Commit Graph

1184 Commits

Author SHA1 Message Date
Jenkins
b7c22723d4 Merge "Fix to load only signed kernel in UEFI secure boot" 2015-04-28 11:02:52 +00:00
Jenkins
f8302171f5 Merge "Add element ubuntu-signed to provide signed kernel" 2015-04-28 11:02:44 +00:00
Jenkins
d2727fccf4 Merge "Split the debootstrap functions into an element" 2015-04-28 10:55:36 +00:00
Jenkins
8b002cba09 Merge "Clean up targetcli ramdisk installation" 2015-04-28 06:22:14 +00:00
Monty Taylor
23aa76dff0 Split the debootstrap functions into an element
debootstrap is not debian or ubuntu specific. We can make a debootstrap
element that knows how to do all of the things, and then a
debian-minimal and ubuntu-minimal image that use it. Finally, make
the debian element simply be a collection of the extra things we do to
make it look like a cloud-init based cloud image.

Change-Id: Iaf46c8e61bf1cac9a096cbfd75d6d6a9111b701e
2015-04-26 18:04:59 +00:00
Monty Taylor
c1d7cb4d6c Install glean from openstack source
glean is now moved into the openstack-infra repos, so the reference to
the originally temporary home can be discarded.

Change-Id: Ie89fff85e264a36d9bab15801314d5195b45031c
2015-04-25 08:45:10 -04:00
Jenkins
55fd6ab5e2 Merge "Port centos-minimal to yum-minimal" 2015-04-24 22:20:32 +00:00
Jenkins
362cb398c8 Merge "Make troubleshoot work with dracut ramdisks" 2015-04-24 21:24:17 +00:00
Jenkins
c4072920ab Merge "Update cloud-init-datasources README" 2015-04-24 04:43:15 +00:00
Jenkins
49bc98dc7c Merge "Add generic devuser element" 2015-04-23 03:58:43 +00:00
Jenkins
74b777dae8 Merge "Fix dhclient in Fedora ramdisks" 2015-04-23 03:58:33 +00:00
Jenkins
c108943dd2 Merge "Generate the default en_US locale" 2015-04-23 03:55:19 +00:00
Jenkins
1f38bfad41 Merge "Allow setting DIB_PIP_RETRIES" 2015-04-23 03:51:57 +00:00
Jenkins
97c2432635 Merge "Use shorter temporary file names for kpartx" 2015-04-23 03:51:48 +00:00
Jenkins
26a11cddc1 Merge "Create the dracut directory if not existing already" 2015-04-23 03:46:53 +00:00
Monty Taylor
eadd79c2cb Port centos-minimal to yum-minimal
Now that we have a generic yum-minimal element, just use it in centos
instead of rinse. Adding base as an element-provides of yum-minimal
because this element conflicts with the base element.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I15275d821781171c118f21aa0c0bca55f65a65b3
2015-04-22 20:34:48 -04:00
Jenkins
c67ab571cb Merge "Add a yum-minimal element that just uses yum" 2015-04-22 22:26:15 +00:00
Jenkins
b0f41ac66f Merge "Add element to process config-drive network info" 2015-04-22 22:25:54 +00:00
Jenkins
1fc2cbff50 Merge "Break install-types out of base" 2015-04-22 19:40:02 +00:00
Jenkins
d2dcfbc3cf Merge "update the dib centos7 baseurl to use a mirrorlist" 2015-04-21 21:47:00 +00:00
Jenkins
e61ffb7fc8 Merge "Don't trace RHEL Registration scripts" 2015-04-21 14:29:02 +00:00
Pino Toscano
f35aace69f Use shorter temporary file names for kpartx
The loopback handling in the Linux kernel limits the filenames of
files associated to loopback devices, see also linux/loop.h.
This is reflected also on userspace, as kpartx will silently do nothing
(exiting with 0) when requesting to remove a filename longer than 64
characters, as that name will obviously not match the truncated
filename. The result of this is that, when extracting qcow2 images for
the first time, if the qcow2 filename is long enough then the loopback
device will not be removed, remaining as stale in the host.

As a workaround, use a temporary file name when convering a qcow2 image
to raw, instead of using the base name of the qcow2 file.
While this still will not fix the issue when manually using a long
temporary directory (e.g. TMP_DIR=/very/long/etc...), at least should
avoid it in other cases.

Change-Id: Ibf46cd313a9d89412c0e1068fa0993be6c5a29db
2015-04-21 10:36:33 +02:00
Jenkins
bb93df23b1 Merge "openSUSE update" 2015-04-21 03:55:25 +00:00
Jenkins
8b96cfd4bb Merge "Switch default Fedora image to F21" 2015-04-20 22:35:49 +00:00
Jenkins
07da09b4f4 Merge "Update packages earlier" 2015-04-15 08:58:16 +00:00
Wesley Hayutin
7edf0f2a2d update the dib centos7 baseurl to use a mirrorlist
* replace baseurl with a centos mirrorlist
* fix typo in repoid

Change-Id: I028d1d7e9bf0b180ad73f750630adfbe41424512
2015-04-14 22:28:43 +00:00
Jenkins
b0e809cbca Merge "Do not export REG_HALT_UNREGISTER between hook scripts" 2015-04-14 20:50:35 +00:00
Thomas Bechtold
f411297e74 openSUSE update
Commit b4a1f1c190 wrongly changed the format of the available
images. There was a missconfiguration on the buildservice which produces
the images so no static links were available. That's fixed now so use
the correct names again.

Change-Id: Iac4cbc8672da67f5a89ac2f1be8bb9530215ea19
2015-04-14 21:53:38 +02:00
Monty Taylor
b5bcb3b60e Add a yum-minimal element that just uses yum
The centos-minimal approach of using rinse does not, it turns out, work
on centos. That's a bummer. It's also rather heavyweight. Instead, with
minor machinations, we can just use yum itself pointed at a chroot.

Also adding fedora-minimal element which creates a fedora image using
the new yum-minimal approach.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I026fd9d323e786dae5bb67824c6501067e1ceaa3
2015-04-14 13:39:18 -04:00
Monty Taylor
a33ddb89f1 Add element to process config-drive network info
If you don't want cloud-init, you may need to get a few things
from config-drive because you may be operating on a cloud with no DHCP.
In that case, simply reading some values from config-drive and writing
out either DHCP or static network info, in addition to grabbing ssh keys
is helpful. Both Infra and bifrost want this for their images.

Co-Authored-By: Gregory Haynes <greg@greghaynes.net>

Change-Id: I2746ed256b9783eab058b803130d3ccac484eaeb
2015-04-14 13:39:18 -04:00
Gregory Haynes
0c58eb11a0 Break install-types out of base
We support building elements without depending on the base element.
Breaking install-types out into its own element while making base depend
on it so elements can depend in it without base.

Change-Id: I104543d5482c76f60902e9fc32d91e196eeab51a
2015-04-14 13:39:18 -04:00
Dan Prince
208da5f605 Update packages earlier
Turns out that updating packages last causes some pretty
non-intuitive behaviour if you are trying to pin a package
to a specific version. Lets just update the base RPMs first...
subsequent installations should install the most updated version
anyways (unless they are pinned).

Also moves the package-installs script from the 00 step to 01 so
we can do the update first.

Co-Authored-By: Ben Nemec <bnemec@redhat.com>

Change-Id: I962046cc6048e852e6582fbc579f88bb73e23fdd
2015-04-13 21:50:10 +00:00
Shivanand Tendulker
f0315b4ed4 Fix to load only signed kernel in UEFI secure boot
This fix prevents loading of unsigned ubuntu kernel in UEFI secure
boot environment when image is created using 'iso' element.

'iso' element uses 'linux' and 'initrd' modules of grub2 to load
kernel and initrd respectively. The grub2 implementation of Ubuntu
can load unsigned kernel when these modules are used.

Ubuntu has Grub2 modules 'linuxefi' and 'initrdefi' which exits
boot process if unsigned kernel is used in UEFI secure boot mode.
The 'iso' element should use these modules in grub.cfg to prevent
loading of unsigned kernel when node is booted in the UEFI secure
boot environment.

'linuxefi' and 'initrdefi' works seamlessly when node is booted in
normal UEFI boot mode (non-secure).

Fedora do not have this issue. This fix has been tested in Fedora
environment. It works fine.

Closes-Bug: 1443114
Change-Id: If256ba1f7d7c149482d0f37fabcdfa8ed22e3f91
2015-04-13 13:20:12 +00:00
Shivanand Tendulker
06e3d7c767 Add element ubuntu-signed to provide signed kernel
ubuntu-signed element would install 'linux-signed-image-generic' that
provides signed kernel that can be used for deploy in UEFI secure boot mode.

Package 'linux-signed-image-generic' ships signed kernel with extension
'.efi.signed' (Ex. '/boot/vmlinuz-3.13.0-49-generic.efi.signed').

The kernel modules directory for signed kernel and unsigned kernel is same.
It is without 'efi.signed' extension to its name. This is different from normal
practice of directory naming in '/lib/modules' (Ex. For signed kernel
'vmlinuz-3.13.0-49-generic.efi.signed', modules directory is
'/lib/modules/3.13.0-49-generic').
This needed some changes in '/lib/ramdisk-functions' and 'ramdisk' element to
copy kernel modules.

The signed kernel package contains both signed and unsigned kernel. The
unsiged kernel is without extension '.efi.signed' (Ex.
'/boot/vmlinuz-3.13.0-49-generic'). This required change into
'/lib/img-functions' and 'baremetal' element to pick up signed kernel version
when this element is used.

Closes-Bug: 1443076
Change-Id: I60061cbea847b47fa752b9463cfd387e8e7f0635
2015-04-12 11:36:17 -07:00
Derek Higgins
51ff3bab65 Switch default Fedora image to F21
Fedora 21 was release 4 months ago, we should switch to use it as default
before it goes EOL.

Change-Id: I72686911cc21aeb75d61430878dd36c54edb6904
2015-04-10 16:22:18 +01:00
Jenkins
65ad6377a6 Merge "No markdown docs for elements" 2015-04-09 13:59:32 +00:00
Ben Nemec
9c27fae1e4 Clean up targetcli ramdisk installation
The targetcli element was triggering a bunch of errors from dracut
when we installed all of Python.  It turns out this is because there
were filenames with spaces in the find output and the loop didn't
handle that properly.  This switches to a while loop that can
handle odd filenames.

Change-Id: Iacbf16f26f2bc9991840250dc8ae7990db54d811
2015-04-08 15:26:06 -05:00
Ben Nemec
ffe825113e Make troubleshoot work with dracut ramdisks
Currently, calling the troubleshoot function in a ramdisk script
doesn't work as expected on dracut ramdisks.  This adds an alternate
troubleshoot implementation that will behave as intended.

I did not make it conditional on a kernel param as was done in the
original because dracut can behave strangely if you allow it to
continue after an error.  Always dropping to a shell immediately
should be less confusing.

Change-Id: I98000f4ac6d7890b1f44fe4d10394ac0ea332fcb
2015-04-08 12:54:32 -05:00
Pino Toscano
8d19032a4a Do not export REG_HALT_UNREGISTER between hook scripts
Do not rely on environment changes (like exporting REG_HALT_UNREGISTER)
to persist between different hooks run. This helps when the hooks are
run in different new environments every time.

Instead, in 99-unregister redo the same checks on REG_METHOD as done in
00-rhel-registration, still respecting REG_HALT_UNREGISTER in case the
user does not want to unregister the image generated.

Change-Id: Id594dcd72334f38a2fa96da21206da77a83d7a1a
Closes-Bug: #1434431
2015-04-08 09:28:47 +02:00
Gregory Haynes
031a7b03be Add generic devuser element
The devuser element is useful for configuring a generic utility user for
the built images.

Change-Id: Ifd9dcf3ba88d7abc98b1e44a93f6d9a6b4e764dd
2015-04-08 07:01:24 +00:00
Gregory Haynes
954b9de79b Update cloud-init-datasources README
Updating the README for this element to follow our new environment
variables convention.

Change-Id: I9cf21bd063ea2bfbea7244656af8f3d0e79f20b1
2015-04-08 06:57:44 +00:00
Gregory Haynes
8111fc40aa Improved apt-sources README
Cleaning up the apt-sources README to be easier to consume. Also
removing some tripleo references from the README.

Change-Id: I6937fd5cd51288b36890dde214701bcef1d61381
2015-04-07 23:05:38 +00:00
Ben Nemec
952915f25e Don't trace RHEL Registration scripts
We don't want to trace the RHEL registration scripts because that
is likely to log things like passwords and activation keys.  To
still allow for debugging failed runs, add sanitized logging of
the arguments passed to the registration commands, since that is
the part of the process where problems are most likely to manifest.

Change-Id: I0f661e9c152f43b814fda61211bd56ba93e3b9dc
2015-04-07 10:33:33 -05:00
Cédric Ollivier
3deb171a7a Generate the default en_US locale
The default locale set by cloud-init is now generated to prevent the
warning printed when the user is logged in.

Closes-Bug: 1440728
Change-Id: I2faff6c9d3ab8bb5f66d58e77bcf37f186bf501d
2015-04-06 15:31:04 +02:00
Gregory Haynes
cc308464c6 No markdown docs for elements
Sphinx does not support markdown, therefore all our element docs should
not be in this format.

Change-Id: I6fceb5c2c218e94a463f13d6d9050aea485e6c31
2015-04-02 23:55:19 +00:00
Jenkins
2888318eab Merge "Report status of boot loader installation to Ironic" 2015-04-02 13:07:40 +00:00
Pino Toscano
f7aefb1498 Create the dracut directory if not existing already
Make sure that the target directory for 50targetcli exists already, in
case there is no dracut installed at extra-data.d run time.

Change-Id: I85ade9e85e823b7564a5839c8b6181548a15ad41
2015-04-02 15:07:33 +02:00
Jenkins
5f0f296f58 Merge "Refactor deploy ramdisk to allow use of targetcli" 2015-04-01 21:20:59 +00:00
Jenkins
6446b2eebf Merge "Split dib-init-system into its own element" 2015-04-01 20:35:04 +00:00
Jenkins
88309de96b Merge "Handle non-cloud-init installs" 2015-04-01 04:01:39 +00:00