At this point, we are no longer supporting Centos7 ramdisks
and don't need to have extra logic to navigate the difference.
Change-Id: I9027b45f1f77f2cd188a8c5eed2ef082c3abdd09
Take a publisher ID and match it for mounting configuration drives
to prevent the wrong device from being used.
Change-Id: Iafa77d9213eba864ca6dfa2d56d294e6ef4d2cd4
This is the first in a series of commits to add support for codespell. This is continuning the process completed in ironic-python-agent.
Future Commits will add a Tox Target, CI support and potentially a git-blame-ignore-revs file if their are lots of spelling mistakes that could clutter git blame.
Change-Id: I6ce80cc993cdd4c8d38266f3ff3f8f134f0fc5a9
Bullseye requires installing lshw from backports because the default one
has broken JSON output:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002025
Bookworm requires installing firmware from a different repository.
Change-Id: I1bfecfcaff1547f99fcb48cc54b8f7ff77f0b0d9
Moving from networking to systemd-networkd for debian
Original networking is not capable to natively manage down/up on
interfaces that is necessary for rescue
Change-Id: Ia6e2f217bd3222641cc1c97931e776e7fb717755
When creating the rescue user, check if we are on Debian or RH based
in order to use the right sudo group
Change-Id: I894f47a1eb0ecbccbecc0900980de7ad9da72425
In some cases, things such as dracut regenerating the
initramfs file, may leave some artifacts in /var/tmp/ from
the ramdisk build. These are not needed and can be discarded.
Change-Id: Ibd2a61a7e42adfea868679c52c7a786d9aab1b36
This package includes smartctl, which is necessary for ATA secure erase
disk cleaning.
Without this package, IPA will fall back to shredding ATA devices, and
you will lose hours of your life. Worse, until
https://review.opendev.org/c/openstack/ironic-python-agent/+/847591, the
lack of smartctl was silently ignored.
Change-Id: I6952b833e0be4a47e45e9c4d4459956093628b6a
Removes webkit and polkit from ramdisks which are not
operationally needed as we don't need to render web pages
in the ramdisk, and we don't need to do system wide policy
enforcement. This does chain them with || true, just to be
on the safe side as we're trying to opportunistically cut
excess cruft in order to save space overall.
Locally, these changes have taken the uncompressed ramdisk
footprint from 780MB to 730MB.
Change-Id: I402a60c61f1b88b98798d9fae52420b1ca256512
The conditions are left in the code in case someone somehow make it
work. We can clean them up later.
Change-Id: I65f6da0e90560c00eb82e8e4366fdaf3bbde8da1
Override the default for DIB_DHCP_NETWORK_MANAGER_AUTO
to `true` on RHEL and CentOS release 8 and later.
The dhcp-all-interfaces element is configured to only
apply NetworkManager configuration. The service:
dhcp-all-interfaces will not be enabled. Not enabling the
service allows NetworkManager to do the interface auto-
configuration. In release 8 and later it should do this
just as good, or even better, compared to the
dhcp-all-interfaces.sh script.
Depends-On: Id6f8d6aaaf52a78175bb6c065ec88274c364834e
Change-Id: I12950733bfe54cae62d299b4c5987449d551857a
This change does the following:
- Removes the centos7 job, it uses python2 even though python2 was
dropped from IPA in 2019.
(see Ifd0e0b99bb82a7d7e82d6c14309468196f5734fc)
- Allow 60-ironic-python-agent-ramdisk-install to assume python3 and
the venv module, the remaining centos7-python3 job will also test this
- Replaces the pip-and-virtualenv element with ensure-venv.
pip-and-virtualenv exists to install virtualenv for python2
environments, and it is unmaintained and mostly technical debt.
Change-Id: I9b6e03f50a4eb2484a04748e51d7348401b6ca04
genisoimage has been removed from RHEL-9 and is replaced with
xorriso.
This patch updates the package map to xorriso instead of
replacing the genisoimage key map to avoid the breakage for
other distros.
Closes-Bug: #1953013
Signed-off-by: Chandan Kumar (raukadah) <chkumar@redhat.com>
Change-Id: I31f6d4f080afd93ae067c37348e9ef570f0a34d4
Use current latest version of pip for Python 3.x
For Python 2.x use the last pip version to support it [1].
[1] https://pypi.org/project/pip/20.3.4/
Change-Id: I7384beb16d3810ddede51e6e2660bb826bd47415
Changes package mappings to default to Python 3. Unfortunately, the
build does not work yet because of some issue in DIB.
Co-Authored-By: Dmitry Tantsur <dtantsur@protonmail.com>
Change-Id: I88c1ec2590d280745daa6c8b3aa9a719f5d96e72
It's a moving target that keeps breaking. Right now it's broken because
removing openssl-devel causes removal of dkms, which DIB insists on
installing.
Document the supported distributions based on what the CI runs
(yes, it's Ubuntu Bionic and openSUSE 15.1, there is no mistake).
Change-Id: I08263751ca158db5883d95407ad0f3c9807826eb
Fix "error: invalid command 'bdist_wheel'" when building on aarch64.
For aarch64 platform, it seems it always tries to build wheels first for
python packages which have no wheels in PyPi. Although it will install
the source packages successfully at last.
Task: #41701
Story: #2008562
Change-Id: Id3dc4eaad9b698241ad70a69f93b8463bc15de0d
Old default versions of setuptools may have issues parsinq requirements.
To keep compatibility with Python 2.x we need to upgrade setuptools in
virtualenvs still using that version.
Change-Id: I61b77ceb6c58b5db451ccbbdfec9d92b4fa5bc89
At this moment the IPA image building with OpenSuse is broken and missing compatible packages for installation. Also, setuptools upgrade, svc mapping and package mapping are necessary for openSuse specific task. This PR will solve those issues to build IPA image with OpenSuse base image. There is another PR opened in diskimage-builder, which is adds small change for opensuse specific settings.
Depends-On: https://review.opendev.org/c/openstack/diskimage-builder/+/778723
Change-Id: I0a99d6313a38260973c1f725e2daed8d930da6c1
This change adds nvme-cli utility to the IPA image, which is required to
enable IPA to perform NVMe specific cleaning on supported devices.
Story: 2008290
Task: 41168
Change-Id: I2f63db9b739e53699bd5f164b79640927bf757d7
Adds logic to loop through the path debian uses to remove excess
firmware binaries that are un-needed for the agent to operate.
Change-Id: I95a12215b8c5b2d52f52145f79b5f245138ebfde
Removed additional firmware, largely Wi-Fi and embedded
SoC firmware, from the ramdisk as these devices are unlikely
to be needed in the process of the use of a deployment ramdisk.
Change-Id: Ia63c4d5d6c00c7fa64e7c2d570645b8a16aaf0c3
With only 270MiB in size, the Debian images are likely candidates
for our future default images. Given that CentOS Stream 8 images
are nearly 500MiB in size, Debian may be our only path forward.
Enable installing firmware on Debian images to make them suitable
for bare metal installations.
Do not try to install biosdevname on non-RH systems.
Change-Id: I2c2a71c4afd0cd534961317b7fe9d3fb5d007d24
Starting from pip 20.2 the --install-option doesn't work anymore,
and we knew it was going to stop working since a while.
Trying to work around that removing the option and just linking the
scripts to the final destination.
Change-Id: Ie24cb597ac6d64dda78284ef522418dd0ccd055f
Remove duplicate items from pkg-map and uninstall build-time
dependencies after building the image.
Uninstall cloud-init, tuned and teamd in post-install since they
may get pulled by other elements.
Uninstall GObject components and mozjs which seem to be included.
Remove non-existing cronie.
Change-Id: I656c7524d8f543056194207fab371c6e313f9548
The Fedora based ramdisk is outright broken with SELinux enforcing.
TripleO actually ships its ramdisks with selinux-permissive, let's
do the same.
Change-Id: Icfec4b8109a0ddefeb0f200c3fd1f1e2de104839
Requires returning EPEL support because of some dependencies.
Co-Authored-By: Mark Goddard <mark@stackhpc.com>
Co-Authored-By: Will Szumski <will@stackhpc.com>
Change-Id: I8da33dabda34e626baf6e7895fc450973d0a8fef
First, this change preconfigures IPA to use a configdir. This will
permit deployers to add or modify IPA configuration in elements.
This change was a prerequisite to adding additional DIB elements
which require configuration.
Additionally, this adds a DIB element to configure TLS support for
IPA's API. If added to a ramdisk build with no configuration, it
will create a self-signed certificate and configure IPA to use it.
It also exposes various environment variables to allow deployers
to use preexisting certificates or CA files.
Change-Id: Ibf88937766fa32f72b90ca81f9e8fba3515b6e33
The kbd package is now as trong dependency for the protected
package systemd-udev, therefore we need to leave it installed or
the Fedora job (now at Fedora 32) will fail.
Change-Id: Ie19509a6342bd37e7f72e860cc0a84d1395303c9
RHEL/CentOS 8 dropped support for some older hardware that is still
in use. Since CentOS 7 has Python 3, let's support it for now.
Also fixes an issue with C.UTF-8 locale which does not seem to work on
CentOS 7 (and actually causes a failure with newer python packages).
Change-Id: I1b5797b030ef896ad4b2a95a504a0215ca6ee574
