswitch and kernel are all beneficial to various OpenStack components,
and many other software is updated beyond the versions in Ubuntu 12.10.
Change-Id: I358aed8bf906c3ff5103f19b1f9e6ac689b5d5ee
When --offline is set elements should not revalidate cached data. The
ubuntu element had not been updated to match this. SHA checking is
also skipped as we only move a new cached file into place when the
hash matches, and we might download a new hash before updating the
image cache, which would cause persistent --offline failures.
Change-Id: If1a0366b51951a73b7a3ffe23a29a3d910b08938
The fedora element downloads images too, so we should re-use the caching
code from the ubuntu element.
There doesn't seem to be other examples of code shared between root.d
scripts. In the fedora and dpkg elements we copy install-packages into
the chroot, but that model doesn't apply when we're running scripts
outside of the chroot. Seems sane to just run it directly from the bin/
dir in the temporary hooks directory.
Change-Id: Iaa6aca660042fea323cab4271633a4bdbbc271b8
If a cached copy of the file doesn't exist, cache_url() passes a
non-existent path to -z/--time-cond and you see this warning:
Warning: Illegal date format for -z, --timecond (and not a file name).
Warning: Disabling time condition. See curl_getdate(3) for valid date syntax.
It works just fine, but the warning is ugly.
Change-Id: Ic6f13a2c596b988308d7fca9cd1745e5d48ae5fb
Bug 1124593 reported that ssh host keys were not being created, and the
lack of seed metadata files was the cause. Add those files and remove
the workaround.
Change-Id: I6fb55be7f8c7efd1f75aeba9123f495e312ff695
Setting up a routine to run at first time the system boot may vary from
distribution to distribution. This patch will remove the logic from the
diskimage-builder code and put it into the elements.
The base element will now deploy a dib-first-boot script and each OS
element will ensure that this script runs at rc.local time. By doing
that we will put the OS specific stuff in the OS elements and remove
the embedded code out of the img-function file.
Change-Id: I24c5d1b1185de5693f145347fe912245f1ba7dfe
This also switches to using curl which some people may not have
installed. However, curl is far superior for this type of download.
Change-Id: I7ac5a84b30eb8daad320c082f976931c41a24669
Qemu-nbd does not perform well with older versions of qemu due to
the lack of writeback caching mode. It also only builds qcow2 images
and there is a desire for raw image support. Finally, qemu-nbd makes
it very difficult to build images concurrently due to the somewhat
opaque nature of how it selects a /dev/nbd# device. losetup, on
the other hand, makes this process very straight forward.
Change-Id: I309fad8af4fd1e8d1720c17b65e1897a76d5e897
Co-Author: Clint Byrum <clint@fewbar.com>
This switches $CLOUD_IMAGES and $RELEASE to the DIB_ namespace so
they will survive future changes to the sanitisation of the build
environment.
Change-Id: I7dc2aa82fb9ef452705b080cc404f41046014f20
cloud-init is expected to generate unique hostkeys on first
boot, but sometimes it doesn't.
This change ensures that hostkeys are always generated.
This change should be removed if the cloud-init problem is solved.
Change-Id: I7d7e05fbd12727992cf1aebec547ae0488e002ff
Relies on https://cloud-images.ubuntu.com being served by a cert signed
by one of the CA's trusted by the build host.
Change-Id: I690b755acca54789110c2c8fa723c8b87b2485c9