Commit Graph

804 Commits

Author SHA1 Message Date
Zuul
9dd161471a Merge "Ensure nouveau is blacklisted in initramfs too" 2019-11-22 06:57:39 +00:00
Zuul
f268c72ed9 Merge "Adds support for GPG keyring" 2019-11-22 06:57:38 +00:00
Zuul
05a6f898fd Merge "Only wait for checksum processes" 2019-11-22 06:57:37 +00:00
Zuul
6143d40def Merge "Introduce manual setting of DIB_INIT_SYSTEM" 2019-11-22 06:43:25 +00:00
Ian Wienand
bee30b43d2 Only wait for checksum processes
When running under nodepool in a foreground, non-daemonized situation
without a tty (i.e. within a container) we're seeing this "wait" hang
indefinitely.

It is probably related to "outfilter.py" and output file descriptors,
although TBH we haven't completely root-caused it.  I won't claim this
is a great solution, but it should hopefully let the dib process
finish and just die, where outfilter will disappear.

Change-Id: If78da54df3d4c240fee16aee4413ec554b37c1d6
2019-11-21 14:04:09 +11:00
Andreas Florath
3636b40f74 Introduce manual setting of DIB_INIT_SYSTEM
The current implementation evauates the dib-init-system
script too early.  Also it looks that there is no simple
way of getting the info about the init system automatically:
another element can install (later on) a different
init system.  Therefore the only reliable way of setting
this is manual.

Change-Id: I6e9ffa1bdb3154f488f4fd335b197699b86aacd4
Signed-off-by: Andreas Florath <andreas@florath.net>
2019-11-21 12:38:15 +11:00
Michael Johnson
824042d608 Add output for mis-configured element scripts
I commonly get asked for help when people are attempting to create
local image elements and they cannot get them to work.
diskimage-builder silently ignores element scripts that it doesn't
find to it's liking, such as non-executable or files with extensions
(.sh is a common mistake).
This patch extends the '-x' tracing flag down to dib-run-parts and
will cause it to print out helpful messages when these files would
otherwise be silently ignored.

Examples:
Ignoring non-executable files: 10-do-not-run-me
Ignoring non-conforming filenames: 10-I-can-run.sh

I am not enabling these by default as they can create extra noise
and require additional filesystem IO to produce.

Change-Id: Ic804efca3015c199440b4b10da951d71a815c64f
2019-11-20 15:05:30 -08:00
David Hill
f7ee1cd733 Add grub-efi-x86_64 pkg-map
Add grub-efi-x86_64 pkg-map

Change-Id: I64fab237c3fcd5e4fe1e74eb17ddd2a9aa8110f5
Closes-bug: #1852762
2019-11-16 21:15:28 -05:00
Harald Jensås
f94508d537 Add IPv6 support in dhcp-all-interfaces
When the rdisc6 utility is available probe for router
advertisement. configure eni and rhel-netscripts interfaces
to do IPv6 address configuration according to the flags
in the RA recived from the router.

The systemd service file timeout is DIB_DHCP_TIMEOUT * 2,
so that DHCPv4 can timout, and dhcpv6 run before the service
times out.

Retries are commented in dhclient.conf, without it we end up
trying DIB_DHCP_TIMEOUT * 60 before the client move on to
IPv6.

WHEN:
  Stateful address conf.    :          No
  Stateful other conf.      :          No
THEN:
  Do not run dhclient at all, autoconfiguration via
  SLAAC only.

WHEN:
  Stateful address conf.    :          No
  Stateful other conf.      :          Yes
THEN:
  Run "dhclient -6 -S", The ``-S`` option makes the
  dhcp client not request an address, only other
  options such as DNS servers and NTP servers from
  DHCPv6 server.

WHEN:
  Stateful address conf.    :          Yes
  Stateful other conf.      :          Yes
THEN:
  The dhcp client should request an address _and_ other
  options such as DNS servers and NTP servers from
  DHCPv6 server.

NOTE: No IPv6 support added for suse-netscripts

Closes-Bug: 1754219
Change-Id: Icdc79875c33f894ab7eaec8afdfb33a731efff99
2019-11-13 09:31:01 +01:00
Felipe Alencastro
48ff601098 Adds support for GPG keyring
Currently DIB_ADD_APT_KEYS only supports GPG armor keys, while
default Debuntu apt gpg keys are in keyring format.

Change-Id: I361c375e25b03a08b19052b10c6733939c8df921
2019-11-07 17:32:05 -03:00
Ian Wienand
b52b560fb0 Revert "Drop vhdutil dependency, use qemu-img"
This reverts commit a3e9e7f89e.

We still have some issues with vhd creation on RAX

In short, it appears that images fail to resize unless they have a
specific "creator" field.  Revert this while we consider the options.

[1] https://bugs.launchpad.net/nova/+bug/862653

Change-Id: I2b6a3bfbfe28432fbb6a2ce4a0211939d224b8d5
2019-10-30 09:28:58 +11:00
nishagbkar
9e149ce8bb Deprecates the existing "ironic-agent" element in DIB
The "ironic-agent" is copied to ironic-python-agent-builder and
hence it is deprecated from DIB.

Remove from functional testing

Change-Id: Ibc4f75b9d7e2a31994fc86d05bd57975f00fb74f
Task: 36198
Story: 2005114
2019-10-29 10:00:47 +11:00
Zuul
392ebeec68 Merge "pip-and-virtualenv: include python3-venv for Debuntu" 2019-10-28 00:01:51 +00:00
Zuul
24e204eb5c Merge "Drop vhdutil dependency, use qemu-img" 2019-10-25 06:51:59 +00:00
Ian Wienand
f2e0b01336 pip-and-virtualenv: include python3-venv for Debuntu
This package is not installed by default on Debuntu, but is on RH
platforms.  This is causing a build breakage as DIB_PYTHON_VIRTUALENV
tries to use this (I3414fb9e503f94ff744b560eff9ec0f4afdbb50e).

Add the package.

Change-Id: I9a551c57dd128bbb4b095c847f634c777b2cb553
2019-10-25 16:26:33 +11:00
Zuul
220c342e76 Merge "Add security suite name override in debian-minimal" 2019-10-25 05:16:38 +00:00
Zuul
c97cb559d3 Merge "Ensure machine-id is not included in images" 2019-10-25 04:28:28 +00:00
Zuul
fccb6ce32b Merge "Fix syntax error in selinux-fixfiles-restore" 2019-10-24 22:30:27 +00:00
Oliver Walsh
ceaf79d191 Ensure nouveau is blacklisted in initramfs too
To ensure dracut does not load nouveau we need to explicitly disable it via
omit_drivers.
This change adds a method to drop in arbitary dracut conf files to an element
which are picked up by dracut-regenerate and included in the chroot where we
run dracut.

The disable-nouveau element just adds a conf file with
`omit_drivers += " nouveau"`
The default dracut conf files in /usr/lib include a similar file to omit the
nvidia kernel modules.

Change-Id: I6375e4843fd08d1410141fbbd8658042dcd5ad05
Closes-bug: 1842664
2019-10-23 10:16:00 +11:00
Zuul
5bc5f8aff3 Merge "bootloader: make serial console configurable" 2019-10-22 03:19:18 +00:00
Oliver Walsh
ef794db4d1 Fix syntax error in selinux-fixfiles-restore
Seeing this at the end of the tripleo overcloud full build:
99-selinux-fixfiles-restore: line 69: [: too many arguments

Change-Id: I8fb10f3d3d38723b41190ae1898757e6df073945
2019-10-18 12:30:21 +01:00
Ian Wienand
a3e9e7f89e Drop vhdutil dependency, use qemu-img
The vhdutil utility is completely dead; the whole subsystem it relies
on was removed with [1] so it's not even vaguely possible to keep it
up-to-date.

I took the .raw images on a nb and used the qemu-img there (so Xenial)
and generated some VPC images; uploaded them to rackspace and the all
seemed to boot fine.  If there was a problem, maybe it's been fixed on
either the qemu or RAX side in the previous few years.

Thus swith to qemu-img to generate the vhd images too.

[1] https://xenbits.xen.org/gitweb/?p=xen.git;a=commit;h=5c883cf036cf5ab8b1b79390549e2475f7a568dd

Change-Id: I3099d2ebb958370fcec623087a093b2c8dbdc6c4
2019-10-16 16:23:25 +11:00
Jeremy Stanley
3919563e58 Add security suite name override in debian-minimal
Add option to set the suite subpath after the release name for the
security mirror URL independently in the debian-minimal element,
since this can differ between mirrors.

Change-Id: I4cc8f54fba012986423e30e19bff276208b8ad62
2019-10-15 21:20:02 +00:00
Zuul
1e08be004b Merge "centos7; use numeric DIB_RELEASE" 2019-10-14 21:31:49 +00:00
Ian Wienand
9f688f53da centos7; use numeric DIB_RELEASE
With the introduction of centos 8 we have constructs like

 if [[ $DISTRO =~ (centos|fedora) && $DIB_RELEASE -ge 8 ]]

This is intended to match the "centos7" element (from the =~) but it
was missed that this is setting the DIB_RELEASE to "GenericCloud".

I think it makes more sense for this to be a numeric release, and
makes constructs like above work.  There really isn't any other type
of image to choose here; thus we move it into a new, centos7
specific variable.

Note that when the centos 8 images are available, we want to move to a
generic "centos" element that will handle both 7 and 8 together (same
as rhel) based on DIB_RELEASE and deprecate centos7; this works with
that environment too.

Change-Id: I2e6b7848070d6452c0563e2a122447627c6e6bf7
2019-10-14 14:34:36 +11:00
Clark Boylan
d1e49214ce Remove RA solicit delay
It turns out that this breaks ipv6 config with NM. Instead what we want
is for glean to not up interfaces on boot (see the depends-on).

Change-Id: I6c5bc76c433e29f02d3266ab8f669015125ec954
Depends-On: https://review.opendev.org/#/c/688031
2019-10-11 15:29:32 -07:00
Ian Wienand
5b5385cf84 CentOS 8 minimal testing and support
This adds CentOS 8 into functional and boot tests.

This completes centos-minimal support, documentation is updated and a
release note is added.

Change-Id: I435c2967b4f49faeb6d6edf189907b9f96e80357
2019-10-08 00:17:14 +02:00
Ian Wienand
85a4ec2b2d Add NetworkManager and dhcp-client for CentOS 8
As described inline, NetworkManager and dhcp-client make up the basic
networking for centos 8 installs; bring them into the base image.

Although in infra we then use simple-init, some other users find this
helpful.

Change-Id: Ib9f32e73bf9109cc1b659fe1deceb1a15301ffeb
2019-10-07 10:47:09 +00:00
Ian Wienand
314b11b6dd Fix networking for CentOS 8
By default network-scripts package isn't installed, so the directories
for these files don't exist either.  Skip by default for Centos 8.

Change-Id: I194ec3735e17f27e586386541dc51f775b01e510
2019-10-07 10:47:09 +00:00
Ian Wienand
643415f366 simple-init: Use wrappers to call pip for glean install
Use the wrapper calls from Ia267a60eecfa8f4071dd477d86daebe07e9a7e38
to install glean.

Using this wrapper means we cover all cases without more and more
branches; it should work for python2, python3 and also the special
case of RHEL/CentOS where dib-python points to the special
/usr/libexec/platform-python (which is python3.6 with inbuilt pip)

Change-Id: If624e8bb66ce0761fc0d5f34c2bed8b93a7daeee
2019-10-07 10:47:09 +00:00
Ian Wienand
cbe1a0fc6b simple-init: default to NetworkManager for CentOS and Fedora
NetworkManager with simple-init has proven to be stable in OpenStack
infra, switch to it by default for CentOS and Fedora.  For CentOS 8
and Fedora, add a check to make it the only option.  Thus only CenOS 7
remains optionally using the legacy scripts; this is likely not used
anywhere (infra is really the primary user, where NetworkManager is
already used); we can likely remove this variable (and hence path) in
a future cleanup.

In the setup, remove rhel7 element which was never really tested.
Reorganise the fallthrough to call out the default paths as doing
nothing.

Change-Id: Ic996956da4b85f7d95179b8df9881d5f52c091af
2019-10-07 10:46:57 +00:00
Zuul
027092d407 Merge "pip-and-virtualenv : deprecate source for CentOS 8, new variables" 2019-10-05 05:53:36 +00:00
Zuul
dd1fa4f8c2 Merge "yum-minimal: Don't install yum, install libcurl" 2019-10-05 02:59:20 +00:00
Zuul
132bfb086e Merge "Use $YUM instead of direct calls in more places" 2019-10-05 02:59:19 +00:00
Zuul
a33c643e43 Merge "Add environment switch for centos8 to use dnf" 2019-10-05 00:18:16 +00:00
Zuul
cec04b2d55 Merge "Update redhat-common pkg-map for centos 8" 2019-10-04 10:16:39 +00:00
Zuul
71f4e370f4 Merge "Add security mirror override for debian-minimal" 2019-10-04 08:46:22 +00:00
Andrei Nistor
0e5e358063 bootloader: make serial console configurable
Currently, the serial console is hardcoded to ttyS0 in the bootloader
element.  This is a challenge for users that want to build images for
some baremetal servers. Supermicro servers, for example, use ttyS1 for
the serial over lan interface.

This patch adds a new environment variable DIB_BOOTLOADER_SERIAL_CONSOLE
that can be set to override the default.

Change-Id: Ie8173be8690ac0b7164ce9e5b66d3c1c18f844d6
2019-10-03 21:49:53 +00:00
Jeremy Stanley
9b201b58b9 Add security mirror override for debian-minimal
Add option to set the security mirror URL independently in the
debian-minimal element, since this can not be overriden by the
standard DIB_DISTRIBUTION_MIRROR variable.

Change-Id: I145844a410d06a479e68db1bf6d5d0159389305c
2019-10-03 13:49:47 +10:00
Ian Wienand
18215274d8 pip-and-virtualenv : deprecate source for CentOS 8, new variables
As described inline, deprecate the "source" install for CentOS 8.
Overwriting the packaged tools has long been a pain-point in our
images, and the best outcome is just not to play the game [1].

However, the landscape remains complicated.  For example, RHEL/CentOS
8 introduces the separate "platform-python" binary, which seems like
the right tool to install platform tools like "glean" (simple-init)
with.  However, platform-python doesn't have virtualenv (only the
inbuilt venv).

So that every element doesn't have to hard-code in workarounds for
these various layouts, create two new variables DIB_PYTHON_PIP and
DIB_PYTHON_VIRTUALENV to just "do the right thing".  If you need is
"install a pip package" or "create a virtualenv" this should work on
all the platforms we support.  If you know more specifically what you
want (e.g. must be a python3 virtualenv) then nothing stops elements
calling that directly (e.g. python3 -m virtualenv create); these are
just helper wrappers for base elements that need to be broadly
compatible.

[1] http://lists.openstack.org/pipermail/openstack-infra/2019-September/006483.html

Change-Id: Ia267a60eecfa8f4071dd477d86daebe07e9a7e38
2019-10-03 00:22:18 +00:00
Ian Wienand
5f3b7cd7b7 yum-minimal: Don't install yum, install libcurl
Don't install the "yum" package, which is a backwards compat around
dnf.  With 687003f we should not need the backwards compat links any
more.

Add libcurl to avoid conficts with in the curl "-minimal" packages
that happens on CentOS 8.  But skip it on Fedora, because it seems to
create more problems there (not going to pretend it isn't all a
hack ... but it seems to work).

Change-Id: I1de2703eb5075a0a22837b6898bd8eb960d080dd
2019-10-03 00:22:18 +00:00
Ian Wienand
b57714af75 Use $YUM instead of direct calls in more places
A few places we either assume centos uses "yum" directly, or have
switching based on the distro type.

In both cases, we can use ${YUM} directly to avoid ambiguity

Change-Id: I71095a9bd1862f8956b5982fbbb3e1d213926c14
2019-10-03 00:22:18 +00:00
Ian Wienand
ddb2811255 Add environment switch for centos8 to use dnf
Set YUM to dnf for Centos 8; this matches similar done in
fedora-minimal.

Change-Id: I2b2c41a73e468fe9045ee5b7b812da66f20d8584
2019-10-03 00:22:18 +00:00
Ian Wienand
84cf2e1b82 Update redhat-common pkg-map for centos 8
The libselinux packages etc don't exist for Python 2 on Centos 8 [1].
Ensure the package map installs the python3 versions.

We could probably invert the logic now, and make it so Centos 7 is the
"special" version that overrides things to install python2.  Left
alone for now to avoid changing too much at once.

[1] https://bugs.centos.org/view.php?id=16458

Change-Id: I944cf4f2902c28728aa5bb9e2a00b3eef122d52e
2019-10-03 00:22:18 +00:00
Ian Wienand
1176a45525 Update locales for Centos 8
CentOS 8 has the "new" split-up locales packages.  Fedora 24 is now
long gone, so take out the old branch and apply the lang package
install to Centos 8 as well.

The manual locale cleanup is not necessary on Centos 8; skip it.

Change-Id: Ib65fc15fe471348793fd6efb034517f11abd905e
2019-10-03 00:22:18 +00:00
Ian Wienand
0e230642c5 dib-python : handle centos 8
Match on centos 8 and use the inbuilt system python like on RHEL

Change-Id: I81d94481422b4982777160f736dcf463e2fc45d0
2019-10-03 00:22:18 +00:00
Ian Wienand
3bc89edd32 yum-minimal : update mirrors for Centos 8
The repo format has slightly changed for CentOS 8 (s/os/baseos/).

Make the chroot builder look for a more specific repos.d directory
first named for the distro variable, then fall back to to top-level
dir (this avoids having to constantly change fedora).

Update the gate mirror setup and roles for new Centos 8 paths too.

Change-Id: I5b7f0c3624cac1d7aa7ed8bf6286b85d808b9c9a
2019-10-03 00:22:05 +00:00
Ian Wienand
456b6cf394 Remove "failovermethod=priority" for Fedora (dnf)
This is no longer a valid option for dnf, and it puts out a lot of
warnings constantly about the invalid entry [1].  Remove it.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1653831

Change-Id: Iba0585cab3e5e78e9324196f276b2341e7bb9e3c
2019-10-01 06:01:15 +00:00
Ian Wienand
a77a214339 Install Python 3 libselinux packages for Fedora
Install the Python 3 libselinux packages for Fedora platforms.  I
think this is the right choice; Fedora is a Python-3 only distro so we
shouldn't default to installing the python2 libraries.

This has a practical effect if you're using Ansible with
ansible_python_interpreter=/usr/bin/python3 as it needs these
packages.

There is some small chance of breakage if you're using Ansible still
with Python 2, I guess.  In infra I notice we bring this in with
"zuul-worker" project-config element.  On balance, I think that if you
need the Python 2 packages for some reason, it should be a special
install and not part of redhat-common.

Change-Id: Ibcec0b3660d01b861838c2ae87ca43d98953ce32
2019-09-20 17:33:38 +10:00
Logan V
c7e907794c Ensure machine-id is not included in images
Two bugs are addressed.

1) The sysprep element was broken in that it only truncates
   /etc/machine-id, but not /var/lib/dbus/machine-id. systemd will
   not generate a new machine-id if /var/lib/dbus/machine-id is
   present[1], it will simply copy it to /etc/machine-id.

   We observed machine-ids being packaged in /var/lib/dbus/machine-id
   on several distros: Ubuntu Bionic, Fedora 29, Debian Stretch.

   CentOS 7 and Ubuntu Xenial do not contain packaged machine-id as
   far as I can tell.

   All test builds were performed using -minimal elements.

2) A second bug existed where debian-minimal did not run the sysprep
   element at all, so a stretch image I tested contained a populated
   /etc/machine-id AND a populated /var/lib/dbus/machine-id.

[1] https://www.freedesktop.org/software/systemd/man/machine-id.html#Initialization

Change-Id: Ibb28b6e90d966a845de38a2cd5a1e8babd2604bc
2019-09-20 03:17:50 +00:00
Bob Fournier
8cab82bf9d Use x86 architeture specific grub2 packages for RHEL
Similar to https://review.opendev.org/#/c/663693/, the x64 packages
should be used for x86 architectures.

Change-Id: I5e8a4d58e96d65eb60fc539b8a1d56853b12faac
Closes-Bug: 1843820
2019-09-12 15:06:17 -04:00
Zuul
b94588c862 Merge "Do not delete cracklib from /usr/share" 2019-09-06 10:25:33 +00:00
Zuul
48edd472e7 Merge "Allow configurable gzip binary name" 2019-09-06 09:47:06 +00:00
Zuul
11a5a86758 Merge "Uninstall linux-firmware and linux-firmware-whence" 2019-09-06 08:43:47 +00:00
Carlos Goncalves
f909000e5a Uninstall linux-firmware and linux-firmware-whence
linux-firmware and linux-firmware-whence (meta package for mostly iwl
firmwares) packages account for approx. 289 M install size on a F30
system, and linux-firmware for approx. 176 M on CentOS 7. Users needing
these firmwares are eventually baremetal users and are not looking for a
very minimal operating system base install like virtual image users are.
Thus, a non-minimal OS element is better suited for them. Alternatively,
it could be later considered a dedicated firmware element.

This is inline with I8ce65e1d357d15e8ed8995ad1dcaea02bbd1986f.

Change-Id: If104fc3c1e9349b8d501a2351fff1ab4c0dbc6a4
2019-09-06 15:32:51 +10:00
Dirk Mueller
d40c87876a Rename openSUSE 15.1 testing to 15
This is consistent with the previous simplication of
build targets in the opendev environment to refer to
"opensuse15" being the alias of "latest stable openSUSE Leap 15.x".

Change-Id: I904a3ca0d6dbddd2bb1a673836ab6a0ad249526d
2019-08-30 22:44:40 +02:00
Logan V
d9e85efd7c Allow configurable gzip binary name
Add a new environment variable $DIB_GZIP_BIN allowing builders to
specify a different gzip (such as pigz) to be used when compressing
tgz images.

Change-Id: Ifb617568140a149e2fda241e07ff8a59429e6697
2019-08-30 17:46:20 +02:00
Logan V
b98d482d5f Do not delete cracklib from /usr/share
We have an application breaking because /usr/share/cracklib is being
deleted from the image. The application installs its dependencies,
including cracklib, but since yum shows that cracklib is already
installed, it does not reinstall it.

Change-Id: Id6fccf76c706dbc6c2124abcfd12c1f10cef5e09
2019-08-30 15:11:26 +02:00
Zuul
9ef7f73b6a Merge "Allow extra repositories to be added to images" 2019-08-30 07:02:46 +00:00
Zuul
3e0d61ac9a Merge "Fedora 30 functional and boot tests" 2019-08-30 06:27:36 +00:00
Zuul
f4698b5864 Merge "rpm-distro: ensure we selinux relabel underlying directories" 2019-08-30 04:31:00 +00:00
Zuul
064f93acd8 Merge "yum-minimal: install fedora-release-cloud" 2019-08-30 04:24:00 +00:00
Ian Wienand
a5a6482ac1 Fedora 30 functional and boot tests
Update testing for Fedora 30

Change-Id: If60eb0b87e45efc0e71db2ddcd814223539f07b7
2019-08-28 11:21:46 +10:00
Zuul
76b09c845c Merge "zypper-minimal: Don't get confused by etc/resolv.conf symlink" 2019-08-21 20:43:08 +00:00
Dirk Mueller
6c23b97f4a zypper-minimal: Don't get confused by etc/resolv.conf symlink
Newer openSUSE distributions install an absolute link to /run/netconfig
as /etc/resolv.conf in $TARGET_ROOT. as that points outside
TARGET_ROOT, we unintentionally wipe the system resolv.conf here
and break our ability to finish building the image.

Change-Id: I9d5aaa9fad2f81dcabfe19e2f1e6b6e50af597d7
2019-08-21 19:57:25 +02:00
Zuul
3b2b87dde1 Merge "block-device-efi : expand disk size calculation" 2019-08-21 02:30:32 +00:00
Zuul
8690579efc Merge "dracut-regenerate: catch failures and exit code" 2019-08-21 01:48:10 +00:00
Zuul
3de4b71b9e Merge "update gentoo systemd profile to 17.1 from 17.0" 2019-08-20 21:21:24 +00:00
Ian Wienand
aee4fc0d35 simple-init: add configurable RA timeout with network-manager
This is a follow-on to I475a253091cbaf63687b91c748c31a6753bb0f57 as we
are still seeing issues on some clouds with unconfigured networking.

We increase the timeout, but also make it configurable so we can
fiddle it without a dib release in the gate.

To follow-on from the experimentation done by clarkb, I can confirm by
emperical testing on a Centos 7 image (from today, today being this
change's date) that setting

 net.ipv6.conf.all.autoconf=0

by itself is "fatal" and the interfaces do not come up; i.e. nm does
not by default seem to re-enable ipv6 for the interface.  However,
explicitly adding:

 IPV6INIT=yes
 IPV6_AUTOCONF=yes

to the interface file *does* seem to make it work, even if
"all.autoconf=0" is set (then again, there's also bugs about the
effect of this [1]).  However, no extant distribution (I can currently
find) does anything like this by default.

If this continues, this may be an option.  Another might be to avoid
the use of the nm-settings-ifcfg-rh profiles and move directly to nm
ini files with glean.

[1] https://bugzilla.kernel.org/show_bug.cgi?id=11655

Change-Id: I869ebffc8cde3bbff573f6583fd9dd02a5598590
2019-08-20 17:07:17 +10:00
Matthew Thode
9755c4f9a2
update gentoo systemd profile to 17.1 from 17.0
Upstream is now publishing 17.1 profile systemd stages

Also updates the docs that were forgotten in the last patch

Change-Id: I0f2e7976845b1d3c55ffe8869eec0bc04a191252
2019-08-19 15:13:09 -05:00
Ian Wienand
f23318d579 rpm-distro: ensure we selinux relabel underlying directories
As described inline, we need to ensure the underlying directories in
the image are correctly labeled, or we get all manner of services
failing during boot with selinux in enforcing mode.  Although the
problem is generic, this first shows up in Fedora 30 as systemd has
become more strict about namespace failures (I think) [1].

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1663040#c22

Change-Id: I52c1cc719884879169b606b00651aa26f5b783f1
2019-08-16 15:44:55 +10:00
Carlos Goncalves
9eb175e440 Allow extra repositories to be added to images
This patch adds option DIB_YUM_MINIMAL_EXTRA_REPOS to yum-minimal to
allow DIB users to include extra repositories to their final image.

Change-Id: I89549f4b0f4c9470143b5064817acab5043e31c5
2019-08-15 16:20:21 +02:00
Ian Wienand
efa3f3675a yum-minimal: install fedora-release-cloud
Something (possibly [1], but that change is at best cryptic) has
changed such that we don't get correct /etc/os-release files
installed.  This flows on to grub half-installing itself, enough to
not fail the build but not enough to make something bootable.

Installing the -cloud release package gets it back, and seems like a
sane choice for dib.

[1] 617b1bed34

Change-Id: Iff0413887fad798273b2bfcb140cc07f36d54a04
2019-08-15 15:56:13 +10:00
Ian Wienand
5492843aa8 block-device-efi : expand disk size calculation
As noted in the change, 7fd52ba841
increased the size of the EFI partition considerably.  This has meant
that our padding upwards of the disk size is insufficient and EFI
builds (arm64 in particular) is failing due to out-of-disk errors
during final image operations like installing kernels.

Similar to the discussion we had in
I65fa13a088eecdfe61636678578577ea2cfb3c0c, this feels a bit ugly
because we're mixing logic here with sizes specified in block-device
config files.  But it boils down to the same problem; we are
calculating the disk size here and passing it to the block-layer, so
unless we want to make large changes to the status quo about where
these sizes are calculated, small adjustments here are the most KISS
solution.

Thus we check if we have selected the EFI bootloader element, and thus
assume there will be a large system EFI partition and expand the disk
size accordingly.

Change-Id: Ifa05366c2f2b95259f3312e4dde8c85347075ba1
2019-08-14 15:49:38 +10:00
Ian Wienand
c596fb7dbd Don't show all elements found
This debug statement lists every element found and its dependencies on
every build; it's just noise unless you're debugging the element
dependency solver itself.  Remove from output.

Change-Id: I9281b953d958a3fd5e20edbc560a341a2fcc3deb
2019-08-14 13:07:16 +10:00
Zuul
0c6a4dbd92 Merge "Fixes packages for arm64 bootloader" 2019-08-13 09:21:37 +00:00
Zuul
24e620ae6d Merge "Fix the pypi element for multiple mirror URLs" 2019-08-13 07:04:20 +00:00
Zuul
1af5e6010d Merge "Create /etc/machine-id for RHEL images" 2019-08-13 07:00:31 +00:00
Ian Wienand
bac8b4246e dracut-regenerate: catch failures and exit code
This seems to miss the exit code of the dracut process, which actualy
caused some issues in I8511669e188717494daf2bc1384a6dd346f942a4 where
it would have been much clearer to stop after the initramfs generation
failed.

Add some debug messages, and catch any errors from the final call.

Change-Id: I6f89441ec4709f5199535e15a7cc53a3a8af273d
2019-08-13 15:51:05 +10:00
Zuul
4131942356 Merge "Fixes DIB_DISTRIBUTION_MIRROR_UBUNTU_IGNORE matching when empty" 2019-08-12 13:22:44 +00:00
liyingjun
bf0d7ede55 Fixes packages for arm64 bootloader
Should install "grub2-efi-aa64 grub2-efi-aa64-modules" instead of
"grub2-efi grub2-efi-modules" for arm64

Change-Id: Iee3191b0944b3b862890d166a9d36bd592fe8f7e
Closes-bug: #1839816
2019-08-12 17:18:36 +08:00
Manuel Torrinha
a38ac762f1 Fixes DIB_DISTRIBUTION_MIRROR_UBUNTU_IGNORE matching when empty
- DIB_DISTRIBUTION_MIRROR_UBUNTU_IGNORE matches when it is empty or not
 set and DIB_DISTRIBUTION_MIRROR is being used. Checking for it being 
 set and not empty solves this.
 - Normalizing bash conditionals for readability

Closes-Bug: #1808359
Change-Id: I87853fcda4c8b29a3f1720a2778debeb3acc3a53
Signed-off-by: Manuel Torrinha <manuel.torrinha@tecnico.ulisboa.pt>
2019-08-09 10:26:48 +00:00
Michael Johnson
bac0fa3eb2 Fix the pypi element for multiple mirror URLs
The 'pypi' mirror element is generating invalid pip.conf files
when more than one "DIB_PYPI_MIRROR_URL" is specified.
This patch fixes the pip.conf file rendering to use a proper form
when there are multiple "extra_index_url" provided.

Closes-Bug: #1839558
Change-Id: Ibda0e7390955683560e09b486f636775643ff57c
2019-08-08 22:52:43 +00:00
Andreas Jaeger
9a145cf0d0 Stop regex warning
python 3.6 warns about regexes like:
DeprecationWarning: invalid escape sequence \+

I noticed that debugging a trove job and it really led me in the wrong
way. Fix this with making it a raw string.

Change-Id: I58ee1a49d62316c6c3f0588832c97f659f7e460b
2019-08-08 15:31:52 +02:00
Ian Wienand
1f2a874e8e Create /etc/machine-id for RHEL images
Per the inline comment, a machine-id is required for kernels to
install correctly (this may well be a bug, but the linked issue
remained inconclusive).

Add a call to make the machine-id before install packages.

Change-Id: If75d04376e62bfdfe14ee3ca4d0bd5c8b383c1b0
Redhat-Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1737355
2019-08-07 18:18:34 +10:00
Zuul
37909a0e81 Merge "Cleanup: remove useless statement" 2019-08-05 02:46:12 +00:00
Zuul
a0c6d16e1c Merge "journal-to-console: element to send systemd journal to console" 2019-08-05 02:00:15 +00:00
Zuul
f59ffcd9f3 Merge "fix comments / spelling errors in gentoo element" 2019-07-30 07:22:26 +00:00
Zuul
3d995645e6 Merge "update version of open-iscsi that is installed on musl" 2019-07-30 02:37:18 +00:00
Matthew Thode
559d2bcf3b
fix comments / spelling errors in gentoo element
Change-Id: I41d906a99470599da3cfac7aaa0350232ce79316
2019-07-29 08:54:16 -05:00
Matthew Thode
f1d7e902e3
support alternate portage directories
The 17.1 profile changed the defaults used in portage for where we store
our repo, distfiles and binpkgs.  Some portage related variables need to
be set deterministically.  17.1 is no enabled for Systemd's profile.

Change-Id: Ib55f6875c5cb461c3c530b51d7420ce3dc8da360
2019-07-26 19:30:01 -05:00
Ian Wienand
a5bd03ec6b journal-to-console: element to send systemd journal to console
This element configures systemd to send its journal to the console,
which can then be retreived by server commands.  In the case of
nodepool, if the image failed to boot the console will be dumped into
the logs when nodepool decides the node is not responding.  Having
this can be very helpful diagnosing early boot errors.

Needed-By: https://review.opendev.org/#/c/669787/
Change-Id: I6b6df7023acb6b2f967b84840bc4b542ebc03727
2019-07-25 11:24:49 +10:00
Matthew Thode
ed95b4eba1
update version of open-iscsi that is installed on musl
Newer versions of open-iscsi seem to compile on Gentoo / musl.  Use them
if we can.  This also removes the cap on open-iscsi.

Change-Id: I596cb61494e459a419bce6a63deff89f9e78fe23
2019-07-22 14:30:32 -05:00
Zuul
f35d29c356 Merge "ironic-agent: Use targetcli & python3-devel on rhel8" 2019-07-15 00:31:01 +00:00
Zuul
fc1709b0fb Merge "set default sources conf for buster as it now has a release" 2019-07-15 00:31:00 +00:00
Zuul
c7eb556098 Merge "disable autounmask for emerge" 2019-07-15 00:25:57 +00:00
Clark Boylan
abb6aed459 Only enable dbus-daemon on fedora-29
Previously we were trying to enable dbus-daemon service on all prior to
fedora 30. Unfortunately 28 and older don't have this service so this
broke those releases and only worked for 29. Fix this by only enabling
this service on fedora 29.

Change-Id: I1bd15dcf0bbe270afccb0c0c3ea6ad08862a53f1
2019-07-12 10:21:49 -07:00
Zuul
709c9e70c9 Merge "Set router solicitation delay with using NM" 2019-07-10 19:14:00 +00:00
Clark Boylan
5b5b78bf59 Set router solicitation delay with using NM
The linux kernel and NetworkManager fight each other over control for
interface management when router advertisements are in use. Long story
short if the linux kernel configures a network interface for ipv6
before NetworkManager attempts to manage that interface then NM will
ignore the interface and not configure ipv4 on it.

This can happen because the kernel is configured to send router
advertisements solicitations which result in router advertisements which
the kernel uses to configure the interface(s). There is a default of a 1
second delay before sending the solicitation which in many cases is long
enough that NM has started before then. However, in slower environments
like those used for testing with qemu this isn't long enough.

Some testing by hand indicates that 15 seconds is about right so
increase the delay to 15 seconds via sysctl.conf.

Note this may increase boot times in ipv6 only environments (though it
is hard to be sure due to how systemd starts everything at once and does
socket activation and the like).

Change-Id: I475a253091cbaf63687b91c748c31a6753bb0f57
2019-07-10 08:33:17 -07:00
Chandan Kumar (raukadah)
08caa8034d [RHEL-8] Set _clear_old_files=0 in install-pip element
When virtualenv and setuptools gots installed from source and rpm
then their installation path lives at different places but when
the python script got called then that time it choses either of
rpm or source based path on system wide installation and leads to
different failure as their methods are not implemeted.

So by setting _clear_old_files to 0 will install
python3-virtualenv python3-pip python3-setuptools from rpms only
and avoid these failures.

Change-Id: I0c162f1fe8168513e352546ab8dd2b68fa65b88c
Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com>
2019-07-08 19:50:25 +05:30