From 82ee1e6319d8631b2637c69f3413a020f6a27c0a Mon Sep 17 00:00:00 2001 From: Michal Nasiadka Date: Wed, 4 Jan 2023 09:29:14 +0000 Subject: [PATCH] Add support for CentOS Stream 9 This changeset adds support for CentOS Stream 9. Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/864920 Change-Id: I113b9984294cf8663d3fc0c8840320e1d40ea731 (cherry picked from commit 878b00013b01e3d02a704ce7c9fac1629cd1a705) --- .zuul.d/base.yaml | 12 ++++ .zuul.d/centos.yaml | 33 +++++++++ docker/base/Dockerfile.j2 | 67 +++++++++++++++---- docker/base/mariadb-aarch64.repo | 6 -- docker/base/mariadb.repo | 2 +- docker/base/rabbitmq_rabbitmq-erlang.repo | 1 + docker/bifrost/bifrost-base/Dockerfile.j2 | 6 ++ docker/collectd/Dockerfile.j2 | 16 ++++- docker/cron/Dockerfile.j2 | 11 +++ docker/cron/extend_start_el9.sh | 21 ++++++ docker/cron/logrotate | 18 +++++ docker/iscsid/Dockerfile.j2 | 5 +- docker/keystone/keystone-base/Dockerfile.j2 | 2 + docker/kolla-toolbox/Dockerfile.j2 | 2 +- .../mariadb-clustercheck/Dockerfile.j2 | 4 ++ docker/mariadb/mariadb-server/Dockerfile.j2 | 2 +- docker/neutron/neutron-base/Dockerfile.j2 | 4 ++ .../neutron/neutron-base/extend_start_el9.sh | 34 ++++++++++ docker/nova/nova-compute/Dockerfile.j2 | 7 +- docker/nova/nova-libvirt/Dockerfile.j2 | 6 +- docker/openstack-base/Dockerfile.j2 | 2 +- .../prometheus-libvirt-exporter/Dockerfile.j2 | 2 + docker/rabbitmq/Dockerfile.j2 | 2 +- kolla/common/config.py | 2 +- kolla/image/build.py | 34 +++++++++- kolla/template/methods.py | 6 ++ kolla/template/repos.yaml | 32 +++++++++ kolla/tests/test_build.py | 9 ++- .../centos-stream-9-ec4591d83c22b509.yaml | 4 ++ tests/playbooks/pre.yml | 16 ++--- tests/templates/template_overrides.j2 | 27 ++++++-- 31 files changed, 342 insertions(+), 53 deletions(-) delete mode 100644 docker/base/mariadb-aarch64.repo create mode 100644 docker/cron/extend_start_el9.sh create mode 100755 docker/cron/logrotate create mode 100644 docker/neutron/neutron-base/extend_start_el9.sh create mode 100644 releasenotes/notes/centos-stream-9-ec4591d83c22b509.yaml diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 9409539777..3d8924e7cf 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -60,6 +60,12 @@ - name: primary label: centos-8-stream +- nodeset: + name: kolla-centos-9-stream + nodes: + - name: primary + label: centos-9-stream + - nodeset: name: kolla-ubuntu-focal nodes: @@ -78,6 +84,12 @@ - name: primary label: centos-8-stream-arm64 +- nodeset: + name: kolla-centos-9-stream-aarch64 + nodes: + - name: primary + label: centos-9-stream-arm64 + - nodeset: name: kolla-debian-bullseye-aarch64 nodes: diff --git a/.zuul.d/centos.yaml b/.zuul.d/centos.yaml index 8f98593e03..c3028bb895 100644 --- a/.zuul.d/centos.yaml +++ b/.zuul.d/centos.yaml @@ -4,28 +4,40 @@ jobs: - kolla-build-centos8s-binary - kolla-build-centos8s-source + - kolla-build-centos9s-source - kolla-ansible-centos8s-source - kolla-ansible-centos8s-binary + - kolla-ansible-centos9s-source: + vars: + kolla_python_version: "3.9" - kolla-ansible-centos8s-source-upgrade check-arm64: jobs: - kolla-build-centos8s-source-aarch64 + - kolla-build-centos9s-source-aarch64 gate: jobs: - kolla-build-centos8s-source + - kolla-build-centos9s-source - kolla-ansible-centos8s-source + - kolla-ansible-centos9s-source: + vars: + kolla_python_version: "3.9" - kolla-ansible-centos8s-source-upgrade periodic: jobs: - kolla-publish-centos8s-source-quay - kolla-publish-centos8s-binary-quay + - kolla-publish-centos8s-source-quay periodic-weekly: jobs: - kolla-publish-centos8s-source-dockerhub - kolla-publish-centos8s-binary-dockerhub + - kolla-publish-centos8s-source-quay experimental: jobs: - kolla-build-no-infra-wheels-centos8s-source + - kolla-build-no-infra-wheels-centos9s-source - kolla-ansible-centos8s-source-bifrost: files: ^docker\/(base|bifrost|openstack-base)\/.* # Test rabbitmq & mariadb changes in multinode ceph jobs. @@ -93,12 +105,25 @@ base_distro: centos install_type: source +- job: + name: kolla-build-centos9s-source + parent: kolla-base + nodeset: kolla-centos-9-stream + vars: + base_distro: centos + install_type: source + - job: name: kolla-build-centos8s-source-aarch64 parent: kolla-build-centos8s-source nodeset: kolla-centos8-stream-aarch64 voting: false +- job: + name: kolla-build-centos9s-source-aarch64 + parent: kolla-build-centos9s-source + nodeset: kolla-centos-9-stream-aarch64 + - job: name: kolla-publish-centos8s-source-dockerhub parent: kolla-build-centos8s-source @@ -128,3 +153,11 @@ vars: base_distro: centos install_type: source + +- job: + name: kolla-build-no-infra-wheels-centos9s-source + parent: kolla-build-no-infra-wheels-base + nodeset: kolla-centos-9-stream + vars: + base_distro: centos + install_type: source diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2 index 2b299a0d64..19bd28753e 100644 --- a/docker/base/Dockerfile.j2 +++ b/docker/base/Dockerfile.j2 @@ -56,20 +56,32 @@ COPY dnf.conf /etc/dnf/dnf.conf {% endblock %} #### BEGIN REPO ENABLEMENT +{# +Repo files not available for CentOS Stream 9: + 'elasticsearch.repo', # signed with SHA1 key https://github.com/elastic/elasticsearch/issues/85876 + #} {% set base_yum_repo_files = [ - 'elasticsearch.repo', 'grafana.repo', + 'mariadb.repo', 'proxysql.repo', 'rabbitmq_rabbitmq-server.repo', 'td.repo', ] %} +{% if base_distro == "centos" and base_distro_tag.startswith('stream8') %} +{% set base_yum_repo_files = base_yum_repo_files + [ + 'elasticsearch.repo', +] %} +{% endif %} + {% set base_yum_url_packages = [ ] %} -{% set base_yum_repo_keys = [ +{# +SHA1 keys are not supported in RHEL9: https://github.com/rpm-software-management/rpm/issues/1977 'https://artifacts.elastic.co/GPG-KEY-elasticsearch', - 'https://packages.grafana.com/gpg.key', + #} +{% set base_yum_repo_keys = [ 'https://downloads.mariadb.com/MariaDB/RPM-GPG-KEY-MariaDB', 'https://repo.proxysql.com/ProxySQL/repo_pub_key', 'https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc', @@ -79,7 +91,6 @@ COPY dnf.conf /etc/dnf/dnf.conf {% if base_arch == 'x86_64' %} {% set base_yum_repo_files = base_yum_repo_files + [ 'influxdb.repo', - 'mariadb.repo', 'rabbitmq_rabbitmq-erlang.repo', ] %} # FIXME(mgoddard): Not available for CentOS 8 yet. @@ -91,11 +102,10 @@ COPY dnf.conf /etc/dnf/dnf.conf {% elif base_arch == 'aarch64' %} {% set base_yum_repo_files = base_yum_repo_files + [ 'hrw-copr-erlang-for-rabbitmq.repo', - 'mariadb-aarch64.repo', + 'mariadb.repo', ] %} {% set base_yum_repo_keys = base_yum_repo_keys + [ - 'https://packages.erlang-solutions.com/rpm/erlang_solutions.asc', ] %} {% endif %} @@ -143,13 +153,31 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% set base_centos_yum_repo_keys = [ ] %} +{% if base_distro == 'centos' %} + +{% if base_distro_tag.startswith('stream9') %} + {% set base_centos_yum_repo_packages = [ - 'centos-release-nfv-extras', 'centos-release-openstack-yoga', 'centos-release-opstools', 'epel-release', ] %} +{% else %} + +{% set base_centos_yum_repo_packages = [ + 'centos-release-nfv-extras', + 'centos-release-openstack-yoga', + 'centos-release-ceph-pacific', + 'centos-release-nfv-openvswitch', + 'centos-release-opstools', + 'epel-release', +] %} + +{% endif %} + +{% endif %} + # We need 'dnf-plugins-core' for 'dnf config-manager' {% set base_centos_yum_repo_packages = base_centos_yum_repo_packages + [ 'dnf-plugins-core' @@ -157,9 +185,21 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% set base_centos_yum_repos_to_enable = [ ] %} -# FIXME(hrw): entries not starting with 'centos-' (and 'centos-nfv-ovs') are -# from delorean or rdo-release-* package -# https://review.rdoproject.org/r/c/rdo-infra/ansible-role-dlrn/+/33241 +{% if base_distro == 'centos' %} + +{% if base_distro_tag.startswith('stream9') %} + +{% set base_centos_yum_repos_to_disable = [ + 'centos-ceph-pacific', + 'centos-nfv-openvswitch', + 'centos-opstools', + 'centos-rabbitmq-38', + 'epel', + 'influxdb', +] %} + +{% else %} + {% set base_centos_yum_repos_to_disable = [ 'centos-advanced-virtualization', 'centos-ceph-pacific', @@ -168,9 +208,12 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ 'centos-opstools', 'centos-rabbitmq-38', 'epel', - 'epel-modular', ] %} +{% endif %} + +{% endif %} + {% if base_arch == 'x86_64' %} {% set base_centos_yum_repos_to_disable = base_centos_yum_repos_to_disable + [ 'influxdb', @@ -197,9 +240,9 @@ RUN {{ macros.install_packages(base_centos_yum_repo_packages | customizable("cen {% block base_redhat_binary_versionlock %}{% endblock %} +{# NOTE(hrw): CentOS Stream 9 has curl-minimal, Rocky Linux 9 has curl so we do not install any #} {% set base_centos_packages = [ 'ca-certificates', - 'curl', 'dumb-init', 'findutils', 'hostname', diff --git a/docker/base/mariadb-aarch64.repo b/docker/base/mariadb-aarch64.repo deleted file mode 100644 index 79929e8e9b..0000000000 --- a/docker/base/mariadb-aarch64.repo +++ /dev/null @@ -1,6 +0,0 @@ -[mariadb] -name = MariaDB Server -baseurl = https://dlm.mariadb.com/repo/mariadb-server/10.6/yum/rhel/8/aarch64 -gpgcheck = 1 -enabled = 0 -module_hotfixes = 1 diff --git a/docker/base/mariadb.repo b/docker/base/mariadb.repo index 7420fcd35e..43ea786a54 100644 --- a/docker/base/mariadb.repo +++ b/docker/base/mariadb.repo @@ -1,6 +1,6 @@ [mariadb] name = MariaDB Server -baseurl = https://dlm.mariadb.com/repo/mariadb-server/10.6/yum/rhel/8/x86_64 +baseurl = https://dlm.mariadb.com/repo/mariadb-server/10.6/yum/rhel/$releasever/$basearch gpgcheck = 1 enabled = 0 module_hotfixes = 1 diff --git a/docker/base/rabbitmq_rabbitmq-erlang.repo b/docker/base/rabbitmq_rabbitmq-erlang.repo index bcb4f40f1f..59d49c4921 100644 --- a/docker/base/rabbitmq_rabbitmq-erlang.repo +++ b/docker/base/rabbitmq_rabbitmq-erlang.repo @@ -1,5 +1,6 @@ [rabbitmq_rabbitmq-erlang] name=rabbitmq_rabbitmq-erlang +# https://www.rabbitmq.com/install-rpm.html lists "el/8" for CentOS Stream 9 baseurl=https://packagecloud.io/rabbitmq/erlang/el/8/$basearch gpgcheck=1 enabled=0 diff --git a/docker/bifrost/bifrost-base/Dockerfile.j2 b/docker/bifrost/bifrost-base/Dockerfile.j2 index d39c6c3e50..08a048570b 100644 --- a/docker/bifrost/bifrost-base/Dockerfile.j2 +++ b/docker/bifrost/bifrost-base/Dockerfile.j2 @@ -18,6 +18,12 @@ RUN echo '{{ install_type }} not yet available for {{ base_distro }}' && /bin/fa {% elif install_type == 'source' %} +{% set bifrost_base_packages = [ + 'cpio', +] %} + +{{ macros.install_packages(bifrost_base_packages | customizable("packages")) }} + ENV VENV /var/lib/kolla/venv {% set bifrost_base_pip_packages = [ diff --git a/docker/collectd/Dockerfile.j2 b/docker/collectd/Dockerfile.j2 index fab16e1615..375b63742d 100644 --- a/docker/collectd/Dockerfile.j2 +++ b/docker/collectd/Dockerfile.j2 @@ -30,12 +30,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'collectd-dbi', 'collectd-disk', 'collectd-dns', - 'collectd-generic-jmx', 'collectd-ipmi', 'collectd-log_logstash', 'collectd-logparser', 'collectd-mcelog', - 'collectd-memcachec', 'collectd-mysql', 'collectd-netlink', 'collectd-openldap', @@ -56,15 +54,27 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'collectd-write_prometheus', ] %} + {% if not base_distro_tag.startswith('stream9') %} + {% set collectd_packages = collectd_packages + [ + 'collectd-generic-jmx', + 'collectd-memcachec' + ] %} + {% endif %} + {% if base_arch =='x86_64' %} {% set collectd_packages = collectd_packages + [ 'collectd-hugepages', - 'collectd-iptables', 'collectd-pcie-errors', 'collectd-pmu', 'collectd-rdt', 'collectd-turbostat' ] %} + + {% if not base_distro_tag.startswith('stream9') %} + {% set collectd_packages = collectd_packages + [ + 'collectd-iptables' + ] %} + {% endif %} {% endif %} {% endif %} diff --git a/docker/cron/Dockerfile.j2 b/docker/cron/Dockerfile.j2 index 1da4d40ea8..64a446a395 100644 --- a/docker/cron/Dockerfile.j2 +++ b/docker/cron/Dockerfile.j2 @@ -12,6 +12,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'cronie', 'logrotate' ] %} + +{% if base_distro_tag.startswith('stream9') %} +# NOTE(hrw): In RHEL 9 family it is done by systemd timer, we want cron to +# handle it. +COPY logrotate /etc/cron.daily/logrotate +{% endif %} + {% elif base_package_type == 'deb' %} {% set cron_packages = [ 'cron', @@ -21,7 +28,11 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.install_packages(cron_packages | customizable("packages")) }} +{% if base_distro_tag.startswith('stream9') %} +COPY extend_start_el9.sh /usr/local/bin/kolla_extend_start +{% else %} COPY extend_start.sh /usr/local/bin/kolla_extend_start +{% endif %} RUN chmod 755 /usr/local/bin/kolla_extend_start {% block cron_footer %}{% endblock %} diff --git a/docker/cron/extend_start_el9.sh b/docker/cron/extend_start_el9.sh new file mode 100644 index 0000000000..3476302e14 --- /dev/null +++ b/docker/cron/extend_start_el9.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +CRON_LOGROTATE_CURRENT_PATH="$(find /etc/cron* -name logrotate)" +CRON_LOGROTATE_CURRENT_SCHEDULE=$(echo "${CRON_LOGROTATE_CURRENT_PATH}" | sed -r 's/(.*)(hourly|daily|weekly|monthly)(.*)/\2/g') + +if [ -z $CRON_LOGROTATE_CURRENT_PATH ]; then + echo "logrotate is not handled by cron" +else + # Pass only for hourly|daily|weekly|monthly + if [[ "${KOLLA_LOGROTATE_SCHEDULE:-undefined}" =~ hourly|daily|weekly|monthly ]]; then + + CRON_LOGROTATE_DESIRED_PATH="/etc/cron.${KOLLA_LOGROTATE_SCHEDULE}/logrotate" + + if [[ "${CRON_LOGROTATE_CURRENT_PATH}" != "${CRON_LOGROTATE_DESIRED_PATH}" ]]; then + mv ${CRON_LOGROTATE_CURRENT_PATH} ${CRON_LOGROTATE_DESIRED_PATH} + CRON_LOGROTATE_CURRENT_SCHEDULE="${KOLLA_LOGROTATE_SCHEDULE}" + fi + fi + + echo "[i] Cron schedule for logrotate is currently set to: ${CRON_LOGROTATE_CURRENT_SCHEDULE}." +fi diff --git a/docker/cron/logrotate b/docker/cron/logrotate new file mode 100755 index 0000000000..1ac1570016 --- /dev/null +++ b/docker/cron/logrotate @@ -0,0 +1,18 @@ +#!/bin/sh + +# skip in favour of systemd timer +if [ -d /run/systemd/system ]; then + exit 0 +fi + +# this cronjob persists removals (but not purges) +if [ ! -x /usr/sbin/logrotate ]; then + exit 0 +fi + +/usr/sbin/logrotate /etc/logrotate.conf +EXITVALUE=$? +if [ $EXITVALUE != 0 ]; then + /usr/bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]" +fi +exit $EXITVALUE diff --git a/docker/iscsid/Dockerfile.j2 b/docker/iscsid/Dockerfile.j2 index 4e95d2ca88..11a4788fec 100644 --- a/docker/iscsid/Dockerfile.j2 +++ b/docker/iscsid/Dockerfile.j2 @@ -26,8 +26,9 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.install_packages(iscsid_packages | customizable("packages")) }} COPY extend_start.sh /usr/local/bin/kolla_extend_start -RUN chmod 755 /usr/local/bin/kolla_extend_start \ - && rm /etc/iscsi/initiatorname.iscsi +# NOTE(hrw): CentOS Stream 9 lacks initiatorname.iscsi file +RUN chmod 644 /usr/local/bin/kolla_extend_start \ + && rm -f /etc/iscsi/initiatorname.iscsi {% block iscsid_footer %}{% endblock %} {% block footer %}{% endblock %} diff --git a/docker/keystone/keystone-base/Dockerfile.j2 b/docker/keystone/keystone-base/Dockerfile.j2 index 2176db3e1e..88b24cc801 100644 --- a/docker/keystone/keystone-base/Dockerfile.j2 +++ b/docker/keystone/keystone-base/Dockerfile.j2 @@ -49,7 +49,9 @@ RUN mkdir -p /var/www/cgi-bin/keystone \ 'openldap-devel', ] %} +{% if not base_distro_tag.startswith('stream9') %} RUN dnf module enable mod_auth_openidc -y +{% endif %} {{ macros.install_packages(keystone_base_packages | customizable("packages")) }} {% elif base_package_type == 'deb' %} diff --git a/docker/kolla-toolbox/Dockerfile.j2 b/docker/kolla-toolbox/Dockerfile.j2 index 54147231ec..ec5ad8ea0c 100644 --- a/docker/kolla-toolbox/Dockerfile.j2 +++ b/docker/kolla-toolbox/Dockerfile.j2 @@ -18,7 +18,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.enable_extra_repos(['epel']) }} {% endif %} -{{ macros.enable_extra_repos(['erlang', 'openvswitch', 'powertools', 'rabbitmq']) }} +{{ macros.enable_extra_repos(['crb', 'erlang', 'openvswitch', 'powertools', 'rabbitmq']) }} {% if base_package_type == 'rpm' %} diff --git a/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 b/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 index aa52f8f4a7..13c3f49f10 100644 --- a/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 +++ b/docker/mariadb/mariadb-clustercheck/Dockerfile.j2 @@ -5,11 +5,15 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{% if not base_distro_tag.startswith('stream9') %} + {% set mariadb_clustercheck_packages = [ 'xinetd' ] %} {{ macros.install_packages(mariadb_clustercheck_packages | customizable("packages")) }} +{% endif %} + {% block mariadb_clustercheck_footer %}{% endblock %} {% block footer %}{% endblock %} diff --git a/docker/mariadb/mariadb-server/Dockerfile.j2 b/docker/mariadb/mariadb-server/Dockerfile.j2 index 01510dbe8b..7a14653769 100644 --- a/docker/mariadb/mariadb-server/Dockerfile.j2 +++ b/docker/mariadb/mariadb-server/Dockerfile.j2 @@ -10,7 +10,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='mysql') }} {# NOTE(mgoddard): EPEL required for pv package #} -{{ macros.enable_extra_repos(['epel']) }} +{{ macros.enable_extra_repos(['epel', 'mariadb']) }} {% if base_package_type == 'rpm' %} {% set mariadb_packages = [ diff --git a/docker/neutron/neutron-base/Dockerfile.j2 b/docker/neutron/neutron-base/Dockerfile.j2 index 9d597b6fe7..515bd772a8 100644 --- a/docker/neutron/neutron-base/Dockerfile.j2 +++ b/docker/neutron/neutron-base/Dockerfile.j2 @@ -121,7 +121,11 @@ RUN ln -s neutron-base-source/* neutron \ {% endif %} COPY neutron_sudoers /etc/sudoers.d/kolla_neutron_sudoers +{% if base_distro_tag.startswith('stream9') %} +COPY extend_start_el9.sh /usr/local/bin/kolla_extend_start +{% else %} COPY extend_start.sh /usr/local/bin/kolla_extend_start +{% endif %} RUN chmod 750 /etc/sudoers.d \ && chmod 440 /etc/sudoers.d/kolla_neutron_sudoers \ diff --git a/docker/neutron/neutron-base/extend_start_el9.sh b/docker/neutron/neutron-base/extend_start_el9.sh new file mode 100644 index 0000000000..c560cedf88 --- /dev/null +++ b/docker/neutron/neutron-base/extend_start_el9.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +if [[ ! -d "/var/log/kolla/neutron" ]]; then + mkdir -p /var/log/kolla/neutron +fi +if [[ $(stat -c %a /var/log/kolla/neutron) != "755" ]]; then + chmod 755 /var/log/kolla/neutron +fi + +# NOTE(hrw): from RHEL 9 release notes: +# "Iptables-nft and ipset are now deprecated, which included the utilities, +# iptables, ip6tables, ebtables, and arptables. These are all replaced by the +# nftables framework." +# so no need to even use u-a on RHEL 9 family as there is one provider +# (and there is no u-a for ip6tables so script fails) + +if [[ ${KOLLA_BASE_DISTRO} != "centos" ]]; then + if /usr/bin/update-alternatives --display iptables; then + # NOTE(yoctozepto): Kolla-Ansible does not always set KOLLA_LEGACY_IPTABLES; + # the workaround below ensures it gets set to `false` in such cases to fix + # this code under `set -o nounset`. + KOLLA_LEGACY_IPTABLES=${KOLLA_LEGACY_IPTABLES-false} + + if [[ $KOLLA_LEGACY_IPTABLES == "true" ]]; then + sudo /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy + sudo /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy + else + sudo /usr/bin/update-alternatives --auto iptables + sudo /usr/bin/update-alternatives --auto ip6tables + fi + fi +fi + +. /usr/local/bin/kolla_neutron_extend_start diff --git a/docker/nova/nova-compute/Dockerfile.j2 b/docker/nova/nova-compute/Dockerfile.j2 index 9996afd0fe..a0adc0390a 100644 --- a/docker/nova/nova-compute/Dockerfile.j2 +++ b/docker/nova/nova-compute/Dockerfile.j2 @@ -40,9 +40,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build ] %} {% endif %} -{{ macros.install_packages(nova_compute_packages | customizable("packages")) }} \ - && dnf remove -y linux-firmware \ - && dnf clean all +{{ macros.install_packages(nova_compute_packages | customizable("packages")) }} {% if base_distro_tag.startswith('stream9') %}\ + && dnf remove -y linux-firmware \ + && dnf clean all +{% endif %} {% elif base_package_type == 'deb' %} diff --git a/docker/nova/nova-libvirt/Dockerfile.j2 b/docker/nova/nova-libvirt/Dockerfile.j2 index db3a43885f..c791266184 100644 --- a/docker/nova/nova-libvirt/Dockerfile.j2 +++ b/docker/nova/nova-libvirt/Dockerfile.j2 @@ -25,8 +25,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build 'openvswitch', 'qemu-img', 'qemu-kvm', - 'trousers' ] %} + {% if not base_distro_tag.startswith('stream9') %} + {% set nova_libvirt_packages = nova_libvirt_packages + [ + 'trousers' + ] %} + {% endif %} {% if base_arch == 'x86_64' %} {% set nova_libvirt_packages = nova_libvirt_packages + [ 'edk2-ovmf' diff --git a/docker/openstack-base/Dockerfile.j2 b/docker/openstack-base/Dockerfile.j2 index f82f650855..01ae07db88 100644 --- a/docker/openstack-base/Dockerfile.j2 +++ b/docker/openstack-base/Dockerfile.j2 @@ -8,7 +8,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} {{ macros.add_binary_source_envs() }} -{{ macros.enable_extra_repos(['opstools', 'powertools']) }} +{{ macros.enable_extra_repos(['crb', 'opstools', 'powertools']) }} {% if install_type == 'binary' %} {% if base_package_type == 'rpm' %} diff --git a/docker/prometheus/prometheus-libvirt-exporter/Dockerfile.j2 b/docker/prometheus/prometheus-libvirt-exporter/Dockerfile.j2 index 80e4028fe7..a24104c518 100644 --- a/docker/prometheus/prometheus-libvirt-exporter/Dockerfile.j2 +++ b/docker/prometheus/prometheus-libvirt-exporter/Dockerfile.j2 @@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{{ macros.enable_extra_repos(['crb']) }} + {% block prometheus_libvirt_exporter_header %}{% endblock %} {% if base_package_type == 'rpm' %} diff --git a/docker/rabbitmq/Dockerfile.j2 b/docker/rabbitmq/Dockerfile.j2 index 0a3180691e..29a27b581c 100644 --- a/docker/rabbitmq/Dockerfile.j2 +++ b/docker/rabbitmq/Dockerfile.j2 @@ -14,7 +14,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.enable_extra_repos(['epel']) }} {% endif %} -{{ macros.enable_extra_repos(['erlang', 'powertools', 'rabbitmq']) }} +{{ macros.enable_extra_repos(['crb', 'erlang', 'powertools', 'rabbitmq']) }} {% block rabbitmq_install %} {% if base_package_type == 'rpm' %} diff --git a/kolla/common/config.py b/kolla/common/config.py index bf8c90f78d..1e34a96eb4 100755 --- a/kolla/common/config.py +++ b/kolla/common/config.py @@ -28,7 +28,7 @@ DEFAULT_BASE_TAGS = { } # NOTE(hrw): has to match PRETTY_NAME in /etc/os-release DISTRO_PRETTY_NAME = { - 'centos': 'CentOS Stream 8', + 'centos': 'CentOS Stream {8,9}', 'debian': 'Debian GNU/Linux 11 (bullseye)', 'ubuntu': 'Ubuntu 20.04', } diff --git a/kolla/image/build.py b/kolla/image/build.py index b6f4a880ee..3fcdfed13c 100755 --- a/kolla/image/build.py +++ b/kolla/image/build.py @@ -108,6 +108,19 @@ UNBUILDABLE_IMAGES = { "tgtd", # Not supported on CentOS 8 }, + # Issues for SHA1 keys: + # https://github.com/elastic/elasticsearch/issues/85876 + # https://github.com/grafana/grafana/issues/41036 + 'centos9': { + "elasticsearch", # SHA1 gpg key + "hacluster-pcs", # Missing crmsh package + "kibana", # SHA1 gpg key + "logstash", # SHA1 gpg key + "nova-spicehtml5proxy", # Missing spicehtml5 package + "ovsdpdk", # Not supported on CentOS + "tgtd", # Not supported on CentOS + }, + 'debian': { "qdrouterd", # no qdrouterd package in Debian bullseye }, @@ -688,7 +701,15 @@ class KollaWorker(object): self.rpm_setup = self.build_rpm_setup(rpm_setup_config) if self.base in ['centos']: - self.conf.distro_python_version = "3.6" + if self.base_tag.startswith('stream9'): + self.conf.distro_python_version = "3.9" + else: + self.conf.distro_python_version = "3.6" + + self.distro_package_manager = 'dnf' + self.base_package_type = 'rpm' + elif self.base in ['centos9']: + self.conf.distro_python_version = "3.9" self.distro_package_manager = 'dnf' self.base_package_type = 'rpm' elif self.base in ['debian']: @@ -717,6 +738,11 @@ class KollaWorker(object): "due to lack of packages for other architectures.") sys.exit(1) + if (self.install_type == 'binary' and + self.base_tag.startswith('stream9')): + LOG.info("CentOS Stream 9 is available only for source images.") + sys.exit(1) + if self.install_type == 'binary': LOG.info("Building binary images is now deprecated. Consider " "switching to source ones.") @@ -894,8 +920,8 @@ class KollaWorker(object): def create_dockerfiles(self): kolla_version = version.version_info.cached_version_string() - supported_distro_name = common_config.DISTRO_PRETTY_NAME.get( - self.base) + supported_distro_name = common_config.DISTRO_PRETTY_NAME.get(self.base) + for path in self.docker_build_paths: template_name = "Dockerfile.j2" image_name = path.split("/")[-1] @@ -1015,6 +1041,8 @@ class KollaWorker(object): # mark unbuildable images and their children base = self.base + if base == 'centos' and self.base_tag == 'stream9': + base = 'centos9' tag_element = r'(%s|%s|%s)' % (base, self.install_type, diff --git a/kolla/template/methods.py b/kolla/template/methods.py index 57a5e83307..6fb530a297 100644 --- a/kolla/template/methods.py +++ b/kolla/template/methods.py @@ -102,7 +102,13 @@ def handle_repos(context, reponames, mode): repo_data[name] = params base_package_type = context.get('base_package_type') + base_distro = context.get('base_distro') + + if (base_distro == 'centos' and + context.get('base_distro_tag', 'stream8').startswith('stream9')): + base_distro = "centos9" + base_arch = context.get('base_arch') commands = '' diff --git a/kolla/template/repos.yaml b/kolla/template/repos.yaml index 299be04d8c..721bcf0df3 100644 --- a/kolla/template/repos.yaml +++ b/kolla/template/repos.yaml @@ -40,6 +40,38 @@ centos-aarch64: rabbitmq: "rabbitmq_rabbitmq-server" td-agent: "treasuredata" +centos9: + ceph: "centos-ceph-pacific" + crb: "crb" + epel: "epel" + erlang: "rabbitmq_rabbitmq-erlang" + extras: "extras" + grafana: "grafana" + hacluster: "highavailability" + influxdb: "influxdb" + mariadb: "mariadb" + openvswitch: "centos-nfv-openvswitch" + opstools: "centos-opstools" + proxysql: "proxysql" + rabbitmq: "rabbitmq_rabbitmq-server" + td-agent: "treasuredata" + +centos9-aarch64: + ceph: "centos-ceph-pacific" + crb: "crb" + epel: "epel" + erlang: "copr-hrw-erlang-for-rabbitmq" + extras: "extras" + grafana: "grafana" + hacluster: "highavailability" + influxdb: "influxdb" + mariadb: "mariadb" + openvswitch: "centos-nfv-openvswitch" + opstools: "centos-opstools" + proxysql: "proxysql" + rabbitmq: "rabbitmq_rabbitmq-server" + td-agent: "treasuredata" + debian: elasticsearch: url: "https://artifacts.elastic.co/packages/oss-7.x/apt" diff --git a/kolla/tests/test_build.py b/kolla/tests/test_build.py index 6174d5dd8a..da5904d252 100644 --- a/kolla/tests/test_build.py +++ b/kolla/tests/test_build.py @@ -560,12 +560,17 @@ class KollaWorkerTest(base.TestCase): self.assertEqual('3.8', kolla.distro_python_version) def test_build_distro_python_version_centos(self): - """check distro_python_version for CentOS 8.0.1905""" + """check distro_python_version for CentOS Stream 8""" self.conf.set_override('base', 'centos') - self.conf.set_override('base_tag', '8.0.1905') kolla = build.KollaWorker(self.conf) self.assertEqual('3.6', kolla.distro_python_version) + def test_build_distro_python_version_centos9(self): + """check distro_python_version for CentOS Stream 9""" + self.conf.set_override('base_tag', 'stream9') + kolla = build.KollaWorker(self.conf) + self.assertEqual('3.9', kolla.distro_python_version) + def test_build_distro_package_manager(self): """check distro_package_manager conf value is taken""" self.conf.set_override('distro_package_manager', 'foo') diff --git a/releasenotes/notes/centos-stream-9-ec4591d83c22b509.yaml b/releasenotes/notes/centos-stream-9-ec4591d83c22b509.yaml new file mode 100644 index 0000000000..645520138b --- /dev/null +++ b/releasenotes/notes/centos-stream-9-ec4591d83c22b509.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + CentOS Stream 9 is now buildable in addition to CentOS Stream 8. diff --git a/tests/playbooks/pre.yml b/tests/playbooks/pre.yml index 0fbeec3dfc..2936ca089c 100644 --- a/tests/playbooks/pre.yml +++ b/tests/playbooks/pre.yml @@ -20,26 +20,24 @@ path: "{{ kolla_build_logs_dir }}" state: directory - - name: Install Python3 setuptools and family + - name: Install Python3 pip and setuptools package: name: - python3-pip - python3-setuptools - - python3-virtualenv - - python3-wheel become: true - # NOTE(hrw): On RedHat systems it is part of python3-virtualenv - - name: Install virtualenv on Debian systems + # NOTE(hrw): On RedHat systems venv is part of python3-libs + - name: Install Python3 venv on Debian systems package: name: - - virtualenv + - python3-venv become: true when: ansible_os_family == "Debian" - name: Create virtualenv - command: python3 -m virtualenv {{ virtualenv_path }} --python python3 + command: python3 -m venv {{ virtualenv_path }} - name: Install kolla command: "{{ virtualenv_path }}/bin/python -m pip install {{ zuul.project.src_dir }}" @@ -66,11 +64,11 @@ - name: Configure Docker repo for CentOS block: - - name: Add Docker YUM repository + - name: Add Docker repository yum_repository: name: docker description: Docker - baseurl: "{{ nodepool_docker_proxy }}/centos/7/$basearch/stable" + baseurl: "{{ nodepool_docker_proxy }}/centos/{{ ansible_distribution_major_version }}/$basearch/stable" enabled: yes gpgcheck: yes gpgkey: "{{ nodepool_docker_proxy }}/centos/gpg" diff --git a/tests/templates/template_overrides.j2 b/tests/templates/template_overrides.j2 index 00ce104377..43a7f2a0ae 100644 --- a/tests/templates/template_overrides.j2 +++ b/tests/templates/template_overrides.j2 @@ -23,9 +23,12 @@ RUN echo registry={{ nodepool_npmjs_proxy }} > /etc/npmrc \ RUN sed -i \ -e "s|^\(mirrorlist.*\)|#\1|" \ -e "s|^#baseurl=http://mirror.centos.org|baseurl=http://{{ nodepool_mirror_host }}|" \ - /etc/yum.repos.d/CentOS-*.repo - {% raw %} +{% if base_distro_tag.startswith('stream9')%} + /etc/yum.repos.d/centos*.repo +{% else %} + /etc/yum.repos.d/CentOS*.repo +{% endif %} {% endblock %} {% block base_centos_repo_overrides_post_rpm %} @@ -39,13 +42,19 @@ RUN sed -i \ -e "s|^#baseurl=https://mirror.centos.org|baseurl=http://{{ nodepool_mirror_host }}|" \ -e "s|^baseurl=http://mirror.centos.org|baseurl=http://{{ nodepool_mirror_host }}|" \ -e "s|^baseurl=https://mirror.centos.org|baseurl=http://{{ nodepool_mirror_host }}|" \ - /etc/yum.repos.d/CentOS-*.repo \ +{% raw %} +{% if base_distro_tag.startswith('stream9') %} + /etc/yum.repos.d/centos*.repo \ +{% else %} + /etc/yum.repos.d/CentOS*.repo \ +{% endif %} +{% endraw %} && sed -i \ -e "s|^\(metalink.*\)|#\1|" \ -e "s|^#baseurl=http://download.example/pub|baseurl=http://{{ nodepool_mirror_host }}|" \ -e "s|^#baseurl=https://download.example/pub|baseurl=http://{{ nodepool_mirror_host }}|" \ - /etc/yum.repos.d/epel*.repo -{%- raw -%} + /etc/yum.repos.d/epel*.repo \ +{% raw %} {% endblock %} {% block base_debian_after_sources_list %} @@ -91,7 +100,13 @@ RUN if [ -f /usr/etc/npmrc ]; then \ RUN sed -i \ -e "s|^#\(mirrorlist.*\)|\1|" \ -e "s|^baseurl=http://{{ nodepool_mirror_host }}|#baseurl=http://mirror.centos.org|" \ - /etc/yum.repos.d/CentOS-*.repo \ +{% raw %} +{% if base_distro_tag.startswith('stream9') %} + /etc/yum.repos.d/centos*.repo \ +{% else %} + /etc/yum.repos.d/CentOS*.repo \ +{% endif %} +{% endraw %} && sed -i \ -e "s|^#\(metalink.*\)|\1|" \ -e "s|^baseurl=http://{{ nodepool_mirror_host }}|#baseurl=http://download.example/pub|" \