diff --git a/.ansible-lint b/.ansible-lint index a46703146c..0e51220542 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -2,6 +2,7 @@ exclude_paths: - .cache/ # implicit unless exclude_paths is defined in config - zuul.d/ + - kolla/template/repos.yaml offline: true parseable: true profile: basic diff --git a/doc/source/ceph_versions.csv b/doc/source/ceph_versions.csv index acfe9a9998..36c9cc80cb 100644 --- a/doc/source/ceph_versions.csv +++ b/doc/source/ceph_versions.csv @@ -1,5 +1,5 @@ Distro,Ceph, ,Source, Release -Rocky Linux,CentOS Storage SIG,Reef -Ubuntu,Ubuntu,Reef +Rocky Linux,CentOS Storage SIG,Squid +Ubuntu,Ubuntu,Squid Debian,Debian,Pacific diff --git a/doc/source/contributor/versions.rst b/doc/source/contributor/versions.rst index 8463b84eff..dfe3cdc334 100644 --- a/doc/source/contributor/versions.rst +++ b/doc/source/contributor/versions.rst @@ -10,7 +10,7 @@ For each component used we list version used at branch release and provide information about package sources. .. note:: - When table mentions 'CentOS' it means both CentOS Stream 9 and Rocky Linux 9. + When table mentions 'CentOS' it means both CentOS Stream 10 and Rocky Linux 10. ============== ================ ============================================= Name Version Package source information diff --git a/doc/source/support_matrix.rst b/doc/source/support_matrix.rst index 05f2d5693a..48338af6f9 100644 --- a/doc/source/support_matrix.rst +++ b/doc/source/support_matrix.rst @@ -17,7 +17,7 @@ The following base container images are supported: ================== =============================== ================ Distribution Default base Default base tag ================== =============================== ================ -Rocky Linux quay.io/rockylinux/rockylinux 9 +Rocky Linux quay.io/rockylinux/rockylinux 10 Debian Bookworm debian bookworm Ubuntu Noble ubuntu 24.04 ================== =============================== ================ diff --git a/docker/base/Dockerfile.j2 b/docker/base/Dockerfile.j2 index 0191de53a2..3ea1e5bc6c 100644 --- a/docker/base/Dockerfile.j2 +++ b/docker/base/Dockerfile.j2 @@ -54,46 +54,12 @@ COPY dnf.conf /etc/dnf/dnf.conf {% endblock %} #### BEGIN REPO ENABLEMENT -{% set base_yum_repo_files = [ - 'docker-ce.repo', - 'grafana.repo', - 'influxdb.repo', - 'kolla_el10.repo', - 'mariadb.repo', - 'opensearch.repo', - 'proxysql.repo', - 'rabbitmq_rabbitmq-server.repo', - 'td.repo', -] %} - {% set base_yum_url_packages = [ ] %} {% set base_yum_repo_keys = [ ] %} -{% if base_arch == 'x86_64' %} - {% set base_yum_repo_files = base_yum_repo_files + [ - 'rabbitmq_rabbitmq-erlang.repo', - ] %} - -{% elif base_arch == 'aarch64' %} - {% set base_yum_repo_files = base_yum_repo_files + [ - 'copr-rabbitmq-erlang.repo', - ] %} - -{# -SHA1 keys are not supported in RHEL9: https://github.com/rpm-software-management/rpm/issues/1977 - 'https://packages.erlang-solutions.com/rpm/erlang_solutions.asc', - #} - {% set base_yum_repo_keys = base_yum_repo_keys + [ - ] %} -{% endif %} - -{%- for repo_file in base_yum_repo_files | customizable('yum_repo_files') %} -COPY {{ repo_file }} /etc/yum.repos.d/{{ repo_file }} -{%- endfor %} - {% block base_centos_repo_overrides_post_copy %}{% endblock %} # Install what is needed for en_US.UTF-8 @@ -142,28 +108,18 @@ RUN rm -f /etc/rpm/macros.image-language-conf \ {% set base_centos_yum_repo_packages = base_centos_yum_repo_packages + [ 'dnf-plugins-core' ] %} -{% set base_centos_yum_repos_to_enable = [ -] %} - -{% set base_centos_yum_repos_to_disable = [ - 'centos-ceph-squid', - 'centos-nfv-openvswitch', - 'epel', - 'influxdb', - 'opensearch-3.x', - 'opensearch-dashboards-3.x', -] %} RUN {{ macros.install_packages(base_centos_yum_repo_packages | customizable("centos_yum_repo_packages"), chain=True, clean=False) }} -{%- for repo in base_centos_yum_repos_to_enable | customizable('centos_yum_repos_to_enable') %} && dnf config-manager --enable {{ repo }} {% endfor -%} - -{%- for repo in base_centos_yum_repos_to_disable | customizable('centos_yum_repos_to_disable') %} && dnf config-manager --disable {{ repo }} {% endfor -%} - {%- for key in base_centos_yum_repo_keys | customizable('centos_yum_repo_keys') %} && rpm --import {{ key }} {% endfor %} \ {% block base_centos_repo_overrides_post_yum %}{% endblock -%} && {{ macros.rpm_security_update(clean_package_cache) }} +{# NOTE(mnasiadka): dumb-init is only in EPEL10.1 onwards and RHEL/Rocky/clones use the same #} +{# EPEL release as the installed distro release #} +{# TODO: Remove it when Rocky 10.1 is out #} +RUN dnf config-manager --save --setopt=*.metalink="https://mirrors.fedoraproject.org/metalink?repo=epel-z-10.1&arch=\$basearch" epel + #### END REPO ENABLEMENT {# We are back to the basic if conditional here which is: @@ -183,6 +139,7 @@ RUN {{ macros.install_packages(base_centos_yum_repo_packages | customizable("cen 'lsof', 'lvm2', 'ncurses', + 'openssl', 'procps-ng', 'python3', 'python3-pip', @@ -197,8 +154,7 @@ RUN {{ macros.install_packages(base_centos_yum_repo_packages | customizable("cen # Install base packages {{ macros.enable_extra_repos(['epel']) }} -{{ macros.install_packages( base_centos_packages | customizable("centos_packages") | customizable("centos_binary_packages") | customizable("centos_source_packages") ) }} -{{ macros.disable_extra_repos(['epel']) }} +{{ macros.install_packages(base_centos_packages | customizable("centos_packages") | customizable("centos_binary_packages") | customizable("centos_source_packages")) }} {# endif for base_package_type rpm #} {% elif base_package_type == 'deb' %} diff --git a/docker/base/ci-rocky.repo b/docker/base/ci-rocky.repo deleted file mode 100644 index 3daf5c5ba6..0000000000 --- a/docker/base/ci-rocky.repo +++ /dev/null @@ -1,35 +0,0 @@ -[centos-ceph-reef] -name=(OpenDev mirror) CentOS-$stream - Ceph Reef -baseurl=http://MIRROR/centos-stream/SIGs/$stream/storage/$basearch/ceph-reef/ -gpgcheck=1 -enabled=0 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage - -[centos-nfv-openvswitch] -name=(OpenDev mirror) CentOS Stream $releasever - NFV OpenvSwitch -baseurl=http://MIRROR/centos-stream/SIGs/$stream/nfv/$basearch/openvswitch-2/ -gpgcheck=1 -enabled=0 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-NFV -module_hotfixes=1 - -[centos-opstools] -name=(OpenDev mirror) CentOS Stream $releasever - OpsTools - collectd -baseurl=http://MIRROR/centos-stream/SIGs/$stream/opstools/$basearch/collectd-5/ -gpgcheck=1 -enabled=0 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-OpsTools - -[centos-rabbitmq-38] -name=(OpenDev mirror) CentOS-9 - RabbitMQ 38 -baseurl=http://MIRROR/centos-stream/SIGs/$stream/messaging/$basearch/rabbitmq-38 -gpgcheck=1 -enabled=0 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Messaging - -[epel] -name=(OpenDev mirror) Extra Packages for Enterprise Linux $releasever - $basearch -baseurl=http://MIRROR/epel/$releasever/Everything/$basearch/ -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever diff --git a/docker/base/copr-rabbitmq-erlang.repo b/docker/base/copr-rabbitmq-erlang.repo deleted file mode 100644 index fdfbf269ac..0000000000 --- a/docker/base/copr-rabbitmq-erlang.repo +++ /dev/null @@ -1,11 +0,0 @@ -# NOTE(hrw): this repository contains rebuild of Erlang package from RabbitMQ team -# from https://github.com/rabbitmq/erlang-rpm/ -# Thanks to COPR we have aarch64 packages for Rocky Linux - -[copr-rabbitmq-erlang] -name=openstack-kolla COPR with Erlang build for RabbitMQ -baseurl=https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/rhel-$releasever-aarch64/ -gpgcheck=1 -enabled=0 -gpgkey=https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/pubkey.gpg -repo_gpgcheck=0 diff --git a/docker/base/docker-ce.repo b/docker/base/docker-ce.repo deleted file mode 100644 index 9698823b99..0000000000 --- a/docker/base/docker-ce.repo +++ /dev/null @@ -1,6 +0,0 @@ -[docker-ce] -name=Docker CE Stable - $basearch -baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/stable -enabled=0 -gpgcheck=1 -gpgkey=https://download.docker.com/linux/centos/gpg diff --git a/docker/base/grafana.repo b/docker/base/grafana.repo deleted file mode 100644 index 002ac89294..0000000000 --- a/docker/base/grafana.repo +++ /dev/null @@ -1,8 +0,0 @@ -[grafana] -name=grafana -baseurl=https://rpm.grafana.com -enabled=0 -gpgcheck=1 -gpgkey=https://rpm.grafana.com/gpg.key -sslverify=1 -sslcacert=/etc/pki/tls/certs/ca-bundle.crt diff --git a/docker/base/influxdb.repo b/docker/base/influxdb.repo deleted file mode 100644 index ae63c20bea..0000000000 --- a/docker/base/influxdb.repo +++ /dev/null @@ -1,6 +0,0 @@ -[influxdb] -name = InfluxDB Repository - RHEL $releasever -baseurl = https://repos.influxdata.com/stable/$basearch/main -enabled = 0 -gpgcheck = 1 -gpgkey = https://repos.influxdata.com/influxdata-archive.key diff --git a/docker/base/kolla_el10.repo b/docker/base/kolla_el10.repo deleted file mode 100644 index b1ffee6757..0000000000 --- a/docker/base/kolla_el10.repo +++ /dev/null @@ -1,10 +0,0 @@ -[kolla_el10] -name=Copr repo for el10-missing owned by @openstack-kolla -baseurl=https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/epel-10-$basearch/ -type=rpm-md -skip_if_unavailable=True -gpgcheck=1 -gpgkey=https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/pubkey.gpg -repo_gpgcheck=0 -enabled=0 -enabled_metadata=1 diff --git a/docker/base/mariadb.repo b/docker/base/mariadb.repo deleted file mode 100644 index 4e5f1f1071..0000000000 --- a/docker/base/mariadb.repo +++ /dev/null @@ -1,7 +0,0 @@ -[mariadb] -name = MariaDB Server -baseurl = https://dlm.mariadb.com/repo/mariadb-server/10.11.13/yum/rhel/$releasever/$basearch -gpgcheck = 1 -enabled = 0 -module_hotfixes = 1 -gpgkey = https://downloads.mariadb.com/MariaDB/RPM-GPG-KEY-MariaDB diff --git a/docker/base/opensearch.repo b/docker/base/opensearch.repo deleted file mode 100644 index 63caa75f80..0000000000 --- a/docker/base/opensearch.repo +++ /dev/null @@ -1,19 +0,0 @@ -[opensearch-3.x] -name=OpenSearch 3.x -baseurl=https://artifacts.opensearch.org/releases/bundle/opensearch/3.x/yum -enabled=0 -repo_gpgcheck=1 -gpgcheck=1 -gpgkey=https://artifacts.opensearch.org/publickeys/opensearch-release.pgp -autorefresh=1 -type=rpm-md - -[opensearch-dashboards-3.x] -name=OpenSearch Dashboards 3.x -baseurl=https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/3.x/yum -enabled=0 -repo_gpgcheck=1 -gpgcheck=1 -gpgkey=https://artifacts.opensearch.org/publickeys/opensearch-release.pgp -autorefresh=1 -type=rpm-md diff --git a/docker/base/proxysql.repo b/docker/base/proxysql.repo deleted file mode 100644 index 1bd2c55c3e..0000000000 --- a/docker/base/proxysql.repo +++ /dev/null @@ -1,7 +0,0 @@ -[proxysql] -name = ProxySQL -# NOTE(mnasiadka): No EL10 packages yet -baseurl = https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/almalinux/9 -gpgkey = https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/repo_pub_key -gpgcheck = 1 -enabled = 0 diff --git a/docker/base/rabbitmq_rabbitmq-erlang.repo b/docker/base/rabbitmq_rabbitmq-erlang.repo deleted file mode 100644 index 82b0441e06..0000000000 --- a/docker/base/rabbitmq_rabbitmq-erlang.repo +++ /dev/null @@ -1,9 +0,0 @@ -[rabbitmq_rabbitmq-erlang] -name=rabbitmq_rabbitmq-erlang -# Use a set of mirrors maintained by the RabbitMQ core team. -# The mirrors have significantly higher bandwidth quotas. -baseurl=https://yum1.rabbitmq.com/erlang/el/9/$basearch - https://yum2.rabbitmq.com/erlang/el/9/$basearch -gpgcheck=1 -enabled=0 -gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key diff --git a/docker/base/rabbitmq_rabbitmq-server.repo b/docker/base/rabbitmq_rabbitmq-server.repo deleted file mode 100644 index 0680c11e1d..0000000000 --- a/docker/base/rabbitmq_rabbitmq-server.repo +++ /dev/null @@ -1,9 +0,0 @@ -[rabbitmq_rabbitmq-server] -name=rabbitmq_rabbitmq-server -baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/noarch - https://yum1.rabbitmq.com/rabbitmq/el/9/noarch -gpgcheck=1 -enabled=0 -# Cloudsmith's repository key and RabbitMQ package signing key -gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key - https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc diff --git a/docker/base/td.repo b/docker/base/td.repo deleted file mode 100644 index 8212817fab..0000000000 --- a/docker/base/td.repo +++ /dev/null @@ -1,7 +0,0 @@ -[fluent-package-lts] -name=Fluentd Project -# NOTE(mnasiadka): Use EL9 packages for now - 10 are not available yet -baseurl=https://packages.treasuredata.com/lts/5/redhat/9/$basearch -gpgcheck=1 -gpgkey=https://packages.treasuredata.com/GPG-KEY-td-agent -enabled=0 diff --git a/docker/bifrost/bifrost-base/Dockerfile.j2 b/docker/bifrost/bifrost-base/Dockerfile.j2 index 154e443676..dc62aaf2a4 100644 --- a/docker/bifrost/bifrost-base/Dockerfile.j2 +++ b/docker/bifrost/bifrost-base/Dockerfile.j2 @@ -11,14 +11,15 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='bifrost') }} -{# NOTE(mgoddard): EPEL required for nginx #} -{{ macros.enable_extra_repos(['epel']) }} - {% set bifrost_base_packages = [ 'cpio' ] %} {% if base_package_type == 'rpm' %} + +{# NOTE(mgoddard): EPEL required for nginx #} +{{ macros.enable_extra_repos(['epel']) }} + {% set bifrost_base_packages = bifrost_base_packages + [ 'python3.12', 'python3.12-devel' diff --git a/docker/cinder/cinder-base/Dockerfile.j2 b/docker/cinder/cinder-base/Dockerfile.j2 index 312f128085..e868f53853 100644 --- a/docker/cinder/cinder-base/Dockerfile.j2 +++ b/docker/cinder/cinder-base/Dockerfile.j2 @@ -9,9 +9,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='cinder') }} +{% if base_package_type == 'rpm' %} + {{ macros.enable_extra_repos(['ceph', 'epel']) }} -{% if base_package_type == 'rpm' %} {% set cinder_base_packages = [ 'ceph-common', 'cryptsetup', diff --git a/docker/collectd/Dockerfile.j2 b/docker/collectd/Dockerfile.j2 index 0633a94dab..6849a02bf4 100644 --- a/docker/collectd/Dockerfile.j2 +++ b/docker/collectd/Dockerfile.j2 @@ -9,13 +9,14 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='collectd') }} -{{ macros.enable_extra_repos(['opstools']) }} - {% set collectd_packages = [ 'collectd' ] %} {% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['opstools']) }} + {% set collectd_packages = collectd_packages + [ 'collectd-amqp', 'collectd-amqp1', diff --git a/docker/dnsmasq/extend_start.sh b/docker/dnsmasq/extend_start.sh index c09ce03273..0c9734fa19 100644 --- a/docker/dnsmasq/extend_start.sh +++ b/docker/dnsmasq/extend_start.sh @@ -1,5 +1,8 @@ #!/bin/bash +DNSMASQ_PIDFILE=${DNSMASQ_PIDFILE:-/run/ironic/dnsmasq.pid} +DNSMASQ_PIDFILE_DIR="$(dirname $DNSMASQ_PIDFILE)" + if [[ ! -d "/var/log/kolla/ironic" ]]; then mkdir -p /var/log/kolla/ironic fi @@ -10,3 +13,19 @@ if [[ ! -r "/var/log/kolla/ironic/dnsmasq.log" ]]; then touch /var/log/kolla/ironic/dnsmasq.log chown ironic:ironic /var/log/kolla/ironic/dnsmasq.log fi + +if [[ ! -d "$DNSMASQ_PIDFILE_DIR" ]]; then + mkdir -p "$DNSMASQ_PIDFILE_DIR" +fi + +# NOTE(wszumski): This writes the PID of dnsmasq out to a file. The PIDFILE can be used in +# another container to send a signal to dnsmasq to reload its config (providing that the two +# containers share a PID namespace). The concrete use case is for the Ironic PXE filter to +# clean up stale host entries on startup as documented in: +# +# https://docs.openstack.org/ironic/latest/admin/inspection/pxe_filter.html +# +# We cannot use the pid-file option in dnsmasq, since it will only write the PIDFILE if you +# run dnsmasq in its non-forking mode i.e you do use the --no-daemon or --keep-in-foreground +# options. +echo $$ > "$DNSMASQ_PIDFILE" diff --git a/docker/glance/glance-base/Dockerfile.j2 b/docker/glance/glance-base/Dockerfile.j2 index b0de559982..156d7991ad 100644 --- a/docker/glance/glance-base/Dockerfile.j2 +++ b/docker/glance/glance-base/Dockerfile.j2 @@ -9,9 +9,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='glance') }} +{% if base_package_type == 'rpm' %} + {{ macros.enable_extra_repos(['ceph', 'epel']) }} -{% if base_package_type == 'rpm' %} {% set glance_base_packages = [ 'python3-rados', 'python3-rbd' diff --git a/docker/gnocchi/gnocchi-base/Dockerfile.j2 b/docker/gnocchi/gnocchi-base/Dockerfile.j2 index 865a51da2d..b4a210a136 100644 --- a/docker/gnocchi/gnocchi-base/Dockerfile.j2 +++ b/docker/gnocchi/gnocchi-base/Dockerfile.j2 @@ -9,10 +9,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='gnocchi') }} -{{ macros.enable_extra_repos(['ceph', 'epel']) }} - {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['ceph', 'epel']) }} + {% set gnocchi_base_packages = [ 'librados2-devel', 'python3-rados', diff --git a/docker/hacluster/hacluster-base/Dockerfile.j2 b/docker/hacluster/hacluster-base/Dockerfile.j2 index 7eb7a59650..1bcbbfdfdb 100644 --- a/docker/hacluster/hacluster-base/Dockerfile.j2 +++ b/docker/hacluster/hacluster-base/Dockerfile.j2 @@ -7,8 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{% if base_package_type =='rpm' %} + {{ macros.enable_extra_repos(['hacluster']) }} +{% endif %} + COPY extend_start.sh /usr/local/bin/kolla_extend_start RUN chmod 644 /usr/local/bin/kolla_extend_start diff --git a/docker/heat/heat-base/Dockerfile.j2 b/docker/heat/heat-base/Dockerfile.j2 index 59d6aabb86..ef275f0d2e 100644 --- a/docker/heat/heat-base/Dockerfile.j2 +++ b/docker/heat/heat-base/Dockerfile.j2 @@ -7,9 +7,14 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='heat') }} +{% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['openvswitch']) }} + +{% endif %} + {% set heat_base_packages = [ ] %} diff --git a/docker/ironic/ironic-pxe-filter/Dockerfile.j2 b/docker/ironic/ironic-pxe-filter/Dockerfile.j2 new file mode 100644 index 0000000000..b8bc2cc636 --- /dev/null +++ b/docker/ironic/ironic-pxe-filter/Dockerfile.j2 @@ -0,0 +1,24 @@ +FROM {{ namespace }}/{{ image_prefix }}ironic-base:{{ tag }} +{% block labels %} +LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}" +{% endblock %} + +{% block ironic_pxe_filter_header %}{% endblock %} + +{% import "macros.j2" as macros with context %} + +{% set ironic_pxe_filter_packages = [] %} + +{% set ironic_pxe_filter_pip_packages = [] %} + +RUN {{ macros.install_pip(ironic_pxe_filter_pip_packages | customizable("pip_packages")) }} + +{{ macros.install_packages(ironic_pxe_filter_packages | customizable("packages")) }} + +{{ macros.kolla_patch_sources() }} + +COPY extend_start.sh /usr/local/bin/kolla_ironic_extend_start +RUN chmod 644 /usr/local/bin/kolla_ironic_extend_start + +{% block ironic_pxe_filter_footer %}{% endblock %} +{% block footer %}{% endblock %} diff --git a/docker/ironic/ironic-pxe-filter/extend_start.sh b/docker/ironic/ironic-pxe-filter/extend_start.sh new file mode 100644 index 0000000000..c7a807c8d6 --- /dev/null +++ b/docker/ironic/ironic-pxe-filter/extend_start.sh @@ -0,0 +1,6 @@ +#!/bin/bash +IRONIC_DHCP_HOSTS_DIR=${IRONIC_DHCP_HOSTS_DIR:-/etc/dnsmasq/dhcp-hostsdir} +DNSMASQ_PIDFILE=${DNSMASQ_PIDFILE:-/run/ironic/dnsmasq.pid} + +# NOTE(wszumski): This container must be in same process namespace as dnsmasq +rm -f $IRONIC_DHCP_HOSTS_DIR/* && kill -HUP $(cat "$DNSMASQ_PIDFILE") || true diff --git a/docker/keystone/keystone-base/Dockerfile.j2 b/docker/keystone/keystone-base/Dockerfile.j2 index 128c841487..f7bb0919ff 100644 --- a/docker/keystone/keystone-base/Dockerfile.j2 +++ b/docker/keystone/keystone-base/Dockerfile.j2 @@ -7,12 +7,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{# NOTE(mnasiadka): mod_auth_mellon missing in CentOS 10 Stream - temporarily from Kolla COPR #} -{{ macros.enable_extra_repos(['epel', 'kolla_el10']) }} - {{ macros.configure_user(name='keystone') }} {% if base_package_type == 'rpm' %} + +{# NOTE(mnasiadka): mod_auth_mellon missing in CentOS 10 Stream - temporarily from Kolla COPR #} +{{ macros.enable_extra_repos(['epel', 'kolla_el10']) }} + {% set keystone_base_packages = [ 'cyrus-sasl-devel', 'mod_auth_mellon', diff --git a/docker/kolla-toolbox/Dockerfile.j2 b/docker/kolla-toolbox/Dockerfile.j2 index ca4b8601d6..b53b45da28 100644 --- a/docker/kolla-toolbox/Dockerfile.j2 +++ b/docker/kolla-toolbox/Dockerfile.j2 @@ -13,7 +13,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='ansible') }} {{ macros.configure_user(name='rabbitmq') }} -{{ macros.enable_extra_repos(['crb', 'epel', 'erlang', 'openvswitch', 'rabbitmq']) }} +{{ macros.enable_extra_repos(['erlang', 'rabbitmq']) }} {% block rabbitmq_apt_preferences %} {% if base_package_type == 'deb' %} @@ -22,6 +22,9 @@ COPY apt_preferences_rabbitmq.{{ base_distro }} /etc/apt/preferences.d/rabbitmq {% endblock %} {% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['crb', 'epel', 'openvswitch']) }} + {% set kolla_toolbox_packages = [ 'erlang-27.*', 'gcc', diff --git a/docker/kuryr/kuryr-libnetwork/Dockerfile.j2 b/docker/kuryr/kuryr-libnetwork/Dockerfile.j2 index bbc1d0801e..8764cbb840 100644 --- a/docker/kuryr/kuryr-libnetwork/Dockerfile.j2 +++ b/docker/kuryr/kuryr-libnetwork/Dockerfile.j2 @@ -7,10 +7,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} - {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set kuryr_libnetwork_packages = [ 'openvswitch${KOLLA_RPM_OVS_VERSION}' ] %} diff --git a/docker/manila/manila-base/Dockerfile.j2 b/docker/manila/manila-base/Dockerfile.j2 index fde3989dfd..83d6ca71d5 100644 --- a/docker/manila/manila-base/Dockerfile.j2 +++ b/docker/manila/manila-base/Dockerfile.j2 @@ -7,11 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='manila') }} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set manila_base_packages = ['openvswitch${KOLLA_RPM_OVS_VERSION}'] %} {% elif base_package_type == 'deb' %} diff --git a/docker/manila/manila-share/Dockerfile.j2 b/docker/manila/manila-share/Dockerfile.j2 index a49d697f6b..35ff6b8f48 100644 --- a/docker/manila/manila-share/Dockerfile.j2 +++ b/docker/manila/manila-share/Dockerfile.j2 @@ -7,10 +7,11 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{% if base_package_type == 'rpm' %} + {# NOTE(mnasiadka): glusterfs-fuse missing in CentOS 10 Stream - temporarily from Kolla COPR #} {{ macros.enable_extra_repos(['ceph', 'epel', 'kolla_el10']) }} -{% if base_package_type == 'rpm' %} {% set manila_share_packages = [ 'ceph-common', 'sqlite', diff --git a/docker/mariadb/mariadb-server/Dockerfile.j2 b/docker/mariadb/mariadb-server/Dockerfile.j2 index 55dd8b5b69..15b9e48a4e 100644 --- a/docker/mariadb/mariadb-server/Dockerfile.j2 +++ b/docker/mariadb/mariadb-server/Dockerfile.j2 @@ -9,11 +9,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='mysql') }} -{# NOTE(mgoddard): EPEL required for pv package #} {# NOTE(mnasiadka): Use AppStream version of MariaDB for now in CentOS #} -{{ macros.enable_extra_repos(['epel']) }} {% if base_package_type == 'rpm' %} + +{# NOTE(mgoddard): EPEL required for pv package #} +{{ macros.enable_extra_repos(['epel']) }} + {% set mariadb_packages = [ 'expect', 'mariadb-backup', diff --git a/docker/masakari/masakari-monitors/Dockerfile.j2 b/docker/masakari/masakari-monitors/Dockerfile.j2 index b7c847e1e5..76ad28d3fd 100644 --- a/docker/masakari/masakari-monitors/Dockerfile.j2 +++ b/docker/masakari/masakari-monitors/Dockerfile.j2 @@ -7,10 +7,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['hacluster']) }} - {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['hacluster']) }} + {% set masakari_monitors_packages = [ 'cyrus-sasl-md5', 'cyrus-sasl-scram', diff --git a/docker/neutron/neutron-base/Dockerfile.j2 b/docker/neutron/neutron-base/Dockerfile.j2 index 3e4ef5a152..e3d19178d4 100644 --- a/docker/neutron/neutron-base/Dockerfile.j2 +++ b/docker/neutron/neutron-base/Dockerfile.j2 @@ -7,11 +7,13 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['docker-ce', 'openvswitch']) }} +{{ macros.enable_extra_repos(['docker-ce']) }} {{ macros.configure_user(name='neutron') }} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set neutron_base_packages = [ 'conntrack-tools', 'dnsmasq', diff --git a/docker/nova/nova-base/Dockerfile.j2 b/docker/nova/nova-base/Dockerfile.j2 index 747393944b..f7ad8f0ad9 100644 --- a/docker/nova/nova-base/Dockerfile.j2 +++ b/docker/nova/nova-base/Dockerfile.j2 @@ -7,11 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='nova', groups='qemu') }} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set nova_base_packages = [ 'openvswitch${KOLLA_RPM_OVS_VERSION}', 'python3-openvswitch${KOLLA_RPM_OVS_VERSION}' diff --git a/docker/nova/nova-compute/Dockerfile.j2 b/docker/nova/nova-compute/Dockerfile.j2 index 1378b21e62..8c31461f3e 100644 --- a/docker/nova/nova-compute/Dockerfile.j2 +++ b/docker/nova/nova-compute/Dockerfile.j2 @@ -7,10 +7,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['ceph', 'epel']) }} - {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['ceph', 'epel']) }} + {% set nova_compute_packages = [ 'ceph-common', 'cyrus-sasl-md5', diff --git a/docker/nova/nova-libvirt/Dockerfile.j2 b/docker/nova/nova-libvirt/Dockerfile.j2 index ea165b1005..d65d315841 100644 --- a/docker/nova/nova-libvirt/Dockerfile.j2 +++ b/docker/nova/nova-libvirt/Dockerfile.j2 @@ -9,10 +9,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='nova', groups='qemu') }} -{{ macros.enable_extra_repos(['ceph', 'crb', 'epel', 'openvswitch']) }} - {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['ceph', 'crb', 'epel', 'openvswitch']) }} + {% set nova_libvirt_packages = [ 'ceph-common', 'cyrus-sasl-md5', diff --git a/docker/octavia/octavia-base/Dockerfile.j2 b/docker/octavia/octavia-base/Dockerfile.j2 index 5c03274704..d64ecde2e2 100644 --- a/docker/octavia/octavia-base/Dockerfile.j2 +++ b/docker/octavia/octavia-base/Dockerfile.j2 @@ -7,11 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='octavia') }} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set octavia_base_packages = [ 'python3-openvswitch${KOLLA_RPM_OVS_VERSION}' ] %} diff --git a/docker/openstack-base/Dockerfile.j2 b/docker/openstack-base/Dockerfile.j2 index 47301fff97..fafd405d55 100644 --- a/docker/openstack-base/Dockerfile.j2 +++ b/docker/openstack-base/Dockerfile.j2 @@ -7,9 +7,10 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{% if base_package_type == 'rpm' %} + {{ macros.enable_extra_repos(['crb', 'epel']) }} -{% if base_package_type == 'rpm' %} {% set openstack_base_packages = [ 'gcc', 'gcc-c++', diff --git a/docker/openvswitch/openvswitch-base/Dockerfile.j2 b/docker/openvswitch/openvswitch-base/Dockerfile.j2 index 1a40e846ea..4400d4f1ea 100644 --- a/docker/openvswitch/openvswitch-base/Dockerfile.j2 +++ b/docker/openvswitch/openvswitch-base/Dockerfile.j2 @@ -7,11 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} - {% block ovs_install %} {% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set openvswitch_base_packages = [ 'libibverbs', 'openvswitch${KOLLA_RPM_OVS_VERSION}', diff --git a/docker/rabbitmq/Dockerfile.j2 b/docker/rabbitmq/Dockerfile.j2 index 3ff00eef7c..4f00c818a4 100644 --- a/docker/rabbitmq/Dockerfile.j2 +++ b/docker/rabbitmq/Dockerfile.j2 @@ -9,7 +9,7 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {{ macros.configure_user(name='rabbitmq') }} -{{ macros.enable_extra_repos(['crb', 'erlang', 'rabbitmq']) }} +{{ macros.enable_extra_repos(['erlang', 'rabbitmq']) }} {% block rabbitmq_apt_preferences %} {% if base_package_type == 'deb' %} @@ -20,6 +20,8 @@ COPY apt_preferences_rabbitmq.{{ base_distro }} /etc/apt/preferences.d/rabbitmq {% block rabbitmq_install %} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['crb']) }} + {% set rabbitmq_packages = [ 'erlang-27.*', 'rabbitmq-server-4.1.*' diff --git a/docker/tacker/tacker-base/Dockerfile.j2 b/docker/tacker/tacker-base/Dockerfile.j2 index 51459eae04..5f66d744ac 100644 --- a/docker/tacker/tacker-base/Dockerfile.j2 +++ b/docker/tacker/tacker-base/Dockerfile.j2 @@ -7,9 +7,14 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='tacker') }} +{% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['openvswitch']) }} + +{% endif %} + ADD tacker-base-archive /tacker-base-source ADD plugins-archive / diff --git a/docker/telegraf/Dockerfile.j2 b/docker/telegraf/Dockerfile.j2 index 20764b1270..da431aeee7 100644 --- a/docker/telegraf/Dockerfile.j2 +++ b/docker/telegraf/Dockerfile.j2 @@ -7,10 +7,9 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{{ macros.enable_extra_repos(['influxdb']) }} {{ macros.configure_user(name='telegraf', homedir='/etc/telegraf') }} -{{ macros.enable_extra_repos(['influxdb', 'opstools']) }} - {% set telegraf_packages = [ 'chrony', 'net-tools', @@ -18,6 +17,9 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build ] %} {% if base_package_type == 'rpm' %} + +{{ macros.enable_extra_repos(['opstools']) }} + {% set telegraf_packages = telegraf_packages + [ 'collectd', ] %} diff --git a/docker/zun/zun-base/Dockerfile.j2 b/docker/zun/zun-base/Dockerfile.j2 index 2d3cac741d..b6eac1907b 100644 --- a/docker/zun/zun-base/Dockerfile.j2 +++ b/docker/zun/zun-base/Dockerfile.j2 @@ -7,11 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} -{{ macros.enable_extra_repos(['openvswitch']) }} {{ macros.configure_user(name='zun') }} {% if base_package_type == 'rpm' %} +{{ macros.enable_extra_repos(['openvswitch']) }} + {% set zun_base_packages = [ 'numactl', ] %} diff --git a/docker/zun/zun-compute/Dockerfile.j2 b/docker/zun/zun-compute/Dockerfile.j2 index 17f34e0bed..e6c778f0b6 100644 --- a/docker/zun/zun-compute/Dockerfile.j2 +++ b/docker/zun/zun-compute/Dockerfile.j2 @@ -7,8 +7,12 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build {% import "macros.j2" as macros with context %} +{% if base_package_type == 'rpm' %} + {{ macros.enable_extra_repos(['ceph', 'epel']) }} +{% endif %} + {% set zun_compute_packages = [ 'ceph-common', 'e2fsprogs', diff --git a/kolla/common/config.py b/kolla/common/config.py index d2984d7ec1..83b0cb922e 100644 --- a/kolla/common/config.py +++ b/kolla/common/config.py @@ -27,14 +27,14 @@ DEFAULT_BASE_TAGS = { 'centos': {'name': 'quay.io/centos/centos', 'tag': 'stream10'}, 'debian': {'name': 'debian', 'tag': 'bookworm'}, - 'rocky': {'name': 'quay.io/rockylinux/rockylinux', 'tag': '9'}, + 'rocky': {'name': 'quay.io/rockylinux/rockylinux', 'tag': '10'}, 'ubuntu': {'name': 'ubuntu', 'tag': '24.04'}, } # NOTE(hrw): has to match PRETTY_NAME in /etc/os-release DISTRO_PRETTY_NAME = { 'centos': 'CentOS Stream 10', 'debian': 'Debian GNU/Linux 12 (bookworm)', - 'rocky': 'Rocky Linux 9.* (Blue Onyx)', + 'rocky': 'Rocky Linux 10.* (Red Quartz)', 'ubuntu': 'Ubuntu 24.04.* LTS', } OPENSTACK_RELEASE = '2025.2' diff --git a/kolla/image/unbuildable.py b/kolla/image/unbuildable.py index c426b3eab8..997b4b86b3 100644 --- a/kolla/image/unbuildable.py +++ b/kolla/image/unbuildable.py @@ -27,8 +27,8 @@ "nova-spicehtml5proxy", # Missing spicehtml5 package "ovsdpdk", # Not supported on CentOS "redis-base", # Missing in CS10 - "tgtd", # Not supported on CentOS "telegraf", # CS10 no opstools repo + "tgtd", # Not supported on CentOS }, 'debian': { @@ -41,6 +41,8 @@ "hacluster-pcs", # Missing crmsh package "nova-spicehtml5proxy", # Missing spicehtml5 package "ovsdpdk", # Not supported on CentOS + "redis-base", # Missing in Rocky10 + "telegraf", # CS10 no opstools repo "tgtd", # Not supported on CentOS }, diff --git a/kolla/template/methods.py b/kolla/template/methods.py index e9edbfeb01..53e0da95b2 100644 --- a/kolla/template/methods.py +++ b/kolla/template/methods.py @@ -10,6 +10,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +from kolla.image.utils import LOG import os import typing as t @@ -17,6 +18,29 @@ from jinja2 import pass_context +APT_ARCH = " && echo 'Architectures: {arch}' \ +>>/etc/apt/sources.list.d/{repo}.sources" +APT_REPO = "echo 'Uris: {url}' >/etc/apt/sources.list.d/{repo}.sources && \ +echo 'Components: {component}' >>/etc/apt/sources.list.d/{repo}.sources && \ +echo 'Types: deb' >>/etc/apt/sources.list.d/{repo}.sources && \ +echo 'Suites: {suite}' >>/etc/apt/sources.list.d/{repo}.sources && \ +echo 'Signed-By: /etc/kolla/apt-keys/{gpg_key}' \ +>>/etc/apt/sources.list.d/{repo}.sources" +DNF_BASEURL = " && echo 'baseurl={baseurl}' >>/etc/yum.repos.d/{repo}.repo" +DNF_DISABLE = "dnf config-manager --disable {name} || true" +DNF_ENABLE = "dnf config-manager --enable {name} || true" +DNF_GPGCHECK = " && echo 'gpgcheck={gpgcheck}' >>/etc/yum.repos.d/{repo}.repo" +DNF_GPGKEY = " && echo 'gpgkey={gpgkey}' >>/etc/yum.repos.d/{repo}.repo" +DNF_GPGKEY_ADD = " && echo ' {gpgkey}' >>/etc/yum.repos.d/{repo}.repo" +DNF_METALINK = " && echo 'metalink={metalink}' >>/etc/yum.repos.d/{repo}.repo" +DNF_MIRRORLIST = " && \ +echo 'mirrorlist={mirrorlist}' >>/etc/yum.repos.d/{repo}.repo" +DNF_REPO = "echo '[{name}]' >/etc/yum.repos.d/{repo}.repo && \ +echo 'name={name}' >>/etc/yum.repos.d/{repo}.repo && \ +echo 'enabled=1' >>/etc/yum.repos.d/{repo}.repo" +DNF_REPO_GPGCHECK = " && echo 'repo_gpgcheck={repo_gpgcheck}' \ +>>/etc/yum.repos.d/{repo}.repo" + def debian_package_install(packages, clean_package_cache=True): """Jinja utility method for building debian-based package install command. @@ -81,13 +105,6 @@ def handle_repos(context, reponames, mode): Distro/arch are not required to have all entries - we ignore missing ones. """ - if mode == 'enable': - rpm_switch = '--enable' - elif mode == 'disable': - rpm_switch = '--disable' - else: - raise KeyError - if not isinstance(reponames, list): raise TypeError("First argument should be a list of repositories") @@ -104,49 +121,93 @@ def handle_repos(context, reponames, mode): base_package_type = context.get('base_package_type') base_distro = context.get('base_distro') base_arch = context.get('base_arch') + image_name = context.get('image_name') commands = '' try: - repo_list = repo_data['%s-%s' % (base_distro, base_arch)] + repo_list = repo_data[base_distro] | \ + repo_data['%s-%s' % (base_distro, base_arch)] except KeyError: # NOTE(hrw): Fallback to distro list repo_list = repo_data[base_distro] - for repo in reponames: + for index, repo in enumerate(reponames): try: + _repo = repo_list[repo] if base_package_type == 'rpm': - commands += ' %s %s' % (rpm_switch, repo_list[repo]) - elif base_package_type == 'deb': if mode == 'enable': - commands += f"""echo 'Uris: {repo_list[repo]['url']}' \ ->/etc/apt/sources.list.d/{repo}.sources \ -&& echo 'Components: {repo_list[repo]['component']}' \ ->>/etc/apt/sources.list.d/{repo}.sources \ -&& echo 'Types: deb' >>/etc/apt/sources.list.d/{repo}.sources \ -&& echo 'Suites: {repo_list[repo]['suite']}' \ ->>/etc/apt/sources.list.d/{repo}.sources \ -&& echo 'Signed-By: /etc/kolla/apt-keys/{repo_list[repo]['gpg_key']}' \ ->>/etc/apt/sources.list.d/{repo}.sources \ -&& """ - if repo_list[repo]['arch']: - commands += f"""echo 'Architectures: \ -{repo_list[repo]['arch']}' \ ->>/etc/apt/sources.list.d/{repo}.sources \ -&& """ - except KeyError: - # NOTE(hrw): we ignore missing repositories for a given - # distro/arch - pass - - if base_package_type == 'rpm' and commands: - # NOTE(hrw): if commands is empty then no repos are enabled - # otherwise we need to add command to handle repositories - # NOTE(hrw) dnf errors out if we enable unknown repo - commands = 'dnf config-manager %s || true' % commands - elif base_package_type == 'deb': - # NOTE(hrw): Debian commands end with '&&' - commands = commands[0:-4] + if not _repo.get('distro'): + commands += DNF_REPO.format( + name=_repo['name'], + repo=repo, + ) + if _repo.get('gpgcheck'): + commands += DNF_GPGCHECK.format( + gpgcheck=_repo['gpgcheck'], + repo=repo) + + if _repo.get('repo_gpgcheck'): + commands += DNF_REPO_GPGCHECK.format( + repo_gpgcheck=_repo['repo_gpgcheck'], + repo=repo) + + # NOTE(mnasiadka): Support multiple gpgkeys + gpgkeys = _repo['gpgkey'].splitlines() + for _, gpgkey in enumerate(gpgkeys): + if _ == 0: + commands += DNF_GPGKEY.format(gpgkey=gpgkey, + repo=repo) + else: + commands += DNF_GPGKEY_ADD.format( + gpgkey=gpgkey, + repo=repo) + else: + commands += DNF_ENABLE.format(name=_repo['name']) + + if 'baseurl' in _repo: + # NOTE(mnasiadka): Support multiple baseurls + baseurl = _repo['baseurl'].splitlines() + for url in baseurl: + commands += DNF_BASEURL.format(baseurl=url, + repo=repo) + elif 'metalink' in _repo: + commands += DNF_METALINK.format( + metalink=_repo['metalink'], repo=repo + ) + + elif 'mirrorlist' in _repo: + commands += DNF_MIRRORLIST.format( + mirrorlist=_repo['mirrorlist'], repo=repo + ) + + if index != len(reponames) - 1: + commands += " && " + + elif mode == 'disable' and _repo.get('distro'): + commands += DNF_DISABLE.format(name=_repo['name']) + + elif base_package_type == "deb": + if mode == "enable": + commands += APT_REPO.format( + component=_repo['component'], + gpg_key=_repo['gpg_key'], + suite=_repo['suite'], + url=_repo['url'], + repo=repo, + ) + + if 'arch' in _repo: + commands += APT_ARCH.format( + arch=_repo['arch'], repo=repo + ) + + if index != len(reponames) - 1: + commands += ' && ' + except KeyError as e: + LOG.exception("Error enabling repository %s in image %s", e, + image_name) + raise if commands: commands = "RUN %s" % commands diff --git a/kolla/template/repos.yaml b/kolla/template/repos.yaml index 570ce95ba6..0b4db0dbd2 100644 --- a/kolla/template/repos.yaml +++ b/kolla/template/repos.yaml @@ -1,43 +1,87 @@ --- centos: - ceph: "centos-ceph-squid" - crb: "crb" - docker-ce: "docker-ce" - epel: "epel" - erlang: "rabbitmq_rabbitmq-erlang" - extras: "extras" - fluentd: "fluent-package-lts" - grafana: "grafana" - hacluster: "highavailability" - influxdb: "influxdb" - kolla_el10: "kolla_el10" - mariadb: "mariadb" - opensearch: "opensearch-3.x" - opensearch-dashboards: "opensearch-dashboards-3.x" - openvswitch: "centos-nfv-openvswitch" - opstools: "centos-opstools" - proxysql: "proxysql" - rabbitmq: "rabbitmq_rabbitmq-server" + ceph: + gpgkey: "https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage" + metalink: "https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-9-stream&arch=$basearch" + name: "centos-ceph-squid" + crb: + distro: True + name: "crb" + docker-ce: + gpgkey: "https://download.docker.com/linux/centos/gpg" + baseurl: "https://download.docker.com/linux/centos/$releasever/$basearch/stable" + name: "docker-ce" + epel: + gpgkey: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever" + metalink: "https://mirrors.fedoraproject.org/metalink?repo=epel-$releasever&arch=$basearch&infra=$infra&content=$contentdir" + name: "epel" + erlang: + baseurl: | + https://yum1.rabbitmq.com/erlang/el/9/$basearch + https://yum2.rabbitmq.com/erlang/el/9/$basearch + gpgkey: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key" + name: "rabbitmq_rabbitmq-erlang" + extras: + distro: True + name: "extras" + fluentd: + baseurl: "https://packages.treasuredata.com/lts/5/redhat/9/$basearch" + gpgkey: "https://packages.treasuredata.com/GPG-KEY-td-agent" + name: "fluent-package-lts" + grafana: + baseurl: "https://rpm.grafana.com" + gpgkey: "https://rpm.grafana.com/gpg.key" + name: "grafana" + hacluster: + name: "highavailability" + distro: true + influxdb: + baseurl: "https://repos.influxdata.com/rhel/9/$basearch/stable" + gpgkey: "https://repos.influxdata.com/influxdata-archive_compat.key" + name: "influxdb" + kolla_el10: + baseurl: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/epel-10-$basearch/" + gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/pubkey.gpg" + name: "kolla_el10" + mariadb: + baseurl: "https://dlm.mariadb.com/repo/mariadb-server/10.11/yum/rhel/$releasever/$basearch" + gpgkey: "https://downloads.mariadb.com/MariaDB/RPM-GPG-KEY-MariaDB" + name: "mariadb" + opensearch: + baseurl: "https://artifacts.opensearch.org/releases/bundle/opensearch/3.x/yum" + gpgkey: "https://artifacts.opensearch.org/publickeys/opensearch-release.pgp" + repo_gpgcheck: 1 + name: "opensearch32.x" + opensearch-dashboards: + baseurl: "https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/3.x/yum" + gpgkey: "https://artifacts.opensearch.org/publickeys/opensearch-release.pgp" + repo_gpgcheck: 1 + name: "opensearch-dashboards-3.x" + openvswitch: + gpgkey: "https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-NFV" + metalink: "https://mirrors.centos.org/metalink?repo=centos-nfv-sig-openvswitch-2-$stream&arch=$basearch&protocol=https,http" + name: "centos-nfv-openvswitch" + opstools: + distro: True + name: "opstools" + proxysql: + baseurl: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/almalinux/9" + gpgkey: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/repo_pub_key" + name: "proxysql" + rabbitmq: + baseurl: | + https://yum1.rabbitmq.com/rabbitmq/el/9/noarch + https://yum2.rabbitmq.com/rabbitmq/el/9/noarch + gpgkey: | + https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key + https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc + name: "rabbitmq_rabbitmq-server" centos-aarch64: - ceph: "centos-ceph-squid" - crb: "crb" - docker-ce: "docker-ce" - epel: "epel" - erlang: "copr-rabbitmq-erlang" - extras: "extras" - fluentd: "fluent-package-lts" - grafana: "grafana" - hacluster: "highavailability" - influxdb: "influxdb" - kolla_el10: "kolla_el10" - mariadb: "mariadb" - opensearch: "opensearch-3.x" - opensearch-dashboards: "opensearch-dashboards-3.x" - openvswitch: "centos-nfv-openvswitch" - opstools: "centos-opstools" - proxysql: "proxysql" - rabbitmq: "rabbitmq_rabbitmq-server" + erlang: + baseurl: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/rhel-$releasever-aarch64/" + gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/pubkey.gpg" + name: "copr-rabbitmq-erlang" # NOTE(mnasiadka): For RabbitMQ Debuntu suite names is following: # https://www.rabbitmq.com/install-debian.html#apt-cloudsmith @@ -95,51 +139,6 @@ debian: gpg_key: "rabbitmq.gpg" debian-aarch64: - docker-ce: - url: "https://download.docker.com/linux/debian" - suite: "bookworm" - component: "stable" - gpg_key: "docker-ce.asc" - erlang: - url: "https://ppa.launchpadcontent.net/rabbitmq/rabbitmq-erlang/ubuntu" - suite: "jammy" - component: "main" - gpg_key: "erlang-ppa.gpg" - fluentd: - url: "https://packages.treasuredata.com/lts/5/debian/bookworm" - suite: "bookworm" - component: "contrib" - gpg_key: "treasuredata.asc" - grafana: - url: "https://apt.grafana.com" - suite: "stable" - component: "main" - gpg_key: "grafana.asc" - influxdb: - url: "https://repos.influxdata.com/ubuntu" - suite: "jammy" - component: "stable" - gpg_key: "influxdb.asc" - mariadb: - url: "https://dlm.mariadb.com/repo/mariadb-server/10.11.13/repo/debian" - suite: "bookworm" - component: "main" - gpg_key: "mariadb.gpg" - opensearch: - url: "https://artifacts.opensearch.org/releases/bundle/opensearch/3.x/apt/" - suite: "stable" - component: "main" - gpg_key: "opensearch.asc" - opensearch-dashboards: - url: "https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/3.x/apt/" - suite: "stable" - component: "main" - gpg_key: "opensearch.asc" - proxysql: - url: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/bookworm/" - suite: "./" - component: "" - gpg_key: "proxysql.asc" rabbitmq: url: "https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian" suite: "bookworm" @@ -150,97 +149,90 @@ debian-aarch64: gpg_key: "rabbitmq.gpg" rocky: - ceph: "centos-ceph-reef" - crb: "crb" - docker-ce: "docker-ce" - epel: "epel" - erlang: "rabbitmq_rabbitmq-erlang" - extras: "extras" - fluentd: "fluent-package-lts" - grafana: "grafana" - hacluster: "highavailability" - influxdb: "influxdb" - mariadb: "mariadb" - opensearch: "opensearch-3.x" - opensearch-dashboards: "opensearch-dashboards-3.x" - openvswitch: "centos-nfv-openvswitch" - opstools: "centos-opstools" - proxysql: "proxysql" - rabbitmq: "rabbitmq_rabbitmq-server" - -rocky-aarch64: - ceph: "centos-ceph-reef" - crb: "crb" - docker-ce: "docker-ce" - epel: "epel" - erlang: "copr-rabbitmq-erlang" - extras: "extras" - fluentd: "fluent-package-lts" - grafana: "grafana" - influxdb: "influxdb" - hacluster: "highavailability" - mariadb: "mariadb" - opensearch: "opensearch-3.x" - opensearch-dashboards: "opensearch-dashboards-3.x" - openvswitch: "centos-nfv-openvswitch" - opstools: "centos-opstools" - proxysql: "proxysql" - rabbitmq: "rabbitmq_rabbitmq-server" - -ubuntu: + ceph: + gpgkey: "https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage" + metalink: "https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-9-stream&arch=$basearch" + name: "centos-ceph-squid" + crb: + distro: True + name: "crb" docker-ce: - url: "https://download.docker.com/linux/ubuntu" - suite: "noble" - component: "stable" - gpg_key: "docker-ce.asc" + gpgkey: "https://download.docker.com/linux/centos/gpg" + baseurl: "https://download.docker.com/linux/centos/$releasever/$basearch/stable" + name: "docker-ce" + epel: + gpgkey: "https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever" + metalink: "https://mirrors.fedoraproject.org/metalink?repo=epel-$releasever&arch=$basearch&infra=$infra&content=$contentdir" + name: "epel" erlang: - url: "https://ppa.launchpadcontent.net/rabbitmq/rabbitmq-erlang/ubuntu" - suite: "noble" - component: "main" - gpg_key: "erlang-ppa.gpg" + baseurl: | + https://yum1.rabbitmq.com/erlang/el/9/$basearch + https://yum2.rabbitmq.com/erlang/el/9/$basearch + gpgkey: "https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-erlang.E495BB49CC4BBE5B.key" + name: "rabbitmq_rabbitmq-erlang" + extras: + distro: True + name: "extras" fluentd: - url: "https://packages.treasuredata.com/lts/5/ubuntu/noble/" - suite: "noble" - component: "contrib" - gpg_key: "treasuredata.asc" + baseurl: "https://packages.treasuredata.com/lts/5/redhat/9/$basearch" + gpgkey: "https://packages.treasuredata.com/GPG-KEY-td-agent" + name: "fluent-package-lts" grafana: - url: "https://apt.grafana.com" - suite: "stable" - component: "main" - gpg_key: "grafana.asc" + baseurl: "https://rpm.grafana.com" + gpgkey: "https://rpm.grafana.com/gpg.key" + name: "grafana" + hacluster: + name: "highavailability" + distro: true influxdb: - url: "https://repos.influxdata.com/ubuntu" - # TODO(mnasiadka): Switch to noble when available - suite: "jammy" - component: "stable" - gpg_key: "influxdb.asc" + baseurl: "https://repos.influxdata.com/rhel/9/$basearch/stable" + gpgkey: "https://repos.influxdata.com/influxdata-archive_compat.key" + name: "influxdb" + kolla_el10: + baseurl: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/epel-10-$basearch/" + gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/el10-missing/pubkey.gpg" + name: "kolla_el10" mariadb: - url: "https://dlm.mariadb.com/repo/mariadb-server/10.11.13/repo/ubuntu" - suite: "noble" - component: "main" - gpg_key: "mariadb.gpg" + baseurl: "https://dlm.mariadb.com/repo/mariadb-server/10.11/yum/rhel/$releasever/$basearch" + gpgkey: "https://downloads.mariadb.com/MariaDB/RPM-GPG-KEY-MariaDB" + name: "mariadb" opensearch: - url: "https://artifacts.opensearch.org/releases/bundle/opensearch/3.x/apt/" - suite: "stable" - component: "main" - gpg_key: "opensearch.asc" + baseurl: "https://artifacts.opensearch.org/releases/bundle/opensearch/3.x/yum" + gpgkey: "https://artifacts.opensearch.org/publickeys/opensearch-release.pgp" + repo_gpgcheck: 1 + name: "opensearch32.x" opensearch-dashboards: - url: "https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/3.x/apt/" - suite: "stable" - component: "main" - gpg_key: "opensearch.asc" + baseurl: "https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/3.x/yum" + gpgkey: "https://artifacts.opensearch.org/publickeys/opensearch-release.pgp" + repo_gpgcheck: 1 + name: "opensearch-dashboards-3.x" + openvswitch: + gpgkey: "https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-NFV" + metalink: "https://mirrors.centos.org/metalink?repo=centos-nfv-sig-openvswitch-2-$stream&arch=$basearch&protocol=https,http" + name: "centos-nfv-openvswitch" + opstools: + distro: True + name: "opstools" proxysql: - url: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/noble/" - suite: "./" - component: "" - gpg_key: "proxysql.asc" + baseurl: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/almalinux/9" + gpgkey: "https://repo.proxysql.com/ProxySQL/proxysql-3.0.x/repo_pub_key" + name: "proxysql" rabbitmq: - url: "https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/ubuntu" - suite: "noble" - component: "main" - gpg_key: "rabbitmq.gpg" + baseurl: | + https://yum1.rabbitmq.com/rabbitmq/el/9/noarch + https://yum2.rabbitmq.com/rabbitmq/el/9/noarch + gpgkey: | + https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key + https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc + name: "rabbitmq_rabbitmq-server" -ubuntu-aarch64: +rocky-aarch64: + erlang: + baseurl: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/rhel-$releasever-aarch64/" + gpgkey: "https://download.copr.fedorainfracloud.org/results/@openstack-kolla/rabbitmq-erlang-27/pubkey.gpg" + name: "copr-rabbitmq-erlang" + +ubuntu: docker-ce: url: "https://download.docker.com/linux/ubuntu" suite: "noble" @@ -291,5 +283,14 @@ ubuntu-aarch64: url: "https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/ubuntu" suite: "noble" component: "main" + gpg_key: "rabbitmq.gpg" + +ubuntu-aarch64: + rabbitmq: + url: "https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian" + suite: "noble" + component: "main" + # NOTE(mnasiadka): Since rabbitmq is really noarch and community mirror is not + # syncing binary-aarch64 - we're using amd64 here. arch: "amd64" gpg_key: "rabbitmq.gpg" diff --git a/kolla/tests/test_methods.py b/kolla/tests/test_methods.py index 395dadd4e5..6559c5d4de 100644 --- a/kolla/tests/test_methods.py +++ b/kolla/tests/test_methods.py @@ -22,50 +22,155 @@ def test_debian_package_install(self): expectCmd = 'apt-get -y install --no-install-recommends package2.deb' self.assertEqual(expectCmd, result.split("&&")[1].strip()) - def test_enable_repos_centos(self): + def test_enable_repos_centos_baseurl(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'centos', 'base_package_type': 'rpm', } - result = methods.handle_repos(template_vars, ['grafana'], 'enable') - expectCmd = 'RUN dnf config-manager --enable grafana || true' + result = methods.handle_repos(template_vars, ["grafana"], "enable") + expectCmd = "RUN echo '[grafana]' " + expectCmd += ">/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'name=grafana' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'gpgkey=https://rpm.grafana.com/gpg.key' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'baseurl=https://rpm.grafana.com' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo" self.assertEqual(expectCmd, result) - def test_enable_repos_centos_missing_repo(self): + def test_enable_repos_centos_metalink(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'centos', 'base_package_type': 'rpm', } - result = methods.handle_repos(template_vars, ['missing_repo'], - 'enable') - expectCmd = '' + result = methods.handle_repos(template_vars, ["ceph"], "enable") + expectCmd = "RUN echo '[centos-ceph-squid]' " + expectCmd += ">/etc/yum.repos.d/ceph.repo && " + expectCmd += "echo 'name=centos-ceph-squid' " + expectCmd += ">>/etc/yum.repos.d/ceph.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/ceph.repo && " + expectCmd += "echo 'gpgkey=https://www.centos.org/keys/RPM-GPG-KEY-CentOS-SIG-Storage' " # noqa: E501 + expectCmd += ">>/etc/yum.repos.d/ceph.repo && " + expectCmd += "echo 'metalink=https://mirrors.centos.org/metalink?repo=centos-storage-sig-ceph-squid-9-stream&arch=$basearch' " # noqa: E501 + expectCmd += ">>/etc/yum.repos.d/ceph.repo" + self.assertEqual(expectCmd, result) + + def test_enable_repos_centos_arch(self): + template_vars = { + "base_arch": "aarch64", + "base_distro": "centos", + "base_package_type": "rpm", + } + + result = methods.handle_repos(template_vars, ["grafana"], "enable") + expectCmd = "RUN echo '[grafana]' " + expectCmd += ">/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'name=grafana' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'gpgkey=https://rpm.grafana.com/gpg.key' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'baseurl=https://rpm.grafana.com' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo" self.assertEqual(expectCmd, result) def test_enable_repos_centos_multiple(self): template_vars = { - 'base_arch': 'x86_64', - 'base_distro': 'centos', - 'base_package_type': 'rpm', + "base_arch": "x86_64", + "base_distro": "centos", + "base_package_type": "rpm", + } + + result = methods.handle_repos(template_vars, + ["grafana", "rabbitmq"], "enable") + expectCmd = "RUN echo '[grafana]' " + expectCmd += ">/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'name=grafana' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'gpgkey=https://rpm.grafana.com/gpg.key' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'baseurl=https://rpm.grafana.com' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + + expectCmd += "echo '[rabbitmq_rabbitmq-server]' " + expectCmd += ">/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo 'name=rabbitmq_rabbitmq-server' " + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo 'gpgkey=https://github.com/rabbitmq/signing-keys/releases/download/3.0/cloudsmith.rabbitmq-server.9F4587F226208342.key' " # noqa + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo ' https://github.com/rabbitmq/signing-keys/releases/download/3.0/rabbitmq-release-signing-key.asc' " # noqa + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo 'baseurl=https://yum1.rabbitmq.com/rabbitmq/el/9/noarch' " # noqa + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo && " + expectCmd += "echo 'baseurl=https://yum2.rabbitmq.com/rabbitmq/el/9/noarch' " # noqa + expectCmd += ">>/etc/yum.repos.d/rabbitmq.repo" + self.assertEqual(expectCmd, result) + + def test_enable_repos_centos_distro_enable(self): + template_vars = { + "base_arch": "x86_64", + "base_distro": "centos", + "base_package_type": "rpm", } - result = methods.handle_repos(template_vars, ['grafana', 'ceph'], - 'enable') - expectCmd = 'RUN dnf config-manager --enable grafana ' - expectCmd += '--enable centos-ceph-squid || true' + result = methods.handle_repos(template_vars, + ['crb'], 'enable') + expectCmd = "RUN dnf config-manager --enable crb || true" + self.assertEqual(expectCmd, result) + + def test_enable_repos_centos_distro_disable(self): + template_vars = { + "base_arch": "x86_64", + "base_distro": "centos", + "base_package_type": "rpm", + } + + result = methods.handle_repos(template_vars, ['crb'], 'disable') + expectCmd = "RUN dnf config-manager --disable crb || true" + self.assertEqual(expectCmd, result) + + def test_enable_repos_centos_distro_enable_multiple(self): + template_vars = { + "base_arch": "x86_64", + "base_distro": "centos", + "base_package_type": "rpm", + } + + result = methods.handle_repos(template_vars, + ['crb', 'grafana'], 'enable') + expectCmd = "RUN dnf config-manager --enable crb || true && " + expectCmd += "echo '[grafana]' " + expectCmd += ">/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'name=grafana' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'enabled=1' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'gpgkey=https://rpm.grafana.com/gpg.key' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo && " + expectCmd += "echo 'baseurl=https://rpm.grafana.com' " + expectCmd += ">>/etc/yum.repos.d/grafana.repo" self.assertEqual(expectCmd, result) def test_enable_repos_debian(self): template_vars = { - 'base_arch': 'x86_64', - 'base_distro': 'debian', - 'base_package_type': 'deb' + "base_arch": "x86_64", + "base_distro": "debian", + "base_package_type": "deb", } - result = methods.handle_repos(template_vars, ['grafana'], 'enable') + result = methods.handle_repos(template_vars, ["grafana"], "enable") expectCmd = "RUN echo 'Uris: https://apt.grafana.com' " expectCmd += ">/etc/apt/sources.list.d/grafana.sources && " expectCmd += "echo 'Components: main' " @@ -82,10 +187,10 @@ def test_enable_repos_debian_arch(self): template_vars = { 'base_arch': 'aarch64', 'base_distro': 'debian', - 'base_package_type': 'deb' + 'base_package_type': 'deb', } - result = methods.handle_repos(template_vars, ['rabbitmq'], 'enable') + result = methods.handle_repos(template_vars, ["rabbitmq"], "enable") expectCmd = "RUN echo 'Uris: https://ppa1.rabbitmq.com/rabbitmq/rabbitmq-server/deb/debian' " # noqa: E501 expectCmd += ">/etc/apt/sources.list.d/rabbitmq.sources && " expectCmd += "echo 'Components: main' " @@ -104,23 +209,21 @@ def test_enable_repos_debian_missing_repo(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'debian', - 'base_package_type': 'deb' + 'base_package_type': 'deb', } - result = methods.handle_repos(template_vars, ['missing_repo'], - 'enable') - expectCmd = '' - self.assertEqual(expectCmd, result) + self.assertRaises(KeyError, methods.handle_repos, template_vars, + ['missing_repo'], 'enable') def test_enable_repos_debian_multiple(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'debian', - 'base_package_type': 'deb' + 'base_package_type': 'deb', } - result = methods.handle_repos(template_vars, ['grafana', 'rabbitmq'], - 'enable') + result = methods.handle_repos(template_vars, + ['grafana', 'rabbitmq'], 'enable') expectCmd = "RUN echo 'Uris: https://apt.grafana.com' " expectCmd += ">/etc/apt/sources.list.d/grafana.sources && " expectCmd += "echo 'Components: main' " @@ -146,47 +249,23 @@ def test_enable_repos_debian_multiple(self): self.assertEqual(expectCmd, result) - def test_disable_repos_centos(self): - template_vars = { - 'base_arch': 'x86_64', - 'base_distro': 'centos', - 'base_package_type': 'rpm', - } - - result = methods.handle_repos(template_vars, ['grafana'], 'disable') - expectCmd = 'RUN dnf config-manager --disable grafana || true' - self.assertEqual(expectCmd, result) - - def test_disable_repos_centos_multiple(self): - template_vars = { - 'base_arch': 'x86_64', - 'base_distro': 'centos', - 'base_package_type': 'rpm', - } - - result = methods.handle_repos(template_vars, ['grafana', 'ceph'], - 'disable') - expectCmd = 'RUN dnf config-manager --disable grafana ' - expectCmd += '--disable centos-ceph-squid || true' - self.assertEqual(expectCmd, result) - # NOTE(hrw): there is no disabling of repos for Debian/Ubuntu def test_disable_repos_debian(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'debian', - 'base_package_type': 'deb' + 'base_package_type': 'deb', } - result = methods.handle_repos(template_vars, ['grafana'], 'disable') - expectCmd = '' + result = methods.handle_repos(template_vars, ["grafana"], "disable") + expectCmd = "" self.assertEqual(expectCmd, result) def test_handle_repos_string(self): template_vars = { 'base_arch': 'x86_64', 'base_distro': 'debian', - 'base_package_type': 'deb' + 'base_package_type': 'deb', } self.assertRaisesRegex(TypeError, diff --git a/releasenotes/notes/ironic-pxe-filter-b3b29090b0661ca2.yaml b/releasenotes/notes/ironic-pxe-filter-b3b29090b0661ca2.yaml new file mode 100644 index 0000000000..ffe875c345 --- /dev/null +++ b/releasenotes/notes/ironic-pxe-filter-b3b29090b0661ca2.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Adds ``ironic-pxe-filter`` container image. diff --git a/releasenotes/notes/repos-yaml-rpm-support-01ff7f5fc3b9ecf2.yaml b/releasenotes/notes/repos-yaml-rpm-support-01ff7f5fc3b9ecf2.yaml new file mode 100644 index 0000000000..b3815928fc --- /dev/null +++ b/releasenotes/notes/repos-yaml-rpm-support-01ff7f5fc3b9ecf2.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + Adds support for configuring RPM distributions repositories + using ``repos.yaml`` functionality. diff --git a/releasenotes/notes/rocky-10-4111fa0160be14ab.yaml b/releasenotes/notes/rocky-10-4111fa0160be14ab.yaml new file mode 100644 index 0000000000..2fccba7963 --- /dev/null +++ b/releasenotes/notes/rocky-10-4111fa0160be14ab.yaml @@ -0,0 +1,12 @@ +--- +features: + - | + Adds support for Rocky 10 as a base container image. This is the only major + version of Rocky supported from the 2025.2 release. +upgrade: + - | + Rocky 9 is no longer supported as a base container image. Rocky users + should migrate to Rocky 10. + - | + The following images were supported by Rocky 9 but lack suitable packages + in Rocky, and are no longer supported for Rocky: ``telegraf``. diff --git a/tests/templates/template_overrides.j2 b/tests/templates/template_overrides.j2 index 8dfc6a9ff4..d9d89b3e0e 100644 --- a/tests/templates/template_overrides.j2 +++ b/tests/templates/template_overrides.j2 @@ -19,27 +19,12 @@ RUN echo registry={{ nodepool_npmjs_proxy }} > /etc/npmrc \ {% endraw %} {% if base_distro == 'rocky' %} -{# -NOTE(hrw): Rocky is not mirrored but it uses CentOS repos which are - #} {% raw %} {% block base_centos_repo_overrides_post_copy %} {% endraw %} - -COPY ci-rocky.repo /etc/yum.repos.d/ -RUN cd /etc/yum.repos.d/ && mkdir not-for-ci/ \ - && sed -i -e "s/MIRROR/{{ nodepool_mirror_host }}/g" /etc/yum.repos.d/ci-rocky.repo - -{% raw %} -{% endblock %} -{% endraw %} - +RUN sed -i -e "s/^mirrorlist/#mirrorlist/g" -e "s/^#baseurl/baseurl/g" \ + /etc/yum.repos.d/rocky.repo {% raw %} - -{% block base_centos_repo_overrides_post_yum -%} -{%- endraw -%} - && cd /etc/yum.repos.d/ && mv CentOS*.repo epel*.repo not-for-ci/ -{%- raw -%} {% endblock %} {% endraw %} {% endif %} @@ -80,18 +65,7 @@ RUN if [ -f /usr/etc/npmrc ]; then \ fi \ && rm -f /etc/npmrc -{% if base_distro in ['centos', 'rocky'] %} -{# NOTE(hrw): Some images have two footer blocks. - For example neutron-infobox-ipam-agent being - child of neutron-server. -#} -RUN if [ -d /etc/yum.repos.d/not-for-ci/ ]; then \ - cd /etc/yum.repos.d/ && \ - rm ci-{{ base_distro }}.repo && \ - mv not-for-ci/*.repo . && \ - rm -rf not-for-ci; \ - fi; -{% elif base_distro == "debian" %} +{% if base_distro == "debian" %} RUN sed -i -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}|http://deb.debian.org|" \ -e "s|\[trusted=yes\] http://{{ nodepool_mirror_host }}|http://security.debian.org|" \ /etc/apt/sources.list diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml index 0a3d48f874..e071fd5898 100644 --- a/zuul.d/base.yaml +++ b/zuul.d/base.yaml @@ -17,13 +17,15 @@ - ^releasenotes/.*$ - ^specs/.*$ - ^test-requirements.txt$ - - ^\.zuul\.d/ + - ^zuul\.d/ - ^\..+ - ^contrib/ - ^LICENSE$ - ^tox\.ini$ vars: - base_arch: "x86_64" + base_arch: "{{ 'aarch64' if 'arm64' in zuul.job else 'x86_64' }}" + base_distro: "{{ zuul.job.split('-').2 }}" + base_distro_version: "{{ zuul.job.split('-').3 }}" publisher: false container_engine: "docker" extra-vars: diff --git a/zuul.d/centos.yaml b/zuul.d/centos.yaml index e90ea4fa67..3c48f9e0cf 100644 --- a/zuul.d/centos.yaml +++ b/zuul.d/centos.yaml @@ -3,24 +3,18 @@ name: kolla-build-centos-10s parent: kolla-base nodeset: kolla-centos-10s-8GB - vars: - base_distro: centos voting: false - job: - name: kolla-build-centos-10s-aarch64 + name: kolla-build-centos-10s-arm64 parent: kolla-build-centos-10s - nodeset: kolla-centos-10s-aarch64-8GB - vars: - base_arch: aarch64 + nodeset: kolla-centos-10s-arm64-8GB voting: false - job: - name: kolla-build-no-infra-wheels-centos-10s + name: kolla-build-centos-10s-no-infra-wheels parent: kolla-build-no-infra-wheels-base nodeset: kolla-centos-10s-8GB - vars: - base_distro: centos - project-template: name: kolla-build-centos @@ -31,7 +25,7 @@ - kolla-build-centos-10s check-arm64: jobs: - - kolla-build-centos-10s-aarch64 + - kolla-build-centos-10s-arm64 experimental: jobs: - - kolla-build-no-infra-wheels-centos-10s + - kolla-build-centos-10s-no-infra-wheels diff --git a/zuul.d/debian.yaml b/zuul.d/debian.yaml index 931d169b66..66b0badacf 100644 --- a/zuul.d/debian.yaml +++ b/zuul.d/debian.yaml @@ -3,25 +3,17 @@ name: kolla-build-debian-bookworm parent: kolla-base nodeset: kolla-debian-bookworm-8GB - vars: - base_distro: debian - base_distro_version: bookworm - job: name: kolla-build-debian-bookworm-podman parent: kolla-base-podman nodeset: kolla-debian-bookworm-8GB - vars: - base_distro: debian - base_distro_version: bookworm - job: - name: kolla-build-debian-bookworm-aarch64 + name: kolla-build-debian-bookworm-arm64 parent: kolla-build-debian-bookworm - nodeset: kolla-debian-bookworm-aarch64-8GB + nodeset: kolla-debian-bookworm-arm64-8GB voting: false - vars: - base_arch: aarch64 - job: name: kolla-publish-debian-bookworm-quay @@ -36,8 +28,8 @@ - kolla_quay_io_api - job: - name: kolla-publish-debian-bookworm-aarch64-quay - parent: kolla-build-debian-bookworm-aarch64 + name: kolla-publish-debian-bookworm-arm64-quay + parent: kolla-build-debian-bookworm-arm64 post-run: tests/playbooks/publish.yml vars: publisher: true @@ -48,11 +40,9 @@ - kolla_quay_io_api - job: - name: kolla-build-no-infra-wheels-debian-bookworm + name: kolla-build-debian-bookworm-no-infra-wheels parent: kolla-build-no-infra-wheels-base nodeset: kolla-debian-bookworm-8GB - vars: - base_distro: debian - project-template: name: kolla-build-debian @@ -64,15 +54,15 @@ - kolla-build-debian-bookworm-podman check-arm64: jobs: - - kolla-build-debian-bookworm-aarch64 + - kolla-build-debian-bookworm-arm64 gate: jobs: - kolla-build-debian-bookworm - kolla-build-debian-bookworm-podman experimental: jobs: - - kolla-build-no-infra-wheels-debian-bookworm + - kolla-build-debian-bookworm-no-infra-wheels periodic: jobs: - kolla-publish-debian-bookworm-quay - - kolla-publish-debian-bookworm-aarch64-quay + - kolla-publish-debian-bookworm-arm64-quay diff --git a/zuul.d/nodesets.yaml b/zuul.d/nodesets.yaml index 89c346ba9d..5a069beb6e 100644 --- a/zuul.d/nodesets.yaml +++ b/zuul.d/nodesets.yaml @@ -6,31 +6,43 @@ label: centos-10-stream-8GB - nodeset: - name: kolla-centos-10s-aarch64-8GB + name: kolla-centos-10s-arm64-8GB nodes: - name: primary label: centos-10-stream-arm64-8GB - nodeset: - name: kolla-ubuntu-noble-8GB + name: kolla-debian-bookworm-8GB nodes: - name: primary - label: ubuntu-noble-8GB + label: debian-bookworm-8GB - nodeset: - name: kolla-debian-bookworm-8GB + name: kolla-debian-bookworm-arm64-8GB nodes: - name: primary - label: debian-bookworm-8GB + label: debian-bookworm-arm64-8GB - nodeset: - name: kolla-debian-bookworm-aarch64-8GB + name: kolla-rocky-10-8GB nodes: - name: primary - label: debian-bookworm-arm64-8GB + label: rockylinux-10-8GB + +- nodeset: + name: kolla-rocky-10-arm64-8GB + nodes: + - name: primary + label: rockylinux-10-arm64-8GB + +- nodeset: + name: kolla-ubuntu-noble-8GB + nodes: + - name: primary + label: ubuntu-noble-8GB - nodeset: - name: kolla-ubuntu-noble-aarch64-8GB + name: kolla-ubuntu-noble-arm64-8GB nodes: - name: primary label: ubuntu-noble-arm64-8GB diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index b90e6f393a..f8652aaf73 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -7,6 +7,7 @@ - check-requirements - kolla-build-centos - kolla-build-debian + - kolla-build-rocky - kolla-build-ubuntu - kolla-periodic-copr - kolla-scenario-aio diff --git a/zuul.d/rocky.yaml b/zuul.d/rocky.yaml new file mode 100644 index 0000000000..f854cca6e2 --- /dev/null +++ b/zuul.d/rocky.yaml @@ -0,0 +1,55 @@ +--- +- job: + name: kolla-build-rocky-10 + parent: kolla-base + nodeset: kolla-rocky-10-8GB + +- job: + name: kolla-build-rocky-10-podman + parent: kolla-base-podman + nodeset: kolla-rocky-10-8GB + +- job: + name: kolla-build-rocky-10-arm64 + parent: kolla-build-rocky-10 + nodeset: kolla-rocky-10-arm64-8GB + voting: false + +- job: + name: kolla-build-rocky-10-no-infra-wheels + parent: kolla-build-no-infra-wheels-base + nodeset: kolla-rocky-10-8GB + +- job: + name: kolla-publish-rocky-10-quay + parent: kolla-build-rocky-10 + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + - kolla_quay_io_api + +- project-template: + name: kolla-build-rocky + description: | + Runs Kolla Rocky Linux build jobs. + check: + jobs: + - kolla-build-rocky-10 + - kolla-build-rocky-10-podman + check-arm64: + jobs: + - kolla-build-rocky-10-arm64 + experimental: + jobs: + - kolla-build-rocky-10-no-infra-wheels + gate: + jobs: + - kolla-build-rocky-10 + - kolla-build-rocky-10-podman + periodic: + jobs: + - kolla-publish-rocky-10-quay diff --git a/zuul.d/ubuntu.yaml b/zuul.d/ubuntu.yaml index d10bfd8d05..258b98f6c7 100644 --- a/zuul.d/ubuntu.yaml +++ b/zuul.d/ubuntu.yaml @@ -3,24 +3,16 @@ name: kolla-build-ubuntu-noble parent: kolla-base nodeset: kolla-ubuntu-noble-8GB - vars: - base_distro: ubuntu - base_distro_version: noble - job: name: kolla-build-ubuntu-noble-podman parent: kolla-base-podman nodeset: kolla-ubuntu-noble-8GB - vars: - base_distro: ubuntu - base_distro_version: noble - job: - name: kolla-build-ubuntu-noble-aarch64 + name: kolla-build-ubuntu-noble-arm64 parent: kolla-build-ubuntu-noble - nodeset: kolla-ubuntu-noble-aarch64-8GB - vars: - base_arch: aarch64 + nodeset: kolla-ubuntu-noble-arm64-8GB voting: false - job: @@ -36,11 +28,9 @@ - kolla_quay_io_api - job: - name: kolla-build-no-infra-wheels-ubuntu-noble + name: kolla-build-ubuntu-noble-no-infra-wheels parent: kolla-build-no-infra-wheels-base nodeset: kolla-ubuntu-noble-8GB - vars: - base_distro: ubuntu - project-template: name: kolla-build-ubuntu @@ -52,14 +42,14 @@ - kolla-build-ubuntu-noble-podman check-arm64: jobs: - - kolla-build-ubuntu-noble-aarch64 + - kolla-build-ubuntu-noble-arm64 gate: jobs: - kolla-build-ubuntu-noble - kolla-build-ubuntu-noble-podman experimental: jobs: - - kolla-build-no-infra-wheels-ubuntu-noble + - kolla-build-ubuntu-noble-no-infra-wheels periodic: jobs: - kolla-publish-ubuntu-noble-quay