Use dnf to install packages in the ipa ramdisk

Move the logic to modify the ipa-ramdisk to the chrooted.sh script that is executed in a chroot environment. This allows us to use native commands directly in the ipa-ramdisk image, like dnf, and exit correctly in case of failures. Also provide a list of packages installed in the ipa-ramdisk.
openshift · Aug 17, 2020 · 48fe66a · 48fe66a
1 parent 28e0a55
commit 48fe66a
Show file tree

Hide file tree

Showing 3 changed files with 51 additions and 35 deletions.
diff --git a/Dockerfile.ocp b/Dockerfile.ocp
@@ -5,31 +5,24 @@ FROM ironic-builder AS builder
 # much as possible
 
 COPY ./build-ipa.sh /usr/local/bin/build-ipa.sh
+COPY ./chrooted.sh /usr/local/bin/chrooted.sh
 
 RUN dnf upgrade -y && \
-    dnf install -y \
-      cpio \
-      dracut \
-      && \
-    dnf download --destdir /tmp/packages \
-      openstack-ironic-python-agent \
-      python3-bcrypt \
-      python3-ironic-lib \
-      python3-ironic-python-agent \
-      rhosp-director-images-ipa-$(uname -m) \
-      && \
+    dnf install -y cpio dracut && \
+    dnf download --destdir /tmp/packages rhosp-director-images-ipa-$(uname -m) && \
     rpm -i --nodeps /tmp/packages/rhosp-director-images-ipa-*.rpm && \
     chmod +x /usr/local/bin/build-ipa.sh && \
     /usr/local/bin/build-ipa.sh && \
-    rpm -q --queryformat "%{NAME} %{VERSION} %{RELEASE} %{ARCH}\n" /tmp/packages/*.rpm > /var/tmp/ipa-ramdisk-pkgs.info && \
+    rpm -q --queryformat "%{NAME} %{VERSION} %{RELEASE} %{ARCH}\n" /tmp/packages/rhosp-director-images-ipa-*.rpm > /var/tmp/ipa-ramdisk-image.info && \
     rm -rf /tmp/packages && \
     dnf remove -y rhosp-director-images-ipa-$(uname -m) && \
     dnf clean all && \
     rm -rf /var/cache/{yum,dnf}/*
 
 FROM ubi8
 
-COPY --from=builder /var/tmp/ipa-ramdisk-pkgs.info /var/tmp/
+COPY --from=builder /var/tmp/ipa-ramdisk-image.info /var/tmp/
+COPY --from=builder /var/tmp/ipa-ramdisk-pkgs-list.txt /var/tmp/
 COPY --from=builder /var/tmp/ironic-python-agent.initramfs /var/tmp/
 COPY --from=builder /var/tmp/ironic-python-agent.kernel /var/tmp/
 

diff --git a/build-ipa.sh b/build-ipa.sh
@@ -10,38 +10,33 @@ chmod 755 $TMPDIR $TMPDIR_RAMDISK
 cd $TMPDIR
 tar -xf /usr/share/rhosp-director-images/ironic-python-agent-${IPA_RAMDISK_VERSION}.${IPA_RAMDISK_ARCH}.tar
 cd $TMPDIR_RAMDISK
+
+# Extract the ipa-ramdisk filesystem
 /usr/lib/dracut/skipcpio $TMPDIR/ironic-python-agent.initramfs | zcat | cpio -ivd
-# NOTE(elfosardo) we could inject a list of packages that we want to add, based
-# on what we download in the main image and call this part only if we actually
-# have packages in the list.
-# Also version tagging is something we should consider.
-# And cookies.
-mv /tmp/packages/*.rpm .
 
 # NOTE(elfosardo) to prevent the ``BDB0091 DB_VERSION_MISMATCH: Database
 # environment version mismatch`` error, we need to remove the rpm lock.
 rm var/lib/rpm/.rpm.lock
 
-chroot . /bin/bash -x <<'EOF'
-rpm -Uvh \
-openstack-ironic-python-agent*.rpm \
-python3-bcrypt*.rpm \
-python3-ironic-python-agent*.rpm \
-python3-ironic-lib*.rpm || { exit 1; }
-
-rm -f *.rpm
+# Prepare the chroot environment
+cp /etc/resolv.conf etc/resolv.conf
+mv etc/yum.repos.d/* .
+cp /etc/yum.repos.d/* etc/yum.repos.d/
+cp /usr/local/bin/chrooted.sh .
 
-# Update netconfig to use MAC for DUID/IAID combo (same as RHCOS)
-# FIXME: we need an alternative of this packaged
-mkdir -p /etc/NetworkManager/conf.d /etc/NetworkManager/dispatcher.d
-echo -e '[main]\ndhcp=dhclient\n[connection]\nipv6.dhcp-duid=ll' > /etc/NetworkManager/conf.d/clientid.conf
-echo -e '[[ "$DHCP6_FQDN_FQDN" =~ - ]] && hostname $DHCP6_FQDN_FQDN' > /etc/NetworkManager/dispatcher.d/01-hostname
-chmod +x /etc/NetworkManager/dispatcher.d/01-hostname
+# Modify the ipa-ramdisk in chroot
+chroot . ./chrooted.sh
 
-EOF
+# Provide list of packages installed in the ipa-ramdisk
+cp ipa-ramdisk-pkgs-list.txt /var/tmp/
 
+# Compress the ipa-ramdisk and copy it in the right place
 find . 2>/dev/null | cpio -c -o | gzip -8  > /var/tmp/ironic-python-agent.initramfs
 cp $TMPDIR/ironic-python-agent.kernel /var/tmp/
+
+# Clean temp directories
+rm -fr $TMPDIR $TMPDIR_RAMDISK
+
+# Debug Steps
 cd /var/tmp
 ls -la
-rm -fr $TMPDIR $TMPDIR_RAMDISK
diff --git a/chrooted.sh b/chrooted.sh
@@ -0,0 +1,28 @@
+set -ex
+
+# Install the packages we need in the ipa-ramdisk
+# FIXME(elfosardo): the python3-bcrypt package should be required by
+# python3-ironic-lib but it's not at the moment; remove this when the
+# python3-ironic-lib rpm is updated with the correct requirement.
+dnf upgrade -y \
+    openstack-ironic-python-agent \
+    python3-bcrypt \
+    python3-ironic-python-agent \
+    python3-ironic-lib
+
+# Update netconfig to use MAC for DUID/IAID combo (same as RHCOS)
+# FIXME: we need an alternative of this packaged
+mkdir -p /etc/NetworkManager/conf.d /etc/NetworkManager/dispatcher.d
+echo -e '[main]\ndhcp=dhclient\n[connection]\nipv6.dhcp-duid=ll' > /etc/NetworkManager/conf.d/clientid.conf
+echo -e '[[ "$DHCP6_FQDN_FQDN" =~ - ]] && hostname $DHCP6_FQDN_FQDN' > /etc/NetworkManager/dispatcher.d/01-hostname
+chmod +x /etc/NetworkManager/dispatcher.d/01-hostname
+
+# Provide a list of packages installed in the ipa-ramdisk
+rpm -qa | sort > ipa-ramdisk-pkgs-list.txt
+
+# Cleaning steps
+dnf clean all
+rm -rf /var/cache/{yum,dnf}/*
+rm -f /etc/resolv.conf
+rm -f /etc/yum.repos.d/*
+mv /*.repo /etc/yum.repos.d/