Bug 1710895
| Summary: | openstack overcloud image build config-file RHEL8 bits are not available for building whole disk image | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | mlammon |
| Component: | openstack-tripleo-common | Assignee: | Bob Fournier <bfournie> |
| Status: | CLOSED ERRATA | QA Contact: | mlammon |
| Severity: | medium | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 15.0 (Stein) | CC: | aschultz, bfournie, derekh, mburns, racedoro, slinaber, yroblamo |
| Target Milestone: | rc | Keywords: | AutomationBlocker, Regression, Triaged |
| Target Release: | 15.0 (Stein) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openstack-tripleo-common-10.8.1-0.20190821190506.42d9fdb.el8ost openstack-tripleo-puppet-elements-10.3.2-0.20190820220452.5453b89.el8ost | Doc Type: | No Doc Update |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-09-21 11:22:06 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1711083 | ||
| Bug Blocks: | |||
|
Description
mlammon
2019-05-16 14:10:55 UTC
The file for the hardened image appears to be provided by "openstack-tripleo-common-", do you have this package installed? [root@f28f86c7a272 /]# rpm -qf /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images.yaml openstack-tripleo-common-10.7.1-0.20190510090422.a9e05d4.el8ost.noarch I should been more specific
Env:
openstack-tripleo-common-10.7.1-0.20190509140420.e46da94.el8ost.noarch
cat /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-rhel7.yaml
disk_images:
-
imagename: overcloud-hardened-full
type: qcow2
distro: rhel7
cat /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-uefi-rhel7.yaml
disk_images:
-
imagename: overcloud-hardened-uefi-full
type: qcow2
distro: rhel7
I guess we could try and add files with distro: rhel8 and test? I think this is the specifics.
As for the "/usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images.yaml", I assume
this one *should* work. WDYT?
https://review.opendev.org/#/c/659136/ is that what you're looking for? Hi Alex, Thanks for checking. These are for the secure hardened images (whole disk) but I think its also going to involve many updates to the diskimage-builder as it looks like it only supports rhel7 We probably should raise a bug on this as well and make it a dependency I see rhel7 support but no rhel8 https://github.com/openstack/diskimage-builder/tree/master/diskimage_builder/elements Then openstack needs additional configuration files to support RHEL8 /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-rhel7.yaml /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-uefi-rhel7.yaml and if any changes are needed to support RHEL8 /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images.yaml (In reply to mlammon from comment #3) ... > I guess we could try and add files with distro: rhel8 and test? I think > this is the specifics. Ahh Sorry, I see what you were talking about now (In reply to mlammon from comment #5) > I see rhel7 support but no rhel8 > https://github.com/openstack/diskimage-builder/tree/master/diskimage_builder/ > elements Same here, but this confuses me, without it I'm wondering how we are currently building the overcloud-full image... Removing patches from this BZ as there is a separate BZ for diskimage-builder with these patches - https://bugzilla.redhat.com/show_bug.cgi?id=1711083. Fixes for diskimage-builder for rhel-8 have merged for https://bugzilla.redhat.com/show_bug.cgi?id=1711083. Yolanda - do you know what changes now are needed to tripleo-image-elements? Yolanda - I added your patch https://review.opendev.org/#/c/662693. Thanks. There are three upstream patches listed above that need to merge, they are currently blocked from merging by an unrelated tripleo-ci fix - https://review.opendev.org/#/c/677063. We've verified that we were able to build a hardened whole disk image with these patches using the command: $ openstack overcloud image build --image-name overcloud-hardened-full --config-file /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-python3.yaml --config-file /usr/share/openstack-tripleo-common/image-yaml/overcloud-hardened-images-rhel8.yaml --verbose We verified that the resulting overcloud-hardened-full.qcow2 image got deployed on titan58 (deployment on sealusa6 is still pending). I'd recommend removing the blocker flag and picking up these patches in the first osp-15 async release. If we keep as blocker the ETA is 2 days (8/21) to merge patches, generate compose, and retest. Env: openstack-tripleo-common-10.8.1-0.20190821190506.42d9fdb.el8ost.noarch openstack-tripleo-common-containers-10.8.1-0.20190821190506.42d9fdb.el8ost.noarch openstack-tripleo-puppet-elements-10.3.2-0.20190820220452.5453b89.el8ost.noarch Our whole disk regression job passed now for building whole disk RHEL8 image. We can mark it verified. All the whole disk files are complete with exception of overcloud-hardened-images-uefi-python3.yaml being addressed now by https://bugzilla.redhat.com/show_bug.cgi?id=1745189 is_whole_disk_image is true on all nodes deployed (undercloud) [stack@undercloud-0 ~]$ openstack baremetal node show -f json -c driver_internal_info controller-0 | jq '.driver_internal_info.is_whole_disk_image' true (undercloud) [stack@undercloud-0 ~]$ openstack baremetal node show -f json -c driver_internal_info controller-1 | jq '.driver_internal_info.is_whole_disk_image' true (undercloud) [stack@undercloud-0 ~]$ openstack baremetal node show -f json -c driver_internal_info controller-2 | jq '.driver_internal_info.is_whole_disk_image' true (undercloud) [stack@undercloud-0 ~]$ openstack baremetal node show -f json -c driver_internal_info compute-0 | jq '.driver_internal_info.is_whole_disk_image' true (undercloud) [stack@undercloud-0 ~]$ openstack baremetal node show -f json -c driver_internal_info compute-1 | jq '.driver_internal_info.is_whole_disk_image' true [root@controller-0 ~]# parted -l Model: Virtio Block Device (virtblk) Disk /dev/vda: 42.9GB Sector size (logical/physical): 512B/512B Partition Table: msdos Disk Flags: Number Start End Size Type File system Flags 1 1049kB 40.0GB 40.0GB primary boot 2 42.9GB 42.9GB 67.1MB primary lba [root@controller-0 ~]# df Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 16367104 0 16367104 0% /dev tmpfs 16385892 54624 16331268 1% /dev/shm tmpfs 16385892 8124 16377768 1% /run tmpfs 16385892 0 16385892 0% /sys/fs/cgroup /dev/mapper/vg-lv_root 8972288 2296768 6675520 26% / /dev/mapper/vg-lv_home 383648 22560 361088 6% /home /dev/mapper/vg-lv_tmp 1550336 44020 1506316 3% /tmp /dev/mapper/vg-lv_var 17565696 8815996 8749700 51% /var /dev/mapper/vg-lv_log 8972288 1308516 7663772 15% /var/log tmpfs 3277176 0 3277176 0% /run/user/1000 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:2811 |