Since 2.4.0 disk-image-create does not export DIB_IMAGE_ROOT_FS_UUID
anymore. This patch fix documentation and the iso element.
Closes-Bug: 1699273
Change-Id: I5e926c36256e580579bfd2c5aeff4ba6193c367a
This patch contains the known set of changes needed to make a gentoo
image build successfully.
- Standardize use of GENTOO_EMERGE_DEFAULT_OPTS, reduce duplication of
options set there.
- Correct the cleanup commands to reflect standard Gentoo good
practices by omitting --complete-graph, which is unneeded with --deep,
and using --changed-use instead of --newuse to reduce unneeded package
churn.
- Stop using deprecated layman command to manage reposiotry overlays,
instead use new supported eselect-repository
- Set new USE flags required for LVM and installkernel. This was
communicated via a Gentoo news item and is a required cleanup.
- Remove now-invalid skip of gpg if using musl
This is the set of changes needed to get the CI job passing and make DIB
build images at all, and we'd like to land them, but there are still
items we'd like to complete to enhance Gentoo support in DIB:
- Optional, built-in support for Gentoo binhosts -- where you can set a
DIB_GENTOO_BINHOST=true (or similar) and have the binhost enabled by
default.
- Make the default configuration of EMERGE_DEFAULT_OPTS more easily
managed in a DIB-style manner, e.g. setting --quiet vs --verbose based
on the value of DIB_DEBUG_TRACE.
Signed-Off-By: Jay Faulkner <jay@jvf.cc>
Signed-Off-By: Sam James <sam@gentoo.org>
Co-Authored-By: Sam James <sam@gentoo.org>
Change-Id: Idab82a9fa986fcc56fe4e1e1bf0445c7306b2858
OpenSUSE Leap 15.3 is out of support since 2022. This patch remove the
support of OpenSUSE Leap 15.3 and replace it with the OpenSUSE Leap
15.5.
Add the grub2-x86_64-efi package in the pkg-map of the bootloader
element to allow EFI support.
Replace version 15.3 to 15.5 in every required location.
Add dracut-mkinitrd-deprecated package in package-installs.yaml of
the opensuse element to support the usage of the deprecated mkinitrd
command from the zypper element.
Change-Id: Ie903ffcf229d8e32374c4a1346b5295990c83ff4
Turns out, some kernels on some versions of hardware, can
fail to boot when the hardware clock timer is not explicitly
checked. Normally, with virtual machines, you want to disable
the timer check, becuase the virutal machine inherently gets time
slices, and checking the timer can create issues booting.
Co-Authored-By: Ella Shulman <eshulman@redhat.com>
Change-Id: I8b9697ba60748bfe1e1e1914f24f207439cda2f1
I380b9638cd28f5771530089c558ef5ab638c0173 introduced a bug where it
would ask for cloud-init to be uninstalled even if the package was
already not installed. We handle that here by filtering the uninstall
list down to only packages that are already installed.
One drawback to this filtering is that if it's not presented with a list
of category/packagename formated packages it can result in false
positives (failing to remove). This type of behavior was always an
issue for install as well, for instance acct-user/puppet and
app-admin/puppet both have the puppet package name but different
categories.
also fixes root.d to download the images again
also also uses the merged-usr profile for systemd
https://www.gentoo.org/support/news-items/2022-12-01-systemd-usrmerge.html
Change-Id: Ib67aa91c64be2fcc7d9df324918edfc080237528
Signed-off-by: Matthew Thode <mthode@mthode.org>
In the san case the "disk" device will be of type "mpath", this change
adds "mpath" to the allowed partition types to treat as the primary
device.
Full unit test coverage has been added using an actual mpath lsblk
output to validate behaviour.
Change-Id: Id593d32e64abdb2ce4b3fd2e43f89fe262d374d1
These are written to import the python utility into the unittest as a
module, which is then tested. Python 3.12 removed "imp" which broke
this.
The documentation discusses using spec_from_file_location [2] for this
task, but one complication is that it only allows files with an
extension of .py to load like that ... so add an additional hack so
that the importlib loader will read the file.
[2] https://docs.python.org/3/library/importlib.html
Change-Id: I3c842b3a712ead6d2151b90171f9228caecedd11
Currently the images lack some packages like linux-firmware and
microcode_ctl, installing 'Minimal Install' group adds those and
some others that are expected to be on a VM or bare metal.
--allowerasing is used to remove coreutils-single and curl-minimal
which conflict with their fully fledged equivalents.
Change-Id: I08a6f8cb7b0440652c3496056ca9aee8213edc4d
It prevents NetworkManager from automatically running DHCP on
unconfigured ethernet devices and allows connections with static IP
addresses to be brought up even on ethernet devices with no carrier.
This is default in Server or Server with GUI RHEL installations.
Change-Id: I15f4a28a257dc1b30f8957fd9ad41aef3c9de385
This patch proposes a new element which installs fail2ban on the final
image. More crucially, a custom jail.local is injected during built
time which is a useful feature for cloud admins.
Change-Id: I47b90bbf3809cd6f90148b848b2afe4233be79d7
Signed-off-by: Charalampos Kominos <hkominos@gmail.com>
When using simple-init, we are making an explicit choice
along the lines of "I want the simple tool to do the simple needful"
which works well, except when cloud-init tries to run because it
is already baked into the source image diskimage-builder started
with.
So what would happen is Glean would execute from simple-init,
and then cloud-init would get launched by default, and cloud-init
in some cases everything is DHCP, so suddenly any static
configuration, such as what might be in an attached configuration
drive, is stomped upon resulting in an unreachable instance if
DHCP is just not available.
If DHCP is available, generally this is not an issue and goes
un-noticed, yet can add a substantial amount of time to the
boot sequence "waiting" for meta-data endpoints which may
not exist.
Change-Id: I380b9638cd28f5771530089c558ef5ab638c0173
All relatively modern cloud-inits are capable of creating default user
as well as granting root privileges for them. Currently
cloud-init creates pretty much the same sudoers file.
So running steps under the new DIB_DEBIAN_CLOUD_INIT_HELPER
does not make sense for last couple of Debian releases.
Change-Id: I3cebd318f1f0313bba00ecf639328978d3ad0f32
Set the grub timeout style to display the menu. By default it set to
'hidden' but can be changed to 'menu' to display the menu and then
wait for the timeout expire before booting the default entry.
Change-Id: I8c58407ef645d528dd77efe866bfe0389cbbbd33
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
There is no need in pipe and sudo for changing /etc/cloud/cloud.cfg
TrivialFix
Change-Id: I905e8d3964f1322ec3ccc2eb09c517a02ef88044
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
Remove extra spaces from GRUB_CMDLINE_LINUX_DEFAULT in the
/etc/default/grub when there is no boot laber and/or fips
not enabled.
TrivialFix
Change-Id: Ie83781b9ceca16ff63e08e3d1f887aa6d33fec99
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
For quite a while Debian is shipped with systemd-sysv
by default. However, default value of DIB_DEBIAN_ALT_INIT_PACKAGE
is not in sync across elements. We change a default now for
the `debian` element along with removing `apt_get_bp_extra_opts`
that is not defined or used anywhere else.
Change-Id: If5d3f0a21467f926c23bb39a1853be73befa768e
Followup I2dd1c60e3bfd9c823a7382b1390b1d40c52a5c97.
The 'wait_for' array always updated even the command not executed
after test because of '&' control operator, so lets wrap construction
in standard 'if..then' case instead of using '&&' control operator.
Change-Id: I1d1ecb05e61f3995a98de450705451b94b437a08
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
Legacy elements deploy-tgtadm, deploy-targetcli, and deploy-baremetal
have not seen use in ages. Another element seems to date back to this,
deploy-kexec, but appears to see no actual use as the underlying methods
leveraged by these elements were long moved away from. iSCSI based
deployment being the last, and even then it required the
ironic-python-agent.
Change-Id: Ib5b3a7690c35d6859e2e0fdac2326dcd16c051d3
Currently space is reserved for the metadata volume, but there is also a
spare metadata volume which is used for metadata check and restore.
This change reserves space for the spare. It also changes the volume
reference in the lvextend call to vg/lv_thinpool, the path based
reference results in the spare not growing.
Resolves: rhbz#2232632
Change-Id: If78743bb37f24756c049939645db202261df6775
Debian Cloud Images are shipped with netplan as a way to
configure networking for Debian. Without netplan being installed,
images built by DIB with cloud-init do not bring networking up,
since systemd-networkd is not enabled after installation, and there
are no other means to configure networking.
Alternative approach could be to enable networkd, though it is
better to be closer to official cloud images.
Change-Id: I115ab83cf374819bc447fc1bd596e71326d13ed9
Switching version from sid to 11.0 was needed before bullseye has been
released. It is not required since then and can be safely removed.
Change-Id: Ibfb39e0c567091a347b7acaf26ee18271b25ce8c
Fedora has moved their old images (prior to 37) to archives,
so default URIs are adjusted to reflect that.
Change-Id: I81dc6df4e4372149cffe448708ac2416d3528394
It's needed downstream when packaging. In RDO and Fedora,
we are hitting the issue "ERROR: ambiguous python shebang" during
the build.
Change-Id: Icaf0e62a8c6f0f873016ef1d17c434941e794c2f
The usage of the DIB_CHECKSUM variable is extended to have an
ability generate the only one checksum file, for example only 'sha256'
(by setting an environment variable DIB_CHECKSUM='sha256'), and to
retain the backward compatibility (DIB_CHECKSUM=1 will generate
both 'sha256' and 'md5' supported at this moment). As an additional
feature we have the simple way to completely deprecate 'md5' later,
and add new methods, for example, 'sha512' etc.
Change-Id: I2dd1c60e3bfd9c823a7382b1390b1d40c52a5c97
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
This patch tries to add more detailed info by appending
error output to exec_sudo print.
In current implementation, only a simple static note `Exception:
exec_sudo failed` is printed:
```
INFO diskimage_builder.block_device.utils [-] Calling [sudo sgdisk
/tmp/dib_image.jZaDPxtX/image0.raw -n 1:0:+550M -t 1:EF00 -c 1:ESP
-n 2:0:+8M -t 2:EF02 -c 2:BSP -n 3:0:+2077M -t 3:8300 -c 3:root]
ERROR diskimage_builder.block_device.blockdevice [-] Create failed;
rollback initiated
// ... ...
diskimage_builder.block_device.exception.BlockDeviceSetupException:
exec_sudo failed
```
but the root reason is missing. We can’t get more error info to
make sure what the real root reason even a simple problem like
`command not found`, we have to reproduce locally and manually.
After this patch, the error message like:
```
INFO diskimage_builder.block_device.utils [-] Calling [sudo sgdisk
/tmp/dib_image.jZaDPxtX/image0.raw -n 1:0:+550M -t 1:EF00 -c 1:ESP
-n 2:0:+8M -t 2:EF02 -c 2:BSP -n 3:0:+2077M -t 3:8300 -c 3:root]
ERROR diskimage_builder.block_device.blockdevice [-] Create failed;
rollback initiated
// ... ...
diskimage_builder.block_device.exception.BlockDeviceSetupException:
exec_sudo failed: sudo: sgdisk: command not found
```
We can easily find the real problem and solve it.
Closes-Bug: #2024980
Change-Id: I9efcd9cb6621e6403df6de14f122b1cf371bd800
Currently, NetworkManager can't automatically create default
connection profiles for InfiniBand interfaces.
So, as a workaround, we are adding nm-dhcp-ib-interfaces element to
install NetworkManager-system-connections-infiniband.nmconnection
to NetworkManager to create a wildcard InfiniBand connection profile.
The content of NetworkManager-system-connections-infiniband.nmconnection
is generated by running this command:
`nmcli --offline connection add type infiniband connection.multi-connect multiple`
Closes-Bug: #2016965
Change-Id: Ic972b90e4df9c4aa36cfe3c8631db3e4533045f4
OpenDev has removed Fedora from the mirror AFS volumes. Don't try to
use it during build.
Co-authored-by: Ian Wienand <iwienand@redhat.com>
Change-Id: I0b337c37421de2ff893bcd90d99f569d6551c79e
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>