From: David Galloway Date: Fri, 14 May 2021 19:19:15 +0000 (-0400) Subject: Add CentOS 9 Stream X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F622%2Fhead;p=ceph-cm-ansible.git Add CentOS 9 Stream Signed-off-by: David Galloway --- diff --git a/cobbler.yml b/cobbler.yml index 834ee4f7..45ea16d9 100644 --- a/cobbler.yml +++ b/cobbler.yml @@ -41,6 +41,7 @@ - { role: cobbler_profile, distro_name: CentOS-8.2-x86_64, tags: ['centos8.2'] } - { role: cobbler_profile, distro_name: CentOS-8.3-x86_64, tags: ['centos8.3'] } - { role: cobbler_profile, distro_name: CentOS-8.stream-x86_64, tags: ['centos8.stream'] } + - { role: cobbler_profile, distro_name: CentOS-9.stream-x86_64, tags: ['centos9.stream'] } - { role: cobbler_profile, distro_name: Ubuntu-12.04-server-x86_64, tags: ['ubuntu-precise'] } - { role: cobbler_profile, distro_name: Ubuntu-14.04-server-x86_64, tags: ['ubuntu-trusty'] } - { role: cobbler_profile, distro_name: Ubuntu-15.04-server-x86_64, tags: ['ubuntu-vivid'] } diff --git a/roles/cobbler/templates/kickstarts/cephlab_rhel.ks b/roles/cobbler/templates/kickstarts/cephlab_rhel.ks index 2c6ff565..f59763f1 100644 --- a/roles/cobbler/templates/kickstarts/cephlab_rhel.ks +++ b/roles/cobbler/templates/kickstarts/cephlab_rhel.ks @@ -2,10 +2,20 @@ # kickstart template for Fedora 8 and later. # (includes %end blocks) # do not use with earlier distros +#set distro = $getVar('distro','').split("-")[0] +#set distro_ver = $getVar('distro','').split("-")[1] +#if $distro == 'RHEL' or $distro == 'CentOS' +#set distro_ver_major = $distro_ver.split(".")[0] +#set distro_ver_minor = $distro_ver.split(".")[1] +#end if #platform=x86, AMD64, or Intel EM64T # System authorization information +#if int($distro_ver_major) < 9 auth --useshadow --enablemd5 +#else +authselect select minimal +#end if $SNIPPET('cephlab_rhel_disks') # Use text mode install text @@ -34,8 +44,10 @@ selinux --enforcing skipx # System timezone timezone Etc/UTC --utc +#if int($distro_ver_major) < 9 # Install OS instead of upgrade install +#end if %pre $SNIPPET('log_ks_pre') diff --git a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdi.ks b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdi.ks index 21f6fe62..f2ee0c66 100644 --- a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdi.ks +++ b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdi.ks @@ -3,10 +3,20 @@ # kickstart template for Fedora 8 and later. # (includes %end blocks) # do not use with earlier distros +#set distro = $getVar('distro','').split("-")[0] +#set distro_ver = $getVar('distro','').split("-")[1] +#if $distro == 'RHEL' or $distro == 'CentOS' +#set distro_ver_major = $distro_ver.split(".")[0] +#set distro_ver_minor = $distro_ver.split(".")[1] +#end if #platform=x86, AMD64, or Intel EM64T # System authorization information +#if int($distro_ver_major) < 9 auth --useshadow --enablemd5 +#else +authselect select minimal +#end if #set os_version = $getVar('os_version','') # Partition clearing information clearpart --all --initlabel @@ -48,8 +58,10 @@ selinux --enforcing skipx # System timezone timezone Etc/UTC --utc +#if int($distro_ver_major) < 9 # Install OS instead of upgrade install +#end if %pre $SNIPPET('log_ks_pre') diff --git a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks index 8a7de9a8..a47bef44 100644 --- a/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks +++ b/roles/cobbler/templates/kickstarts/cephlab_rhel_sdm.ks @@ -3,10 +3,20 @@ # kickstart template for Fedora 8 and later. # (includes %end blocks) # do not use with earlier distros +#set distro = $getVar('distro','').split("-")[0] +#set distro_ver = $getVar('distro','').split("-")[1] +#if $distro == 'RHEL' or $distro == 'CentOS' +#set distro_ver_major = $distro_ver.split(".")[0] +#set distro_ver_minor = $distro_ver.split(".")[1] +#end if #platform=x86, AMD64, or Intel EM64T # System authorization information +#if int($distro_ver_major) < 9 auth --useshadow --enablemd5 +#else +authselect select minimal +#end if #set os_version = $getVar('os_version','') # Partition clearing information clearpart --all --initlabel @@ -48,8 +58,10 @@ selinux --enforcing skipx # System timezone timezone Etc/UTC --utc +#if int($distro_ver_major) < 9 # Install OS instead of upgrade install +#end if %pre $SNIPPET('log_ks_pre') diff --git a/roles/cobbler/templates/snippets/cephlab_packages_rhel b/roles/cobbler/templates/snippets/cephlab_packages_rhel index 5db78d3a..392ffa39 100644 --- a/roles/cobbler/templates/snippets/cephlab_packages_rhel +++ b/roles/cobbler/templates/snippets/cephlab_packages_rhel @@ -15,8 +15,11 @@ python3 #set distro_ver_minor = $distro_ver.split(".")[1] ## These packages are available in all RHEL/CentOS versions but not Fedora perl +## These packages are not available in CentOS 9 Stream +#if int($distro_ver_major) < 9 redhat-lsb-core -#if not int($distro_ver_major) == 8 +#end if +#if int($distro_ver_major) < 8 ## These packages should be installed on RHEL/CentOS 7 libselinux-python libsemanage-python diff --git a/roles/cobbler/templates/snippets/cephlab_rc_local b/roles/cobbler/templates/snippets/cephlab_rc_local index 425e326e..6705c5cb 100644 --- a/roles/cobbler/templates/snippets/cephlab_rc_local +++ b/roles/cobbler/templates/snippets/cephlab_rc_local @@ -3,11 +3,14 @@ # Set proper location for firstboot ansible post-install trigger #set distro = $getVar('distro','').split("-")[0] #set distro_ver = $getVar('distro','').split("-")[1] -#if $distro == 'RHEL' +#if ($distro == 'RHEL') or ($distro == 'CentOS') #set distro_ver = $distro_ver.split(".")[0] #end if #if ($distro == 'Fedora' and int($distro_ver) >= 22) or ($distro == 'RHEL' and int($distro_ver) >= 8) #set script = '/etc/rc.d/rc.local' +#else if $distro == 'CentOS' and int($distro_ver) >= 9 +#set script = '/etc/rc.d/rc.local' +systemctl enable rc-local.service #else if $distro == 'openSUSE' #set script = '/etc/init.d/boot.local' #else diff --git a/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh b/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh index 1baf9ffe..2c496af6 100644 --- a/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh +++ b/roles/cobbler/templates/triggers/install/post/cephlab_ansible.sh @@ -40,6 +40,10 @@ then elif [[ $profile == *"8.stream"* ]] then ansible-playbook tools/convert-to-centos-stream.yml -v --limit $name* 2>&1 >> /var/log/ansible/$name.log +elif [[ $profile == *"9.stream"* ]] +then + # For some reason, we end up with no repos on the first boot without doing this. + ansible-playbook testnodes.yml --tags repos -v --limit $name* 2>&1 >> /var/log/ansible/$name.log fi ansible-playbook testnodes.yml -v --limit $name* --skip-tags user,pubkeys,zap 2>&1 >> /var/log/ansible/$name.log & popd diff --git a/roles/cobbler_profile/defaults/main.yml b/roles/cobbler_profile/defaults/main.yml index 3f353084..81801007 100644 --- a/roles/cobbler_profile/defaults/main.yml +++ b/roles/cobbler_profile/defaults/main.yml @@ -44,6 +44,10 @@ distros: iso: "" "CentOS-8.stream-x86_64": iso: "" + "CentOS-9.stream-x86_64": + iso: https://composes.stream.centos.org/test/latest-CentOS-Stream/compose/BaseOS/x86_64/iso/CentOS-Stream-9-20210512.t.3-x86_64-dvd1.iso + sha256: 9b05f2ec63c8c24050b23ed2db19ea9bdfe567f50d3c10423824be91f40fbd85 + kickstart: cephlab_rhel.ks "Fedora-22-Server-x86_64": iso: http://ftp.linux.ncsu.edu/mirror/ftp.redhat.com/pub/fedora/linux/releases/22/Server/x86_64/iso/Fedora-Server-DVD-x86_64-22.iso sha256: b2acfa7c7c6b5d2f51d3337600c2e52eeaa1a1084991181c28ca30343e52e0df diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index 3b620982..c03c3c60 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -41,9 +41,11 @@ - monitoring-scripts - nagios -# configure nagios (Except OpenSUSE and RHEL8) +# configure nagios (Except OpenSUSE and CentOS 9 Stream) - import_tasks: nagios.yml - when: ansible_pkg_mgr != "zypper" + when: + - ansible_pkg_mgr != "zypper" + - not (ansible_distribution == "CentOS" and ansible_distribution_major_version == "9") tags: - nagios diff --git a/roles/common/tasks/yum_systems.yml b/roles/common/tasks/yum_systems.yml index 9318053d..49497883 100644 --- a/roles/common/tasks/yum_systems.yml +++ b/roles/common/tasks/yum_systems.yml @@ -72,7 +72,9 @@ # create and manage epel.repo - import_tasks: epel.yml - when: (ansible_distribution == "CentOS" or ansible_distribution == 'RedHat') + when: + - (ansible_distribution == "CentOS" or ansible_distribution == 'RedHat') + - ansible_distribution_major_version|int < 9 tags: - epel - repos diff --git a/roles/common/vars/centos_9.yml b/roles/common/vars/centos_9.yml new file mode 100644 index 00000000..9af7db38 --- /dev/null +++ b/roles/common/vars/centos_9.yml @@ -0,0 +1,4 @@ +--- +nrpe_selinux_packages: + - python3-libsemanage + - python3-policycoreutils diff --git a/roles/container-host/vars/centos_9.yml b/roles/container-host/vars/centos_9.yml new file mode 100644 index 00000000..9ca52e4a --- /dev/null +++ b/roles/container-host/vars/centos_9.yml @@ -0,0 +1,5 @@ +--- +container_packages: + - podman +# Doesn't exist yet +# - podman-docker diff --git a/roles/testnode/templates/ssh/sshd_config_centos_9 b/roles/testnode/templates/ssh/sshd_config_centos_9 new file mode 100644 index 00000000..087d4c75 --- /dev/null +++ b/roles/testnode/templates/ssh/sshd_config_centos_9 @@ -0,0 +1,38 @@ +# {{ ansible_managed }} +# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/bin:/usr/bin + +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_ecdsa_key + +SyslogFacility AUTHPRIV + +AuthorizedKeysFile .ssh/authorized_keys + +PasswordAuthentication yes + +ChallengeResponseAuthentication no + +# GSSAPI options +GSSAPIAuthentication yes +GSSAPICleanupCredentials yes + +UsePAM yes + +X11Forwarding yes +UsePrivilegeSeparation sandbox # Default for new installations. + +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE +AcceptEnv XMODIFIERS + +# override default of no subsystems +Subsystem sftp /usr/libexec/openssh/sftp-server + +MaxSessions 1000 diff --git a/roles/testnode/vars/centos_9.yml b/roles/testnode/vars/centos_9.yml new file mode 100644 index 00000000..2da8b378 --- /dev/null +++ b/roles/testnode/vars/centos_9.yml @@ -0,0 +1,82 @@ +--- +# vars specific to any centos 9.x version + +common_yum_repos: {} + +yum_repos: + CentOS-AppStream: + name: "CentOS-$releasever - AppStream" + baseurl: https://composes.stream.centos.org/test/latest-CentOS-Stream/compose/AppStream/x86_64/os/ + gpgcheck: 0 + enabled: 1 + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial + CentOS-Base: + name: "CentOS-$releasever - Base" + baseurl: https://composes.stream.centos.org/test/latest-CentOS-Stream/compose/BaseOS/x86_64/os/ + gpgcheck: 0 + enabled: 1 + gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial + +# When mirrors become available, these will be filenames in roles/testnodes/templates/mirrorlists/9/ +yum_mirrorlists: [] + +packages_to_upgrade: + - libgcrypt # explicitly tied to qemu build + +packages: + # for package-cleanup + - dnf-utils + - sysstat + - libedit + - boost-thread + - xfsprogs + - gdisk + - parted + - libgcrypt + - fuse-libs + - openssl + - libuuid + - podman + # for cephadmunit.py to uniformly run 'docker kill -p ...' +# Doesn't exist yet +# - podman-docker + - attr +# - ant + - lsof + - gettext + - bc + - xfsdump + - blktrace + - usbredir +# - libev-devel + - valgrind + - nfs-utils + # for xfstests + - ncurses-devel + # for s3 tests + # for workunits, + - gcc + - git + # qa/workunits/rados/test_python.sh +# - python3-nose + # for cram tests +# - python3-virtualenv + # for rbd qemu tests + - genisoimage + - qemu-img + - qemu-kvm-core + - qemu-kvm-block-rbd + # for pjd tests + - libacl-devel + # for fs tests, +# - dbench + - autoconf + # for test-crash.sh + - gdb +# - iozone + +epel_packages: [] + +nfs_service: nfs-server + +ntp_service_name: chronyd