c3139a1dad
The centos-minimal dib build is failing as it tries to cache some packages that have dependencies on python-setuptools. Since I556b2cec249ef46e09ffca3cd75521e0beeb7779 we have been installing a yum.conf that has an "excludes" for this package. We have not noticed this on the existing dib builds because they have python-setuptools already installed in the base-image as part of the cloud-init install. So this satisfies the dependency; however on the minimal builds the package is not there, and the exclude means the packages dependencies that can not be satisfied and the build stops. The original code has since been removed. I think the problem of some parts of the packaged setuptools conflicting was probably due to the large version delta between whatever was in CentOS6 to a current pip install. Clearly the issue doesn't exist with pip installing over the Centos7 version (because it's working now), but for an abundance of caution let's pre-install the packaged version, clear it out, then install from pip. Change-Id: I35408717dc340271dea3d857bc19ea1590e84361
253 lines
8.0 KiB
Bash
Executable File
253 lines
8.0 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Copyright 2013 OpenStack Foundation.
|
|
# Copyright 2013 Hewlett-Packard Development Company, L.P.
|
|
# Copyright 2013 Red Hat, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
#
|
|
# Distro identification functions
|
|
# note, can't rely on lsb_release for these as we're bare-bones and
|
|
# it may not be installed yet)
|
|
|
|
|
|
function is_fedora {
|
|
[ -f /usr/bin/yum ] && cat /etc/*release | grep -q -e "Fedora"
|
|
}
|
|
|
|
function is_rhel7 {
|
|
[ -f /usr/bin/yum ] && \
|
|
cat /etc/*release | grep -q -e "Red Hat" -e "CentOS" -e "CloudLinux" && \
|
|
cat /etc/*release | grep -q 'release 7'
|
|
}
|
|
|
|
function is_ubuntu {
|
|
[ -f /usr/bin/apt-get ]
|
|
}
|
|
|
|
function is_opensuse {
|
|
[ -f /usr/bin/zypper ] && \
|
|
cat /etc/os-release | grep -q -e "openSUSE"
|
|
}
|
|
|
|
#
|
|
# Distro specific puppet installs
|
|
#
|
|
|
|
function _systemd_update {
|
|
# there is a bug (rhbz#1261747) where systemd can fail to enable
|
|
# services due to selinux errors after upgrade. A work-around is
|
|
# to install the latest version of selinux and systemd here and
|
|
# restart the daemon for good measure after it is upgraded.
|
|
yum install -y selinux-policy
|
|
yum install -y systemd
|
|
systemctl daemon-reload
|
|
}
|
|
|
|
function setup_puppet_fedora {
|
|
_systemd_update
|
|
yum update -y
|
|
|
|
# NOTE: we preinstall lsb_release to ensure facter sets
|
|
# lsbdistcodename
|
|
#
|
|
# Fedora declares some global hardening flags, which distutils
|
|
# pick up when building python modules. redhat-rpm-config
|
|
# provides the required config options. Really this should be a
|
|
# dependency of python-devel (fix in the works, see
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1217376) and can be
|
|
# removed when that is sorted out.
|
|
|
|
yum install -y redhat-lsb-core git puppet \
|
|
redhat-rpm-config
|
|
|
|
mkdir -p /etc/puppet/modules/
|
|
|
|
# Puppet expects the pip command named as pip-python on
|
|
# Fedora, as per the packaged command name. However, we're
|
|
# installing from get-pip.py so it's just 'pip'. An easy
|
|
# work-around is to just symlink pip-python to "fool" it.
|
|
# See upstream issue:
|
|
# https://tickets.puppetlabs.com/browse/PUP-1082
|
|
ln -fs /usr/bin/pip /usr/bin/pip-python
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
|
|
# upstream is currently looking for /run/systemd files to check
|
|
# for systemd. This fails in a chroot where /run isn't mounted
|
|
# (like when using dib). Comment out this confine as fedora
|
|
# always has systemd
|
|
# see
|
|
# https://github.com/puppetlabs/puppet/pull/4481
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1254616
|
|
sudo sed -i.bak '/^[^#].*/ s|\(^.*confine :exists => \"/run/systemd/system\".*$\)|#\ \1|' \
|
|
/usr/share/ruby/vendor_ruby/puppet/provider/service/systemd.rb
|
|
}
|
|
|
|
function setup_puppet_rhel7 {
|
|
local puppet_pkg="https://yum.puppetlabs.com/el/7/products/x86_64/puppetlabs-release-7-10.noarch.rpm"
|
|
|
|
# install a bootstrap epel repo to install latest epel-release
|
|
# package (which provides correct gpg keys, etc); then remove
|
|
# boostrap
|
|
cat > /etc/yum.repos.d/epel-bootstrap.repo <<EOF
|
|
[epel-bootstrap]
|
|
name=Bootstrap EPEL
|
|
mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch
|
|
failovermethod=priority
|
|
enabled=0
|
|
gpgcheck=0
|
|
EOF
|
|
yum --enablerepo=epel-bootstrap -y install epel-release
|
|
rm -f /etc/yum.repos.d/epel-bootstrap.repo
|
|
|
|
_systemd_update
|
|
yum update -y
|
|
|
|
# NOTE: we preinstall lsb_release to ensure facter sets lsbdistcodename
|
|
yum install -y redhat-lsb-core git puppet
|
|
|
|
rpm -ivh $puppet_pkg
|
|
|
|
# see comments in setup_puppet_fedora
|
|
ln -s /usr/bin/pip /usr/bin/pip-python
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
|
|
# install RDO repo as well; this covers a few things like
|
|
# openvswitch that aren't available for EPEL
|
|
yum install -y https://rdoproject.org/repos/rdo-release.rpm
|
|
}
|
|
|
|
function setup_puppet_ubuntu {
|
|
if ! which lsb_release > /dev/null 2<&1 ; then
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes install -y --force-yes lsb-release
|
|
fi
|
|
|
|
lsbdistcodename=`lsb_release -c -s`
|
|
if [ $lsbdistcodename != 'trusty' ] ; then
|
|
rubypkg=rubygems
|
|
else
|
|
rubypkg=ruby
|
|
fi
|
|
|
|
|
|
PUPPET_VERSION=3.*
|
|
PUPPETDB_VERSION=2.*
|
|
FACTER_VERSION=2.*
|
|
|
|
cat > /etc/apt/preferences.d/00-puppet.pref <<EOF
|
|
Package: puppet puppet-common puppetmaster puppetmaster-common puppetmaster-passenger
|
|
Pin: version $PUPPET_VERSION
|
|
Pin-Priority: 501
|
|
|
|
Package: puppetdb puppetdb-terminus
|
|
Pin: version $PUPPETDB_VERSION
|
|
Pin-Priority: 501
|
|
|
|
Package: facter
|
|
Pin: version $FACTER_VERSION
|
|
Pin-Priority: 501
|
|
EOF
|
|
|
|
puppet_deb=puppetlabs-release-${lsbdistcodename}.deb
|
|
wget http://apt.puppetlabs.com/$puppet_deb -O $puppet_deb
|
|
dpkg -i $puppet_deb
|
|
rm $puppet_deb
|
|
|
|
apt-get update
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes dist-upgrade
|
|
DEBIAN_FRONTEND=noninteractive apt-get --option 'Dpkg::Options::=--force-confold' \
|
|
--assume-yes install -y --force-yes puppet git $rubypkg
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
function setup_puppet_opensuse {
|
|
local version=`grep -e "VERSION_ID" /etc/os-release | tr -d "\"" | cut -d "=" -f2`
|
|
zypper ar http://download.opensuse.org/repositories/systemsmanagement:/puppet/openSUSE_${version}/systemsmanagement:puppet.repo
|
|
zypper -v --gpg-auto-import-keys --no-gpg-checks -n ref
|
|
zypper --non-interactive in --force-resolution puppet
|
|
# Wipe out templatedir so we don't get warnings about it
|
|
sed -i '/templatedir/d' /etc/puppet/puppet.conf
|
|
}
|
|
|
|
#
|
|
# pip setup
|
|
#
|
|
|
|
function setup_pip {
|
|
# Install pip using get-pip
|
|
local get_pip_url=https://bootstrap.pypa.io/get-pip.py
|
|
local ret=1
|
|
|
|
if [ -f ./get-pip.py ]; then
|
|
ret=0
|
|
elif type curl >/dev/null 2>&1; then
|
|
curl -O $get_pip_url
|
|
ret=$?
|
|
elif type wget >/dev/null 2>&1; then
|
|
wget $get_pip_url
|
|
ret=$?
|
|
fi
|
|
|
|
if [ $ret -ne 0 ]; then
|
|
echo "Failed to get get-pip.py"
|
|
exit 1
|
|
fi
|
|
|
|
if is_opensuse; then
|
|
zypper --non-interactive in --force-resolution python python-xml
|
|
fi
|
|
|
|
python get-pip.py -c <(echo 'pip<8')
|
|
rm get-pip.py
|
|
|
|
# we are about to overwrite setuptools, but some packages we
|
|
# install later might depend on the python-setuptools package. To
|
|
# avoid later conflicts, and because distro packages don't include
|
|
# enough info for pip to certain it can fully uninstall the old
|
|
# package, for saftey we clear it out by hand (this seems to have
|
|
# been a problem with very old to new updates, e.g. centos6 to
|
|
# current-era, but less so for smaller jumps). There is a bit of
|
|
# chicken-and-egg problem with pip in that it requires setuptools
|
|
# for some operations, such as wheel creation. But just
|
|
# installing setuptools shouldn't require setuptools itself, so we
|
|
# are safe for this small section.
|
|
if is_rhel7 || is_fedora; then
|
|
yum install -y python-setuptools
|
|
rm -rf /usr/lib/python2.7/site-packages/setuptools*
|
|
fi
|
|
|
|
pip install -U setuptools
|
|
}
|
|
|
|
setup_pip
|
|
|
|
if is_fedora; then
|
|
setup_puppet_fedora
|
|
elif is_rhel7; then
|
|
setup_puppet_rhel7
|
|
elif is_ubuntu; then
|
|
setup_puppet_ubuntu
|
|
elif is_opensuse; then
|
|
setup_puppet_opensuse
|
|
else
|
|
echo "*** Can not setup puppet: distribution not recognized"
|
|
exit 1
|
|
fi
|