Libvirt 8 got recently backported to bullseye so we can make use of it.
QEMU 6.2 was already available but conflicted with libvirt/bullseye.
Also started listing which packages we want from backports.
Change-Id: I335e5748e9624fe470adbaf6a6f080a3ae468f04
This adds a libvirt exporter image for use with Prometheus.
Partially-Implements: blueprint libvirt-exporter
Change-Id: Ice2af99a323496d3821762851b663899d15f569a
When using Ironic with UEFI boot mode and iPXE booting, nodes will
attempt to chainload iPXE using a Network Boot Program (NBP). This is
configured in Ironic via [pxe] uefi_ipxe_bootfile_name, and the default
since Xena is snponly.efi. In Wallaby and earlier releases, the default
was ipxe.efi. These files need to be available in the /tftpboot
directory of the ironic-pxe image.
The current default of snponly.efi was not present for any supported
distros. ipxe.efi was present for Debian/Ubuntu but not CentOS, which
appends the architecture to the filename (e.g. ipxe-x86_64.efi).
This change ensures that both ipxe.efi and snponly.efi exist in
/tftpboot for all supported distributions, ensuring that both the
current and previous Ironic defaults should work. Where these files have
different names, we use symlinks to allow for any deployers overriding
the filenames in configuration.
Closes-Bug: #1959203
Change-Id: I79e78dca550262fc86b092a036f9ea96b214ab48
Adds container images for LetsEncrypt.
Implements: blueprint letsencrypt-https
Change-Id: I36d1a367fd8f40bb93ebc49122c8ee4fdcc151b2
Co-Authored-By: Jason Anderson <jasonanderson@uchicago.edu>
While handling permissions for directories, set_configs.py configures them
same as for files - i.e. 0640 set in config.json which works fine for file
will cause any potential subdirectories to lack traverse permission.
Check and permission change was added to handle_permissions function
to add +x if +r is present for user, group, others.
Change-Id: Ic6e3ae4ff40c6ce5a5c0646ed309a2938903f6c0
With [0] the version of td-agent being installed was pinned, which isn't
sustainable in the long run, so we drop the pin.
Latest version of the elasticsearch gem no longer works with older
(OSS) versions of Elasticsearch. This is fixed by downgrading the version
of the elasticsearch gems.
[0] Iefcdd3100b7e3c5320bc5f1286a18251bdeab885
Related-Bug: 1930867
Closes-Bug: 1954759
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/823155
Change-Id: I3045786e863b098d7339d1066aef6c857aa5f97f
Use distro provided GRUB efi instead of creating it like ironic GRUB
setup doc[1]. This avoids below ubuntu ironic-python-agent images PXE
booting failure.
----------
error: invalid magic number.
error: you need to load the kernel first.
Press any key to continue...
----------
This also fixes x86_64 uefi pxe booting issue by setting up GRUB efi
for x86_64.
Besides, GRUB setup only needs to do once at bootstrap stage.
[1]:
https://docs.openstack.org/ironic/train/install/configure-pxe.html#uefi-pxe-GRUB-setup
Closes-Bug: #1879265
Change-Id: I8be5bdf5f1a62751aefe6bd0959e8f558fcfe591
The Log4j version was bumped on GitHub [1] but it is still pending
inclusion in a release of Apache Storm.
Apply the alternative mitigation recommended by Log4j [2] of removing
the JndiLookup class from the classpath.
[1] https://github.com/apache/storm/pull/3427
[2] https://logging.apache.org/log4j/2.x/security.html
Change-Id: Ib3ecd73f9e39e320acb2c5f0962b8af9b1a817e9
This conditional was missed in the original patch moving aarch64
to td-agent. [1]
After this change, other plugins will have newer versions
installed as well, as it happens in other image flavours.
[1] I86ecdc1ac45dfd76b94a34d1b837f7c0bc975dcd
Closes-Bug: #1955889
Change-Id: I10ff098b3356eb02ad4a1006b988812356768fec
The nvme-cli package is required to get the nvme command executed by
os-brick, which is used by nova-compute.
We don't need to explicitely install it for centos binary images, as it
is required by os-brick which is required by openstack-nova-common, but
all other types of images were missing it.
Change-Id: I754939da7636c57d2a8d5b83debb5d8a58e38432
Closes-Bug: #1953509
Nova depends on pypowervm for POWER architecture support. But it is
unmaintained upstream and breaks CentOS builds (wants to install Py2
only 'futures' package).
Change-Id: Ife9385c93239e910db2e4405ec4661f667357bc0
New pip has nice features for detection of conflicting
requirements.
When installing from PyPI, as we do in source images, running
the latest pip+setuptools+wheel is recommended.
Co-authored-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: I4ae3a82cc796a60450c2a35beba32972964bc5d0
libguestfs package fetched kernel-core one which fetched linux-firmware.
We remove the last one and save ~500MB of space:
before/centos-binary-nova-compute: 3.3GB
after1/centos-binary-nova-compute: 2.71GB
Closes-Bug: #1946801
Change-Id: I98cc19c95fcec07dd4e494c14c09938d754f1de0
Swift-recon-cron requires rw access to the lock path
specified in in object-server.conf file. Currently it
doesn't exist in Swift containers
Closes-Bug: #1926203
Change-Id: Id3f824b741a5aa98efc7162fb7d49657e86a2bee
--query is not supported before update-alternatives 1.15
and CentOS uses 1.13
Closes-Bug: #1936947
Change-Id: I78da7eb2b6b5eae2b04fd95b24615bd4a572a1d6
Add file to the reno documentation build to show release notes for
stable/xena.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.
Sem-Ver: feature
Change-Id: If65ad4864aee3e5d86db7ec3cd0119e043fb4f1e
This reverts commit 1b6d1bf16215f7a166b6b6578ddd9ca242751d3e.
Reason for revert: This is for a change that merged a year ago.
Advertising this as a new bugfix only introduces confusion.
Change-Id: I487f0f5e795b27faf39530d459df13d816082fa2
Grafana has now native support for configuring Influxdb data sources.
Plugin has been defunct anyway since Grafana requires it to be signed.
Change-Id: I461f598bca6606f1d2939e385bb7befe2b792aa6