From 9b15ca277f1568c6aedc04cc634ad91a02be596f Mon Sep 17 00:00:00 2001 From: Julia Kreger Date: Wed, 7 Jun 2017 12:05:29 +0000 Subject: [PATCH] Fedora 25-27 support Update bifrost to handle fedora as minor changes between releases have been slightly breaking, and have gone largely un-noticed since the bulk of bifrost users seem to use centos or ubuntu. Added a fedora 26 job to help enforce support moving forward. Change-Id: I9a654b91edfa52321adccfa5df0c260eb0c9e487 Closes-Bug: #1695969 Closes-Bug: #1695968 --- .../defaults/required_defaults_Fedora.yml | 16 +++++++ .../tasks/prepare_libvirt.yml | 9 ++++ .../defaults/required_defaults_Fedora_25.yml | 44 ++++++++++++++++++ .../defaults/required_defaults_Fedora_26.yml | 45 +++++++++++++++++++ .../defaults/required_defaults_Fedora_27.yml | 45 +++++++++++++++++++ .../tasks/bootstrap.yml | 6 ++- .../bifrost-ironic-install/tasks/install.yml | 3 +- .../templates/ironic.conf.j2 | 1 + ...dora-core-25-support-b9f8f258a9738a06.yaml | 23 ++++++++++ requirements.txt | 1 + scripts/install-deps.sh | 3 ++ zuul.d/legacy-bifrost-jobs.yaml | 8 ++++ zuul.d/project.yaml | 2 + 13 files changed, 204 insertions(+), 2 deletions(-) create mode 100644 playbooks/roles/bifrost-create-vm-nodes/defaults/required_defaults_Fedora.yml create mode 100644 playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_25.yml create mode 100644 playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_26.yml create mode 100644 playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_27.yml create mode 100644 releasenotes/notes/fedora-core-25-support-b9f8f258a9738a06.yaml diff --git a/playbooks/roles/bifrost-create-vm-nodes/defaults/required_defaults_Fedora.yml b/playbooks/roles/bifrost-create-vm-nodes/defaults/required_defaults_Fedora.yml new file mode 100644 index 000000000..dca6b9b2d --- /dev/null +++ b/playbooks/roles/bifrost-create-vm-nodes/defaults/required_defaults_Fedora.yml @@ -0,0 +1,16 @@ +--- +sgabios_dir: /usr/share/sgabios/ +libvirt_service_name: libvirtd +required_packages: + - qemu-img + - qemu-kvm + - qemu-system-x86 + - sgabios-bin + - libvirt + - libvirt-client + - libvirt-daemon + - libvirt-python + - python-lxml + - pkgconfig + - libvirt-devel + - libselinux-python diff --git a/playbooks/roles/bifrost-create-vm-nodes/tasks/prepare_libvirt.yml b/playbooks/roles/bifrost-create-vm-nodes/tasks/prepare_libvirt.yml index f395ea34c..0d699329d 100644 --- a/playbooks/roles/bifrost-create-vm-nodes/tasks/prepare_libvirt.yml +++ b/playbooks/roles/bifrost-create-vm-nodes/tasks/prepare_libvirt.yml @@ -57,6 +57,15 @@ state: stopped ignore_errors: true +# NOTE(TheJulia): Seems if you test in a VM, this might +# be helpful if your installed your host originally +# with the default 192.168.122/0/24 network +- name: destroy libvirt network + virt_net: + name: "{{ test_vm_network }}" + state: absent + uri: "{{ test_vm_libvirt_uri }}" + - name: ensure libvirt network is present virt_net: name: "{{ test_vm_network }}" diff --git a/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_25.yml b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_25.yml new file mode 100644 index 000000000..9ef01d63b --- /dev/null +++ b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_25.yml @@ -0,0 +1,44 @@ +--- +init_template: systemd_template.j2 +init_dest_dir: /usr/lib/systemd/system/ +init_ext: .service +syslinux_tftp_dir: /var/lib/tftpboot +ipxe_dir: /usr/share/ipxe/ +ipxe_full_binary: ipxe.lkrn +ironic_rootwrap_dir: /usr/bin/ +nginx_user: nginx +mysql_service_name: mariadb +tftp_service_name: tftp +required_packages: + - mariadb-server + - dnsmasq + - rabbitmq-server + - python-devel + - MySQL-python + - libselinux-python + - python-iniparse + - libffi-devel + - libxslt-devel + - openssl-devel + - libxml2-devel + - ipxe-bootimgs + - tftp-server + - syslinux + - syslinux-tftpboot + - xinetd + - parted + - ipmitool + - psmisc + - nginx + - wget + - genisoimage + - kpartx + - qemu-kvm + - qemu-img + - openwsman-python + - libselinux-python + - policycoreutils-python + - debootstrap + - gcc + - socat +iscsi_client_package: "iscsi-initiator-utils" diff --git a/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_26.yml b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_26.yml new file mode 100644 index 000000000..5705223c4 --- /dev/null +++ b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_26.yml @@ -0,0 +1,45 @@ +--- +init_template: systemd_template.j2 +init_dest_dir: /usr/lib/systemd/system/ +init_ext: .service +syslinux_tftp_dir: /var/lib/tftpboot +ipxe_dir: /usr/share/ipxe/ +ipxe_full_binary: ipxe.lkrn +ironic_rootwrap_dir: /usr/bin/ +nginx_user: nginx +mysql_service_name: mariadb +tftp_service_name: tftp +required_packages: + - mariadb-server + - dnsmasq + - rabbitmq-server + - python-devel + - MySQL-python + - libselinux-python + - python-iniparse + - libffi-devel + - libxslt-devel + - openssl-devel + - libxml2-devel + - ipxe-bootimgs + - tftp-server + - syslinux + - syslinux-tftpboot + - xinetd + - parted + - ipmitool + - psmisc + - nginx + - wget + - genisoimage + - kpartx + - qemu-kvm + - qemu-img + - openwsman-python + - libselinux-python + - policycoreutils-python + - policycoreutils-python-utils + - debootstrap + - gcc + - socat +iscsi_client_package: "iscsi-initiator-utils" diff --git a/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_27.yml b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_27.yml new file mode 100644 index 000000000..5705223c4 --- /dev/null +++ b/playbooks/roles/bifrost-ironic-install/defaults/required_defaults_Fedora_27.yml @@ -0,0 +1,45 @@ +--- +init_template: systemd_template.j2 +init_dest_dir: /usr/lib/systemd/system/ +init_ext: .service +syslinux_tftp_dir: /var/lib/tftpboot +ipxe_dir: /usr/share/ipxe/ +ipxe_full_binary: ipxe.lkrn +ironic_rootwrap_dir: /usr/bin/ +nginx_user: nginx +mysql_service_name: mariadb +tftp_service_name: tftp +required_packages: + - mariadb-server + - dnsmasq + - rabbitmq-server + - python-devel + - MySQL-python + - libselinux-python + - python-iniparse + - libffi-devel + - libxslt-devel + - openssl-devel + - libxml2-devel + - ipxe-bootimgs + - tftp-server + - syslinux + - syslinux-tftpboot + - xinetd + - parted + - ipmitool + - psmisc + - nginx + - wget + - genisoimage + - kpartx + - qemu-kvm + - qemu-img + - openwsman-python + - libselinux-python + - policycoreutils-python + - policycoreutils-python-utils + - debootstrap + - gcc + - socat +iscsi_client_package: "iscsi-initiator-utils" diff --git a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml index 534383398..306e20068 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/bootstrap.yml @@ -201,6 +201,7 @@ group: "ironic" with_items: - "/var/lib/ironic" + - "/var/lib/ironic/master_images" - "/var/lib/ironic/images" - name: "Set permissions for /var/log/ironic for the ironic user" @@ -283,7 +284,10 @@ state: present - name: "Add proper context on created data for http_boot" - command: semanage fcontext -a -t httpd_sys_content_t "{{ http_boot_folder }}(/.*)?" + sefcontext: + target: "{{ http_boot_folder }}(/.*)?" + setype: httpd_sys_content_t + state: present - name: Copy ironic policy file to temporary directory copy: diff --git a/playbooks/roles/bifrost-ironic-install/tasks/install.yml b/playbooks/roles/bifrost-ironic-install/tasks/install.yml index 1a4c05c7b..cada1ddb1 100644 --- a/playbooks/roles/bifrost-ironic-install/tasks/install.yml +++ b/playbooks/roles/bifrost-ironic-install/tasks/install.yml @@ -105,7 +105,8 @@ - skip_install is not defined - enable_venv | bool == false - (ansible_distribution == 'CentOS' and ansible_distribution_major_version|version_compare('7', '<=')) or - (ansible_distribution == 'Ubuntu' and ansible_distribution_version|version_compare('14.10', '==')) + (ansible_distribution == 'Ubuntu' and ansible_distribution_version|version_compare('14.10', '==')) or + (ansible_distribution == 'Fedora' and ansible_distribution_version|version_compare('25', '>=')) - name: "Install Ironic using pip" include: pip_install.yml diff --git a/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 b/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 index 763745f45..36bdc866c 100644 --- a/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 +++ b/playbooks/roles/bifrost-ironic-install/templates/ironic.conf.j2 @@ -38,6 +38,7 @@ tftp_root = /tftpboot pxe_bootfile_name = undionly.kpxe ipxe_enabled = true ipxe_boot_script = /etc/ironic/boot.ipxe +tftp_master_path = /var/lib/ironic/master_images [deploy] http_url = http://{{ hostvars[inventory_hostname]['ansible_' + ans_network_interface]['ipv4']['address'] }}:{{ file_url_port }}/ diff --git a/releasenotes/notes/fedora-core-25-support-b9f8f258a9738a06.yaml b/releasenotes/notes/fedora-core-25-support-b9f8f258a9738a06.yaml new file mode 100644 index 000000000..1d3e8cfdf --- /dev/null +++ b/releasenotes/notes/fedora-core-25-support-b9f8f258a9738a06.yaml @@ -0,0 +1,23 @@ +--- +features: + - | + Adds support for Fedora 25, 26, and 27. +upgrades: + - The location for the tftp master_images cache folder has + changed from ``/tftpboot/master_images`` to + ``/var/lib/ironic/master_images``. This was done due to + security enhancements in Fedora that break the ironic-conductor + process as-architected. +fixes: + - | + Addresses issues with setuptools on various distributions + such as Centos 7.3 and Fedora 25 where the shipped version + is too old to build the python packages. + - | + Changes the application of SELinux security policy from using + the command line tools to leveraging the Ansible module which + addresses issues with newer version of Ansible on Fedora. +deprecates: + - | + Support for Fedora versions prior to Fedora Core 25, will be removed + during the Rocky release cycle. diff --git a/requirements.txt b/requirements.txt index 4bdcce00b..963a31e0a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,3 +5,4 @@ pbr!=2.1.0,>=2.0.0 # Apache-2.0 oslo.config>=5.1.0 # Apache-2.0 oslo.log>=3.30.0 # Apache-2.0 paramiko>=2.0.0 # LGPLv2.1+ +setuptools>=16.0,!=24.0.0,!=34.0.0,!=34.0.1,!=34.0.2,!=34.0.3,!=34.1.0,!=34.1.1,!=34.2.0,!=34.3.0,!=34.3.1,!=34.3.2,!=36.2.0 # PSF/ZPL diff --git a/scripts/install-deps.sh b/scripts/install-deps.sh index b42e97df4..7fc592fd0 100644 --- a/scripts/install-deps.sh +++ b/scripts/install-deps.sh @@ -86,6 +86,9 @@ case ${ID,,} in ) EXTRA_PKG_DEPS=() sudo yum updateinfo + if $(grep -q Fedora /etc/redhat-release); then + EXTRA_PKG_DEPS="python-dnf redhat-rpm-config" + fi ;; *) echo "ERROR: Supported package manager not found. Supported: apt, dnf, yum, zypper"; exit 1;; diff --git a/zuul.d/legacy-bifrost-jobs.yaml b/zuul.d/legacy-bifrost-jobs.yaml index f1b7586a0..ea06075e8 100644 --- a/zuul.d/legacy-bifrost-jobs.yaml +++ b/zuul.d/legacy-bifrost-jobs.yaml @@ -94,3 +94,11 @@ post-run: playbooks/legacy/bifrost-integration-tinyipa-opensuse-423/post.yaml timeout: 3600 nodeset: legacy-opensuse-423 + +- job: + name: bifrost-integration-tinyipa-fedora26 + parent: bifrost-base + run: playbooks/legacy/bifrost-integration-tinyipa/run.yaml + post-run: playbooks/legacy/bifrost-integration-tinyipa/post.yaml + timeout: 3600 + nodeset: legacy-fedora-26 diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index c535e3aac..2156d3bae 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -19,6 +19,8 @@ voting: false - bifrost-integration-tinyipa-centos-7: voting: false + - bifrost-integration-tinyipa-fedora26: + voting: false gate: jobs: - bifrost-integration-tinyipa