Commit Graph

2592 Commits

Author SHA1 Message Date
Ian Wienand
6a1eb2457c Move selinux restore to end of finalise
After a bit of spelunking, I90d0c96d5659326ba67d6119b96d9a4113adf7fe
was the original change that introduced the setfiles here rather than
autorelabel at boot time.

Touching the autorelabel file probably makes sense somewhere low, but
when we start relabling the file system we really should be doing that
as late as possible so we fix up everything that has come before.
Move this to 90 to capture this.

Change-Id: Iae0afe850f52ec3b59c49507fa9bbcc1c8f8cfa1
2016-04-20 13:52:37 +10:00
Ian Wienand
e2c0d16f84 yum-minimal : better cleanup of initial yum failure
If the initial yum install into the chroot fails, we can leave behind
a lockfile and an incorrectly modified rpmmacros.

Change this so we run the cleanup unconditionally.

Change-Id: Ia9f9c4c845e5f34d33ff9a4ab7226c9175283757
2016-04-20 09:42:42 +10:00
Jenkins
1fabb01a4f Merge "Prioritize venv python on host" 2016-04-18 23:17:28 +00:00
Jenkins
146be596f6 Merge "simple-init: Fix path for /etc/ssh test" 2016-04-18 19:37:35 +00:00
Jenkins
20def6a0cb Merge "dib-run-parts: make cp to target root more robust" 2016-04-18 19:37:29 +00:00
Jenkins
05382d10b9 Merge "Fix disk usage report" 2016-04-18 19:36:40 +00:00
Jenkins
1ea71d348c Merge "Add qcow2 generation for better test coverage" 2016-04-18 19:32:06 +00:00
Jenkins
7d0a27b1a8 Merge "Skip gentoo test" 2016-04-18 19:31:53 +00:00
Jenkins
4dced6e90d Merge "Fix add-apt-repository package for precise" 2016-04-18 19:17:09 +00:00
Ian Wienand
a8d8724e3c Add EPEL as requirement of centos-minimal
I guess I hadn't tried centos-minimal without the puppet elements that
install this for us.  But the "base" element wants dkms, which is only
in EPEL for centos.  But it's a helpful convenience so is globally
useful.

Change-Id: Ia9af97efdbd855fb8202353196ad649093788cb8
2016-04-16 07:03:39 +10:00
Ben Nemec
c3ee0acdd8 Allow skipping the md docs check
Not every project that uses dib elements will necessarily want this
check enabled.

Change-Id: Id4b167ed220dd55852b6587b884fabe7bc8554eb
2016-04-15 10:38:32 -05:00
Ben Nemec
bdf3aab53a Don't stop dib-lint on first flake8 failure
It's better to report all of the failures in one shot, so we should
make sure a flake8 failure doesn't immediately end the dib-lint
run, and instead just sets the error flag like the other checks.

Change-Id: Ib13fc71bb12a6565888bdd89f33fc6ada89f8d8c
2016-04-15 10:29:48 -05:00
Ian Wienand
2dc4154724 Fix up EPEL element
For whatever reason, RHEL identifies itself with DISTRO "rhel" for 6
and "rhel7" for 7, but centos just uses "centos" and DIB_RELEASE.  So
this was wrong and installing EPEL6 on centos7.

But we can simplify it completely for centos because that comes with
the epel-release package already included.

Change-Id: I2b8f5d30b850fef46b4a5ba32a917abcbf25932c
2016-04-15 12:37:22 +10:00
OpenStack Proposal Bot
e3f92e4a52 Updated from global requirements
Change-Id: Ia75dfa7c0ef9cbbbe5b7dba51d13c50c91c52922
2016-04-15 01:52:46 +00:00
Jenkins
4f6ce09385 Merge "Support to add certificate in ironic-agent" 2016-04-14 18:30:04 +00:00
Aparna
cd66aebf40 Support to add certificate in ironic-agent
This commits provides support to add certificate while
building the image using ironic-agent element. The
certificate can be CA certificate or self-signed certificate.

The certificate is set to the environment variable
'DIB_IPA_CERT' which in turn is used by the ironic-agent
element while building the image.

Change-Id: I648f7934d4787dcc3030885cfca771b642a9595e
2016-04-14 13:42:36 +00:00
Clint Byrum
4ceb40e13d simple-init: Fix path for /etc/ssh test
The cleanup path was fixed, but not the actual test.

Change-Id: If9ff4ee55604fa317a9a5bda0eee0b2783ef079a
2016-04-13 14:53:21 -07:00
Jenkins
67bef7ed16 Merge "Debian: dont set always the hostname to debian" 2016-04-11 08:31:55 +00:00
Jenkins
a6dd8d6b5a Merge "Turn down tracing for source-repo cache" 2016-04-11 06:12:49 +00:00
Ian Wienand
a7afe652d6 Fix disk usage report
This was not well tested.  Build the argument into a variable which
can be eval()ed to produce the final output.

Add the flag so we test this during functional tests.  Add "-x" to dib
invocations so we can more easily debug failures.

Change-Id: Ifdc82627c520379b4124ccb9a4c2fe806c52c75c
2016-04-08 07:07:00 +10:00
Ian Wienand
43e1e36cc6 Add qcow2 generation for better test coverage
Add qcow2 generation for better test coverage.  Add "-x" to the dib
invocations so we can better debug failure cases.

Change-Id: Idd0e33c70fcd7737e6dc43e26b054fbc2982c022
2016-04-07 15:25:34 +10:00
Ian Wienand
2764f2a659 Skip gentoo test
The idea was to put this in non-voting, but we never added it to the
skip list so it has been running by default.

Change-Id: I67f3453607077146ceb9430d12b4b9bfcd34437f
2016-04-07 15:13:40 +10:00
Ian Wienand
2f214ff3e8 Turn of tracing around du invocations
We don't want the output of "du" run on the image spammed into the
logs with "set -x".  Swizzle it off around the sensitive commands.

Change-Id: I687e77275f9a49e7934211835aba8610e88cdca6
2016-04-07 08:11:39 +10:00
Jenkins
69c811870c Merge "Fix ssh key cleanup to run in chroot" 2016-04-06 19:12:56 +00:00
Ben Kero
e64a6f8c9a Fix add-apt-repository package for precise
Running 'disk-image-create -a amd64 -o precise vm precise' will fail to
build with the following error [1]. To fix this, we should split out the
switch-case to allow base to install the 'software-properties-common'
package.

[1]

dib-run-parts Fri Mar 18 18:43:16 UTC 2016 Running /tmp/in_target.d/pre-install.d/03-baseline-tools
Hit:1 http://mirrors.cat.pdx.edu/ubuntu precise InRelease
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package python-software-properties is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  software-properties-common

  E: Package 'python-software-properties' has no installation candidate

Change-Id: I011f02fcf70df9d1d6fa30ed89907fbc2588937e
2016-04-06 11:08:07 -07:00
Jenkins
74822636c3 Merge "Revert "Skip centos functional testing"" 2016-04-06 17:21:21 +00:00
Gregory Haynes
00d9a9d396 Fix ssh key cleanup to run in chroot
Right now this removes the ssh keys on the build host. Obviously this is
not what we want.

Change-Id: Ib01d71ff9415a0ae04d963f6e380aab9ac2260ce
2016-04-06 17:11:59 +00:00
Saverio Proto
0d364d49cf Debian: dont set always the hostname to debian
If we dont force the hostname to be debian, the hostname will
be the one choosen when creating the instance with horizon

This bug was introduced when the debian element was split
into debian and debian-minimal and debootstrap in commit 23aa76df

Change-Id: I007a3531f6876890a2e113082211889ec5ead1a1
2016-04-06 11:05:53 +02:00
Clark Boylan
677619b1cc Remove ssh host keys when using simple init
In order for glean to operate properly and regenerate ssh host keys it
needs to start on a host without any ssh host keys. We hadn't been doing
this meaning that new host keys were not generated on images using
simple-init. Fix this by having simple-init delete any host keys found
in /etc/ssh late in the build process.

This should force glean/sshd to generate new host keys on first boot
depending on the distro.

Change-Id: Ic917387d92febf21c2cc37dfc1fa83fcf0c8e469
2016-04-06 05:47:37 +00:00
Antoine Musso
33cd0fb40f dib-run-parts: make cp to target root more robust
The dib-run-parts/root.d/90-base-dib-run-parts script would mysteriously
fail whenever the dib-run-parts is not in the path.  The install
commands complaining with:

install: missing destination file operand after
'/tmp/image.ILFTBYVy/mnt/usr/local/bin/dib-run-parts'

The reason is chaining a command in exec bypasses set -e. For example:

 exec /bin/ls $(which doesnotexist)

Will works and continue.

Handle the which lookup in a variable to have the script abort
immediately whenever dib-run-parts is not found.

Left an inline comment to make sure the fix is kept around in the
future.

Signed-off-by: Dan Duvall <dduvall@wikimedia.org>
Change-Id: Ibb5d7342b0d06483b84f9dd567e1cc0bf90f194e
2016-04-05 16:29:57 +02:00
Jenkins
792036ec62 Merge "ironic-agent postinst fails on systemd with no iptables" 2016-04-04 19:35:42 +00:00
Jenkins
fd806e9f42 Merge "Set tgtd not auto-start on OS boot time." 2016-04-02 16:28:43 +00:00
Jenkins
404ca1b944 Merge "Add image size report" 2016-04-02 15:45:42 +00:00
Jenkins
f80aff3645 Merge "ironic-python-agent should use console output" 2016-03-31 23:54:23 +00:00
zhangjian
fd7ccf97ee Set tgtd not auto-start on OS boot time.
Tgtd starts after OS boots up automatically, listens on the port 3260,
which cause lio fails to bind the same port later.
This patch removes the auto-start script of tgtd.

In IPA service, lio or tgtd would be used to create iscsi target.
If tgtd be chosen, IPA will start tgtd before iscsi setting.
IF lio be chosen, tgtd would keep not running.

Change-Id: Ic62055ac2f9252df832739631bfcbabfac0f9c4e
Closes-Bug: #1554987
2016-03-29 06:29:38 -04:00
Jenkins
81633f69c8 Merge "add pkg-map to pip-and-virtualenv element" 2016-03-24 05:12:13 +00:00
Jenkins
caf0c404cc Merge "Set default locale to image in debootstrap element" 2016-03-23 06:52:49 +00:00
Gregory Haynes
6bdb810f38 Handle unconfigured interfaces for dhcp-all-ifaces
On ubuntu, if an interface exists but is unconfigured then ifquery
$iface will return 0 but no output. This will cause dhcp-all-interfaces
to not attempt to dhcp on that interface.

Change-Id: Ic1532728ae9ca6d759714392f727d25b814ef336
2016-03-23 06:00:49 +00:00
Gregory Haynes
4f4fab979e Really remove all interfaces in dhcp-all-ifaces
As the doc says, we want to remove all interfaces that come by default
in cloud images. Cloud images also come with an eth1 though, so lets
just remove all interfaces.

Change-Id: I49c74a3285e6a610ac723bdf976f3727d2736749
2016-03-23 05:57:56 +00:00
Jenkins
683757e572 Merge "Remove all interface configs for simple-init" 2016-03-22 16:08:29 +00:00
Jenkins
3db1f42220 Merge "Note requirement for parted on gentoo hosts" 2016-03-22 07:41:00 +00:00
stephane
dd7648277f ironic-agent postinst fails on systemd with no iptables
Where the base install for the image uses systemd but
the iptables service is not present, the postinstall
script for the ironic-agent element can fail. This is
due to 'systemctl disable iptables.service' returning
an error status when the service isn't present. Check
whether the service is enabled using 'systemctl
list-unit-files'.

Change-Id: I8069b062a27caead4097747d7aeae24a5262e117
2016-03-21 19:27:57 -07:00
Matthew Thode
66c90cac9b
add pkg-map to pip-and-virtualenv element
Add a pkg-map file so that Gentoo can avoid polluting the FS with
files not tracked in the package manager.

Changed the directory name so that the source-install method would
actually be disabled when DIB_INSTALLTYPE_pip_and_virtualenv=package
is set.  Also changed source-repository line to be consistent with
the element name.

Change-Id: I5225bd7113ff2588c755ad4cd4ae9a2d78fff196
2016-03-21 20:12:37 -05:00
Ian Wienand
8c837409b8 Turn down tracing for source-repo cache
If you check logs like [1] it's literally thousands of lines of the
same thing over-and-over as the git caching happens.  It is basically
all just noise unless you're debugging it specifically.  Up this to
tracing level 2 ("-x -x") to see it.  Add a note in the help about
multiple flags, which has always been intended but not documented.

Image builds should continue to run with single "-x", but we could
probably greatly increase signal:noise ratio in the logs with a little
more judicial use of this to turn down some of the very noisy &
repetitive parts.

[1] anything in http://nodepool.openstack.org/

Change-Id: I91c5e55814ba9840769357261d203f4850e2eba6
2016-03-22 09:57:30 +11:00
Gregory Haynes
6f542c7c32 ironic-python-agent should use console output
It is standard to IPA to log to the console for easy debugging by
watching the server console.

Change-Id: I2beb75a99824f0cf1ec88d0ecb54baa4e73f6f15
2016-03-21 20:31:31 +00:00
Jenkins
29d9eeaa7f Merge "Add psmisc to the packages for ironic-agent" 2016-03-21 18:42:07 +00:00
Jenkins
ac94cf2a4e Merge "Add testing for the Gentoo element" 2016-03-21 07:59:55 +00:00
Nisha Agarwal
55ea2b5633 Add psmisc to the packages for ironic-agent
This commit adds 'psmisc' and 'dosfstools' to the required
packages for ironic-agent element which in turn
installs ironic-python-agent and ironic-lib.
The ironic-lib requires the fuser command to be executed,
which needs the package 'psmisc'. Similarly mkfs with
'vfat' requires 'dosfstools' package.

Closes-Bug: 1554075
Change-Id: If421f2394c34bb938813d0e15e5085d093215921
2016-03-21 00:01:57 -07:00
Ben Kero
71cf0662e2 Add new posix element.
This element installs package to ensure that the resulting image
provides the binaries outlined in posix specification [1]. This solves
some problems such as cron missing from the ubuntu-minimal images, and
hopefully minimizing the problems from similar problems in the future.

This is the image size difference:

Resulting qcow image sizes:

                Ubuntu      Ubuntu-Minimal    Debian    Centos7
        None    334MB       330MB             352MB     470MB
        Posix   353MB       375MB
        Posix+  354MB       374MB             406MB     471MB

        Posix+ = Posix + gcc + cssc

[1] http://pubs.opengroup.org/onlinepubs/9699919799/idx/utilities.html

Change-Id: I2a8f77bf8a0fdb04b328e56425d43a60eb3f7eed
2016-03-20 10:42:34 -07:00
Jenkins
d5d2ad72b8 Merge "Updated from global requirements" 2016-03-20 15:22:23 +00:00