Bionic requires a functioning gpg-agent to run apt-key add. This means
that gpg-agent must be working properly in the chroot when the nspawn
image preparation script runs.
Previous changes [1] have enabled apt-key to communicate with gpg-agent
during the nspawn_hosts role checks, however the cache prep fails almost
every time when nspawn_hosts is used within other role checks.
This is not a new issue, debian-installer is affected too [2].
This change adopts the same route as d-i, and simply copies the host
/etc/apt/trusted.gpg.d directory to the nspawn image, removing the
need for apt-key and in turn gpg-agent.
This is a re-implementation of https://review.openstack.org/588962
for nspawn.
[1] https://review.openstack.org/590431
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851774
Change-Id: I3c56da445377d7ba27a623fb7ebe95c20d28a327
The tempfiles template was being setup on the host, this causes host
machines to have an issue with journald on reboot due to the directory
being part of systemd-tmpfiles.
Nspawn container journals were not being written to the host. This was
fixed by changing try-guest to try-host, which will fall back to the
guest in the event that host journalling is not possible.
Systemd-nspawn containers were not starting on boot due to them needing
to wait for networking to be online. The base template has been updated
to ensure networking is online before starting containers.
Change-Id: I6af3923bd10091172e75cfb16c9146cd47f827a4
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
There are some inter-dependencies here where the container tasks will
not pass until a few updates are in both here and elsewhere. This change
sets the container create tasks to non-voting until all of the required
updates get in.
Remove the aria2 requirement
While aria2 has some nice features, the get_url command can do most of
what we need and does so in a far more universal way. This change
removes the aria2 dependency and updates the aria2 tasks to use the
get_url module.
Change-Id: Iab422c718d789ef13b8ec55938fdb7e73e40061b
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The combined networks variable will allow deployers to set basic
container networks, default nspawn networks, and any "extra" networks a
deployer may need outside of a standard build.
Change-Id: I5346fdf81967d6eb7f69e61a187166c076ca4b60
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
The host copy process was taking too much, this makes that process more
selective.
Change-Id: Ic25559d9b68b6208ffdbed020cc79bd6b3d52fdd
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
Use the common roles throught this role to remove all of the boilerplate
code we had. The common modules do most of the heavy lifing.
Update to fix the resolve.conf issue with the image cache prep.
Add legacy image support and use smaller upstream images by default.
Now that suse supports systemd-networkd we can enable suse support in
nspawn.
Change-Id: I5f6ceb928f5c0902adf2e34f96a5998840400777
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>