This has not had any practical use for several releases and mostly
carries copies of ansible facts. Remove the variable and use the
facts directly.
Change-Id: I1d2be9d07b38eaf2b737819c451a0d2339f723d0
debootstrap uses http for it's apt config so can function without
the certificates from ca-certificates being installed.
The debian bookworm cloud image defaults to using https for the
apt repo urls, so unless the ca-certificates package is present
no more apt operations can be done once the apt configuration is
synchronised from the host to the container image.
Installing ca-certificates during the initial debootstrap avoids
the issue of not being able to install ca-certificates due to failed
SSL verification.
Change-Id: Ia78429eaf4bd71a8f3509c4e484f7dd02574c6b1
Debian bookworm needs the sources.list.d and mirrors directory
syncing to the container image to result in a working apt config.
Change-Id: I0c62340e7868948d9c55c96559ddafadf8cb7db1
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Change-Id: If6171be3d649f6e7dd26decf1460d45775bd5f9e
Tar is required for LXC to create base container using lxc-create. When
it's absent lxc-create exits with code 1 without any output on this
task [1]
[1] ef721dbf13/tasks/lxc_cache_create.yml (L71)
Change-Id: Ic54d160c7329aebb7769c407d3af7b0f66145bcc
These are needed universally in the service container images so
install them into the base image to save build time later.
Change-Id: Ia51329110ffa2c634799544ac6c7b7f2016369a5
We also leverage systemd-networkd for managing lxc-net and replace
using of custom service template for lxc-dnsmasq service with our
systemd-service role. These changes are quite tighten together, so
it's quite hard to split them in different patchsets.
Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/861350
Change-Id: I5ac99e2b6c6e6ccd9da18ae68e1f8801f95f4f4e
Remove installation of aria2 everywhere as we no longer download
lxc images but build them locally.
Change-Id: I5eba0b1f08cfe23998cf1116bb017e8a8ef0bb72
This is needed to ensure that systemd-tmpfiles-setup service
is present, which is used to create /dev/fuse in centos containers
in other parts of the osa-gluster patch series.
Change-Id: I6a6401debad4937eb9f6a5be31c8cee42d7035cd
This package provides `ip` binary that is required for gathering network
facts and any net management.
Change-Id: Iac833ea63636be9e3dc2a804d890bcb6851be542
This patch switches the debian/ubuntu OS to build their lxc base
images locally using debootstrap rather than download a pre-built
lxc image. This unifies the approach with Centos-8 which is already
building a local image using dnf.
The LXC cache prestage tasks are removed, and all variables
associated with the download of the lxc image are removed from
defaults/main.yml.
A new variable lxc_apt_mirror is introduced, which is passed to
debootstrap to provide the apt source that the container rootfs
should be built from.
Depends-On: https://review.opendev.org/786396
Change-Id: Ia5a62cee7ab493857df16f7ae906796d22ba616c
This change uses dnf to build the container image for Centos-8
using dnf locally rather than rely on an external image that is
downloaded and unpacked.
The existing image prestage commands are made conditional, and
an operating system specific command can be provided via role
variables to build a chroot in /var/lib/machines.
During the transition from Centos-8 to Centos-8-Stream, the
vars files are separated, with vars/redhat.yml covering Stream,
and vars/centos-8.3.yml covering legcay Centos-8.
In addition, the systemd-logind service is masked from the base
image. This is masked in the previously downloaded container base
image, so we ensure that the same is done for locally built chroots.
Depends-On: I31880ca995735b737d33532eaa4c29be02523117
Depends-On: I74f02669b013b8580d3469a8ffe214d88cd0f525
Change-Id: I1ddfe36259610b25e86b69d64d1d7f32a56c0e4d
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I79f68c467d48b9b50143fd3a11e176f91804e805
Openstack-Ansible does not maintain support for deploying on gentoo
so we can simplify this ansible role
Change-Id: If2a63a2743714745e0f0b0eea2ee3d5b8d4c9a35
This requires extra ansible tasks to unpack the nested tar file
structure of the 8.3 container image.
Depends-On: I31880ca995735b737d33532eaa4c29be02523117
Change-Id: I443f5b9ecef1c142dcbcac91a0f36cb28035f3f6
Keystone requires rsync to be already present in the container image
becasue it runs serial=1 and uses rsync between multiple keystone
hosts. rsync will not be present on the target host in this situation.
Change-Id: I730ea2b7e6d913af020a81993f0b0e37c90a1a59
Some but not all roles use ansible-role-uwsgi to install libpython.
Those which do not require libpython to be in the container base
image.
Some roles use rsync for copying rootwrap files (cinder as example) and
in the long term this should be added to the distro packages for those
roles. In the meantime we add it back to the container base for centos
to allow other patches to merge.
Change-Id: Iaf92e78758c159db7e969a89a889c4d897f5045c
This patch removes all packages from the lxc image cache preparation
which are not required to run the 'setup-hosts' playbook, or pass the
lxc_hosts role tests.
Additional packages should be installed by the ansible roles which
further customise the containers.
Depends-On: https://review.openstack.org/619040
Change-Id: I9bdc698e4c712a6fb3d7a3b76413b478e1e7e91a