Copies the "ironic-agent" element from DIB

Copies "ironic-agent" element from DIB and addition
of a new bash script to build the image using DIB.

Change-Id: If392f793ed1b5d902b541fe89299648fae16e427
Task: 30072
Story: 2005114

dib/build.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+#The path for location of ironic-python-agent-ramdisk in ironic-python-image-builder
+#is set using environment variable.
+export ELEMENTS_PATH=${ELEMENTS_PATH:-`.`}
+
+#The command to build image using disk-image-builder.
+#Run the command to build the image giving the argument(OS name)
+#For example:  ./build.sh ubuntu
+disk-image-create -o ironic-python-agent.qcow ironic-python-agent-ramdisk $@

dib/ironic-python-agent-ramdisk/README.rst

@@ -0,0 +1,43 @@
+===========================
+ironic-python-agent-ramdisk
+===========================
+Builds a ramdisk with ironic-python-agent.
+
+More information can be found at:
+https://docs.openstack.org/ironic-python-agent/latest/
+
+Beyond installing the ironic-python-agent, this element does the following:
+
+* Installs the ``dhcp-all-interfaces`` so the node, upon booting, attempts to
+  obtain an IP address on all available network interfaces.
+* Disables the ``iptables`` service on SysV and systemd based systems.
+* Disables the ``ufw`` service on Upstart based systems.
+* Installs packages required for the operation of the ironic-python-agent::
+    ``qemu-utils`` ``parted`` ``hdparm`` ``util-linux`` ``genisoimage``
+* When installing from source, ``python-dev`` and ``gcc`` are also installed
+  in order to support source based installation of ironic-python-agent and its
+  dependencies.
+* Install the certificate if any, which is set to the environment variable
+  ``DIB_IPA_CERT`` for validating the authenticity by ironic-python-agent. The
+  certificate can be self-signed certificate or CA certificate.
+* Compresses initramfs with command specified in environment variable
+  ``DIB_IPA_COMPRESS_CMD``, which is 'gzip' by default. This command should
+  listen for raw data from stdin and write compressed data to stdout. Command
+  can be with arguments.
+
+This element outputs three files:
+
+- ``$IMAGE-NAME.initramfs``: The deploy ramdisk file containing the
+  ironic-python-agent (IPA) service.
+- ``$IMAGE-NAME.kernel``: The kernel binary file.
+- ``$IMAGE-NAME.vmlinuz``: A hard link pointing to the ``$IMAGE-NAME.kernel``
+  file; this is just a backward compatibility layer, please do not rely
+  on this file.
+
+.. note::
+   The package based install currently only enables the service when using the
+   systemd init system. This can easily be changed if there is an agent
+   package which includes upstart or sysv packaging.
+
+.. note::
+   Using the ramdisk will require at least 1.5GB of ram

dib/ironic-python-agent-ramdisk/cleanup.d/99-ramdisk-create

@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# dib-lint: disable=safe_sudo
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+
+[ -n "$TARGET_ROOT" ]
+
+USER=${USER:-$(whoami)}
+
+source $_LIB/img-functions
+
+IMAGE_PATH=$(readlink -f $IMAGE_NAME)
+cd $TARGET_ROOT
+
+DIB_IPA_COMPRESS_CMD="${DIB_IPA_COMPRESS_CMD:-gzip}"
+
+echo "#disabled" > ./tmp/fstab.new
+sudo mv ./tmp/fstab.new ./etc/fstab
+sudo ln -s ./sbin/init ./
+
+# Note: The pci.ids, which is used by lshw, locate on Ubuntu
+# in /usr/share/misc. Therefore we are removing only the
+# ./usr/share/misc/m* (will remove the magic and magic.mgc files).
+# on RHEL pci.ids is locate on /usr/share/hwdata/pci.ids.
+sudo find . -xdev \
+    -path './sys/*' -prune -o \
+    -path './tmp/*' -prune -o \
+    -path './boot/*' -prune -o \
+    -path './root/.cache' -prune -o \
+    -path './usr/include/*' -prune -o \
+    -path './usr/lib/locale/*' -prune -o \
+    -path './usr/share/doc/*' -prune -o \
+    -path './usr/share/man/*' -prune -o \
+    -path './usr/share/info/*' -prune -o \
+    -path './usr/share/licenses/*' -prune -o \
+    -path './usr/share/misc/m*' -prune -o \
+    -path './usr/src/kernels/*' -prune -o \
+    -path './var/cache/*' -prune -o \
+    -name '*.pyc' -prune -o \
+    -name '*.pyo' -prune -o \
+    -print | sudo cpio -o -H newc | ${DIB_IPA_COMPRESS_CMD} > ${IMAGE_PATH}.initramfs
+
+select_boot_kernel_initrd $TARGET_ROOT
+sudo cp $BOOTDIR/$KERNEL ${IMAGE_PATH}.kernel
+sudo chown $USER: ${IMAGE_PATH}.kernel
+
+# TODO(lucasagomes): Create a hard link for the .vmlinuz file to keep
+# it backward compatible. Remove it after it has been consistent and
+# documented in both places for at least one full OpenStack release cycle
+echo "WARNING: The kernel extension .vmlinuz has been deprecated. Please rely on the file with the extension .kernel instead."
+sudo rm -f ${IMAGE_PATH}.vmlinuz
+ln ${IMAGE_PATH}.kernel ${IMAGE_PATH}.vmlinuz

dib/ironic-python-agent-ramdisk/element-deps

@@ -0,0 +1,10 @@
+dhcp-all-interfaces
+ibft-interfaces
+install-static
+no-final-image
+package-installs
+pip-and-virtualenv
+pkg-map
+runtime-ssh-host-keys
+source-repositories
+svc-map

dib/ironic-python-agent-ramdisk/element-provides

@@ -0,0 +1 @@
+ironic-python-agent

dib/ironic-python-agent-ramdisk/extra-data.d/15-ssl-ca-copy

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then
+    set -x
+fi
+
+set -eu
+set -o pipefail
+
+if [ -n "${DIB_IPA_CERT:=}" ]; then
+    cp $DIB_IPA_CERT $TMP_HOOKS_PATH/ipa-trusted-cert.pem
+fi

dib/ironic-python-agent-ramdisk/finalise.d/99-remove-extra-packages

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+# TODO(lucasagomes): optimize the ramdisk for other OSs
+if [ $DISTRO_NAME = 'fedora' ] ; then
+
+    _remove_yum=''
+    if [ $DIB_RELEASE -ge 22 ]; then
+        # if we are on F22, we can remove yum if there, because it has
+        # been superseeded by dnf
+        _remove_yum='yum'
+    fi
+
+    install-packages -e kernel-debug-devel gcc fedora-logos \
+                    rsync pykickstart \
+                    genisoimage tcpdump \
+                    man-db kbd-misc \
+                    plymouth cronie ${_remove_yum}
+
+    ${YUM:-yum} clean all
+
+    # Rebuilding the rpm database after removing packages will reduce
+    # its size
+    rpm --rebuilddb
+
+fi

dib/ironic-python-agent-ramdisk/install.d/ironic-agent-package-install/package-installs-ironic-agent

@@ -0,0 +1 @@
+ironic-python-agent

dib/ironic-python-agent-ramdisk/install.d/ironic-agent-source-install/60-ironic-agent-install

@@ -0,0 +1,49 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+SCRIPTDIR=$(dirname $0)
+IPADIR=/usr/share/ironic-python-agent
+
+# Generate upper-constraints
+$IPADIR/imagebuild/common/generate_upper_constraints.sh $IPADIR/upper-constraints.txt
+
+# create the virtual environment
+virtualenv $IPADIR/venv
+
+# pip might be an older version which does not support the -c option, therefore upgrade first
+$IPADIR/venv/bin/pip install pip --upgrade
+
+# install IPA inside the virtual environment
+$IPADIR/venv/bin/pip install -c $IPADIR/upper-constraints.txt $IPADIR
+
+# FIXME(lucasagomes): Figure out how we can use the "--install-option"
+# parameter for pip install so we don't have to manually create a symlink
+# create the launcher link so services can use it
+ln -s $IPADIR/venv/bin/ironic-python-agent /usr/local/bin/ironic-python-agent
+
+case "$DIB_INIT_SYSTEM" in
+    upstart)
+        install -D -g root -o root -m 0755 ${SCRIPTDIR}/ironic-python-agent.conf /etc/init/ironic-python-agent.conf
+        ;;
+    systemd)
+        install -D -g root -o root -m 0755 ${SCRIPTDIR}/ironic-python-agent.service /usr/lib/systemd/system/ironic-python-agent.service
+        ;;
+    sysv)
+        install -D -g root -o root -m 0755 ${SCRIPTDIR}/ironic-python-agent.init /etc/init.d/ironic-python-agent.init
+        update-rc.d ironic-python-agent.init defaults
+        ;;
+    *)
+        echo "Unsupported init system"
+        exit 1
+        ;;
+esac
+
+# Copying the self signed certificate for request library
+if [ -f /tmp/in_target.d/ipa-trusted-cert.pem ]; then
+    cat /tmp/in_target.d/ipa-trusted-cert.pem >> $($IPADIR/venv/bin/python -c "import requests; print requests.certs.where()")
+fi

dib/ironic-python-agent-ramdisk/install.d/ironic-agent-source-install/ironic-python-agent.conf

@@ -0,0 +1,22 @@
+# ironic-python-agent - OpenStack Ironic Python Agent
+#
+# The ironic-python-agent helps ironic in deploying instances.
+
+description     "Ironic Python Agnet"
+
+start on runlevel [2345]
+stop on runlevel [!2345]
+
+respawn
+respawn limit 10 5
+umask 022
+
+expect stop
+
+console output
+
+pre-start script
+    echo Starting Ironic Python Agent
+end script
+
+exec /usr/local/bin/ironic-python-agent

dib/ironic-python-agent-ramdisk/install.d/ironic-agent-source-install/ironic-python-agent.init

@@ -0,0 +1,31 @@
+#!/bin/sh -e
+### BEGIN INIT INFO
+# Provides:          ironic-python-agent
+# Required-Start:    $local_fs networking
+# Required-Stop:     $local_fs
+# Default-Start:     S
+# Default-Stop:      0 6
+# X-Start-Before:
+# Short-Description: Ironic Python Agent
+# Description:       Starts Ironic Python Agent for instance deployment
+### END INIT INFO
+
+NAME=ironic-python-agent
+INIT_NAME=/etc/init.d/${NAME}
+SCRIPT_NAME=/usr/local/bin/${NAME}
+
+[ -x $SCRIPT_NAME ] || exit 0
+
+case "$1" in
+    start)
+        $SCRIPT_NAME
+        ;;
+    stop)
+        ;;
+    *)
+        echo "Usage: $INIT_NAME {start|stop}"
+        exit 1
+        ;;
+esac
+
+exit 0

dib/ironic-python-agent-ramdisk/install.d/ironic-agent-source-install/ironic-python-agent.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=Ironic Python Agent
+After=network-online.target
+
+[Service]
+ExecStartPre=/sbin/modprobe vfat
+ExecStart=/usr/local/bin/ironic-python-agent
+Restart=always
+RestartSec=30s
+
+[Install]
+WantedBy=multi-user.target
+

dib/ironic-python-agent-ramdisk/package-installs.yaml

@@ -0,0 +1,20 @@
+tgt:
+curl:
+# dmidecode does not exist for ppc* arches so we use lshw
+dmidecode:
+    not-arch: ppc64,ppc64el,ppc64le
+iptables:
+lshw:
+ipmitool:
+qemu-utils:
+gcc:
+python-dev:
+parted:
+hdparm:
+util-linux:
+genisoimage:
+gdisk:
+kmod:
+psmisc:
+dosfstools:
+mdadm:

dib/ironic-python-agent-ramdisk/pkg-map

@@ -0,0 +1,33 @@
+{
+  "release": {
+    "rhel": {
+      "8": {
+        "tgt": "targetcli",
+        "curl": "curl",
+        "ironic-python-agent": "openstack-ironic-python-agent",
+        "qemu-utils": "qemu-img",
+        "python-dev": "python3-devel"
+      }
+    }
+  },
+  "family": {
+    "redhat": {
+      "tgt": "scsi-target-utils",
+      "curl": "curl",
+      "ironic-python-agent": "openstack-ironic-python-agent",
+      "qemu-utils": "qemu-img",
+      "python-dev": "python2-devel"
+    },
+    "debian": {
+      "tgt": "tgt",
+      "curl": "curl"
+    }
+  },
+  "default": {
+    "tgt": "tgt",
+    "curl": "curl",
+    "ironic-python-agent": "openstack-ironic-python-agent",
+    "qemu-utils": "qemu-utils",
+    "python-dev": "python-dev"
+  }
+}

dib/ironic-python-agent-ramdisk/post-install.d/80-ironic-agent

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+install-packages -e cloud-init
+
+rm -rf /tmp/ironic-python-agent
+
+case "$DIB_INIT_SYSTEM" in
+    upstart)
+        if [ -f /etc/init/ufw.conf ]; then
+            mv /etc/init/ufw.conf /etc/init/ufw.conf.disabled
+        fi
+        if [ -f /etc/init/tgt.conf ]; then
+            mv /etc/init/tgt.conf /etc/init/tgt.conf.disabled
+        fi
+        ;;
+    systemd)
+        if [[ $(systemctl --no-pager list-unit-files iptables) =~ 'enabled' ]]; then
+            systemctl disable iptables.service
+        fi
+        systemctl enable $(svc-map ironic-python-agent).service
+        systemctl enable ironic-agent-create-rescue-user.path
+        ;;
+    sysv)
+        update-rc.d iptables disable
+        ;;
+    *)
+        echo "Unsupported init system"
+        exit 1
+        ;;
+esac

dib/ironic-python-agent-ramdisk/source-repository-ironic-agent

@@ -0,0 +1 @@
+ironic-agent git /usr/share/ironic-python-agent https://opendev.org/openstack/ironic-python-agent

dib/ironic-python-agent-ramdisk/static/etc/systemd/system/ironic-agent-create-rescue-user.path

@@ -0,0 +1,8 @@
+[Unit]
+Description=Ironic user rescue - notify path existence
+
+[Path]
+PathExists=/etc/ipa-rescue-config/ipa-rescue-password
+
+[Install]
+WantedBy=multi-user.target

dib/ironic-python-agent-ramdisk/static/etc/systemd/system/ironic-agent-create-rescue-user.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Ironic agent rescue user creation
+
+[Service]
+ExecStart=/bin/bash /usr/local/bin/ironic-python-agent-create-rescue-user.sh
+Type=oneshot
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

dib/ironic-python-agent-ramdisk/svc-map

@@ -0,0 +1,4 @@
+ironic-python-agent:
+  default: openstack-ironic-python-agent
+  redhat: openstack-ironic-python-agent
+  debian: ironic-python-agent

dib/ironic-python-agent-ramdisk/test-elements/build-succeeds-fedora/element-deps

@@ -0,0 +1,2 @@
+fedora-minimal
+openstack-ci-mirrors

dib/ironic-python-agent-ramdisk/test-elements/build-succeeds-fedora/element-type

@@ -0,0 +1 @@
+ramdisk