Commit graph

1299 commits

Author SHA1 Message Date
Maksim Malchuk
4fbf564615 Set grub timeout style
Set the grub timeout style to display the menu. By default it set to
'hidden' but can be changed to 'menu' to display the menu and then
wait for the timeout expire before booting the default entry.

Change-Id: I8c58407ef645d528dd77efe866bfe0389cbbbd33
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-09-15 20:31:26 +00:00
Maksim Malchuk
bccea6d5f0 Refactor cloud-init element
There is no need in pipe and sudo for changing /etc/cloud/cloud.cfg

TrivialFix

Change-Id: I905e8d3964f1322ec3ccc2eb09c517a02ef88044
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-09-15 20:31:12 +00:00
Maksim Malchuk
c2853c6f2c Remove extra spaces from GRUB_CMDLINE_LINUX_DEFAULT
Remove extra spaces from GRUB_CMDLINE_LINUX_DEFAULT in the
/etc/default/grub when there is no boot laber and/or fips
not enabled.

TrivialFix

Change-Id: Ie83781b9ceca16ff63e08e3d1f887aa6d33fec99
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-09-15 17:14:25 +03:00
Zuul
1897b12ee9 Merge "Deprecate legacy deployment elements" 2023-08-31 14:23:21 +00:00
Zuul
9ee3063af6 Merge "Don't remove packages that are requested to be installed" 2023-08-31 06:09:41 +00:00
Zuul
2193c7c348 Merge "Append detailed printing information when exec_sudo fails" 2023-08-31 04:38:24 +00:00
Maksim Malchuk
0322695a5e Fix and issue with wait_for
Followup I2dd1c60e3bfd9c823a7382b1390b1d40c52a5c97.
The 'wait_for' array always updated even the command not executed
after test because of '&' control operator, so lets wrap construction
in standard 'if..then' case instead of using '&&' control operator.

Change-Id: I1d1ecb05e61f3995a98de450705451b94b437a08
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-08-30 15:56:10 +03:00
Zuul
9b931852f7 Merge "Update the shebang to python3" 2023-08-29 15:44:45 +00:00
Julia Kreger
a692673b90 Deprecate legacy deployment elements
Legacy elements deploy-tgtadm, deploy-targetcli, and deploy-baremetal
have not seen use in ages. Another element seems to date back to this,
deploy-kexec, but appears to see no actual use as the underlying methods
leveraged by these elements were long moved away from. iSCSI based
deployment being the last, and even then it required the
ironic-python-agent.

Change-Id: Ib5b3a7690c35d6859e2e0fdac2326dcd16c051d3
2023-08-29 08:02:32 -07:00
Zuul
04f140535b Merge "Install netplan.io for Debian Bookworm" 2023-08-28 20:17:42 +00:00
Zuul
5f1581fc81 Merge "Fix baseurl for Fedora versions before 36" 2023-08-22 23:52:01 +00:00
Steve Baker
420fb14e8f growvols: reserve space for spare metadata volume
Currently space is reserved for the metadata volume, but there is also a
spare metadata volume which is used for metadata check and restore.

This change reserves space for the spare. It also changes the volume
reference in the lvextend call to vg/lv_thinpool, the path based
reference results in the spare not growing.

Resolves: rhbz#2232632
Change-Id: If78743bb37f24756c049939645db202261df6775
2023-08-23 08:29:20 +12:00
Dmitriy Rabotyagov
bb9e970835 Install netplan.io for Debian Bookworm
Debian Cloud Images are shipped with netplan as a way to
configure networking for Debian. Without netplan being installed,
images built by DIB with cloud-init do not bring networking up,
since systemd-networkd is not enabled after installation, and there
are no other means to configure networking.

Alternative approach could be to enable networkd, though it is
better to be closer to official cloud images.

Change-Id: I115ab83cf374819bc447fc1bd596e71326d13ed9
2023-08-15 07:40:45 +00:00
Dmitriy Rabotyagov
2bfa132264 Fix baseurl for Fedora versions before 36
Fedora has moved their old images (prior to 37) to archives,
so default URIs are adjusted to reflect that.

Change-Id: I81dc6df4e4372149cffe448708ac2416d3528394
2023-08-07 14:38:05 +02:00
Joel Capitao
8dc4c3cd1e Update the shebang to python3
It's needed downstream when packaging. In RDO and Fedora,
we are hitting the issue "ERROR: ambiguous python shebang" during
the build.

Change-Id: Icaf0e62a8c6f0f873016ef1d17c434941e794c2f
2023-07-25 18:55:18 +02:00
Zuul
deb1869c6e Merge "Adds passwd to rocky-container os packages" 2023-07-17 15:15:38 +00:00
Zuul
b8bda7455c Merge "Add nm-dhcp-ib-interfaces element" 2023-07-17 15:15:36 +00:00
Zuul
8f56f7e83f Merge "Extend the checksum files generation procedure" 2023-07-12 17:22:57 +00:00
Maksim Malchuk
43e47f1912 Extend the checksum files generation procedure
The usage of the DIB_CHECKSUM variable is extended to have an
ability generate the only one checksum file, for example only 'sha256'
(by setting an environment variable DIB_CHECKSUM='sha256'), and to
retain the backward compatibility (DIB_CHECKSUM=1 will generate
both 'sha256' and 'md5' supported at this moment). As an additional
feature we have the simple way to completely deprecate 'md5' later,
and add new methods, for example, 'sha512' etc.

Change-Id: I2dd1c60e3bfd9c823a7382b1390b1d40c52a5c97
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-07-08 17:25:23 +00:00
wjunlu
864ae11509 Append detailed printing information when exec_sudo fails
This patch tries to add more detailed info by appending
error output to exec_sudo print.

In current implementation, only a simple static note `Exception:
exec_sudo failed` is printed:
```
INFO diskimage_builder.block_device.utils [-] Calling [sudo sgdisk
 /tmp/dib_image.jZaDPxtX/image0.raw -n 1:0:+550M -t 1:EF00 -c 1:ESP
 -n 2:0:+8M -t 2:EF02 -c 2:BSP -n 3:0:+2077M -t 3:8300 -c 3:root]
ERROR diskimage_builder.block_device.blockdevice [-] Create failed;
 rollback initiated
// ... ...
diskimage_builder.block_device.exception.BlockDeviceSetupException:
 exec_sudo failed
```

but the root reason is missing. We can’t get more error info to
make sure what the real root reason even a simple problem like
`command not found`, we have to reproduce locally and manually.

After this patch, the error message like:
```
INFO diskimage_builder.block_device.utils [-] Calling [sudo sgdisk
 /tmp/dib_image.jZaDPxtX/image0.raw -n 1:0:+550M -t 1:EF00 -c 1:ESP
 -n 2:0:+8M -t 2:EF02 -c 2:BSP -n 3:0:+2077M -t 3:8300 -c 3:root]
ERROR diskimage_builder.block_device.blockdevice [-] Create failed;
 rollback initiated
// ... ...
diskimage_builder.block_device.exception.BlockDeviceSetupException:
 exec_sudo failed: sudo: sgdisk: command not found
```
We can easily find the real problem and solve it.

Closes-Bug: #2024980

Change-Id: I9efcd9cb6621e6403df6de14f122b1cf371bd800
2023-06-25 08:02:58 +00:00
waleedm
33c11e1e9c Add nm-dhcp-ib-interfaces element
Currently, NetworkManager can't automatically create default
connection profiles for InfiniBand interfaces.

So, as a workaround, we are adding nm-dhcp-ib-interfaces element to
install NetworkManager-system-connections-infiniband.nmconnection
to NetworkManager to create a wildcard InfiniBand connection profile.

The content of NetworkManager-system-connections-infiniband.nmconnection
is generated by running this command:
`nmcli --offline connection add type infiniband connection.multi-connect multiple`

Closes-Bug: #2016965
Change-Id: Ic972b90e4df9c4aa36cfe3c8631db3e4533045f4
2023-06-04 05:45:12 +00:00
Maksim Malchuk
d8eb624e72 fedora: don't use CI mirrors
OpenDev has removed Fedora from the mirror AFS volumes.  Don't try to
use it during build.

Co-authored-by: Ian Wienand <iwienand@redhat.com>
Change-Id: I0b337c37421de2ff893bcd90d99f569d6551c79e
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-06-01 09:28:31 -07:00
wangxiyuan
ed9bdf805d Fix openeuler-minimal mirror problem
TARGET_ROOT is not a valid key during pre-install step. The error
`TARGET_ROOT: unbound variable` raises now.

This PR remove the useless TARGET_ROOT in openeuler-minimal.

Change-Id: I6fae2ca0e6c6e57a3b195367f2626d9e498e0329
2023-04-23 08:24:29 +00:00
Zuul
f8733f729b Merge "Allow custom console=tty0 argument" 2023-04-20 04:27:09 +00:00
Zuul
761fb12682 Merge "fix ifupdown pkg map for dhcp-all-interfaces of redhat family" 2023-04-13 21:46:38 +00:00
Zuul
da03a4d160 Merge "Update satellite_repo labels + add env var" 2023-04-13 08:32:31 +00:00
Zuul
48cbe94ef8 Merge "Check and grow the GPT structure to the end of the volume" 2023-04-11 20:35:05 +00:00
Steve Baker
d56dd56881 Allow custom console=tty0 argument
The bootloader element now has variable
DIB_BOOTLOADER_VIRTUAL_TERMINAL to customize or suppress the
console=tty0 kernel argument.

This is proposed to allow console=tty0 to be removed entirely as it is
causing significant performance degredation in DPDK environments.

Change-Id: Iba2ee5b8a6b4acdd236a770550dffd29c784ce11
Related: rhbz#2179366
2023-04-11 17:15:12 +12:00
waleedm
b50b8489d8 fix ifupdown pkg map for dhcp-all-interfaces of redhat family
Now as network-scripts package is derprecated, and NM should be the default for managing networking in redhat OS family, we need ifup/down scripts for dhcp-all-interfaces element and no one is providing them
So adding the package map for redhat family in the element source

Change-Id: I11e596e17477c39b156617762c4c5b840754ed64
2023-04-05 09:44:40 +00:00
Harald Jensås
dd0ee23989 Update satellite_repo labels + add env var
Red Hat changed the repository names/labels for
Satellite Client repository in Satellite 6.11 and
above, See: https://access.redhat.com/solutions/7004377

This change updates the satellite_repo URL's to use the
new labels.

Also adds environment variable REG_SAT_REPO to allow the
user to override the repository label.

Closes-Bug: #2013451
Change-Id: I6c2a93658213644140caf0e4a8c910b1af22cd1c
2023-03-31 09:59:30 +02:00
wangxiyuan
e5cf2faae3 Rename openeuler mirror script
The file name under pre-install.d should be like "^[0-9A-Za-z_-]+$",
otherwise the script will be skipped by the name check step and raise
"Ignoring non-conforming filenames" warning.

This patch rename the openeuler mirror script to ensure it follows
the regex.

Change-Id: I6d868df7932345547711100519523546bd53360e
2023-03-29 02:29:33 +00:00
Steve Baker
9fa139511e Check and grow the GPT structure to the end of the volume
In the baremetal case this isn't required because it is done by
ironic-python-agent when writing the image to the volume[1].

But when using the image directly (such as in a nova VM) the GPT
structure needs to be extended first. This change does that, along
with the detection for whether extending is required, using the same
approach as [1].

[1] https://github.com/openstack/ironic-lib/blob/master/ironic_lib/disk_utils.py#L670-L674

Co-Authored-By: rminishev@itkey.com
Co-Authored-By: sbaker@redhat.com

Change-Id: I3240eb0ef4dbbb41557985f0129ae4998a846417
2023-03-23 22:14:44 +00:00
Zuul
5d49a95082 Merge "Fix openeuler mirror problem" 2023-03-22 21:39:19 +00:00
Zuul
f8b0468e06 Merge "Add a FIPS element" 2023-03-22 21:39:17 +00:00
wangxiyuan
65507dfe82 Fix openeuler mirror problem
Currently, openeuler mirror doesn't work. It raises the error like:
"Ignoring non-executable files: 00-setup-mirror.bash".

This patch make the file executable to fix the mirror config problem.

Change-Id: I39ec958f864c2ff5193ea6d8f85d672437367ca0
2023-03-22 06:09:23 +00:00
Michael Johnson
45544d5038 Fix ubuntu-minimal to run autoremove
The "ubuntu" target had a post-install 99-autoremove task that removed
unnecessary dependency packages, but the "ubuntu-minimal" target does not.
This patch moves the 99-autoremove post-install task from the "ubuntu" target
to the "ubuntu-common" target so that both will run an autoremove at the end of
the image build.
For the Octavia amphora image, this saved about 1GB in the image by removing
build only package dependencies.

Closes-Bug: #2012406
Change-Id: I4592e3bd502045fa89203c075d3ea8f632e77177
2023-03-21 15:19:37 +00:00
Julia Kreger
c217956079 Add a FIPS element
Adds an element whose purpose is to set the stage
in the resulting image so that a user can generate an
image utilizing DIB which can be used in a FIPS
configuration without doing so with the input image
or after the fact.

Change-Id: Ia8a45584a56f6e06856fc2920c333351935dcd9d
2023-03-21 13:07:02 +00:00
Zuul
9c1ee6dcd8 Merge "Correct boot path to cover FIPS usage cases" 2023-03-21 06:39:00 +00:00
Zuul
950ad3324d Merge "Add swap support" 2023-03-21 06:38:57 +00:00
Zuul
c214704614 Merge "A new diskimage-builder command for yaml image builds" 2023-03-21 04:30:19 +00:00
Zuul
a00a68ac7a Merge "Update Fedora to 37" 2023-03-20 00:52:48 +00:00
Zuul
2986dd039c Merge "Repeat to umount filesystem when exception occurs" 2023-03-16 21:39:16 +00:00
Zuul
ad87cc76b8 Merge "Fix double-keyed json" 2023-03-16 21:39:14 +00:00
Julia Kreger
4633da7750 Correct boot path to cover FIPS usage cases
When your booting a Linux system using dracut, i.e. with any
redhat style distribution, dracut's internal code looks to validate
the kernel hmac signature in before proceeding to userspace.

It does this by looking at the /boot/ folder file for the kernel
hmac file.

And it normally does this with the root filesystem. Except if the
kernel is not on the root filesystem and is instead on a /boot
filesystem, this breaks horribly. This is compounded because
DIB enables the operator to restructure the OS image/layout
to fit their needs. In order for this to be navigated, as dracut
is written, we need to pass a "boot=" argument to the kernel.

So now we attempt to purge any prior boot entry in the disk image
content, which is good because any filesystem operations invalidate
it, and then we attempt to identify the boot filesystem, and save a
boot kernel command line parameter so the resulting image can
boot properly if FIPS was enabled in the prior image.

Regex developed with https://sed.js.org utilizing stdin:

VAR="quiet boot=UUID=173c759f-1302-48a3-9d51-a17784c21e03 text"
VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03"
VAR="quiet boot=PARTUUID=173c759f-1302-48a3-9d51-a17784c21e03 reboot=meow"
VAR="quiet boot=UUID=/dev/sda1 text"
VAR="quiet boot=/dev/sda1"
VAR="quiet boot=/dev/sda1 reboot=meow"
VAR="quiet after_boot=1 reboot=meow boot=/dev/sda1"
VAR="quiet after_boot=1 reboot=meow"

Which resulted in stdout:

VAR="quiet text"
VAR="quiet"
VAR="quiet reboot=meow"
VAR="quiet text"
VAR="quiet"
VAR="quiet reboot=meow"
VAR="quiet after_boot=1 reboot=meow"
VAR="quiet after_boot=1 reboot=meow"

Change-Id: I9034c21e84deda2ba2c0ec0d1d6d6595ed10bed4
2023-03-15 11:25:21 -07:00
Ian Wienand
b6cdda4ab0
Update Fedora to 37
This seems like a relatively simple update with nothing breaking
(famous last words).

Change-Id: I5498371ad5af3f0f053af633eb26121ea9f780e6
2023-03-15 16:18:22 +11:00
Steve Baker
7e38f85724 A new diskimage-builder command for yaml image builds
The `diskimage-builder` command provides a yaml file based interface
to `disk-image-create` and `ramdisk-image-create`. Every argument to
these scripts has a YAML equivalent. The command has the following
features:
- Environment values can be provided from the calling environment as
  well as YAML
- All arguments are validated with jsonschema in the most appropriate
  YAML type
- Schema is self-documenting and printed when running with --help
- Multiple YAML files can be specified and each file can have multiple
  images defined
- Entries with duplicate image names will be merged into a single
  image build, with attributes overwritten, elements appended, and
  environment values updated/overwritten. A missing image name implies
  the same image name as the previous entry.
- --dry-run and --stop-on-failure flags

A simple YAML defintion would resemble:

- imagename: centos-minimal
  checksum: true
  install-type: package
  elements: [centos, vm]
- imagename: ironic-python-agent
  elements:
  - ironic-python-agent-ramdisk
  - extra-hardware

The TripleO project has managed image build options with YAML files
and it has proved useful having git history and a diff friendly
format, specifically for the following situations:
- Managing differences between distros (centos, rhel)
- Managing changes in major distro releases (centos-8, centos-9-stream)
- Managing the python2 to python3 transition, within and across major
  distro releases

Now that the TripleO toolchain is being retired this tool is being
proposed to be used for the image builds of TripleO's successor, as
well as the rest of the community.

Subsequent commits will add documentation and switch some tests to
using `diskimage-builder`.

Change-Id: I95cba3530d1b1c6c52cf547338762e33738f7225
2023-03-13 09:01:49 +13:00
John L. Villalovos
47dc5a9834 chore: support building Fedora on arm64 AKA aarch64
By default [1] the `aarch64` ARCH value is converted to `arm64`. But
Fedora uses `aarch64` to refer to the architecture.

Convert incoming ARCH values of `arm64` into `aarch64` as is already
done for `amd64` -> `x86_64`

[1] 174089a6a5/diskimage_builder/lib/common-defaults (L29-L30)

Change-Id: I6d9698e45b1183007bac49544da196ec78a7ac6a
2023-03-10 09:32:08 -08:00
Maksim Malchuk
601dc0387f Add swap support
Adds swap as a valid "filesystem"

Closes-Bug: #1816136
Change-Id: Ie50834a9834815b1dfacafd283f505f3323d35c8
Co-Authored-By: luke.odom <luke.odom@dreamhost.com>
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-03-06 14:54:35 +03:00
Erik Berg
b78afe4c62
Fix double-keyed json
The second release masks the first release, which is probably a
mistake.

Order them from most significant to least;
release > distro > family > default

And fix up the indentation.

Change-Id: I54a6a49d4fe001b1a16ab38637cb55542ce96cdb
2023-03-03 12:04:30 +01:00
Maksim Malchuk
84d6af7de8 Repeat to umount filesystem when exception occurs
Sometimes umount doesn't have much time to finish and failed with
error 'target is busy', but this is not an actual error in some cases
and the operation should be repeated again with some timeout.

This solves the issue and raise actual exception only after several
tries with timeout.

Closes-Bug: #2004492
Change-Id: I069af85b52e20e9fd688f9ae07e66beb2179f3e1
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
2023-02-01 20:09:47 +03:00