Commit Graph

110 Commits

Author SHA1 Message Date
Tony Breeds
da2f6457ce Install the puppetlabs puppet package
in Ica34b7525bab53f8a6d161401f7fb9a2dbe37bc3 we added support for
installing puppet5 on bionic nodes.  However we missed adding the
package name.  Which results in the expansion[1]:

  apt-get --option Dpkg::Options::=--force-confold --assume-yes install -y --force-yes git rubygems

and later puppet isn't installed[2]:

  Failed to stop puppet.service: Unit puppet.service not loaded.

Adding the pkg name gets us[3]

[1] http://logs.openstack.org/41/588441/1/check/build-wheel-mirror-ubuntu-bionic/b3fd7ef/job-output.txt.gz#_2018-08-22_23_42_42_196476
[2] http://logs.openstack.org/41/588441/1/check/build-wheel-mirror-ubuntu-bionic/b3fd7ef/job-output.txt.gz#_2018-08-22_23_42_46_453880
[3] http://paste.openstack.org/raw/728653/

Change-Id: Icbcf5268624a5ff75e0058f8a355881125cd5d79
2018-08-23 14:55:08 +10:00
Ian Wienand
40879dae3b Support puppet5 for bionic
In our wheel build jobs, we try to install puppet with this script on
bionic nodes.  However, there is no <5 puppet distributions for
bionic.

This detects bionic and installs from puppetlabs (note the name seems
different as it's not pc1 any more)

Change-Id: Ica34b7525bab53f8a6d161401f7fb9a2dbe37bc3
2018-08-15 07:34:18 +10:00
Paul Belanger
cecfeb6591 Skip epel mirror if already setup
There is no need to configure epel, if already installed when
installing puppet.

Change-Id: Ideba593a78a8017c3855548377193887183818b0
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2018-07-24 12:08:13 +10:00
Colleen Murphy
f10f116f60 Fix puppet config for puppet 4
There are some assumptions made about the puppet config paths that
aren't applicable for puppet 4. Configuration, including modules,
belongs under /etc/puppetlabs. It's also no longer necessary to fix up
the templatedir or server configs in puppet.conf.

Change-Id: I3b544b6ce4a96a7a2478522a78402f77ff86a5a5
2018-04-20 14:24:17 +02:00
James E. Blair
ee62c99b9c Revert "centos7: don't install EPEL"
This reverts commit 37c26280bf.

This was originally removed so that EPEL would not be installed in
our nodepool images.  We no longer run this script when creating
those images, so it can be safely restored.  It should be restored
because without this, we are unable to spin up a cgit server
(which requires epel).

Change-Id: I93e6487ab9a2eae5f927abf43aea7e3e19c5ac9e
2018-03-23 17:31:33 -07:00
Paul Belanger
ad91863ff5
Remove centos-release-openstack-ocata
Because we no longer use puppet to manage our DIB images in nodepool,
we can not remove this. We would only add it to install openvswitch
and other binaries for devstack.

And since our only centos servers are git, we can also remove this.

Change-Id: I39c5aee70cffe0e270a605cbe669cb09a8f71b09
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2018-01-08 11:08:56 -05:00
Paul Belanger
5da66371f7
Comment out server in puppet.conf
We no longer have a puppetmaster, remove it do avoid trying to lookup
one when we first start puppet.

Change-Id: I38267eeb909aad8cafd1e2bf3e11ee52924d10c7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-12-11 14:54:03 -05:00
Zuul
9239023269 Merge "Remove puppetdb / puppetboard server" 2017-12-11 16:39:30 +00:00
Paul Belanger
a3a2a84d8a
Remove puppetdb / puppetboard server
Currently puppetdb and puppetboard have been broken for some time (+1
year) and with ubuntu precise becoming EOL it is prime for deleting.

This leaves openstack-infra with a gap in reporting for non-root
users.  As such, as proposal is in the works to maybe use ARA.

Change-Id: Ifc73a2dba3b37ebe790a29c0daa948d6bad0aa33
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-12-11 10:11:11 -05:00
Ian Wienand
7c5e2fe008 Stop puppet during install
We get a lot of

  puppet-agent[9836]: Could not request certificate: Failed to open TCP connection to puppet:8140

when launching Xenial nodes.  It seems to be because puppet is started
by the package install now.  Ensure it is stopped before we disable
it.

Change-Id: I4a3d0f4516941494e7c37e8e6859f28ef5b54c10
2017-10-26 15:51:30 +11:00
Clark Boylan
1f97760989 Install python2 on newer Ubuntus
Newer Ubuntus like Xenial don't necessary have python2 preinstalled. If
on Ubuntu and `python` is not present we install the python package so
that pip and ansible are happy later on.

Change-Id: Ia81c33b845664f35fba6fa8259bc83f8bcfec0e0
2017-08-17 10:42:03 -07:00
Colleen Murphy
2017041f9f Parameterize puppet version in install script
This patch adds a global PUPPET_VERSION variable to allow changing the
installed puppet version. The default version remains 3. CentOS and
Ubuntu support setting it to 4. Fedora already installs 4 by default
from the fedora repositories, and we defer worrying about opensuse and
gentoo for now since we do not use those operating systems in the
control plane and we no longer use puppet to build CI images.

The script adds the new "Puppet Collections" repository and changes the
name of the package to 'puppet-agent' when installing version 4. See the
install guide[1] for more details.

[1] https://docs.puppet.com/puppet/4.0/install_linux.html

Co-authored-by: Caleb Boylan <calebboylan@gmail.com>

Change-Id: Id829922875d495bca9ba11a3fe3428a7ebb2cd58
2017-07-13 15:58:25 +02:00
Jenkins
73891f3c25 Merge "Switch to update-rc.d for ubuntu-trusty" 2017-04-21 17:27:52 +00:00
dongwenjuan
d3ca95375b
Switch to update-rc.d for ubuntu-trusty
We want to stop puppet service from being enabled on boot, so use the
update-rc.d command. Otherwise we get the following errors:

`service puppet disable` runs failed.
Usage: /etc/init.d/puppet {start|stop|status|restart|force-reload|reload}

Change-Id: Ie0c6366284de156151e6831de16579321e5d7bef
Signed-off-by: dongwenjuan <dong.wenjuan@zte.com.cn>
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-04-21 12:49:50 -04:00
Jenkins
c8a70527e2 Merge "centos: use Centos openstack repos, not RDO" 2017-04-21 15:34:43 +00:00
Jenkins
6143f0675f Merge "centos7: don't install EPEL" 2017-04-21 15:31:54 +00:00
Colleen Murphy
0929840479 Move puppet service disablement to o_p::server
We don't need to stop the puppet service in single_use_slave, so as part
of emptying out openstack_project::template, move that resource
to openstack_project::server.

We still need to disable the service during the image build so add that
to the install_puppet.sh script.

Change-Id: I11db1b49f083c7a30e7908ba5a4a7df9d4033c9f
2017-04-18 14:53:40 +02:00
Dirk Mueller
4c8f8dad38 suse: spell out zypper options in verbose fashion
This hopefully helps understanding whats going on without having
10+ years of SUSE experience.

Change-Id: I20ab35a17673b490ab65f3edb73e4e740f8e512e
2017-04-14 20:50:51 +02:00
Jenkins
4159604ba2 Merge "Add support for openSUSE Leap" 2017-04-14 18:49:47 +00:00
Jenkins
fda5cfffe7 Merge "Add the ability to disable setup_pip function" 2017-04-10 15:58:09 +00:00
Paul Belanger
fa87f4f785 Add the ability to disable setup_pip function
In our effort to deprecate puppet for our zuul workers, start to break
our dependency on install_puppet.sh.  We now configure pip and
virtualenv using DIB.

Change-Id: Ie110fd50750ffc48c1ed939b18b68e40af6331ee
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2017-04-08 12:17:08 -04:00
Dirk Mueller
9635e7b7cb Add support for openSUSE Leap
openSUSE Leap ships puppet 3.x by default, so no need for a
clumsy unmaintained 3rd party repo.

Change-Id: I9b8fe7a229ad48fc86c1f299d81d3094c378ef41
2017-04-06 14:46:13 +02:00
Ian Wienand
98c77cf0c6 centos: use Centos openstack repos, not RDO
Switch to installing the centos rebuilds of RDO packages, rather than
RDO.

Change-Id: I0c73034a85db5664e979b9b71cc340860265bf34
2017-04-05 06:38:36 +10:00
Ian Wienand
37c26280bf centos7: don't install EPEL
EPEL is not really helping us test, because upstream RDO (and hence
centos openstack) are designed to run without it.  In fact it seems to
actively get in the way.

Installing EPEL here is really a hang-over from the snapshot days when
we'd boot provider images without it.  We do need EPEL for bringup but
should have it default disabled so we whitelist use; see depends-on
which moves it into dib.

Depends-On: I2d060e048f9106292f9024efe0fd1d529d801a30
Change-Id: If6cf1bc300c6b59a8defb09fb3a3a1254e392a43
2017-04-05 06:27:22 +10:00
Ian Wienand
fa76dff67d Install python-minimal for Xenial
Xenial images by default don't come with python2 installed.
Unfortunately ansible requires python2 on the host to run (for now,
though [1] is in preview).  In the mean time, ensure we have
python-minimal.

I think that under standard conditions, this is being dragged in by
other dependencies anyway.  The place I noticed was launching a
vexxhost control-plane node, using their Xenial base images.

[1] https://docs.ansible.com/ansible/python_3_support.html

Change-Id: I0e4020e9b8407271c88c3c5ac332393f6dd28418
2017-03-28 13:41:24 +11:00
Ramy Asselin
f9c75f7e62 Install puppet after the rpm is set on centos 7
With the current code, I get puppet version 3.6.2 installed.
 puppet noarch  3.6.2-3.el7  epel                 1.2 M

With this change I get new puppet 3.8.7 installed.
 puppet noarch  3.8.7-1.el7  puppetlabs-products  1.5 M

Change-Id: I680a7630986cf7a2b4989a3e853ddb409b228cea
2017-02-06 11:14:06 -08:00
Ian Wienand
1ebc7e1a47 Pre-install python2-requests package for Fedora
The python-requests package has been split into a python2-requests
package on Fedora (that provides python-requests).  Install this so we
don't end up with the same problem of python2-requests overriding the
pip version later.

Change-Id: I79b52c40c2521bcc36b690112639584b6076f0d1
2016-08-16 16:00:13 +10:00
Matthew Thode
9c082ff6bf
Fix emaint sync call
Emaint sync needs to be called with an argument, in our case '-a' is
sufficient.  It also can request user input, so we allow it to sync
automatically as well.

Change-Id: Ida47e14f883fdd29ad375fd47992b4662911d1d1
2016-07-28 14:05:42 -05:00
Jenkins
ad6def3fe0 Merge "Activate debugging for install_puppet.sh" 2016-06-03 18:21:50 +00:00
Matthew Thode
a32840dd65
Add Gentoo to install_puppet.sh
This adds support for installing puppet on Gentoo.  I've packaged
puppet-agent, which is upstream's package for general use (deb based).
It is based on Puppet 4.

Change-Id: If0c4bd83af822b0d0208a97561fffecbe495c5a9
2016-05-12 23:12:20 -05:00
Paul Belanger
4fc49fc85c
Check for both curl and wget for puppetlabs deb
As a host may not have wget add logic to try curl too.

Change-Id: I9a2ffeff08926eec5f4fee04fde0ddcc19004493
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-05-04 12:39:02 -04:00
Yolanda Robla
b53c69cfb2 Consume the latest puppetlabs rpm when installing puppet
We had it pinned to an specific version, which can cause problems
when new packages are released, forcing to bump periodically.
Instead of that, consume the latest rpm that will give us the
latest published version.

Change-Id: Idc9f40cdc8a9e47bdf9baa141c09e97f7884d3cf
2016-04-20 18:40:15 +02:00
Paul Belanger
f21c3c507c Activate debugging for install_puppet.sh
Change-Id: I977dfbfa30185bb22bc88e922b8e7bb7d396e1cb
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-03-29 19:38:07 -04:00
Paul Belanger
2c78eaba64 Fix typo with xenial logic
Change-Id: I5d7c207661791050c3be74a35e00efdbf209d289
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-03-29 19:24:30 -04:00
Paul Belanger
37dc420f92 Add support for Ubuntu Xenial
This is our first attempt to add support for ubuntu xenial.

Change-Id: I857a85177e9281b23f130453180764839e19a551
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2016-03-26 13:47:17 -04:00
Ian Wienand
77568c6ee3 Really reinstall requests on Fedora
Clear out the meta-data provided by the rpm package, so pip does a
reinstall.  Fix for If3f244ed4f62da25dc42813b4bda2f374f002517

Change-Id: Ic3bd801c0f57a2453d3563aaa4cf778aa0a9f9bf
2016-03-15 11:55:32 +11:00
Jenkins
78298da6e3 Merge "Revert "Pin pip to less than version 8 in install_puppet.sh"" 2016-03-11 17:22:01 +00:00
Ian Wienand
b625131727 Reinstall requests on Fedora builds
The fedora-minimal builds do not include the package python-requests,
but some of the later puppet (via zuul) will end up pip-installing it.

This leaves the system in a very precarious state -- if the
python-requests package ever gets installed over the pip-installed
package everything is broken because of the vendoring/symlinking
issues mentioned in the comment.

This is the most logical place to fix this up so we're in a consistent
state with a pip-managed requests package.  Devstack can clean this up
(I6b06dcd897999e0642b387e8d13a473934ed0956) but better to have the
base system in a consistent state.

Change-Id: If3f244ed4f62da25dc42813b4bda2f374f002517
2016-02-29 15:47:02 +11:00
venkatamahesh
fbafc20189 Fix spell typos
Change-Id: I70fa2cc7e2fd35895cd11db57fef00199680ce2b
2016-02-04 06:21:20 +05:30
Jenkins
d39b05bd97 Merge "Add $YUM to pickup dnf on Fedora>=22" 2016-02-02 01:06:27 +00:00
Ian Wienand
c3139a1dad Don't exclude python-setuptools
The centos-minimal dib build is failing as it tries to cache some
packages that have dependencies on python-setuptools.

Since I556b2cec249ef46e09ffca3cd75521e0beeb7779 we have been
installing a yum.conf that has an "excludes" for this package.

We have not noticed this on the existing dib builds because they have
python-setuptools already installed in the base-image as part of the
cloud-init install.  So this satisfies the dependency; however on the
minimal builds the package is not there, and the exclude means the
packages dependencies that can not be satisfied and the build stops.

The original code has since been removed.  I think the problem of some
parts of the packaged setuptools conflicting was probably due to the
large version delta between whatever was in CentOS6 to a current pip
install.  Clearly the issue doesn't exist with pip installing over the
Centos7 version (because it's working now), but for an abundance of
caution let's pre-install the packaged version, clear it out, then
install from pip.

Change-Id: I35408717dc340271dea3d857bc19ea1590e84361
2016-01-27 17:32:07 +11:00
John L. Villalovos
d97ff57356 Revert "Pin pip to less than version 8 in install_puppet.sh"
This reverts commit fce3e9d93b.

pip 8.0.1 rolled back the breaking change.

From the release notes at: https://pip.pypa.io/en/stable/news/

8.0.1 (2016-01-21)
 Rollback the removal of the ability to uninstall distutils installed
 items until a future date.

Change-Id: I3c9f2ed491689cbdafe10f6115ba3f61a0f03215
2016-01-22 13:27:49 -08:00
Monty Taylor
fce3e9d93b Pin pip to less than version 8 in install_puppet.sh
When we create a new server and install puppet, we also install pip.
That's awesome, except when pip >=8 breaks us. For now, pin it.

Change-Id: Id12f866f577c3ca2405a6049084c3cb0af82fde5
2016-01-20 17:15:50 -05:00
Ian Wienand
2f2350e78a Add $YUM to pickup dnf on Fedora>=22
dnf is a drop-in replacement for yum on Fedora>=22; add $YUM so we use
dnf there and avoid the deprecation warnings.

Change-Id: I3d62d8f6d8705b2cf840b63ffd82927a408d75aa
2015-12-16 06:20:02 +11:00
Ian Wienand
97107ce5ec Comment out /run/systemd confine for Fedora puppet
Upstream puppet has a constraint on matching systemd that /run/systemd
has to be around; this fails when building with dib in a chroot where
we're not actually running.

A full solution has to take into account Debian and multiple init
systems (see linked issues).  For the moment, just comment it out.

Change-Id: I6e4832caf6162a67408c34151b6e1d641a75fb8b
2015-12-08 14:40:26 +11:00
Clark Boylan
ff17732828 Remove centos6 support
This removes centos6 support from install_puppet.sh because centos6 is
no longer supported so this code is dead.

Change-Id: If59f10a6a9c576b1299b0e49a2e82d2a1a1d7ecf
2015-12-04 13:05:10 -08:00
Ian Wienand
4e098983a1 Preinstall redhat-rpm-config for Fedora
As described in the comments, there is a depdency bug which means some
python module builds fail without the config provided by this package.
Pre-install it before we start installing things.

Change-Id: I3c8615f17e47956f258fee10caa9a57c99c719b8
2015-12-04 08:47:56 +11:00
Ian Wienand
ba511a0aa3 Install RDO repo for Centos as well
RDO includes some things that are handy on a base-system, such as
openvswitch

Change-Id: I5ac4550ed25d9e1f7d9e563accc57aed8c7b01fb
2015-09-25 13:24:38 +10:00
Ian Wienand
043650e805 Systemd+selinux vs iptables on centos7, round 2
See Ibcb27199f0ecf3b1e3d927be42112e2ebcb5cd79 for part 1

So it turns out that installing the latest systemd and restarting
isn't enough to get this working.  It seems that a "systemctl
daemon-reload" is required between installing iptables-services and
enabling iptables (note, this should *not* be required; the
iptables-services .spec file does a "systemctl preset
iptables.service" which is documented as being equivalent to a
daemon-reload.  You can see this failing in the selinux denials in the
referenced bug).

What does seem to work is upgrading to the latest selinux-policy
before installing iptables, so add this in.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=1261747

Change-Id: I4c1983019834d676f99becfde4ffd3f8de19c3a6
2015-09-18 14:27:27 +10:00
Ian Wienand
84e69a9dd1 Workaround potential systemd failures with a pre-upgrade
As described in the comments, there is potential for systemd to not be
able to enable services after it is upgraded until it is restarted.

I do not think we see this during puppet runs in the gate because we
disable selinux, but it can be triggered (see
I0750de9e75b63190531a3d39a5fcbb19f8e8c49e)

This is a small work-around to pre-install systemd and restart it
before doing the rest of the system upgrades

Change-Id: Ibcb27199f0ecf3b1e3d927be42112e2ebcb5cd79
2015-09-10 16:39:07 +10:00