We can't leave /etc/machine-id blank; it breaks things, one of
which is the kernel install, which runs a postinstall script to update
/boot/loader/entries, which does nothing (silently) if there's
nothing in /etc/machine-id. Since it can come from the dbus id,
and does by default, and there's a command to generate the dbus
id, generate both, dbus first. This fixes the kernel postinstall.
I don't know if there should be any correlation between
machine-id and the subscription-manager/katello IDs.
Dan Mick [Fri, 2 Jun 2023 09:12:59 +0000 (02:12 -0700)]
testnode: Make sure PowerTools repo is enabled on CentOS
https://github.com/ceph/ceph-cm-ansible/pull/731 removed the
custom-made repo files that added mirrorlists; however, it also
removed the side-effect of enabling the Power Tools repo (which
is not enabled by default). This adds a call to dnf config-manager
to enable the repo, whatever its repo file name, on CentOS
testnodes.
Fixes: https://tracker.ceph.com/issues/59678 Signed-off-by: Dan Mick <dmick@redhat.com>
Dan Mick [Thu, 4 May 2023 07:58:02 +0000 (00:58 -0700)]
cephlab_ansible.sh: use scl rh-python38 on CentOS 7
cephlab_ansible.sh runs at the very end of the installation process
during a cobbler install for fog image capture, on first reboot of the
freshly-cobblered system.
Cobbler runs on a CentOS 7 installation today, but its python is too
old to support modern ansible. The SCL for python 3.8 is installed
on cobbler. Add code here to, if installed, enable the SCL (by setting
some paths in the trigger script that is executed on the cobbler server
after the installed host reboots; a curl fetch is placed at the end of
/etc/rc.local, and this script runs to finish up all the configuration
of the host for teuthology use.
Ken Dreyer [Fri, 21 Apr 2023 14:57:15 +0000 (10:57 -0400)]
public_facing: skip no-tabs linter rule on single task
Instead of skipping ansible-lint's no-tabs rule globally, apply it on
this single task that uses a tab (\t) character.
Longer-term, we could replace this tab with a space because /etc/hosts
can use either whitespace character. I'm taking a cautious approach
today for simplicity.
Dan Mick [Thu, 20 Apr 2023 20:50:12 +0000 (13:50 -0700)]
Remove mirrorlists for CentOS 8
They were failing similarly to EPEL mirrorlists (old broken mirror
machines, out-of-date lists), so let's try going back to out-of-the-box
repo configurations. Perhaps several years later they'll work better.
Dan Mick [Thu, 20 Apr 2023 20:26:12 +0000 (13:26 -0700)]
Remove "switch back from mirrorlist" code for CentOS
The plan is to use mirrorlist exclusively (as we've done for
EPEL) because the upstream infra is changing more rapidly than
our fixed list of mirrors, and hopefully it's more stable than
it was in the past when we were driven to this coping mechanism
of caching mirror lists.
Ken Dreyer [Mon, 17 Apr 2023 19:28:22 +0000 (15:28 -0400)]
common: use ansible_distribution_major_version in epel repos
RHEL systems use roles/common/tasks/rhel-entitlements.yml, and this sets
Yum's $releasever to a specific RHEL minor release (eg. 8.4 or 8.6). As
a result. Fedora's MirrorManager does not return any EPEL repositories
for these minor RHEL versions.
We set a static $releasever in rhel-entitlements.yml so that we pin to
old RHEL RPM content in our old RHEL nodes. We probably need to re-think
this strategy since our CentOS Stream nodes do not (cannot) do this, and
Red Hat does not really support pinning to old versions without an EUS
subscription.
Rather than untangling all that and removing our $releasever
manipulation altogether, this commit simply hard-codes
ansible_distribution_major_version ("8", "9", etc) into the EPEL .repo
files, ignoring $releasever for EPEL.
A longer-term fix would be to stop mangling $releasever on RHEL.
Ken Dreyer [Wed, 12 Apr 2023 18:55:02 +0000 (14:55 -0400)]
common: use EPEL metalink
Some mirrors are stale (https://pagure.io/fedora-infrastructure/issue/11233)
Use MirrorManager's metalink application so we always get up-to-date
mirrors.
MirrorManager will also return the list of mirror that carry each
architecture (x86_64, aarch64, etc) so we will not need to manage that
information ourselves here.
Dan Mick [Wed, 15 Feb 2023 04:24:04 +0000 (20:24 -0800)]
Add checkcerts, to use with cron to warn about expiring certs
This originally lived on gitbuilder-archive, and I've moved it,
revamped it, added some args, added some hosts, modified some emails,
ported to Py3, stopped using external programs. It's quick to run
in default mode where it just reports to the terminal; it'll also
be quiet and only send email about old certs.
The timezone processing is nonexistent on the reported expiry
date; Python timezone handling is a mess. That could be improved but
not without a deep dive.
Adam Kraitman [Sun, 15 Jan 2023 15:03:23 +0000 (17:03 +0200)]
Regenerate random machine UUID before the subscription to satellite
Fixes: The DMI UUID of this host (XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX) matches other registered hosts Signed-off-by: Adam Kraitman <akraitma@redhat.com>
David Galloway [Thu, 25 Aug 2022 20:43:34 +0000 (16:43 -0400)]
tools: Add jenkins-builder-disk
Used to wipe the larger/faster non-root drive on Jenkins builders and mount the disk at /home/jenkins-build or /var/lib/libvirt/images (whichever is appropriate).
Signed-off-by: David Galloway <dgallowa@redhat.com>
David Galloway [Thu, 25 Aug 2022 18:52:12 +0000 (14:52 -0400)]
cobbler: Update packages for CentOS 9
Do not install subscription-manager because it's not RHEL...
Do install python3-pip so the container-host role can run during the post install trigger.
Signed-off-by: David Galloway <dgallowa@redhat.com>
projects / ceph-cm-ansible.git / log