Bug 2003879
Summary: | fence-agents packages are uninstalled when building a hardened image | |||
---|---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Takashi Kajinami <tkajinam> | |
Component: | openstack-tripleo-puppet-elements | Assignee: | Steve Baker <sbaker> | |
Status: | CLOSED ERRATA | QA Contact: | nlevinki <nlevinki> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | 16.1 (Train) | CC: | dpeacock, hbrock, jslagle, knoha, lmiccini, mburns, michele, sbaker | |
Target Milestone: | z9 | Keywords: | Triaged | |
Target Release: | 16.1 (Train on RHEL 8.2) | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | openstack-tripleo-puppet-elements-11.2.2-1.20220421023422.f061f90.el8ost | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 2061199 (view as bug list) | Environment: | ||
Last Closed: | 2022-12-07 20:25:25 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: |
Description
Takashi Kajinami
2021-09-14 04:24:31 UTC
I think we have three options here. 1) Explicitly list name of fence agents packages in tripleo-puppet-elements. Then these packages are marked as ones installed by the user and would not be uninstalled as unused dependencies. (This is the reason why I created this bug for tripleo-puppet-elements initially) 2) Fix disk-image-builder to add --noautoremove option by default 3) Set the DIB_DEBOOTSTRAP_EXTRA_ARGS='--noautoremove' environment variable Let me know if I sent this to the wrong place HardProv friends. :-) > 3)
> Set the DIB_DEBOOTSTRAP_EXTRA_ARGS='--noautoremove' environment variable
This can be done by adding the following description in the yaml file passed to image build command
~~~
disk_images:
-
...
environments:
...
DIB_DEBOOTSTRAP_EXTRA_ARGS: '--noautoremove'
~~~
One workaround verified so far is adding fence-agents-all to the package directive of the input yaml file like:
~~~
disk_images:
-
...
packages:
- python3-psutil
...
- jq
- fence-agents-all <====(*)
options:
...
~~~
It seems installation of these packages are executed after the telnet package(and fence-agent packages) are uninstalled.
(In reply to Takashi Kajinami from comment #3) > I think we have three options here. > > 1) > Explicitly list name of fence agents packages in tripleo-puppet-elements. > Then these packages are marked as ones installed by the user > and would not be uninstalled as unused dependencies. > (This is the reason why I created this bug for tripleo-puppet-elements > initially) I'd like to look into this option, as well as possibly fixing fence-agents packaging to push the telnet dependency to only the agents which require it. stable/train fix has just landed, this now needs to be proposed to 16.1 and 16.2 Hi Steve, Do we have any progress about backporting the fix into OSP16.1 and OSP16.2? Kind Regards, Keigo Noha I've cloned this bug for 16.2, targeted for 16.2.3. This bug will track for 16.1.9 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat OpenStack Platform 16.1.9 bug fix and enhancement advisory), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:8795 |