diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 3d8924e7cf..8b0109f671 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -66,6 +66,12 @@ - name: primary label: centos-9-stream +- nodeset: + name: kolla-rockylinux-9 + nodes: + - name: primary + label: rockylinux-9 + - nodeset: name: kolla-ubuntu-focal nodes: @@ -96,6 +102,12 @@ - name: primary label: debian-bullseye-arm64 +- nodeset: + name: kolla-rockylinux-9-aarch64 + nodes: + - name: primary + label: rockylinux-9-arm64 + - nodeset: name: kolla-ubuntu-focal-aarch64 nodes: diff --git a/.zuul.d/rocky.yaml b/.zuul.d/rocky.yaml new file mode 100644 index 0000000000..46ac070948 --- /dev/null +++ b/.zuul.d/rocky.yaml @@ -0,0 +1,67 @@ +--- +- project: + check: + jobs: + - kolla-build-rocky9-source + - kolla-ansible-rocky9-source: + vars: + base_distro: "rocky" + kolla_python_version: "3.9" + check-arm64: + jobs: + - kolla-build-rocky9-aarch64 + gate: + jobs: + - kolla-build-rocky9 + - kolla-ansible-rocky9-source: + vars: + base_distro: "rocky" + kolla_python_version: "3.9" + experimental: + jobs: + - kolla-build-no-infra-wheels-rocky9 + +- job: + name: kolla-build-rocky9-source + parent: kolla-base + nodeset: kolla-rockylinux-9 + vars: + base_distro: rocky + base_distro_version: 9 + install_type: source + +- job: + name: kolla-build-rocky9-source-aarch64 + parent: kolla-build-rocky9-source + nodeset: kolla-rockylinux-9-aarch64 + voting: false + +- job: + name: kolla-build-no-infra-wheels-rocky9 + parent: kolla-build-no-infra-wheels-base + nodeset: kolla-rockylinux-9 + vars: + base_distro: rocky + base_distro_version: 9 + +- job: + name: kolla-publish-rocky9-source-dockerhub + parent: kolla-build-rocky9-source + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla + secrets: + - kolla_dockerhub_creds + +- job: + name: kolla-publish-rocky9-source-quay + parent: kolla-build-rocky9-source + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2 index 19bd28753e..78e1937fba 100644 --- a/docker/base/Dockerfile.j2 +++ b/docker/base/Dockerfile.j2 @@ -145,7 +145,7 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% block base_centos_repo_overrides_post_rpm %}{% endblock %} - {% if base_distro == 'centos' %} + {% if base_distro in ['centos', 'rocky'] %} {% block base_centos_gpg_key_import %} {% endblock %} @@ -153,9 +153,9 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% set base_centos_yum_repo_keys = [ ] %} -{% if base_distro == 'centos' %} +{% if base_distro in ['centos', 'rocky'] %} -{% if base_distro_tag.startswith('stream9') %} +{% if base_distro_tag.startswith('stream9') or base_distro == 'rocky' %} {% set base_centos_yum_repo_packages = [ 'centos-release-openstack-yoga', @@ -185,9 +185,9 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% set base_centos_yum_repos_to_enable = [ ] %} -{% if base_distro == 'centos' %} +{% if base_distro in ['centos', 'rocky'] %} -{% if base_distro_tag.startswith('stream9') %} +{% if base_distro_tag.startswith('stream9') or base_distro == 'rocky' %} {% set base_centos_yum_repos_to_disable = [ 'centos-ceph-pacific', diff --git a/docker/base/httpd_setup.sh b/docker/base/httpd_setup.sh index fe627652b1..3dbf84853e 100644 --- a/docker/base/httpd_setup.sh +++ b/docker/base/httpd_setup.sh @@ -19,12 +19,12 @@ if [[ "$(whoami)" == 'root' ]]; then rm -rf /var/run/httpd/* /run/httpd/* /tmp/httpd* fi - # CentOS 8 has an issue with mod_ssl which produces an invalid Apache + # CentOS/Rocky have an issue with mod_ssl which produces an invalid Apache # configuration in /etc/httpd/conf.d/ssl.conf. This causes the following error # on startup: # SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty # Work around this by generating certificates manually. - if [[ ${KOLLA_BASE_DISTRO} = centos ]] && [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then + if [[ "${KOLLA_BASE_DISTRO}" =~ centos|rocky ]] && [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then /usr/libexec/httpd-ssl-gencerts fi fi diff --git a/docker/collectd/Dockerfile.j2 b/docker/collectd/Dockerfile.j2 index 375b63742d..f9c2fab4b5 100644 --- a/docker/collectd/Dockerfile.j2 +++ b/docker/collectd/Dockerfile.j2 @@ -54,7 +54,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'collectd-write_prometheus', ] %} - {% if not base_distro_tag.startswith('stream9') %} + {% if not base_distro_tag.startswith('stream9') and not base_distro == 'rocky' %} {% set collectd_packages = collectd_packages + [ 'collectd-generic-jmx', 'collectd-memcachec' @@ -70,7 +70,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'collectd-turbostat' ] %} - {% if not base_distro_tag.startswith('stream9') %} + {% if not base_distro_tag.startswith('stream9') and not base_distro == 'rocky' %} {% set collectd_packages = collectd_packages + [ 'collectd-iptables' ] %} diff --git a/docker/cron/Dockerfile.j2 b/docker/cron/Dockerfile.j2 index 64a446a395..7a494c7467 100644 --- a/docker/cron/Dockerfile.j2 +++ b/docker/cron/Dockerfile.j2 @@ -13,7 +13,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'logrotate' ] %} -{% if base_distro_tag.startswith('stream9') %} +{% if base_distro_tag.startswith('stream9') or base_distro == 'rocky' %} # NOTE(hrw): In RHEL 9 family it is done by systemd timer, we want cron to # handle it. COPY logrotate /etc/cron.daily/logrotate @@ -28,7 +28,7 @@ COPY logrotate /etc/cron.daily/logrotate {{ macros.install_packages(cron_packages | customizable("packages")) }} -{% if base_distro_tag.startswith('stream9') %} +{% if base_distro_tag.startswith('stream9') or base_distro == 'rocky' %} COPY extend_start_el9.sh /usr/local/bin/kolla_extend_start {% else %} COPY extend_start.sh /usr/local/bin/kolla_extend_start diff --git a/docker/ironic/ironic-pxe/extend_start.sh b/docker/ironic/ironic-pxe/extend_start.sh index f82d6c3c7d..155fbf760b 100644 --- a/docker/ironic/ironic-pxe/extend_start.sh +++ b/docker/ironic/ironic-pxe/extend_start.sh @@ -7,7 +7,7 @@ function prepare_pxe_pxelinux { cp /usr/lib/PXELINUX/pxelinux.0 \ /usr/lib/syslinux/modules/bios/{chain.c32,ldlinux.c32} \ ${TFTPBOOT_PATH}/ - elif [[ "${KOLLA_BASE_DISTRO}" =~ centos ]]; then + elif [[ "${KOLLA_BASE_DISTRO}" =~ centos|rocky ]]; then if [[ "${TFTPBOOT_PATH}" != /tftpboot ]]; then cp /tftpboot/{pxelinux.0,chain.c32,ldlinux.c32} \ ${TFTPBOOT_PATH}/ @@ -20,7 +20,7 @@ function prepare_pxe_grub { if [[ "${KOLLA_BASE_DISTRO}" =~ debian|ubuntu ]]; then shim_src_file="/usr/lib/shim/shim*64.efi.signed" grub_src_file="/usr/lib/grub/*-efi-signed/grubnet*64.efi.signed" - elif [[ "${KOLLA_BASE_DISTRO}" =~ centos ]]; then + elif [[ "${KOLLA_BASE_DISTRO}" =~ centos|rocky ]]; then shim_src_file="/boot/efi/EFI/centos/shim*64.efi" grub_src_file="/boot/efi/EFI/centos/grub*64.efi" fi @@ -51,7 +51,7 @@ function prepare_ipxe { elif [[ ! -e ${TFTPBOOT_PATH}/snponly.efi ]]; then ln -s ${TFTPBOOT_PATH}/ipxe.efi ${TFTPBOOT_PATH}/snponly.efi fi - elif [[ "${KOLLA_BASE_DISTRO}" =~ centos ]]; then + elif [[ "${KOLLA_BASE_DISTRO}" =~ centos|rocky ]]; then cp /usr/share/ipxe/{undionly.kpxe,ipxe*.efi} ${TFTPBOOT_PATH}/ if [[ ! -e ${TFTPBOOT_PATH}/ipxe.efi ]]; then ln -s ${TFTPBOOT_PATH}/ipxe-${KOLLA_BASE_ARCH}.efi ${TFTPBOOT_PATH}/ipxe.efi diff --git a/docker/keystone/keystone-base/Dockerfile.j2 b/docker/keystone/keystone-base/Dockerfile.j2 index 88b24cc801..5c0046520c 100644 --- a/docker/keystone/keystone-base/Dockerfile.j2 +++ b/docker/keystone/keystone-base/Dockerfile.j2 @@ -49,7 +49,7 @@ RUN mkdir -p /var/www/cgi-bin/keystone \ 'openldap-devel', ] %} -{% if not base_distro_tag.startswith('stream9') %} +{% if not base_distro_tag.startswith('stream9') and not base_distro == 'rocky' %} RUN dnf module enable mod_auth_openidc -y {% endif %} diff --git a/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 b/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 index 13c3f49f10..3f5e1ef299 100644 --- a/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 +++ b/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 @@ -5,7 +5,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{% if not base_distro_tag.startswith('stream9') %} +{% if not base_distro_tag.startswith('stream9') and not base_distro == 'rocky' %} {% set mariadb_clustercheck_packages = [ 'xinetd' diff --git a/docker/neutron/neutron-base/Dockerfile.j2 b/docker/neutron/neutron-base/Dockerfile.j2 index 515bd772a8..d2dee2d5f3 100644 --- a/docker/neutron/neutron-base/Dockerfile.j2 +++ b/docker/neutron/neutron-base/Dockerfile.j2 @@ -121,7 +121,7 @@ RUN ln -s neutron-base-source/* neutron \ {% endif %} COPY neutron_sudoers /etc/sudoers.d/kolla_neutron_sudoers -{% if base_distro_tag.startswith('stream9') %} +{% if base_distro_tag.startswith('stream9') or base_distro == 'rocky' %} COPY extend_start_el9.sh /usr/local/bin/kolla_extend_start {% else %} COPY extend_start.sh /usr/local/bin/kolla_extend_start diff --git a/docker/neutron/neutron-base/extend_start_el9.sh b/docker/neutron/neutron-base/extend_start_el9.sh index c560cedf88..e2a2dfca44 100644 --- a/docker/neutron/neutron-base/extend_start_el9.sh +++ b/docker/neutron/neutron-base/extend_start_el9.sh @@ -14,7 +14,7 @@ fi # so no need to even use u-a on RHEL 9 family as there is one provider # (and there is no u-a for ip6tables so script fails) -if [[ ${KOLLA_BASE_DISTRO} != "centos" ]]; then +if [[ ! ${KOLLA_BASE_DISTRO} =~ centos|rocky ]]; then if /usr/bin/update-alternatives --display iptables; then # NOTE(yoctozepto): Kolla-Ansible does not always set KOLLA_LEGACY_IPTABLES; # the workaround below ensures it gets set to `false` in such cases to fix diff --git a/docker/nova/nova-compute/Dockerfile.j2 b/docker/nova/nova-compute/Dockerfile.j2 index a0adc0390a..23a752ae7c 100644 --- a/docker/nova/nova-compute/Dockerfile.j2 +++ b/docker/nova/nova-compute/Dockerfile.j2 @@ -40,10 +40,9 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build ] %} {% endif %} -{{ macros.install_packages(nova_compute_packages | customizable("packages")) }} {% if base_distro_tag.startswith('stream9') %}\ +{{ macros.install_packages(nova_compute_packages | customizable("packages")) }} \ && dnf remove -y linux-firmware \ && dnf clean all -{% endif %} {% elif base_package_type == 'deb' %} diff --git a/docker/nova/nova-libvirt/Dockerfile.j2 b/docker/nova/nova-libvirt/Dockerfile.j2 index c791266184..5ad35e4f87 100644 --- a/docker/nova/nova-libvirt/Dockerfile.j2 +++ b/docker/nova/nova-libvirt/Dockerfile.j2 @@ -26,7 +26,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'qemu-img', 'qemu-kvm', ] %} - {% if not base_distro_tag.startswith('stream9') %} + {% if not base_distro_tag.startswith('stream9') and not base_distro == 'rocky' %} {% set nova_libvirt_packages = nova_libvirt_packages + [ 'trousers' ] %} diff --git a/docker/openstack-base/Dockerfile.j2 b/docker/openstack-base/Dockerfile.j2 index 01ae07db88..e62bfe7c84 100644 --- a/docker/openstack-base/Dockerfile.j2 +++ b/docker/openstack-base/Dockerfile.j2 @@ -330,7 +330,11 @@ RUN ln -s openstack-base-source/* /requirements \ ENV PATH /var/lib/kolla/venv/bin:$PATH +{% if (base_distro == 'centos' and base_distro_tag.startswith('stream9')) or base_distro == 'rocky' %} +RUN {{ macros.install_pip(['pip', 'wheel', 'setuptools==67.2.*']) }} \ +{% else %} RUN {{ macros.install_pip(['pip', 'wheel', 'setuptools']) }} \ +{% endif %} && {{ macros.install_pip(openstack_base_pip_packages | customizable("pip_packages")) }} {% endif %} diff --git a/kolla/common/config.py b/kolla/common/config.py index 1e34a96eb4..5a3514b97a 100755 --- a/kolla/common/config.py +++ b/kolla/common/config.py @@ -19,17 +19,19 @@ from oslo_config import types from kolla.version import version_info as version -BASE_OS_DISTRO = ['centos', 'debian', 'ubuntu'] +BASE_OS_DISTRO = ['centos', 'debian', 'rocky', 'ubuntu'] BASE_ARCH = ['x86_64', 'aarch64'] DEFAULT_BASE_TAGS = { 'centos': {'name': 'quay.io/centos/centos', 'tag': 'stream8'}, 'debian': {'name': 'debian', 'tag': 'bullseye'}, + 'rocky': {'name': 'quay.io/rockylinux/rockylinux', 'tag': '9'}, 'ubuntu': {'name': 'ubuntu', 'tag': '20.04'}, } # NOTE(hrw): has to match PRETTY_NAME in /etc/os-release DISTRO_PRETTY_NAME = { 'centos': 'CentOS Stream {8,9}', 'debian': 'Debian GNU/Linux 11 (bullseye)', + 'rocky': 'Rocky Linux 9.* (Blue Onyx)', 'ubuntu': 'Ubuntu 20.04', } OPENSTACK_RELEASE = 'yoga' diff --git a/kolla/image/build.py b/kolla/image/build.py index 3fcdfed13c..02b1aa143a 100755 --- a/kolla/image/build.py +++ b/kolla/image/build.py @@ -125,6 +125,17 @@ UNBUILDABLE_IMAGES = { "qdrouterd", # no qdrouterd package in Debian bullseye }, + 'rocky': { + "elasticsearch", # SHA1 gpg key + "hacluster-pcs", # Missing crmsh package + "kibana", # SHA1 gpg key + "logstash", # SHA1 gpg key + "nova-spicehtml5proxy", # Missing spicehtml5 package + "ovsdpdk", # Not supported on CentOS + "proxysql", # 2.3 not supported on EL9 + "tgtd", # Not supported on CentOS + }, + 'ubuntu': { "qdrouterd", # There is no qdrouterd package for Ubuntu }, @@ -708,7 +719,7 @@ class KollaWorker(object): self.distro_package_manager = 'dnf' self.base_package_type = 'rpm' - elif self.base in ['centos9']: + elif self.base in ['rocky']: self.conf.distro_python_version = "3.9" self.distro_package_manager = 'dnf' self.base_package_type = 'rpm' diff --git a/kolla/template/repos.yaml b/kolla/template/repos.yaml index 721bcf0df3..c2ea914482 100644 --- a/kolla/template/repos.yaml +++ b/kolla/template/repos.yaml @@ -176,6 +176,44 @@ debian-aarch64: component: "" gpg_key: "proxysql.asc" +rocky: + ceph: "centos-ceph-pacific" + crb: "crb" + elasticsearch: "elasticsearch-kibana-logstash-7.x" + epel: "epel" + erlang: "rabbitmq_rabbitmq-erlang" + extras: "extras" + grafana: "grafana" + hacluster: "highavailability" + influxdb: "influxdb" + kibana: "elasticsearch-kibana-logstash-7.x" + logstash: "elasticsearch-kibana-logstash-7.x" + mariadb: "mariadb" + openvswitch: "centos-nfv-openvswitch" + opstools: "centos-opstools" + proxysql: "proxysql" + rabbitmq: "rabbitmq_rabbitmq-server" + td-agent: "treasuredata" + +rocky-aarch64: + ceph: "centos-ceph-pacific" + crb: "crb" + elasticsearch: "elasticsearch-kibana-logstash-7.x" + epel: "epel" + erlang: "centos-rabbitmq-38" + extras: "extras" + grafana: "grafana" + influxdb: "influxdb" + hacluster: "highavailability" + kibana: "elasticsearch-kibana-logstash-7.x" + logstash: "elasticsearch-kibana-logstash-7.x" + mariadb: "mariadb" + openvswitch: "centos-nfv-openvswitch" + opstools: "centos-opstools" + proxysql: "proxysql" + rabbitmq: "rabbitmq_rabbitmq-server" + td-agent: "treasuredata" + ubuntu: elasticsearch: url: "https://artifacts.elastic.co/packages/oss-7.x/apt" diff --git a/releasenotes/notes/rockylinux9-1f004ab9b3b2e096.yaml b/releasenotes/notes/rockylinux9-1f004ab9b3b2e096.yaml new file mode 100644 index 0000000000..0cec9cb7d4 --- /dev/null +++ b/releasenotes/notes/rockylinux9-1f004ab9b3b2e096.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Adds Rocky Linux 9 support. diff --git a/tests/templates/template_overrides.j2 b/tests/templates/template_overrides.j2 index 43a7f2a0ae..97eabfa1bf 100644 --- a/tests/templates/template_overrides.j2 +++ b/tests/templates/template_overrides.j2 @@ -16,7 +16,11 @@ RUN echo registry={{ nodepool_npmjs_proxy }} > /etc/npmrc \ {% raw %} {% endblock %} +{% endraw %} +{% if base_distro == 'centos' %} + +{% raw %} {% block base_centos_repo_overrides_post_copy %} {% endraw %} @@ -53,29 +57,30 @@ RUN sed -i \ -e "s|^\(metalink.*\)|#\1|" \ -e "s|^#baseurl=http://download.example/pub|baseurl=http://{{ nodepool_mirror_host }}|" \ -e "s|^#baseurl=https://download.example/pub|baseurl=http://{{ nodepool_mirror_host }}|" \ - /etc/yum.repos.d/epel*.repo \ -{% raw %} + /etc/yum.repos.d/epel*.repo +{%- raw -%} {% endblock %} - -{% block base_debian_after_sources_list %} -{% if base_distro == "debian" %} {% endraw %} +{% endif %} + +{% raw %} +{% block base_debian_after_sources_list %} +{% endraw %} +{% if base_distro == "debian" %} RUN sed -i -e "s|http://deb.debian.org|[trusted=yes] http://{{ nodepool_mirror_host }}|" \ -e "s|http://security.debian.org|[trusted=yes] http://{{ nodepool_mirror_host }}|" \ /etc/apt/sources.list -{% raw %} {% elif base_distro == "ubuntu" %} -{% endraw %} RUN sed -i -e "s|mirror://mirrors.ubuntu.com/mirrors.txt|[trusted=yes] http://{{ nodepool_mirror_host }}/ubuntu/|" \ -e "s|http://ubuntu-cloud.archive.canonical.com/ubuntu|[trusted=yes] http://{{ nodepool_mirror_host }}/ubuntu-cloud-archive|" \ -e "s|http://ports.ubuntu.com|[trusted=yes] http://{{ nodepool_mirror_host }}/ubuntu-ports|" \ /etc/apt/sources.list -{% raw %} {% endif %} +{% raw %} {% endblock %} {# Revert to upstream mirrors after build is complete #} @@ -94,9 +99,7 @@ RUN if [ -f /usr/etc/npmrc ]; then \ fi \ && rm -f /etc/npmrc -{% raw %} -{% if base_package_type == 'rpm' %} -{% endraw %} +{% if base_distro == 'centos' %} RUN sed -i \ -e "s|^#\(mirrorlist.*\)|\1|" \ -e "s|^baseurl=http://{{ nodepool_mirror_host }}|#baseurl=http://mirror.centos.org|" \ @@ -111,22 +114,16 @@ RUN sed -i \ -e "s|^#\(metalink.*\)|\1|" \ -e "s|^baseurl=http://{{ nodepool_mirror_host }}|#baseurl=http://download.example/pub|" \ /etc/yum.repos.d/epel*.repo -{% raw %} -{% elif base_package_type == 'deb' %} -{% if base_distro == "debian" %} -{% endraw %} +{% elif base_distro == "debian" %} RUN sed -i -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}|http://deb.debian.org|" \ -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}|http://security.debian.org|" \ /etc/apt/sources.list -{% raw %} {% elif base_distro == "ubuntu" %} -{% endraw %} RUN sed -i -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}/ubuntu/|mirror://mirrors.ubuntu.com/mirrors.txt|" \ -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}/ubuntu-cloud-archive|http://ubuntu-cloud.archive.canonical.com/ubuntu|" \ -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}/ubuntu-ports|http://ports.ubuntu.com|" \ /etc/apt/sources.list +{% endif %} {% raw %} -{% endif %} -{% endif %} {% endblock %} {% endraw %}