Enable repos only when needed

Disable external repositories by default and enable only when needed.

Depends-on: https://review.opendev.org/696480

Implements: blueprint repos-off-by-default

Change-Id: Icf2a8397a8349e0fe849d88d160409fd234480a9

docker/base/Dockerfile.j2

@@ -177,12 +177,29 @@ RUN rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
     'yum-plugin-priorities'
 ] %}
 
+{% if distro_package_manager == 'dnf' %}
+
+    # We need 'dnf config-manager'
+    {% set base_centos_yum_repo_packages = base_centos_yum_repo_packages + [
+        'dnf-plugins-core'
+    ] %}
+
+{% endif %}
+
 {% set base_centos_yum_repos_to_disable = [
+    'centos-ceph-nautilus',
+    'centos-nfs-ganesha28',
+    'centos-qemu-ev',
+    'influxdb'
 ] %}
 
 RUN {{ macros.install_packages(base_centos_yum_repo_packages | customizable("centos_yum_repo_packages"), chain=True, clean=False) }} \
 {% for repo in base_centos_yum_repos_to_disable | customizable('centos_yum_repos_to_disable') -%}
+{%- if distro_package_manager == 'dnf' %}
+    && dnf config-manager --disable {{ repo }} \
+{% else %}
     && yum-config-manager --disable {{ repo }} \
+{% endif -%}
 {% endfor -%}
 {% for key in base_centos_yum_repo_keys | customizable('centos_yum_repo_keys') -%}
     && rpm --import {{ key }} \

docker/base/crmsh.repo

@@ -4,4 +4,4 @@ type=rpm-md
 baseurl=http://download.opensuse.org/repositories/network:/ha-clustering:/Stable/CentOS_CentOS-7/
 gpgcheck=1
 gpgkey=http://download.opensuse.org/repositories/network:/ha-clustering:/Stable/CentOS_CentOS-7/repodata/repomd.xml.key
-enabled=1
+enabled=0

docker/base/elasticsearch.repo

@@ -3,6 +3,6 @@ name=ELK repository for 5.x packages
 baseurl=https://artifacts.elastic.co/packages/5.x/yum
 gpgcheck=1
 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
-enabled=1
+enabled=0
 autorefresh=1
 type=rpm-md

docker/base/grafana.repo

@@ -2,7 +2,7 @@
 name=grafana
 baseurl=https://packages.grafana.com/oss/rpm
 repo_gpgcheck=1
-enabled=1
+enabled=0
 gpgcheck=1
 gpgkey=https://packages.grafana.com/gpg.key
 sslverify=1

docker/base/opendaylight.repo

@@ -1,5 +1,5 @@
 [opendaylight]
 name=OpenDaylight Carbon
 baseurl=https://nexus.opendaylight.org/content/repositories/opendaylight-carbon-epel-7-x86_64-devel/
-enabled=1
+enabled=0
 gpgcheck=0

docker/base/rabbitmq_rabbitmq-server.repo

@@ -3,7 +3,7 @@ name=rabbitmq_rabbitmq-server
 baseurl=https://packagecloud.io/rabbitmq/rabbitmq-server/el/7/$basearch
 repo_gpgcheck=1
 gpgcheck=0
-enabled=1
+enabled=0
 gpgkey=https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey
 sslverify=1
 sslcacert=/etc/pki/tls/certs/ca-bundle.crt

docker/base/sources.list.debian

@@ -4,18 +4,24 @@ deb http://deb.debian.org/debian buster main
 # debian security updates
 deb http://security.debian.org/debian-security buster/updates main
 
-# elasticsearch (arch:all), logstash (arch:all), kibana (arch:amd64)
-deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main
-
 # main docker repo
 deb https://download.docker.com/linux/debian buster stable
 
-# Grafana repo
-deb https://packages.grafana.com/oss/deb stable main
-
 # Buster - Train repos
 deb http://buster-train.debian.net/debian buster-train-backports main
 deb http://buster-train.debian.net/debian buster-train-backports-nochange main
 
+# NOTE(hrw): repositories below are added into image when they are needed as
+# separate files in /etc/apt/sources.list.d/ directory. For that purpose they
+# are defined in kolla/repos.yaml file.
+#
+# Here they stay in case someone needs them.
+
+# elasticsearch (arch:all), logstash (arch:all), kibana (arch:amd64)
+#deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main
+
+# Grafana repo
+#deb https://packages.grafana.com/oss/deb stable main
+
 # td-agent for fluentd
-deb http://packages.treasuredata.com/3/debian/buster buster contrib
+#deb http://packages.treasuredata.com/3/debian/buster buster contrib

docker/base/sources.list.ubuntu

@@ -12,29 +12,35 @@ deb http://archive.ubuntu.com/ubuntu/ bionic-backports main universe
 # are qemu, libvirt, and openvswitch.
 deb http://ubuntu-cloud.archive.canonical.com/ubuntu bionic-updates/train main
 
+# NOTE(hrw): repositories below are added into image when they are needed as
+# separate files in /etc/apt/sources.list.d/ directory. For that purpose they
+# are defined in kolla/repos.yaml file.
+#
+# Here they stay in case someone needs them.
+
 # Elasticsearch, Logstash & Kibana repo
-deb https://artifacts.elastic.co/packages/5.x/apt stable main
+#deb https://artifacts.elastic.co/packages/5.x/apt stable main
 
 # InfluxDB repo
-deb https://repos.influxdata.com/ubuntu bionic stable
+#deb https://repos.influxdata.com/ubuntu bionic stable
 
 # Grafana repo
-deb https://packages.grafana.com/oss/deb stable main
+#deb https://packages.grafana.com/oss/deb stable main
 
 # Fluentd repo
-deb http://packages.treasuredata.com/3/ubuntu/bionic/ bionic contrib
+#deb http://packages.treasuredata.com/3/ubuntu/bionic/ bionic contrib
 
 # Qdrouterd repo
-deb http://ppa.launchpad.net/qpid/released/ubuntu/ bionic main
+#deb http://ppa.launchpad.net/qpid/released/ubuntu/ bionic main
 
 # Sensu repo
-deb https://sensu.global.ssl.fastly.net/apt bionic main
+#deb https://sensu.global.ssl.fastly.net/apt bionic main
 
 # Opendaylight repo
-deb http://ppa.launchpad.net/odl-team/carbon/ubuntu xenial main
+#deb http://ppa.launchpad.net/odl-team/carbon/ubuntu xenial main
 
 # rabbitmq repo
-deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
+#deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
 
 # MariaDB repo
-deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main
+#deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main

docker/base/sources.list.ubuntu.aarch64

@@ -10,14 +10,20 @@ deb http://ports.ubuntu.com/ bionic-backports main universe
 # are qemu, libvirt, and openvswitch.
 deb http://ubuntu-cloud.archive.canonical.com/ubuntu bionic-updates/train main
 
+# NOTE(hrw): repositories below are added into image when they are needed as
+# separate files in /etc/apt/sources.list.d/ directory. For that purpose they
+# are defined in kolla/repos.yaml file.
+#
+# Here they stay in case someone needs them.
+
 # rabbitmq repo
-deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
+#deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
 
 # Grafana repo
-deb https://packages.grafana.com/oss/deb stable main
+#deb https://packages.grafana.com/oss/deb stable main
 
 # elasticsearch (arch:all), logstash (arch:all), kibana (arch:amd64)
-deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main
+#deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main
 
 # MariaDB repo
-deb [arch=arm64] http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main
+#deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main

docker/base/sources.list.ubuntu.ppc64le

@@ -10,8 +10,14 @@ deb http://ports.ubuntu.com/ bionic-backports main universe
 # are qemu, libvirt, and openvswitch.
 deb http://ubuntu-cloud.archive.canonical.com/ubuntu bionic-updates/train main
 
+# NOTE(hrw): repositories below are added into image when they are needed as
+# separate files in /etc/apt/sources.list.d/ directory. For that purpose they
+# are defined in kolla/repos.yaml file.
+#
+# Here they stay in case someone needs them.
+
 # rabbitmq repo
-deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
+#deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main
 
 # MariaDB repo
-deb [arch=ppc64el] http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main
+#deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main

docker/base/td.repo

@@ -3,3 +3,4 @@ name=TreasureData
 baseurl=http://packages.treasuredata.com/3/redhat/\$releasever/\$basearch
 gpgcheck=1
 gpgkey=https://packages.treasuredata.com/GPG-KEY-td-agent
+enabled=0

docker/ceph/ceph-base/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='ceph') }}
 
+{{ macros.enable_extra_repos(['ceph', 'nfs-ganesha']) }}
+
 {% if base_package_type == 'rpm' %}
 
    {% set ceph_base_packages = [

docker/cinder/cinder-base/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='cinder') }}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
         {% set cinder_base_packages = [

docker/elasticsearch/elasticsearch/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='elasticsearch', shell='/bin/bash', homedir='/usr/share/elasticsearch') }}
 
+{{ macros.enable_extra_repos(['elasticsearch']) }}
+
 {% if base_package_type == 'rpm' %}
     {% set elasticsearch_packages = [
         'elasticsearch',

docker/fluentd/Dockerfile.j2

@@ -15,6 +15,8 @@ LABEL fluentd_version="0.14" fluentd_binary="td-agent"
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['td-agent']) }}
+
 {% if base_package_type == 'rpm' %}
 
     {% set fluentd_packages = [

docker/glance/glance-base/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='glance') }}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
         {% set glance_base_packages = [

docker/gnocchi/gnocchi-base/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='gnocchi') }}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
 

docker/grafana/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['grafana']) }}
+
 {% set grafana_packages = ['grafana'] %}
 
 {% if base_arch not in ['aarch64', 'x86_64'] %}

docker/hacluster/hacluster-pcs/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['hacluster']) }}
+
 {% set hacluster_pcs_packages = ['pcs','crmsh'] %}
 {{ macros.install_packages(hacluster_pcs_packages | customizable("packages")) }}
 

docker/influxdb/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='influxdb') }}
 
+{{ macros.enable_extra_repos(['influxdb']) }}
+
 {% set influxdb_packages = ['influxdb'] %}
 {{ macros.install_packages(influxdb_packages | customizable("packages")) }}
 

docker/ironic/ironic-conductor/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
         # TODO(Jeffrey4l): no python-oneviewclient

docker/kibana/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['kibana']) }}
+
 {{ macros.configure_user(name='kibana') }}
 
 {% set kibana_packages = ['kibana'] %}

docker/kolla-toolbox/Dockerfile.j2

@@ -11,6 +11,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 {{ macros.configure_user(name='ansible') }}
 {{ macros.configure_user(name='rabbitmq') }}
 
+{{ macros.enable_extra_repos(['rabbitmq']) }}
+
 # NOTE(mandre) Remove rabbitmq-server pinning once package dependencies are met
 # https://bugs.launchpad.net/kolla/+bug/1814233
 {% if base_package_type == 'rpm' %}

docker/macros.j2

@@ -118,3 +118,9 @@ RUN apt-get update \
     {% endfor %}
 {%- endif %}
 {%- endmacro %}
+
+{% macro enable_extra_repos(repos) %}
+
+{{ enable_repos(repos) }}
+
+{% endmacro %}

docker/manila/manila-share/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
 

docker/mariadb/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='mysql') }}
 
+{{ macros.enable_extra_repos(['mariadb']) }}
+
 {% if base_package_type == 'rpm' %}
     {% set mariadb_packages = [
         'expect',

docker/nova/nova-compute/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
     {% if base_package_type == 'rpm' %}
 

docker/nova/nova-libvirt/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='nova', groups='qemu') }}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if base_package_type == 'rpm' %}
 
     {% set nova_libvirt_packages = [

docker/opendaylight/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='odl') }}
 
+{{ macros.enable_extra_repos(['opendaylight']) }}
+
 {% block opendaylight_install %}
 
 {% if base_package_type == 'rpm' %}

docker/qdrouterd/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='qdrouterd') }}
 
+{{ macros.enable_extra_repos(['qdrouterd']) }}
+
 {% block qdrouterd_install %}
 {% if base_package_type == 'rpm' %}
     {% set qdrouterd_packages = [

docker/rabbitmq/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='rabbitmq') }}
 
+{{ macros.enable_extra_repos(['rabbitmq']) }}
+
 {% block rabbitmq_install %}
 {% if base_package_type == 'rpm' %}
 # NOTE(mandre) Remove rabbitmq-server pinning once package dependencies are met

docker/sensu/sensu-base/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='sensu') }}
 
+{{ macros.enable_extra_repos(['sensu']) }}
+
 {% if base_package_type == 'rpm' %}
     {% set sensu_base_packages = ['sensu'] %}
 {% elif base_distro in ['ubuntu'] %}

docker/sensu/sensu-client/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if base_package_type == 'rpm' %}
     {% set sensu_client_packages = [
         'ceph-common',

docker/telegraf/Dockerfile.j2

@@ -7,6 +7,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {{ macros.configure_user(name='telegraf', homedir='/etc/telegraf') }}
 
+{{ macros.enable_extra_repos(['influxdb']) }}
+
 {% set telegraf_packages = [
     'chrony',
     'net-tools',

docker/zun/zun-compute/Dockerfile.j2

@@ -5,6 +5,8 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 
 {% import "macros.j2" as macros with context %}
 
+{{ macros.enable_extra_repos(['ceph']) }}
+
 {% if install_type == 'binary' %}
 
 RUN echo '{{ install_type }} not yet available for {{ base_distro }}' \

kolla/image/build.py

@@ -921,6 +921,7 @@ class KollaWorker(object):
 
         return {
             'debian_package_install': jinja_methods.debian_package_install,
+            'enable_repos': jinja_methods.enable_repos,
         }
 
     def get_users(self):

kolla/template/methods.py

@@ -12,6 +12,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import os
+import yaml
+
+from jinja2 import contextfunction
+from jinja2.runtime import Undefined
+
 
 def debian_package_install(packages, clean_package_cache=True):
     """Jinja utility method for building debian-based package install command.
@@ -64,3 +70,60 @@ def debian_package_install(packages, clean_package_cache=True):
 
     # return the list of commands
     return ' && '.join(cmds)
+
+
+@contextfunction
+def enable_repos(context, reponames):
+    """NOTE(hrw): we need to handle CentOS, Debian and Ubuntu with one macro.
+
+    Repo names have to be simple names mapped to proper ones.  So 'ceph' ==
+    'centos-ceph-nautilus' for CentOS, UCA for Ubuntu (enabled by default) and
+    something else for Debian.
+    """
+    repofile = os.path.dirname(os.path.realpath(__file__)) + '/repos.yaml'
+    with open(repofile, 'r') as repos_file:
+        repo_data = {}
+        for name, params in yaml.safe_load(repos_file).items():
+            repo_data[name] = params
+
+    # TODO(hrw): add checks for isinstance() and raise proper exception
+    base_package_type = context.get('base_package_type')
+    if isinstance(base_package_type, Undefined):
+        raise
+
+    base_distro = context.get('base_distro')
+    base_arch = context.get('base_arch')
+    distro_package_manager = context.get('distro_package_manager')
+
+    commands = ''
+
+    if base_package_type == 'rpm':
+        # NOTE(hrw): we enable all repos with one call
+        if distro_package_manager == 'yum':
+            commands = 'yum-config-manager '
+        elif distro_package_manager == 'dnf':
+            commands = 'dnf config-manager '
+
+    try:
+        repo_list = repo_data['%s-%s' % (base_distro, base_arch)]
+    except KeyError:
+        # NOTE(hrw): Fallback to distro list
+        repo_list = repo_data[base_distro]
+
+    for repo in reponames:
+        try:
+            if base_package_type == 'rpm':
+                commands += ' --enable %s' % repo_list[repo]
+            elif base_package_type == 'deb':
+                commands += 'echo "%s" ' % repo_list[repo]
+                commands += '>/etc/apt/sources.list.d/%s.list; ' % repo
+        except KeyError:
+            pass
+        # NOTE(hrw): tripleo builds have empty repolist
+        except TypeError:
+            pass
+
+    if commands:
+        commands = "RUN %s" % commands
+
+    return commands

kolla/template/repos.yaml

@@ -0,0 +1,57 @@
+---
+centos:
+  ceph: "centos-ceph-nautilus"
+  elasticsearch: "elasticsearch-kibana-logstash-5.x"
+  grafana: "grafana"
+  hacluster: "network_ha-clustering_Stable"
+  influxdb: "influxdb"
+  kibana: "elasticsearch-kibana-logstash-5.x"
+  nfs-ganesha: "centos-nfs-ganesha28"
+  opendaylight: "opendaylight"
+  rabbitmq: "rabbitmq_rabbitmq-server"
+  td-agent: "treasuredata"
+
+centos-aarch64:
+  ceph: "centos-ceph-nautilus"
+  elasticsearch: "elasticsearch-kibana-logstash-5.x"
+  grafana: "grafana"
+  nfs-ganesha: "centos-nfs-ganesha28"
+  opendaylight: "opendaylight"
+  rabbitmq: "rabbitmq_rabbitmq-server"
+
+centos-ppc64le:
+  ceph: "centos-ceph-nautilus"
+  elasticsearch: "elasticsearch-kibana-logstash-5.x"
+  nfs-ganesha: "centos-nfs-ganesha28"
+  rabbitmq: "rabbitmq_rabbitmq-server"
+
+rhel:
+
+debian:
+  elasticsearch: "deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main"
+  grafana: "deb https://packages.grafana.com/oss/deb stable main"
+  kibana: "deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main"
+  td-agent: "deb http://packages.treasuredata.com/3/debian/buster buster contrib"
+
+ubuntu:
+  elasticsearch: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+  grafana: "deb https://packages.grafana.com/oss/deb stable main"
+  influxdb: "deb https://repos.influxdata.com/ubuntu bionic stable"
+  kibana: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+  mariadb: "deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main"
+  opendaylight: "deb http://ppa.launchpad.net/odl-team/carbon/ubuntu xenial main"
+  qdrouterd: "deb http://ppa.launchpad.net/qpid/released/ubuntu/ bionic main"
+  rabbitmq: "deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main"
+  sensu: "deb https://sensu.global.ssl.fastly.net/apt bionic main"
+  td-agent: "deb http://packages.treasuredata.com/3/ubuntu/bionic/ bionic contrib"
+
+ubuntu-aarch64:
+  elasticsearch: "deb [arch=amd64] https://artifacts.elastic.co/packages/5.x/apt stable main"
+  grafana: "deb https://packages.grafana.com/oss/deb stable main"
+  kibana: "deb https://artifacts.elastic.co/packages/5.x/apt stable main"
+  mariadb: "deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main"
+  rabbitmq: "deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main"
+
+ubuntu-ppc64le:
+  mariadb: "deb http://downloads.mariadb.com/MariaDB/mariadb-10.3/repo/ubuntu bionic main"
+  rabbitmq: "deb https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu/ bionic main"

kolla/tests/test_methods.py

@@ -21,3 +21,15 @@ class MethodsTest(base.TestCase):
         result = methods.debian_package_install(packages)
         expectCmd = 'apt-get -y install --no-install-recommends package2.deb'
         self.assertEqual(expectCmd, result.split("&&")[1].strip())
+
+    def test_enable_repos(self):
+        template_vars = {
+            'base_arch': 'x86_64',
+            'base_distro': 'centos',
+            'base_package_type': 'rpm',
+            'distro_package_manager': 'yum'
+        }
+
+        result = methods.enable_repos(template_vars, ['grafana'])
+        expectCmd = 'RUN yum-config-manager  --enable grafana'
+        self.assertEqual(expectCmd, result)

releasenotes/notes/enable-repos-when-needed-3beac8e1e24ea8eb.yaml

@@ -0,0 +1,6 @@
+---
+upgrade:
+  - |
+    The way of handling external repositories has changed. All such repos are
+    now disabled by default. There is "enable_extra_repos" macro to enable them
+    by name. Repositories names are defined in the "etc/repos.yaml" file.