Commit Graph

3619 Commits

Author SHA1 Message Date
Kevin Carter
4b1a875e56 Disabled IPv6 privacy extensions
IPv6 privacy extensions can cause issues by preferring a temporary
network over a public one. This preference may limit connectivity
in certain situations. An example of a connectivity issue can be
seen where the command ``traceroute6`` fails or misses all hops
while other traffic to a given domain with a "AAAA" record may
succeed. To resolve this issue the IPv6 privacy extensions have
been disabled.

Change-Id: I62b9d6301b9e8b8e93b49cecbc96334ceea92fa5
Related-Bug: #1068756
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-09-01 14:41:26 +10:00
Jenkins
7e0e13106d Merge "Explain difference between two envvars" 2016-09-01 04:38:38 +00:00
Mathieu Mitchell
796dcd043b Generate and use upper-constraints for ironic-agent
Currently, ironic-python-agent is installed without using an
upper-constraints.txt file.

This commits ensures ironic-python-agent is installed using
upper-constraints.

Change-Id: I6be6cfc012941e2cc9996717cba39b5415b85e14
Closes-Bug: #1616554
2016-08-29 21:05:04 +00:00
Xiang Chen
ff234b65ea Explain difference between two envvars
Explain difference between 'DIB_OFFLINE' and
 'DIB_DEBIAN_USE_DEBOOTSTRAP_CACHE'

Those variables are not redundant,they hava different effective ranges.
However,some people may be confused about this and reported a bug.
So,this difference should be writen in the README file.

Closes-Bug: #1506275

Change-Id: Ie5316de41d129bf98781708954f09ef0b2592b53
2016-08-25 10:07:29 +08:00
Jenkins
0ca20753ce Merge "Add "audit"package to yum-minimal" 2016-08-22 17:00:27 +00:00
Gregory Haynes
a1bfca6022 Add tests for building *-minimal images
Lets make sure these images can be built.

Change-Id: Idbd07b98c0181738d002a53373425e056390beea
2016-08-22 16:53:32 +00:00
Andreas Florath
6a5da7e157 Spec for changing the block device handling
During the creation of a disk image (e.g. for a VM), there is the need
to create, setup, configure and afterwards detach some kind of storage
where the newly installed OS can be copied to or directly installed
in.

Change-Id: I0a43e247fb9e258e3983db35362f627416983773
Depends-On: I7bd7e9fa94635621590f72702107e218155fef2a
Signed-off-by: Andreas Florath <andreas@florath.net>
2016-08-22 16:16:00 +00:00
Matthew Thode
c3a036e54f
Update portage only if needed
Currently we update portage whenever we could need it.  Instead we
should update portage only if we actually need to.  This update adds a
check to do so.

Change-Id: Ifdb27fd844b0b3a169ced945ac7ee0ddc235e9ec
2016-08-22 07:14:25 -05:00
Matthew Thode
c1c2f7147b
Update GRUB_MKCONFIG for detecting what's installed
Gentoo has updated it's grub ebuild to default to the upstream
recommended installation parameter of grub-mkconfig instead of our
default multislot installation of grub2-mkconfig.  Update the command
line parameter so that it works with both.

Change-Id: I359b44338a4f76af7c026f5cad212e6dc3dbf2b3
2016-08-22 07:12:15 -05:00
Gregory Haynes
6180d82f14 Allow ramdisk-create to run without $USER set
It's possible this is run form an environment where $USER isn't set,
properly fallback to whoami in this case.

Change-Id: I1181f714c3c456ee264b34d282bac5c0adb67a0e
2016-08-19 16:04:32 +00:00
Jenkins
c20a42051a Merge "Change DIB_IPA_CERT resulting file name" 2016-08-18 13:35:12 +00:00
Ian Wienand
48daefb685 Use temp file for du calculations
Storing the du output in a variable seemed convenient, but I didn't
realise just how big it could get especially with things like infra
images -- there's something like 100MiB of text being stored in a bash
variable here.

Convert this to work with a temporary file

Change-Id: I6a6d22c2142e0f199490c39cca8c94769e4b0232
2016-08-18 15:31:07 +10:00
Gregory Haynes
62efc03732 Clarify OVERWRITE_OLD_IMAGE docs
There has been some confusion about what this environment variable
controls, and it isnt very clear in the docs.

Change-Id: Id21b3c5ce361c4d1121eb7015020235b4c0a2f36
2016-08-15 12:15:22 -07:00
Gregory Haynes
16bad71e8b Add blurb about communication to docs landing page
We should really have a summary of how to communicate with us on the
documentation landing page.

Change-Id: I24a14826cbcd19a1eedc48a62220caa60ce07b43
2016-08-15 08:42:56 -07:00
Juan Antonio Osorio Robles
1787754d57 Change DIB_IPA_CERT resulting file name
Even though this file ends up in the /tmp directory, for readability
it's good to point out that server.pem is not necessarily the
certificate for a server, but can be a CA certificate which is
trusted if this option is used.

Change-Id: Iea27a702a844456e4472957438f75ed3819d62ca
2016-08-15 15:19:04 +03:00
Yolanda Robla Mota
c1bac651cb Allow to skip kernel cleanup
For some use cases, it can be useful to keep all the kernels
and not just keep the latest one. Add a parameter that allows
it, and continue cleaning up kernels by default.

Change-Id: Ia6e6c1fa18e3724c1eb89226151d81e9e748b793
2016-08-12 12:49:19 +02:00
Jenkins
cf2030c2f6 Merge "secure_path in sudoers: deal with possible quotes" 2016-08-11 00:21:14 +00:00
Gregory Haynes
b59ae02431 Add specs dir
Currently we do not have a dib-specific specs repository. Technically,
we are part of the tripleo-specs repository but dib-core does not imply
tripleo-specs core. To fix this and to encourage the use of specs lets
create a specs process that lives right in tree.

Change-Id: I7bd7e9fa94635621590f72702107e218155fef2a
2016-08-10 22:05:00 +00:00
Ian Wienand
944b4fea0f Add "audit"package to yum-minimal
Kernels are built with auditing support, and without the audit deamon
logs bubble up to spam the console and /var/log/messages.  This
package contains the audit daemon that catches these messages.

Change-Id: Ie3e216bab33b27f2d67a9379ddc3e89d66449251
2016-08-08 17:54:20 +10:00
Jenkins
46ce2ac527 Merge "Optionally remove portage files" 2016-08-04 05:20:54 +00:00
Gabriele Cerami
5e957f6350 secure_path in sudoers: deal with possible quotes
Sometimes the secure_path option value in /etc/sudoers is surrounded by
quotes, in this case the current command creates an invalid entry and
it's not possible to sudo anymore.
This fix adjust the sed command to deal with possible quotes

Change-Id: Ifd6f9e29b3c0d04d6f65d3f55524ad202fb3294e
2016-08-03 15:24:07 +02:00
Matthew Thode
ffb8efda74
Optionally remove portage files
Optionally remove portage files, so that we can cache package and
keep the portage directory around, specifically for nodepool.

This also adds a section to the Gentoo readme about the variable
and renames the 00-gentoo-distro-name environment file to a more
appropriate name of 00-gentoo-envars.

Also brought up was the location of the gentoo-releng.gpg file,
this has been moved and the refrencing paths updated.

Change-Id: I20c91b36082828faa1ca481585acc5f9933211e1
2016-08-02 16:42:29 -05:00
Ben Nemec
e49d347ba9 Generalize logic for skipping final image generation
Since the ironic-agent element builds the ramdisk and extracts the
kernel itself, there's no need to actually generate an image at the
end of the process.  Previously the unnecessary image was being
deleted, but this wastes a bunch of time compressing and converting
the image.  It's better to just not create the image at all.

This change adds a noop element called no-final-image that
disk-image-create looks for in the element list and, if found, will
cause it to skip the final image generation.  This is more flexible
than the previous ironic-agent-specific method that would have
required changes to disk-image-create for every element that wanted
to behave similarly.

Note that this cannot be done using an environment variable, because
element environments.d entries do not propagate out to
disk-image-create.  It also doesn't make sense as a user option
because it should be set by the element author, not the user.

Change-Id: I168feb18f0d578b3babbe4784d3ef75e755e1ebd
2016-07-28 13:14:36 -05:00
Jenkins
ed116d60a9 Merge "Fix proliant-tools dependencies" 2016-07-27 21:19:32 +00:00
Jenkins
e884309272 Merge "yum-minimal: set locale.conf and tz in chroot" 2016-07-27 08:52:39 +00:00
Jenkins
55aebfcede Merge "Correct order of parameters in call to qemu-img convert" 2016-07-26 21:07:19 +00:00
Xiang Chen
6ae60b2e8f add no_proxy when debootstrap trying to use proxy
Most of the time,no useing no_proxy is ok,but sometime this will cause problem.
Add no_proxy here will increase the robustness of the program .

Change-Id: I976e689760d2e6de9e2081fcdee4f71299e8470e
2016-07-22 14:56:22 +08:00
Jonas Sticha
224acc6456 Correct order of parameters in call to qemu-img convert
Under some systems this leads to an error if the oder of parameters
does not comply exactly with the way it is specified.

Change-Id: I9561b85985e3f0917f1b4c7801c9048b4e73ae3b
2016-07-21 10:57:40 +02:00
Jonas Sticha
616cca72b1 Correct order of parameters in call to tune2fs
Under some systems this leads to an error if the oder of parameters
does not comply exactly with the way it is specified.

Change-Id: Ie1ff871dfffecaf95e7ac467b18543561aaa0ceb
2016-07-21 10:55:20 +02:00
stephane
b7d391f25d Fix proliant-tools dependencies
The proliant-tools element was missing a few
dependencies which were stopping it from
building correctly.

Change-Id: Ib7159a0baa7932d1571272cefffaf01d60e9debc
Closes-Bug: #1590176
2016-07-20 14:50:21 -07:00
Jenkins
71c68bf18d Merge "Fix packaging problems for Debian" 2016-07-20 21:21:08 +00:00
Andreas Florath
a8c8c61711 Fix packaging problems for Debian
This patch solves three issues with Debian packaging / apt:

o When building 'testing' only default apt sources is
  included - backports, updates and security are skipped because they
  do not exists.

o The default release for Debian was `unstable`: this is now fixed to
  `stable`.

o Starting a Debian Stretch VM that was build with diskimage-builder
  does not work, because some mandatory packages are missing.
  This patch fixes this problem: it adds the mandatory packages and
  the test case.

Change-Id: If49b5b162c4da1e074e9b19324839bc59d87dc57
Signed-off-by: Andreas Florath <andreas@florath.net>
2016-07-19 07:11:57 +02:00
Jeffrey Zhang
cf667e5dc3 Remove the escape in the centos7 README file
No need to add escape character '\' in the README file

Change-Id: I475b3e3d12c093a396bdcc81acbceeba03aed6df
2016-07-19 11:32:49 +08:00
Andreas Florath
828f9279c0 Spec for changing the block device handling: partitioning
During the creation of a disk image (e.g. for a VM), there is the need
to create, setup, configure and afterwards detach some kind of storage
where the newly installed OS can be copied to or directly installed
in.

This document describes the details of partitioning.

Change-Id: I72d8459e81d7da7a8feaebbf295d6c436a686a07
Signed-off-by: Andreas Florath <andreas@florath.net>
2016-07-16 21:45:05 +02:00
Jenkins
b8d10afd8f Merge "package-installs: add list to arch and "not-arch" list" 2016-07-15 06:57:59 +00:00
Ian Wienand
b745821353 yum-minimal: set locale.conf and tz in chroot
We should be doing more to ensure initial configuration during
configuration.  Taken from the steps done by [1], here we set
locale.conf and a general timezone.

The only reliable UTF8 locale is en_US.UTF-8; we don't want to use C
locale as it causes havoc with things like python3 and unicode.  We
set locale.conf to this.

For Fedora 24 ensure we install the en_* locales too (this is really a
bug separate to this -- when you log in, by default ssh tries to copy
over your locale env variables, so logging into a F24 system would
result in using invalid locales for the most common en_* cases).

While we are here, setup a timezone link.  It turns out infra puppet
overwrites this later, but at least we have a sane default.

[1] https://www.freedesktop.org/software/systemd/man/systemd-firstboot.html#

Change-Id: Ib8951a97f1772bc5228c682e88628ff53400a923
2016-07-15 13:35:10 +10:00
Jenkins
96ed39aa35 Merge "Make Fedora 24 the default" 2016-07-14 05:26:04 +00:00
Ian Wienand
995c539491 Revert "Revert "Pre-install pip/virtualenv packages""
This reverts commit a645fa4ffb.

It is really devstack causing problems here; it was removing the
python-virtualenv package & re-installing using pip (see depends-on).
This failed because the pip-install we did here removed the egg-file
that rpm expected to be there, so rpm bailed out on the removal.

But even if it worked, this just leads you back down the path of the
original problem; that the system packaged version can be re-installed
and overwrites the pip installed version.  Thus I still believe this
is the correct thing to do in the dib element.

Note it is not a common problem (devstack aside); most jobs don't
touch python-virtualenv & related packages (the one we did notice this
on was being brought over from travisci where it was required for some
reason).

Change-Id: I82acb865378a0fa5903a6267bfcee0e2962eced0
Depends-On: Ib0edf6c4ee8a510e9d671213de35d787f56acfed
2016-07-14 13:54:41 +10:00
Jenkins
8fdbbc3413 Merge "Check sudoers file after editing" 2016-07-13 22:10:49 +00:00
Jenkins
b879507420 Merge "Don't create an ironic-agent image just to delete it" 2016-07-13 21:22:32 +00:00
Ben Nemec
88bf264fbb Don't create an ironic-agent image just to delete it
The ironic-agent element doesn't care about the final qcow2/raw/
whatever image the disk-image-create command normally creates, so
previously it was deleting it at the end of the process.  This is
a pretty significant waste of time when building those images, and
instead we can just skip creating the image when building
ironic-agent.

Change-Id: If48f575e795a823c777891f193ebf8bd943aa296
2016-07-08 15:56:26 -05:00
stephane
09317fccca Make Fedora 24 the default
Fedora 24 is the current release, so use it in the
fedora and fedora-minimal elements.

Change-Id: I0ac0d0767d4de9d28ae86d1344fd7c9d8876e5a1
2016-07-08 09:15:08 -07:00
James Slagle
1d629ccd46 Check sudoers file after editing
"visudo -c" should be run after the sudoers file has been edited. This
will ensure that the file is still syntactically correct, and exit 1 if
it isn't.  Otherwise, obscure errors can occur later on, and it is
difficult to track them back to this script as the source of the error.

Change-Id: Id0e5114d72c0779952a0c2c2c06696929c6c8b17
2016-07-07 09:51:43 -04:00
Jenkins
8b00250547 Merge "Make ubuntu-core support releases" 2016-07-06 23:49:31 +00:00
Jenkins
be184fa254 Merge "Clear up "already provided" message" 2016-07-06 20:06:25 +00:00
Gregory Haynes
fcec06bfc0 Add 1.18.1 releasenotes
Change-Id: I5f820ea419fafa8f8d4c8b67522090003f95464e
2016-07-05 22:17:50 +00:00
Jenkins
15e6d51dfe Merge "Revert "Pre-install pip/virtualenv packages"" 2016-07-05 21:42:48 +00:00
Ricardo Carrillo Cruz
a645fa4ffb Revert "Pre-install pip/virtualenv packages"
This reverts commit a85ce75d6b.

The reason for this revert is because it breaks CentOS dsvm jobs:

http://logs.openstack.org/35/332435/6/check/gate-ansible-role-cloud-launcher-dsvm-ansible-func-centos-7/13b3b66/logs/devstacklog.txt.gz

It is due to DevStack removing python-virtualenv by default, causing issues
as CentOS images have virtualenv installed via system-package and pip
by DIB.

Closes-Bug: 1599277
Change-Id: Ib0c01a7b3be32159e7c864a465fe9455e8d651ef
2016-07-05 20:09:39 +00:00
Jenkins
1b1a6a91eb Merge "Add new posix element." 2016-07-05 19:13:06 +00:00
Ian Wienand
8a1c8370a1 package-installs: add list to arch and "not-arch" list
Icf8a075224833fcfbbe2128e8802ff41c39f3c09 looked rather ugly, and it's
easy for us to expand the processing done in the arch list.

Change "arch" to a comma-separated list of architectures that should
match for install.

Add a "not-arch" list which will exclude the package from installation
on those architectures.  (An aside -- I considered making it just he
one list with foo,!bar,moo but ! has special meaning in YAML, so it's
easier to have two lists).

$ ARCH=ppc64 package-installs-squash --elements ironic-agent --path=./elements/ /dev/stdout | grep dmidecode
$ ARCH=ppc64 package-installs-squash --elements ironic-agent --path=./elements/ /dev/stdout | grep lshw
    "lshw",
$ ARCH=amd64 package-installs-squash --elements ironic-agent --path=./elements/ /dev/stdout | grep lshw
$ ARCH=amd64 package-installs-squash --elements ironic-agent --path=./elements/ /dev/stdout | grep dmidecode
    "dmidecode",

Change-Id: Ic69dd02a09e6f3ba9078a2377d8df29871a20db2
2016-07-01 21:31:59 +02:00