Commit Graph

1136 Commits

Author SHA1 Message Date
Zuul
83bbac0c2b Merge "centos: work around 9-stream BLS issues" 2022-01-11 09:38:35 +00:00
Dr. Jens Harbott
9d60202d1c Remove extra if/then/else construct in pip element
This was introduced in [0] but we can include it in the existing elif
series instead.

[0] I2b75afd310f009ae8614f6ca75bb984b56d25c45

Change-Id: Ibe05f367be997efbd8c5ebec77503ebd9cda1c8b
2021-12-29 16:43:00 +01:00
Ian Wienand
53d04d27c6 centos: work around 9-stream BLS issues
Per the bug mentioned upstream, grub2-mkconfig will currently not set
the kernel options for BLS entries prefixed with a machine-id
different to the running system.

This affects the centos element, as the upstream .qcow2 comes with a
pre-existing BLS entry but a blank machine-id.  This only affects
9-stream -- prior releases either don't use BLS or have entries
configured to use a common variable from grubenv which is updated
correctly.

We currently can not end-to-end test this in OpenDev because we run
our functional tests on Ubuntu Focal (they use devstack), whose kernel
can not read the XFS format on the 9-stream .qcow2.  This expands the
functional tests (that run on Debian Buster, with a later kernel) to
add the vm element, so the bootloader path is exercised (this requires
a block-device too).  This at least runs the bootloader install, we
can confirm the kernel options look right from the dumping provided
the logs.

Change-Id: I327f5e7a95e47905c01138c8c4483f3f03e8efff
2021-12-22 21:07:23 +11:00
Riccardo Pittau
f576658a4f Avoid unbound variable error when installing pip
The pip_args variable is not initialized when installing pip for
bullseye resulting in an unbound variable error when running
install_python3_pip on that debian version.
This patch fixes the issue moving pip_args inizialization to a common
place.

Change-Id: I1603c97871449b4f73e3062a705d655e9454bf33
2021-12-20 16:06:44 +01:00
Matthew Thode
902b7454c3
enable cloud-init by default on systemd
Change-Id: Ie908f7c5b9ea2c1b97daf149ef70f4c68ddf73a0
Signed-off-by: Matthew Thode <mthode@mthode.org>
2021-12-18 17:51:18 -06:00
Dr. Jens Harbott
f884b626b2 Fix failure in pip element
A lack of space between package names was causing apt to fail.

[0] I2b75afd310f009ae8614f6ca75bb984b56d25c45

Change-Id: Ia7e005c2f583037ee44a3c364e3b8d79d51e03a2
2021-12-18 12:44:34 +01:00
Zuul
6ae099f464 Merge "Install only python3 pip in debian bullseye" 2021-12-16 06:36:19 +00:00
Riccardo Pittau
4f151aeeb5 Install only python3 pip in debian bullseye
Debian bullseye has removed python-pip and python-virtualenv
from its repos, let's install only pip and virtualenv python3 modules.

Also split pip installation based on python2 and python3 for
debian-based distributions.

Change-Id: I2b75afd310f009ae8614f6ca75bb984b56d25c45
2021-12-10 15:11:17 +01:00
Ian Wienand
0bf80735a7 Use OpenDev mirrors for 8-stream CI builds
Change-Id: Ief335cf80fb5d796f6c31f6956e9bc5f790eca93
2021-12-10 17:26:34 +11:00
Ian Wienand
402a7fa2f9 Test 8-stream aarch64 build
Change-Id: I1aea7791b5b9af257a3c54e377dbdcbb8bfe9028
2021-12-08 13:30:42 +11:00
Zuul
a2b8d4d846 Merge "Update keylime-agent and tpm-emulator elements" 2021-12-07 04:29:36 +00:00
Zuul
b22161c116 Merge "Disable all repositories after attaching a pool" 2021-12-06 20:19:59 +00:00
Zuul
86e3d632fa Merge "Document EFI elements requirements" 2021-12-06 19:58:16 +00:00
Piotr Parczewski
f49dba8f62 Document EFI elements requirements
Change-Id: I6b47d44c86a11dfc71b7adf0d9bb27f5177717cb
2021-11-26 08:46:42 +01:00
Ian Wienand
2d47d4157c Fix BLS based bootloader installation
This reverts I2701260d54cf6bc79f1ac765b512d99d799e8c43,
Idf2a471453c5490d927979fb97aa916418172153 and part of
Iecf7f7e4c992bb23437b6461cdd04cdca96aafa6 which added special flags to
update kernels via grubby.

These changes actually ended up reverting the behaviour on Fedora 35,
which is what led me to investigate what was going on more fully.

All distros still support setting GRUB_DEVICE in /etc/default/grub;
even the BLS based ones (i.e. everything !centos7).

The implementation *is* confusing -- in earlier distros each BLS entry
would refer to the variable $kernelopts; which grub2-mkconfig would
write into /boot/grub2/grubenv.  After commit [1] this was reverted,
and the kernel options are directly written into the BLS entry.

But the real problem is this bit from [2]

 get_sorted_bls()
 {
     if ! [ -d "${blsdir}" ] || ! [ -e /etc/machine-id ]; then
        return
     fi
     ...
     files=($(for bls in ${blsdir}/${machine_id}-*.conf; do
     ...
 }

i.e., to avoid overwriting BLS entries for other OS-boots (?),
grub2-mkconfig will only update those BLS entries that match the
current machine-id.

The problem for DIB is that we are clearing the machine-id early in
finalise.d/01-clear-machine-id, but then running the bootloader update
later in finalise.d/50-bootloader.

The result is that the bootloader entry generated when we installed
the kernel (which guessed at the root= device, etc.) is *not* updated.
Even more annoyingly, the gate doesn't pick this up -- because the
gate tests run on a DIB image that was booted with
"root=LABEL=cloudimg-rootfs" the kernel initially installed with
"install-kernel" (that we never updated) is actually correct.  But
this fails when built on a production host.

Thus we don't need any of the explicit grubby updates; these are
reverted here.  This moves the machine-id clearing to after the
bootloader setup, which allows grub2-mkconfig to setup the BLS entries
correctly.

[1] 4a742183a3
[2] https://src.fedoraproject.org/rpms/grub2/blob/rawhide/f/0062-Add-BLS-support-to-grub-mkconfig.patch

Depends-On: https://review.opendev.org/c/zuul/nodepool/+/818705
Change-Id: Ia0e49980eb50eae29a5377d24ef0b31e4d78d346
2021-11-25 14:26:23 +11:00
Zuul
11d25f76d2 Merge "Added missing grubby arg DIB_BOOTLOADER_DEFAULT_CMDLINE" 2021-11-24 22:30:43 +00:00
Zuul
583b594ad4 Merge "Trivial: fix whitespace in ubuntu element rst" 2021-11-23 18:37:15 +00:00
Zuul
b2a37f85f3 Merge "Allowing ubuntu element use local image" 2021-11-23 16:59:28 +00:00
Julia Kreger
a40261326f Trivial: fix whitespace in ubuntu element rst
Change-Id: If054f1fca0c884c2b66225126efad8f15d58cc70
2021-11-23 07:01:36 -08:00
Matthew Thode
86682071a8
update gentoo source suffix (where it finds the file to download)
gentoo releng updated how they name the files.

Change-Id: Ib2cbc007e9690fdaaf1d6cb6f5fbcb634c4a4bbe
2021-11-20 20:18:55 -06:00
Marco Vaschetto
443305ab61 Allowing ubuntu element use local image
Patch allow to set path for local image source,
instead download latest or use the cached image.
This permit to build image also in environment without internet access.

re-propose of patch: https://review.opendev.org/c/openstack/diskimage-builder/+/809009

Change-Id: I54395b09af339caee040326b809e8fbf8b0e7d6a
2021-11-17 20:34:48 +01:00
Zuul
2c10f65599 Merge "Replace deprecated assertEquals" 2021-11-17 01:39:28 +00:00
Jakub Darmach
5a4e8a2c9e
Added missing grubby arg DIB_BOOTLOADER_DEFAULT_CMDLINE
DIB_BOOTLOADER_DEFAULT_CMDLINE was missing from grubby args.
Closes-Bug: 1951084

Change-Id: Idf2a471453c5490d927979fb97aa916418172153
2021-11-16 11:43:49 +01:00
Ian Wienand
ddb06b6657 source-repositories: don't use --git-dir
A recent(-ish) change in git [1] has exposed a bug in caching that
appears in one very specific circumstance -- updating the
openstack/openstack super-repo [2].

This repo gets a submodule update every time something is pushed.  By
using "--git-dir" while the cwd is one-level above the actual repo we
are confusing [1] which is not finding the submodule directories
correctly and giving us an error:

 Could not access submodule 'foo'

for every submodule that has updated between now and the last time we
updated the cache. [3]

The git manual does warn about this

 If you just want to run git as if it was started in <path> then use
 git -C <path>.

Indeed, that is what we want to do in this path.  Modify the calls to
use -C.

[1] 505a276596
[2] https://opendev.org/openstack/openstack/
[3] The result for opendev production is that image builds fail every
    time an openstack/* project is checked in; we then race to retry
    the build before another commit lands and updates the submodules
    again.

Change-Id: Iadb23454e29d8869e11407e1592007b0f0963e17
2021-11-16 19:16:03 +11:00
likui
7a57da8cee Replace deprecated assertEquals
The assertEquals method has been deprecated since it was renamed
to assertEqual in Python 3.2.

https://docs.python.org/3/library/unittest.html#deprecated-aliases

Change-Id: I559ad57c2d96a3bb51080c72816f39d3baa4c9dd
2021-11-12 09:46:14 +08:00
Ian Wienand
85e20d9852 containerfile: handle errors better
Refactor things to use explicit names, and put in a trap to cleanup
after any errors.

Currently, if the build/run/export steps fail, it leaves behind images
which eventually clog things to the point podman won't run any more
(see also https://github.com/containers/podman/pull/12233 about errors
seen due to this)

Change-Id: Ib328a07ad67e3f71f379fbf34ae7ef74e212ef1c
2021-11-10 11:42:49 +11:00
Ian Wienand
3833c2e59c containerfile: fix tar extraction
Ic68e8c5b839cbc2852326747c68ef89f630f26a3 removed the sudo from the
tar extraction here, meaning that production is failing to create the
chroot.  This is hidden in testing because
DIB_CONTAINERFILE_PODMAN_ROOT is set.  Make the sudo here
unconditional.

Change-Id: I6e36e3fc65981f85fad12ea2cd10780fde9c37da
2021-11-10 11:42:49 +11:00
Ian Wienand
f75fed076e fedora-container: update to Fedora 35
Support Fedora 35 in this element, and update the default

Depends-On: https://review.opendev.org/c/zuul/nodepool/+/815766
Change-Id: I2a9a8648158e1e4b1a071e20266fb8d125da67ac
2021-11-03 06:26:56 +11:00
Zuul
311621a094 Merge "Add support for CentOS Stream 9 in DIB" 2021-10-29 09:55:30 +00:00
Alfredo Moralejo
cdff9045c0 Add support for CentOS Stream 9 in DIB
CentOS Stream 9 is close to be released, and official mirrors are
already poplated. This patch is adding support to centos-minimal in CS9.

Also enable centos-minimal/[8,9]-stream-build-succeeds tests.

This patch is being tested together with [1] to apply following list of elements:

 vm centos-minimal simple-init growroot nodepool-base openstack-repos infra-package-needs

[1] https://review.opendev.org/c/openstack/project-config/+/811442

Change-Id: Iecf7f7e4c992bb23437b6461cdd04cdca96aafa6
2021-10-27 13:38:14 +02:00
Ian Wienand
57b7d2bceb dracut-regenerate: drop Python 2 packages
We don't support any Python 2 guest systems, drop the Python 2 bits
from package-installs.

Change-Id: Ica5c71c2926968d438ac1d0b0f16981cadf0bab1
2021-10-27 11:11:50 +11:00
Dr. Jens Harbott
4bd8258fbf Fix bootloader installation for gentoo
The if/elif block added in [0] doesn't work for gentoo, let's hope
that we can get along with an easy fix.

[0] https://review.opendev.org/c/openstack/diskimage-builder/+/804000
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: I543e04d2d7efea3e718bae31aa1cc4767bd359f8
2021-10-21 10:20:58 +02:00
Sagi Shnaidman
d5a01519c6 Update centos element for 9-stream
This adds 9-stream support to the centos element.

See https://review.opendev.org/q/topic:cs9 for related patches.

Change-Id: Ib80fbd21edb77c25764eff2c0d66e55bde7a90af
2021-10-20 09:39:27 +11:00
Ian Wienand
1a5c563920 Run functional tests on Debian Bullseye
We need to update the base reference platform we perform the
functional tests on.  Debian bullseye seems like the best choice -- it
is recent enough to last for a while, and will match the
nodepool-builder container environment.

Depends-On: https://review.opendev.org/c/zuul/zuul-jobs/+/814088
Change-Id: Ic68e8c5b839cbc2852326747c68ef89f630f26a3
2021-10-20 09:39:27 +11:00
Ian Wienand
f3a3153390 ubuntu: add Focal test
Switch this to testing bionic and focal, dropping xenial

Change-Id: Ifba6800ad84e504d248de8389e49a31f22c4554c
2021-10-20 09:39:27 +11:00
Ian Wienand
2f1e9320bd ubuntu-systemd-container: deprecate and remove jobs
I'm not aware this element is used/was ever used.  It hasn't ever been
updated to Focal.  To reduce our testing footprint remove this test,
and note in the element its probably broken.

Change-Id: I17cd3b13948287fe78990cfbe16a22919a329ba9
2021-10-20 09:39:27 +11:00
Ian Wienand
d5fa64325f Revert "Allowing ubuntu element use local image"
This reverts commit 1f4fb1d7a5.

This unfortunately wasn't actually tested.  Because the image-based
tests run sequentially, a prior failure in the centos-8 job meant the
ubuntu job never ran.

This is failing with

 10-cache-ubuntu-tarball: line 28: DIB_LOCAL_IMAGE: unbound variable

There is also a seemingly unused variable DIB_IMAGE_LOCAL_FILE; I'm
not sure what this is doing.

For now revert, and it can be re-proposed with appropriate testing.

Change-Id: I0f3897c90dc863ee04c3295b9cb094f02d8658e3
2021-10-20 09:39:27 +11:00
Ian Wienand
2d5981d673 epel: match replacement better
It looks like upstream have changed this line to "download.example",
breaking our subsitution.  Let's do a generic match.

Change-Id: I8e443022a5f239b98ccefe73a9abf8cf259dc8e9
2021-10-20 09:39:27 +11:00
Danni Shi
18df5a59b5 Update keylime-agent and tpm-emulator elements
Story: #2002713
Task: #41304

Change-Id: I735db46a62edecc85457d4163963f558c9fe461d
2021-10-06 15:05:28 -04:00
Zuul
6e83df4d40 Merge "Fix cron not installed in debian" 2021-10-06 13:23:00 +00:00
Zuul
82aa8c516d Merge "Add DIB_YUM_REPO_PACKAGE as an alternative to DIB_YUM_REPO_CONF" 2021-10-04 06:51:31 +00:00
Zuul
70378de688 Merge "Add policycoreutils package mappings for RHEL/Centos 9" 2021-10-04 06:51:29 +00:00
Zuul
0e93b853bf Merge "RHEL/Centos 9 does not have package grub2-efi-x64-modules" 2021-10-04 06:51:27 +00:00
Zuul
0a9c0b6ab8 Merge "Support grubby and the Bootloader Spec" 2021-10-04 06:46:29 +00:00
Zuul
a4615a2977 Merge "Move grubenv to EFI dir" 2021-10-04 06:46:28 +00:00
Zuul
175c5c4da6 Merge "Allowing ubuntu element use local image" 2021-10-01 15:31:07 +00:00
Marco Vaschetto
1f4fb1d7a5 Allowing ubuntu element use local image
Patch allow to set path for local image source,
instead download latest or use the cached image.
This permit to build image also in environment without internet access.

Change-Id: I9422e21c5d0445e31d5a7258aa7310b20e39b929
2021-09-27 20:56:06 +02:00
Zuul
0aa6e24286 Merge "Fix debian-minimal security repos" 2021-09-14 23:16:28 +00:00
Steve Baker
296c81b9ca Add DIB_YUM_REPO_PACKAGE as an alternative to DIB_YUM_REPO_CONF
A custom yum repository can now be configured by defining
`DIB_YUM_REPO_PACKAGE` as a yum available package or a URL to an rpm file.
This package can install repo files with any associated keys and
certificates.

A good example of such a package upstream is rdo-release[1] which
includes multiple repo files, the repo keys, and a root certificate.
This makes these repos impractical to install via DIB_YUM_REPO_CONF.

Downstream, repo packages like this a frequently used to bootstrap
development builds of RHEL with development repos.

[1] https://www.rdoproject.org/repos/rdo-release.rpm

Change-Id: I2832e723998c9bd7635cdf7541a4c20eff6294d2
2021-09-13 09:32:53 +12:00
Steve Baker
017ba12eb0 Add policycoreutils package mappings for RHEL/Centos 9
Change-Id: I69f0bc39b3ff4759bb66cea76112901ea8afff68
2021-09-13 09:32:53 +12:00
Steve Baker
fd63fe6999 RHEL/Centos 9 does not have package grub2-efi-x64-modules
Change-Id: Ida37eb500b7f331fd35f1b76365940c3b95ec83e
2021-09-13 09:32:53 +12:00
Steve Baker
97f940ace5 Support grubby and the Bootloader Spec
Fedora 30 and RHEL-8.2 onwards support the Bootloader Spec and use grubby
to manage kernel menu entries and kernel arguments.
https://fedoraproject.org/wiki/Changes/BootLoaderSpecByDefault

This change detects if this is a BLS enabled environment, and uses
grubby to set kernel arguments on all kernel entries if it is.

Change-Id: I2701260d54cf6bc79f1ac765b512d99d799e8c43
2021-09-13 09:32:53 +12:00
Steve Baker
b01aac9715 Move grubenv to EFI dir
If the grubenv is regenerated, its changes won't be available to UEFI
boot systems unless the changed grubenv is copied to the EFI
directory.

This change copies the grubenv to the EFI directory when the grub.cfg
is copied.

Change-Id: I512502117a6bf1e6122fdfd8965ca488b4a5bae4
2021-09-13 09:32:29 +12:00
Zuul
3c3ef6e32b Merge "Check and remove existing image interface configurations" 2021-09-10 15:01:28 +00:00
Zuul
48ef1c4d96 Merge "simple-init: allow disabling DHCP fallback" 2021-09-10 14:54:03 +00:00
Zuul
3eae88795d Merge "simple-init: support installing Glean from packages" 2021-09-10 14:54:00 +00:00
Riccardo Pittau
6ed7f3b139 Fix debian-minimal security repos
Debian stable security repos is now stable-security, as well as other
versions.

Move the Debian bullseye job from experimental to non-voting check.

Change-Id: I451cacda6573727de9448b5857bed5181850b4ad
2021-09-10 11:40:48 +02:00
Zuul
f03c50b4a1 Merge "Fix doc typo" 2021-09-09 00:24:00 +00:00
Zuul
8250b33d68 Merge "yum-minimal: use DNF tools on host" 2021-09-09 00:09:56 +00:00
Michal Arbet
db1409f550 Fix cron not installed in debian
This patch adds cron to debian package-installs
as cron should be included in OS.

Change-Id: I50140dc98c240911e769acf2b3c11958ffad5494
2021-09-01 23:49:27 +02:00
Piotr Parczewski
169f755165 Fix doc typo
Change-Id: I5b2729fa874e8e19a9f0dc7b1aed2ce7f5090c97
2021-09-01 19:58:52 +02:00
Ian Wienand
5f47584196 yum-minimal: use DNF tools on host
The latest Debian bullseye release doesn't provide yum any more, only
DNF.  This breaks the minimal builds that are using on-host yum tools
to start the chroot.  Probe for yumdownloader, and if it's not there,
use DNF.

Note this requires "dnf download" which may not be packaged.  See
I21cfbd3935e48be4b92591ea36c7eed301230753 for a sample work-around
that installs this plugin in the nodepool-builder container.

Change-Id: Ia7f1e4d115cc67c378d865d91af94a07b8cdc6cc
2021-08-30 14:14:32 +10:00
Eduardo Santos
442d11b236 Bump Ubuntu release to focal
Change-Id: I01689cfb01b095ef69573a48be55353ea7aa2931
2021-08-26 23:28:33 -03:00
Steve Baker
59420be677 Use non-greedy modifier for SUBRELEASE grep
Some fedora mirrors are serving image icon html, and this grep is
over-matching on those mirrors.

Change-Id: Ibd737f44a8d2eee1902b6c5363c61d591feb75c9
2021-08-23 14:12:17 +12:00
Xinliang Liu
a6ee4d0c21 Introduce openEuler distro
Add openeuler-minimal element and add CI functional tests for both
x86_64 and arm64.

OpenEuler is an open source community driven YUM/DNF distro like
Fedora. It references Fedora and CentOS a lot for the rpm packages
building. So somewhat it can be treated as a redhat family distro
and reuse the YUM/DNF related elements to help build openEuler images.

For more info about openEuler, see: https://openeuler.org/en

Depends-On: https://review.opendev.org/c/zuul/zuul-jobs/+/803413
Change-Id: I3e06e49b524364c3a4edeba8bce7a8c06b9c7b76
2021-08-04 03:06:55 +00:00
Zuul
4f5689a409 Merge "Permit specification of extra bootstrap packages" 2021-08-03 23:13:04 +00:00
Gonéri Le Bouder
168bb25e69 Fedora: bump DIB_RELEASE to 34
Fedora 34 is the new stable release.

Change-Id: I2fba6935064823ace418b00f9735e52640c933f3
2021-08-03 16:37:16 +00:00
Jay Faulkner
91da6ab885 Permit specification of extra bootstrap packages
This change permits the yum-minimal element to be used in downstream
custom distributions, which may have additional packages containing repo
config or GPG keys needed.

This could also be utilized at a later time to move the
distribution-specific logic in this method to each distribution element
separately.

Change-Id: Ic1434bb2fe7301086cf11ba6bd7f2ee187c5e6c8
2021-08-02 11:57:11 -07:00
Zuul
0b14750e3f Merge "Update IRC networks" 2021-07-23 02:06:47 +00:00
Zuul
03275c2dd4 Merge "Add a keylime-agent element and a tpm-emulator element" 2021-07-22 10:34:31 +00:00
Takashi Kajinami
4107dc3bc4 Update IRC networks
The following two channels were migrated to OFTC.
 #tripleo
 #openstack-dib

Also, the following channel was migrated to Libera Chat[1].
 #opensuse-cloud

[1] https://en.opensuse.org/openSUSE:IRC_list

Change-Id: Ia4c729a8d284bbfcbdb3b8621ae29d9be57886f5
2021-07-22 19:17:51 +09:00
Zuul
02bda20dce Merge "Auto find greatest Fedora cloud image sub-release" 2021-07-22 07:53:44 +00:00
Zuul
585f34e068 Merge "Replace deprecated import of ABCs from collections" 2021-07-22 07:38:16 +00:00
Danni Shi
05d8f3ae38 Add a keylime-agent element and a tpm-emulator element
Story: #2002713

Task: #41304
Change-Id: Ia5226faabae8accb03f401aa4de3c8311b583455
2021-07-20 10:05:41 -04:00
Zuul
ddd70501d4 Merge "Convert multi line if statement to case" 2021-07-19 23:31:06 +00:00
Takashi Kajinami
b6254398e7 Replace deprecated import of ABCs from collections
ABCs in collections should be imported from collections.abc and direct
import from collections is deprecated since Python 3.3.

Change-Id: Idacff95cbb276eda0bc55de771ce6c701363c2e1
2021-07-17 01:02:19 +09:00
Zuul
556f4f6aa6 Merge "Add a growvols utility for growing LVM volumes" 2021-07-12 10:12:13 +00:00
Zuul
3f2feb6e3b Merge "cache-url : turn down verbose curl" 2021-07-12 09:55:28 +00:00
Zuul
d286f64a76 Merge "Add element block-device-efi-lvm" 2021-07-08 01:08:26 +00:00
Zuul
7831d71066 Merge "fedora-container: install dnf-plugins-core" 2021-07-07 06:51:05 +00:00
Zuul
d4f2d79f89 Merge "Do not uninstall non-installed packages" 2021-07-07 04:55:10 +00:00
Ian Wienand
bc39a5afe7 fedora-container: install dnf-plugins-core
Add dnf-plugins-core to the package-installs; this lets things like
"dnf copr" work automatically and is in-line with fedora-minimal base
packages.  While we're here, clean up some unneeded packages, and
remove the pkg-map that isn't relevant for Fedora builds.

Change-Id: Iad5a4717bcb55928377cc159b3360b0a70c5c5ac
2021-07-07 11:02:10 +10:00
Ian Wienand
12b60c4088 Mount /sys RO
As noted inline, this works around potential issues by being a strong
indication you are in a container (e.g. [1]).  Since nothing should be
changing anything on the host/build system, this is a generically
safer way to operate.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1975588

Change-Id: Ic6802c4ffc2e825f129af10717860a2d1770fe80
2021-07-05 11:45:02 +10:00
Steve Baker
a6e0bf83db Add a growvols utility for growing LVM volumes
There is currently no automated way of growing LVM volumes on boot
like single partition images do with their growroot mechanism. This
lack likely contributes to LVM not being widely used on VM and
baremetal workloads, since growing to the full disk requires workload
knowledge to determine which volumes to grow and by what amount.

The growvols element contributes a growvols python script which can be
run on firstboot (via systemd or cloud-init) or manually via
automation such as ansible. It is also an interactive script which
displays the full list of modifying commands before prompting for
confirmation to run them all.

By default the script will grow the root volume, but arguments allow
any volume to grow by a specified amount, or a percentage of the
available disk space.

Blueprint: whole-disk-default
Change-Id: Idcf774384e56cce03e56c0e19c7d08a768606399
2021-07-01 11:16:31 +12:00
Ian Wienand
ba5bcce036 cache-url : turn down verbose curl
curl's "-v" is a bit too verbose for "-x", especially when what you're
downloading bounces through a few redirects as is common.  Turn this
down and put it behind "-xx" or greater.

Change-Id: I6d91166bb237f2a1818cae7532e794ef0f01288b
2021-06-24 10:09:00 +10:00
Steve Baker
ab8d2910c4 Add element block-device-efi-lvm
Element block-device-efi-lvm has been added which is like
block-device-efi but defines an LVM logical group in the root
partition. Three logical volumes are defined in that group, mounted to
/, /var, and /home.

This volume layout will not meet all requirements, but this is more of
an example demonstrating the capability to encourage more usage of
this existing feature.

This is based on the overcloud-partition-uefi element in
tripleo-image-elements, and I believe this capability is too useful to
have the only working example buried in a related project repo.

This change also fixes the element string matching in
_arg_defaults_hack, the 'vm' test was also matching against 'lvm' and
'block-device-efi-lvm' elements. Also the 'block-device-' test now
properly tests for this being the prefix of the block-device element.

This change also makes block-device-efi fsck-passno compliant with the
documentation[1] so that / has value 1 and all other mounts are set to
2.

[1] https://www.man7.org/linux/man-pages/man5/fstab.5.html

Change-Id: If86a0e49186ce5a65cc0084101d31ce59a97b854
Blueprint: whole-disk-default
2021-06-01 17:27:28 +12:00
Zuul
75ee18b01b Merge "bootloader: remove extlinux/syslinux path" 2021-05-28 04:51:23 +00:00
Matthew Thode
2ff65d512e
Do not uninstall non-installed packages
The bootloader element uses the grub-efi-$arch package to remove already
installed packages (for redhat).  The uninstall of a non-installed
package fails with a non-zero exit code on gentoo.  The gentoo base
tarball does not include a bootloader and the grub-efi-$arch package is
only used for uninstalls, so zero out the variable to allow bootable
images to be generated.

Change-Id: If8572abd6e19a02f2f63b33d4f83a7054774d7e6
Signed-off-by: Matthew Thode <mthode@mthode.org>
2021-05-25 23:32:16 -05:00
Ian Wienand
3ccca50c14 Fix DISTRO_NAME in Fedora elements
Fix typo in documentation around name variables.

Change-Id: I88fd1dd828ce1b606398198dd0317096363480f1
2021-05-17 10:02:09 +10:00
Ian Wienand
80ff74ca4d Add fedora-containerfile element
This builds Fedora from the containerfile element.

Depends-On: https://review.opendev.org/c/zuul/nodepool/+/790531
Depends-On: https://review.opendev.org/c/opendev/glean/+/790368

Change-Id: I5cf9b0505f2d542b3611ebbf9494f9be11e61f34
2021-05-13 10:43:45 +10:00
Ian Wienand
f6748a4cd4 bootloader: remove extlinux/syslinux path
This is a first pass through the bootloader, that removes the extlinux
and syslinux install/cleanup path.

Change-Id: Ifb107796cdb6748430a124bf13ced93db9689bff
2021-05-13 10:33:06 +10:00
Ian Wienand
4d16ccdbef bootloader: disable BLS for Fedora
As noted inline, the switch to "boot loader spec" grub entries breaks
our setting of the root device.  This happened some time ago, and it's
not 100% clear to me why our existing Fedora builds haven't broken on
this.  However, the new containerfile based builds do seem to be
hitting this.

Disable it for now.

Change-Id: Ia3472947799bb35ffccfa92937cdd0d68b12a25c
2021-05-11 16:48:58 +10:00
Carlos Goncalves
72442ba656 Auto find greatest Fedora cloud image sub-release
Fedora cloud images have sub-releases in their filename. It is not
exacly clear how this is generated but we do know how we can determine
the greatest programatically.

Change-Id: I7fc56897c681fe037db211c290edcdd23cdd5d5b
2021-05-10 09:14:17 +00:00
Ian Wienand
2a14088eac containerfile: automatically search for distro docker files
This makes the container file element search the active element list
for `containerfiles/${DIB_RELEASE}` for building.  This makes it easy
to write wrappers for ubuntu/fedora/etc. containerfile elements.

Change-Id: I68f1d928e54a70bad76985ddd3e156bb5f978b0d
2021-05-10 15:36:28 +10:00
Zuul
b536dbba8e Merge "Add containerfile element" 2021-05-10 01:50:40 +00:00
Zuul
c3243be696 Merge "Install epel-release from URL" 2021-05-10 01:28:32 +00:00
James E. Blair
edff632186 Add containerfile element
This is a base element which uses a containerfile (Dockerfile) to
build a container image, then the filesystem is extracted from that
image and forms the root of the dib image.

You can add as little or as much to the dockerfile as desired.

Change-Id: I4e821aa2ce7feb8841ef31da56de1a31aa9218b5
2021-05-07 13:54:59 +10:00
Zuul
cb0c117659 Merge "debian-minimal: bullseye: /updates -> -security" 2021-04-30 09:25:35 +00:00
Zuul
231770434b Merge "debian-minimal: Set bullseye version" 2021-04-30 05:59:26 +00:00
Zuul
46fb885ed8 Merge "Fix centos stream set mirror" 2021-04-30 05:21:23 +00:00