259 Commits

Author SHA1 Message Date
Zuul
61744a7bbf Merge "libvirt: add Cyrus SASL packages for DIGEST-MD5" 2022-03-11 14:54:09 +00:00
Mark Goddard
e1efa9d257 libvirt: add Cyrus SASL packages for DIGEST-MD5
Adds Cyrus SASL packages necessary for the DIGEST-MD5 and SCRAM-SHA-256
mechanisms. These can be used for libvirt SASL authentication.

Change-Id: I13e19ca29eeab40cd08fa3afe2cdf7531867f81b
Partial-Bug: #1964013
2022-03-10 10:59:38 +00:00
Michal Nasiadka
8e8a499adc Use python3-openvswitch from distro
We should use the same Python OVS bindings package
version as running OpenvSwitch. See related bug.

Closes-Bug: #1961874

Change-Id: Id6968e3ec1093f26f25f3045e2a6d8cc4f41adaa
2022-03-01 16:59:33 +00:00
Radosław Piliszek
0236bc6d94 Add qemu-img also in nova-libvirt image
This is noop on CentOS (it was installed as a dep already - better
be explicit) but installs qemu-img (and other qemu utils) on
Debian and Ubuntu.

qemu-img may be used by libvirtd to create non-raw images as it
happens, e.g., when Kolla's libvirtd is used by tenks.

Change-Id: Ib79b8486f4d5064e4f249201d28cf5d6541c69ef
2022-02-22 12:20:40 +00:00
Zuul
758b53016a Merge "Revert "nova: drop pypowervm dependency"" 2022-02-08 11:18:33 +00:00
Marcin Juszkiewicz
e1637099d5 Revert "nova: drop pypowervm dependency"
This reverts commit 7de91fd60355104cbd650e0fe6f680b2eb0f2ffa.

Reason for revert: Nova dropped pypowervm dependency so we do not need to handle it anymore.

Change-Id: I8bb6c4c07c30f108e77fbb8cdc38d634b42b900f
2022-02-08 07:16:44 +00:00
Marcin Juszkiewicz
c638e768a8 nova-compute: 'ndctl' is available on all archs
In past 'ndctl' was x86-64 only in Ubuntu. This changed in 19.04 so time
to adapt.

Change-Id: I3e599f780e8f84ea131988f4a9a45f17055c8ab2
2022-02-05 09:32:15 +00:00
Mark Goddard
7893306add nova: remove EPEL repository from nova-spicehtml5proxy image
The EPEL8 repository doesn't provide the necessary spice-html5 package,
and the image is marked unbuildable for CentOS. Let's not make EPEL look
more useful than it is.

TrivialFix

Change-Id: Ia37792ca6e5b40156ebd57b6c290d1ee9d4ff87a
2021-12-23 10:55:04 +00:00
Pierre Riteau
30eddf72f6 Ensure nvme-cli is present in nova-compute images
The nvme-cli package is required to get the nvme command executed by
os-brick, which is used by nova-compute.

We don't need to explicitely install it for centos binary images, as it
is required by os-brick which is required by openstack-nova-common, but
all other types of images were missing it.

Change-Id: I754939da7636c57d2a8d5b83debb5d8a58e38432
Closes-Bug: #1953509
2021-12-07 16:02:03 +01:00
Zuul
f371e9b6eb Merge "nova: drop pypowervm dependency" 2021-12-04 21:06:41 +00:00
Marcin Juszkiewicz
7de91fd603 nova: drop pypowervm dependency
Nova depends on pypowervm for POWER architecture support. But it is
unmaintained upstream and breaks CentOS builds (wants to install Py2
only 'futures' package).

Change-Id: Ife9385c93239e910db2e4405ec4661f667357bc0
2021-12-01 16:52:08 +01:00
Marcin Juszkiewicz
bbef9846c3 nova-compute: trim image a bit on CentOS
libguestfs package fetched kernel-core one which fetched linux-firmware.
We remove the last one and save ~500MB of space:

before/centos-binary-nova-compute: 3.3GB
after1/centos-binary-nova-compute: 2.71GB

Closes-Bug: #1946801
Change-Id: I98cc19c95fcec07dd4e494c14c09938d754f1de0
2021-11-26 12:10:32 +00:00
Pierre Riteau
8ec8ef3d8a Revert "libvirt: pin edk2-ovmf"
The "internal error: unknown feature amd-sev-es" error in libvirt seen
with the edk2-ovmf package is fixed by a commit in libvirt 7.4.0 [0] to
avoid erroring out on unknown QEMU firmware features.

CentOS Stream 8 was wrongly using the CentOS 8 advanced-virtualization
repository [1] instead of the CentOS Stream 8 one [2]. This is fixed by
centos-release-advanced-virtualization-1.0-3 [3], which should bring
libvirt-7.4.0-1 into our nova-libvirt image.

This reverts commit 1a2c33512b6c4bdcdbf7d7bb08e791fb53e4f063.

[0] 61d95a1073
[1] http://mirror.centos.org/centos/8/virt/x86_64/advanced-virtualization/
[2] http://mirror.centos.org/centos/8-stream/virt/x86_64/advancedvirt-common/
[3] https://koji.mbox.centos.org/koji/buildinfo?buildID=18004

Change-Id: I1f58262109dd27a4c4ee9b60d87010170b5ea7bb
2021-06-18 07:22:35 +02:00
Michał Nasiadka
1a2c33512b libvirt: pin edk2-ovmf
edk2-ovmf introduced a bug [1] and results libvirt/qemu errors
It's going to be fixed in next rebase to libvirt 7.4.0 - but let's pin for now.

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1961558#c10

Change-Id: I0cb0512ef40c48353d582b1c37a446f251b79ac7
2021-05-25 18:37:55 +02:00
Marcin Juszkiewicz
0506ede84f Drop ppc64le support
We do not test support for ppc64le on CI or other systems.

In previous cycles it was used by TripleO and now they have own way.

Change-Id: Ibd955869a6f9485dfa4d08a8ad2f4b28b7d59c15
2021-05-11 12:45:16 +02:00
Marcin Juszkiewicz
38fcd184e8 centos: enable repos where needed
With RDO use we did not disabled some repositories. This patch disable
them and enable where needed.

Change-Id: Ia9d537fe9c1ad54789d2bfb4027254fbb3defe7e
2021-04-13 11:21:39 +00:00
Marcin Juszkiewicz
fb61ba7dac enable 'libvirt' repo for images with python*-libvirt
There are several images installing 'python3-libvirt' package. Which for
Debian reside in 'libvirt' repo. So let's enable it where needed.

Change-Id: I1c91d27f2578f5ca7c83c4747725b1d9371880b0
2021-03-23 22:08:11 +01:00
Marcin Juszkiewicz
fc89e57c1c get rid of traces of CentOS 7 support
Change-Id: I4d20f23a9b26364943bf967908255d82c8f6621b
2021-02-04 17:06:28 +01:00
Christian Berendt
36e5ef2d78 Remove nova-mksproxy image
Signed-off-by: Christian Berendt <berendt@betacloud-solutions.de>
Change-Id: I3d101f171bd1cc6f3c192ddc98cea0d63bccb739
2021-01-15 14:09:23 +01:00
Marcin Juszkiewicz
edb6b60a98 nova-compute: daxio on CentOS 8 is x86-64 only
I somehow missed that when it was sent for review.

Change-Id: Iabacaeccdb360544125ad910d5c3f5f9d895dac5
2020-12-18 14:32:46 +01:00
Martin Schuppert
6176d54179 Add daxio for nvdimm scenario
nova-compute uses daxio to cleanup vpmem backend device on instance
delete. If the daxio binary is missing in the nova-compute container
instance delete fails. daxio is provided in centos via daxio, in
ubuntu via the pmdk-tools package.

Change-Id: Ifb5948653565e2ae902783762e20e33527020efe
Closes-Bug: 1907124
2020-12-15 14:22:12 +01:00
Marcin Juszkiewicz
84038e337a Debian: use QEMU 5.0 from buster-backports
This will allow us to make sure of all updates.

'qemu-kvm' got dropped in Debian

Change-Id: If09a8188030baa284dd353b1c3f830d78c5091b7
2020-08-24 09:57:54 +02:00
Zuul
fd60c65710 Merge "Refactor httpd install to base image" 2020-08-10 17:52:00 +00:00
James Kirsch
5bdf514645 Refactor httpd install to base image
Refactor installing and initial setup of httpd and mod wsgi from
individual services to base image.

Change-Id: I651a55a9ebe258ef403d33de010a4dfb368a4021
2020-08-10 09:51:07 +00:00
Radosław Piliszek
d4b1ee126b Remove TODO in libvirt script
This is no longer required when Kolla-Ansible is patched.

Note this is *not* safe to backport as it requires the user to
have Kolla-Ansible patched, i.e. would normally break most.

Change-Id: Ic5b9a58d212711a4d6c13822548c92013a6bae50
Related-Bug: #1681461
Depends-On: https://review.opendev.org/735441
2020-07-31 09:06:28 +00:00
Marcin Juszkiewicz
90adc2b851 introduce 'infra_image_prefix' for infra images
Defaults to 'image_prefix' for now but shows which images gets their
names changed soon.

Change-Id: I0608e8f62f28d6667b4c8753c47553e4cbf75503
2020-07-09 23:31:42 +02:00
Radosław Piliszek
0c8702c96f Add sysfsutils to nova-compute ubuntu source
This fixes the FC Cinder backend usage in Nova.

Change-Id: I036cfe3af3dd96625f986a820c78a10e6558b086
Closes-bug: #1884484
2020-06-22 11:06:58 +02:00
James Kirsch
c7482778aa Enable mod_wsgi in Nova API container
This patch modifies the Dockerfile for the Nova API so that
the 'root' user executes the container setup scripts.
This enables the container httpd configuration script to execute.

Change-Id: I374af00a374346840c12777a530d39768b28c908
Partially-Implements: blueprint add-ssl-internal-network
Depends-On: https://review.opendev.org/725962
2020-05-06 18:35:07 +00:00
Marcin Juszkiewicz
0ca4953269 nova-libvirt: fix after centos 7 removal damage
Removal of CentOS 7 butchered Dockerfile.j2 so UEFI was not installed in
Debian/Ubuntu images.

Change-Id: I13be95df12ed30a366bd7d0e934704bd338781cf
2020-04-16 15:49:59 +02:00
Zuul
b53ddab4b6 Merge "nova-compute: add ndctl to expose NVDIMMs to guests" 2020-04-15 15:30:52 +00:00
Marcin Juszkiewicz
53443c5c71 Remove support for CentOS 7
With the move to RHEL/CentOS 8 we no longer have Python 2 in our images
so there is no need for checking which Python version (2.x or 3.x) is
used inside of containers.

We also no longer have to support yum as a value for
distro_package_manager.

Partially-Implements: blueprint centos-rhel-8

Change-Id: Ie45cf3465fedddbde7856961527421883ba3d5c9
2020-04-15 09:32:06 +00:00
Piotr Kopec
f9ea23d940 nova-compute: add ndctl to expose NVDIMMs to guests
`ndctl` is a utility for managing the nvdimm subsystem required
by Nova for attaching PMEM(persistent memory) namespaces to guests [0].

[0]: https://docs.openstack.org/nova/latest/admin/virtual-persistent-memory.html

Change-Id: I8ed1b6c1d0985b2a73206bd9249a5664cd80c912
Closes-Bug: #1870455
2020-04-14 15:46:12 +02:00
Marcin Juszkiewicz
245992d37c kibana, nova-libvirt: handle it properly for non-x86
Upstream kibana package contains NodeJS x86-64 binaries so can not be
used directly on non-x86 architectures. I took upstream packages,
removed NodeJS binary from it and added 'nodejs' dependency.

Package is present in my Linaro OBS repository where I keep other
packages needed for aarch64 kolla run. Via APT pinning I mark them as
not wanted so they are not used on any architecture with two exceptions:

1. libvirt - we need fixed version to be able to use ThunderX servers
2. kibana - to be able to run it at all

For x86-64 upstream kibana package is used.

Closes-bug: #1867365

Change-Id: I456402849022100bde1fffdfbf6292b35690f0f2
2020-03-13 18:28:42 +00:00
Marcin Juszkiewicz
1c8c9b42f2 nova-libvirt: use dmidecode and xen-utils on archs which have them
Instead of listing architectures which do not have those packages we
should list those which have. Makes adding s390x easier.

Change-Id: I68aa6f4b7fb1c8d63c84f3436a34399cc9644060
2020-03-05 21:56:08 +00:00
Alfredo Moralejo
0c63129682 Use StorageSIG repos for Ceph in CentOS8
Storage SIG has built Ceph Nautilus and Ganesha for CentOS8 in CentOS
Build System.

Let's switch to use them in kolla.

Change-Id: Id37dca84c4eb918aaf2d3c036ef5387fe75988dd
2020-03-03 16:31:53 +05:30
Christian Berendt
861f55fbfd Add block labels to all Dockerfiles
Change-Id: I9692dda817ef134d647247431565e1b58cf9da41
2020-03-01 17:25:58 +00:00
Mark Goddard
1fe8012ce2 Actually disable EPEL, and epel-modular
The disable_extra_repos macro accepts a list as its only argument. We
were calling it like this to disable EPEL:

disable_extra_repos('epel')

The macro interpreted this as a request to disable three repos, e, p, l.
Thanks Python! Type validation to be improved separately.

Additionally, on CentOS 8 the EPEL repository was not included in the
repository mapping file, repos.yaml. There is also another EPEL
repository on CentOS 8, epel-modular, which is enabled by default after
installing epel-release.

This change adds mappings for epel and epel-modular repos to repos.yaml,
and fixes the disabling of epel in the base image, as well as disabling
epel-modular.

There are some cases where EPEL is still used (it seemed a bit too
easy...), and the repository has been enabled for these images:

* bifrost-base (nginx)
* ironic-conductor (C7 only, shellinabox)
* freezer-base (C7 only, trickle)
* gnocchi-base (C8 binary only, python3-boto3)
* mariadb (pv)
* mongodb (C7 only, mongodb)
* nova-spicehtml5proxy (C7 only, spice-html5)
* telegraf (C7 only, python2-pip)

A few other things were changed:

* ironic-conductor does not require the ceph repo
* python3-pika is no longer installed in the openstack-base image

Related: blueprint remove-epel

Change-Id: I3761825239dfc462072383cde6276c4fb3e1bf12
2020-02-26 13:46:04 +00:00
Zuul
49445b68f8 Merge "nova: use proper uefi package names under CentOS/RHEL 8" 2020-02-04 15:26:24 +00:00
Zuul
a0058693f1 Merge "CentOS 8: Allow SSH access to keystone_ssh and nova_ssh" 2020-02-01 15:43:39 +00:00
Zuul
d00fa3a6dd Merge "CentOS 8: Use upstream Ceph/master" 2020-01-31 19:26:02 +00:00
Zuul
c1d1a65a5b Merge "nova-libvirt: add UEFI packages to support UEFI instances" 2020-01-31 17:57:29 +00:00
chenxing
15b68c15c1 nova-libvirt: add UEFI packages to support UEFI instances
Fix inability to run UEFI-based images/instances by installing UEFI
packages also in nova-libvirt image which is not based on nova-base.

Includes support for C8.
Backport below Train w/o C8.

Closes-Bug: #1814552
Co-authored-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Co-authored-by: Radosław Piliszek <radoslaw.piliszek@gmail.com>
Change-Id: I1d5cd3d9af98444acac5bedd7daeaa6c6673dcd6
2020-01-31 10:19:55 +01:00
Marcin Juszkiewicz
a04963a6ab nova: use proper uefi package names under CentOS/RHEL 8
Change-Id: I92be17ef1ce0f81ab3f49433a0d1e688874ba64e
2020-01-30 16:28:48 +01:00
Mark Goddard
892ae92d97 CentOS 8: Allow SSH access to keystone_ssh and nova_ssh
The centos:8 image contains a /run/nologin file, which prevents SSH
access to it. Remove this file in the keystone_ssh and nova_ssh images
to allow login via SSH.

Change-Id: I59dc2c4207af6812501b6c6acdb34e51a3e848c4
Partially-Implements: blueprint centos-rhel-8
2020-01-30 11:23:48 +00:00
Michal Nasiadka
70423f1959 CentOS 8: Use upstream Ceph/master
The only Ceph version that will support CentOS 8 is Octopus.
It will be released end of March 2020 - so for now let's use master.

Change-Id: I5955acb41e7346802d76f4f2b244cbf5c36f5bf2
Partially-Implements: blueprint centos-rhel-8
2020-01-30 10:35:50 +00:00
Mark Goddard
4b4e26262b CentOS 8: Update packages in images
* Some further changes for python2 vs python3 packages
* Allow rabbitmq 3.7.*, since a newer erlang is available
* Switch from qemu-img-ev to qemu-img on CentOS 8
* bridge-utils no longer available on CentOS 8
* libvirt-daemon-driver-lxc no longer available on CentOS 8
* Mark some more images buildable for CentOS 8

Change-Id: Iaf5b68ff6d944ae730ca0b1d5832172c106a6c08
Partially-Implements: blueprint centos-rhel-8
Partially-Implements: blueprint centos-rhel-python-3
2020-01-29 11:41:38 +00:00
Mark Goddard
8484190e77 Refactor Apache httpd setup
All Apache httpd setup has been moved to a new helper script,
kolla_httpd_setup. This includes the existing clean of /run/httpd,
/var/run/httpd, /tmp/httpd etc.

Horizon has an additional bit of Apache config for Debian/binary, which
has been kept in extend_start.sh for horizon.

Change-Id: Ia2af74b69c151db0bd7e452460b0babcee50b282
Related: blueprint centos-rhel-8
2019-12-11 11:38:46 +00:00
yuchengde
6c2a2f536e Let nova-libvirt restarting be independent of libvirtd.log
Modify nova-libvirt extend_start.sh for preventing docker boot fail if there is no libvirtd.log file in libvirt folder.

Change-Id: If1df41fb07b90b6020a60e3f987d51f5a9792bca
Closes-Bug:  1855253
2019-12-06 09:49:06 +08:00
Marcin Juszkiewicz
cf11cd6f3d Enable repos only when needed
Disable external repositories by default and enable only when needed.

Depends-on: https://review.opendev.org/696480

Implements: blueprint repos-off-by-default

Change-Id: Icf2a8397a8349e0fe849d88d160409fd234480a9
2019-11-29 11:38:06 +01:00
Martin Schuppert
9b1a243a3a Add xfsprogs to nova-compute
xfsprogs is required for formatting XFS ephemeral disk partitions
when format=xfs is specified as instance create failes with
'mkfs.xfs: No such file or directory' due to missing xfsprogs
package in the nova-compute container.

Closes-Bug: #1850610

Change-Id: Iaf3414464f3dd747427247339c6b201b352063cb
2019-10-30 10:13:38 +01:00