4949257038
While deploying on a rhel8 os beta + pure f28 containers we noticed that during docker-puppet or during docker-puppet-apply.sh dnf is invoked to install packages (in this case it was specifically MySQL-python). It makes zero sense to install packages inside a container because if you don't commit the container the content will be lost at restart anyway and so the installed package will be missing anyway. root 60586 0.0 0.0 13948 2936 ? Ss 15:29 0:00 \_ /bin/bash /var/lib/docker-puppet/docker-puppet.sh root 60623 6.8 0.7 366532 118236 ? Sl 15:29 0:04 \_ /usr/bin/ruby-mri /usr/bin/puppet apply --summarize --detailed-exitcodes --color=false --logdest syslog --logdest console --modulepath=/etc/puppet/modules:/usr/share/openstack-puppet/modules --tags file,file_line,concat,augeas,cron,cinder_config,cinder_type,file,concat,file_line /etc/config.pp root 60879 24.1 0.8 613968 137800 ? Ss 15:29 0:11 \_ /usr/bin/python3 /usr/bin/dnf -d 0 -e 1 -y install MySQL-python The packages *must* be preinstalled in the container images all the time, assuming we can invoke yum/dnf inside the container makes little sense. The reason for this is that this hiera key should not have any effect inside a container: [root@win1 hieradata]# hiera -c /etc/puppet/hiera.yaml tripleo::packages::enable_install true Tested this change by redeploying a standalone env (which forces package installation to true) and observed no dnf calls like the ones described above. Change-Id: I2bd247af2b54f3a834cdc8a2f253600527c7acd8 Closes-Bug: #1812923
61 lines
1.8 KiB
Puppet
61 lines
1.8 KiB
Puppet
# Copyright 2015 Red Hat, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
# == Class: tripleo::packages
|
|
#
|
|
# Configure package installation/upgrade defaults.
|
|
#
|
|
# === Parameters:
|
|
#
|
|
# [*enable_install*]
|
|
# Whether to enable package installation via Puppet.
|
|
# Defaults to false
|
|
#
|
|
# [*enable_upgrade*]
|
|
# Upgrades all puppet managed packages to latest.
|
|
# Defaults to false
|
|
#
|
|
class tripleo::packages (
|
|
$enable_install = false,
|
|
$enable_upgrade = false,
|
|
) {
|
|
|
|
# required for stages
|
|
include ::stdlib
|
|
|
|
# if both enable_install and enabled_upgrade are false *or* if we're in containers we noop package installations
|
|
if (!str2bool($enable_install) and !str2bool($enable_upgrade)) or $::deployment_type == 'containers' {
|
|
case $::osfamily {
|
|
'RedHat': {
|
|
Package <| |> { provider => 'norpm' }
|
|
}
|
|
default: {
|
|
warning('enable_install option not supported for this distro.')
|
|
}
|
|
}
|
|
}
|
|
|
|
if str2bool($enable_upgrade) {
|
|
Package <| |> { ensure => 'latest' }
|
|
# Running the package upgrade before managing Services in the main stage.
|
|
# So we're sure that services will be able to restart with the new version
|
|
# of the package.
|
|
ensure_resource('class', 'tripleo::packages::upgrades', {
|
|
'stage' => 'setup',
|
|
})
|
|
}
|
|
|
|
}
|