Adds Cyrus SASL packages necessary for the DIGEST-MD5 and SCRAM-SHA-256
mechanisms. These can be used for libvirt SASL authentication.
Change-Id: I13e19ca29eeab40cd08fa3afe2cdf7531867f81b
Partial-Bug: #1964013
We should use the same Python OVS bindings package
version as running OpenvSwitch. See related bug.
Closes-Bug: #1961874
Change-Id: Id6968e3ec1093f26f25f3045e2a6d8cc4f41adaa
This is noop on CentOS (it was installed as a dep already - better
be explicit) but installs qemu-img (and other qemu utils) on
Debian and Ubuntu.
qemu-img may be used by libvirtd to create non-raw images as it
happens, e.g., when Kolla's libvirtd is used by tenks.
Change-Id: Ib79b8486f4d5064e4f249201d28cf5d6541c69ef
This reverts commit 7de91fd60355104cbd650e0fe6f680b2eb0f2ffa.
Reason for revert: Nova dropped pypowervm dependency so we do not need to handle it anymore.
Change-Id: I8bb6c4c07c30f108e77fbb8cdc38d634b42b900f
The EPEL8 repository doesn't provide the necessary spice-html5 package,
and the image is marked unbuildable for CentOS. Let's not make EPEL look
more useful than it is.
TrivialFix
Change-Id: Ia37792ca6e5b40156ebd57b6c290d1ee9d4ff87a
The nvme-cli package is required to get the nvme command executed by
os-brick, which is used by nova-compute.
We don't need to explicitely install it for centos binary images, as it
is required by os-brick which is required by openstack-nova-common, but
all other types of images were missing it.
Change-Id: I754939da7636c57d2a8d5b83debb5d8a58e38432
Closes-Bug: #1953509
Nova depends on pypowervm for POWER architecture support. But it is
unmaintained upstream and breaks CentOS builds (wants to install Py2
only 'futures' package).
Change-Id: Ife9385c93239e910db2e4405ec4661f667357bc0
libguestfs package fetched kernel-core one which fetched linux-firmware.
We remove the last one and save ~500MB of space:
before/centos-binary-nova-compute: 3.3GB
after1/centos-binary-nova-compute: 2.71GB
Closes-Bug: #1946801
Change-Id: I98cc19c95fcec07dd4e494c14c09938d754f1de0
edk2-ovmf introduced a bug [1] and results libvirt/qemu errors
It's going to be fixed in next rebase to libvirt 7.4.0 - but let's pin for now.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1961558#c10
Change-Id: I0cb0512ef40c48353d582b1c37a446f251b79ac7
We do not test support for ppc64le on CI or other systems.
In previous cycles it was used by TripleO and now they have own way.
Change-Id: Ibd955869a6f9485dfa4d08a8ad2f4b28b7d59c15
With RDO use we did not disabled some repositories. This patch disable
them and enable where needed.
Change-Id: Ia9d537fe9c1ad54789d2bfb4027254fbb3defe7e
There are several images installing 'python3-libvirt' package. Which for
Debian reside in 'libvirt' repo. So let's enable it where needed.
Change-Id: I1c91d27f2578f5ca7c83c4747725b1d9371880b0
nova-compute uses daxio to cleanup vpmem backend device on instance
delete. If the daxio binary is missing in the nova-compute container
instance delete fails. daxio is provided in centos via daxio, in
ubuntu via the pmdk-tools package.
Change-Id: Ifb5948653565e2ae902783762e20e33527020efe
Closes-Bug: 1907124
Refactor installing and initial setup of httpd and mod wsgi from
individual services to base image.
Change-Id: I651a55a9ebe258ef403d33de010a4dfb368a4021
This is no longer required when Kolla-Ansible is patched.
Note this is *not* safe to backport as it requires the user to
have Kolla-Ansible patched, i.e. would normally break most.
Change-Id: Ic5b9a58d212711a4d6c13822548c92013a6bae50
Related-Bug: #1681461
Depends-On: https://review.opendev.org/735441
This patch modifies the Dockerfile for the Nova API so that
the 'root' user executes the container setup scripts.
This enables the container httpd configuration script to execute.
Change-Id: I374af00a374346840c12777a530d39768b28c908
Partially-Implements: blueprint add-ssl-internal-network
Depends-On: https://review.opendev.org/725962
With the move to RHEL/CentOS 8 we no longer have Python 2 in our images
so there is no need for checking which Python version (2.x or 3.x) is
used inside of containers.
We also no longer have to support yum as a value for
distro_package_manager.
Partially-Implements: blueprint centos-rhel-8
Change-Id: Ie45cf3465fedddbde7856961527421883ba3d5c9
Upstream kibana package contains NodeJS x86-64 binaries so can not be
used directly on non-x86 architectures. I took upstream packages,
removed NodeJS binary from it and added 'nodejs' dependency.
Package is present in my Linaro OBS repository where I keep other
packages needed for aarch64 kolla run. Via APT pinning I mark them as
not wanted so they are not used on any architecture with two exceptions:
1. libvirt - we need fixed version to be able to use ThunderX servers
2. kibana - to be able to run it at all
For x86-64 upstream kibana package is used.
Closes-bug: #1867365
Change-Id: I456402849022100bde1fffdfbf6292b35690f0f2
Instead of listing architectures which do not have those packages we
should list those which have. Makes adding s390x easier.
Change-Id: I68aa6f4b7fb1c8d63c84f3436a34399cc9644060
Storage SIG has built Ceph Nautilus and Ganesha for CentOS8 in CentOS
Build System.
Let's switch to use them in kolla.
Change-Id: Id37dca84c4eb918aaf2d3c036ef5387fe75988dd
The disable_extra_repos macro accepts a list as its only argument. We
were calling it like this to disable EPEL:
disable_extra_repos('epel')
The macro interpreted this as a request to disable three repos, e, p, l.
Thanks Python! Type validation to be improved separately.
Additionally, on CentOS 8 the EPEL repository was not included in the
repository mapping file, repos.yaml. There is also another EPEL
repository on CentOS 8, epel-modular, which is enabled by default after
installing epel-release.
This change adds mappings for epel and epel-modular repos to repos.yaml,
and fixes the disabling of epel in the base image, as well as disabling
epel-modular.
There are some cases where EPEL is still used (it seemed a bit too
easy...), and the repository has been enabled for these images:
* bifrost-base (nginx)
* ironic-conductor (C7 only, shellinabox)
* freezer-base (C7 only, trickle)
* gnocchi-base (C8 binary only, python3-boto3)
* mariadb (pv)
* mongodb (C7 only, mongodb)
* nova-spicehtml5proxy (C7 only, spice-html5)
* telegraf (C7 only, python2-pip)
A few other things were changed:
* ironic-conductor does not require the ceph repo
* python3-pika is no longer installed in the openstack-base image
Related: blueprint remove-epel
Change-Id: I3761825239dfc462072383cde6276c4fb3e1bf12
Fix inability to run UEFI-based images/instances by installing UEFI
packages also in nova-libvirt image which is not based on nova-base.
Includes support for C8.
Backport below Train w/o C8.
Closes-Bug: #1814552
Co-authored-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Co-authored-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Change-Id: I1d5cd3d9af98444acac5bedd7daeaa6c6673dcd6
The centos:8 image contains a /run/nologin file, which prevents SSH
access to it. Remove this file in the keystone_ssh and nova_ssh images
to allow login via SSH.
Change-Id: I59dc2c4207af6812501b6c6acdb34e51a3e848c4
Partially-Implements: blueprint centos-rhel-8
The only Ceph version that will support CentOS 8 is Octopus.
It will be released end of March 2020 - so for now let's use master.
Change-Id: I5955acb41e7346802d76f4f2b244cbf5c36f5bf2
Partially-Implements: blueprint centos-rhel-8
* Some further changes for python2 vs python3 packages
* Allow rabbitmq 3.7.*, since a newer erlang is available
* Switch from qemu-img-ev to qemu-img on CentOS 8
* bridge-utils no longer available on CentOS 8
* libvirt-daemon-driver-lxc no longer available on CentOS 8
* Mark some more images buildable for CentOS 8
Change-Id: Iaf5b68ff6d944ae730ca0b1d5832172c106a6c08
Partially-Implements: blueprint centos-rhel-8
Partially-Implements: blueprint centos-rhel-python-3
All Apache httpd setup has been moved to a new helper script,
kolla_httpd_setup. This includes the existing clean of /run/httpd,
/var/run/httpd, /tmp/httpd etc.
Horizon has an additional bit of Apache config for Debian/binary, which
has been kept in extend_start.sh for horizon.
Change-Id: Ia2af74b69c151db0bd7e452460b0babcee50b282
Related: blueprint centos-rhel-8
Modify nova-libvirt extend_start.sh for preventing docker boot fail if there is no libvirtd.log file in libvirt folder.
Change-Id: If1df41fb07b90b6020a60e3f987d51f5a9792bca
Closes-Bug: 1855253
Disable external repositories by default and enable only when needed.
Depends-on: https://review.opendev.org/696480
Implements: blueprint repos-off-by-default
Change-Id: Icf2a8397a8349e0fe849d88d160409fd234480a9
xfsprogs is required for formatting XFS ephemeral disk partitions
when format=xfs is specified as instance create failes with
'mkfs.xfs: No such file or directory' due to missing xfsprogs
package in the nova-compute container.
Closes-Bug: #1850610
Change-Id: Iaf3414464f3dd747427247339c6b201b352063cb
