From 4052694f09a21e8a9e78b5922c4ca98645f879c3 Mon Sep 17 00:00:00 2001 From: Micah Abbott Date: Tue, 7 Jun 2022 09:09:46 -0400 Subject: [PATCH 1/6] Revert "manifest: Properly write os-release related content in /usr" This reverts commit d4ce1ac10bc0ad399026c58614462afeb0648f09. --- manifest.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/manifest.yaml b/manifest.yaml index f84ae9869..e7583c6b9 100644 --- a/manifest.yaml +++ b/manifest.yaml @@ -155,20 +155,17 @@ postprocess: OSTREE_VERSION="${OSTREE_VERSION}" EOF ) - rm -f /etc/os-release - ln -s ../usr/lib/os-release /etc/os-release # Tweak /etc/system-release, /etc/system-release-cpe & /etc/redhat-release ( . /etc/os-release - cat > /usr/lib/system-release-cpe < /etc/system-release-cpe < /usr/lib/system-release < /usr/lib/redhat-release < Date: Tue, 7 Jun 2022 09:09:54 -0400 Subject: [PATCH 2/6] Revert "manifest: pull container-tools content from RHAOS repo" This reverts commit 9223b3b5d2399da3c875287c4604ee9124f21868. --- manifest.yaml | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/manifest.yaml b/manifest.yaml index e7583c6b9..78dfaa927 100644 --- a/manifest.yaml +++ b/manifest.yaml @@ -352,24 +352,32 @@ repo-packages: - nss-altfiles - repo: rhel-8-server-ose packages: - # Starting with 4.11, we are working with the Containers team to build - # certain container-tools RPMs in the RHAOS branches for RHCOS + RHEL - # worker nodes. - - conmon + # eventually, we want the one from the container-tools module, but we're + # not there yet + - toolbox + # These are the only container stack packages we don't get from modularity + # nor from base RHEL for various reasons. See: + # https://github.com/openshift/os/pull/681#issuecomment-1022443830 + # + # newer than what is included in RHEL 8.4.Z EUS, but addresses some BZs + # that customers were encountering - container-selinux - - containernetworking-plugins - - containers-common - - criu + # newer than what is included in RHEL 8.4.Z EUS, because the k8s folks + # wanted to start testing with 1.x versions of crun - crun - - fuse-overlayfs - - podman + # slightly newer than what is included in RHEL 8.4.Z EUS, because we had + # previously shipped a newer version in OCP/RHCOS 4.9 and had to preserve + # the upgrade path - runc + # Need an updated skopeo for https://github.com/containers/skopeo/pull/1476 + # for coreos layering work + - containers-common - skopeo - - slirp4netns - - toolbox modules: enable: + # podman stack; see https://github.com/openshift/os/pull/681#issuecomment-1022443830 + - container-tools:rhel8 # qemu-guest-agent - virt:rhel From 59b983a6e5b0b5e36d646339017d33ac6a947925 Mon Sep 17 00:00:00 2001 From: Micah Abbott Date: Tue, 7 Jun 2022 09:10:02 -0400 Subject: [PATCH 3/6] Revert "add +25rhcos-azure-udev overlay" This reverts commit a89447888da885fda0ed0812cac93f2fcae0d081. --- manifest.yaml | 2 +- .../25rhcos-azure-udev/module-setup.sh | 18 ------------------ overlay.d/README.md | 8 -------- 3 files changed, 1 insertion(+), 27 deletions(-) delete mode 100644 overlay.d/25rhcos-azure-udev/usr/lib/dracut/modules.d/25rhcos-azure-udev/module-setup.sh diff --git a/manifest.yaml b/manifest.yaml index 78dfaa927..3fd09bf66 100644 --- a/manifest.yaml +++ b/manifest.yaml @@ -23,7 +23,7 @@ ostree-layers: - overlay/15rhcos-tuned-bits - overlay/20platform-chrony - overlay/21dhcp-chrony - - overlay/25rhcos-azure-udev + - overlay/25rhcos-azure-udev-rules arch-include: x86_64: diff --git a/overlay.d/25rhcos-azure-udev/usr/lib/dracut/modules.d/25rhcos-azure-udev/module-setup.sh b/overlay.d/25rhcos-azure-udev/usr/lib/dracut/modules.d/25rhcos-azure-udev/module-setup.sh deleted file mode 100644 index 277660a0a..000000000 --- a/overlay.d/25rhcos-azure-udev/usr/lib/dracut/modules.d/25rhcos-azure-udev/module-setup.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- -# ex: ts=8 sw=4 sts=4 et filetype=sh - -# We want to provide Azure udev rules as part of the initrd, so that Ignition -# is able to detect disks and act on them. -# -# The WALinuxAgent-udev has been changed to install udev rules into -# the initramfs [1], but that change isn't in el8 yet. This can be -# dropped when moving to el9. -# -# [1] https://src.fedoraproject.org/rpms/WALinuxAgent/c/521b67bc8575f53a30b4b2c4e63292e67483a4e1?branch=rawhide - -install() { - inst_multiple \ - /usr/lib/udev/rules.d/66-azure-storage.rules \ - /usr/lib/udev/rules.d/99-azure-product-uuid.rules -} diff --git a/overlay.d/README.md b/overlay.d/README.md index af1d85e1e..0484b287a 100644 --- a/overlay.d/README.md +++ b/overlay.d/README.md @@ -37,11 +37,3 @@ defaults (https://bugzilla.redhat.com/show_bug.cgi?id=1828434), and handling in 20-chrony and chrony-helper using the defaults lands in downstream packages. See upstream thread: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2020/05/msg00022.html - -25rhcos-azure-udev -------------- - -We want to provide Azure udev rules as part of the initrd, so that Ignition -is able to detect disks and act on them. The WALinuxAgent-udev has been -changed to install udev rules into the initramfs, but that change isn't -in el8 yet. This can be dropped when moving to el9. From 813791210432ef6476254e55471991b32e31a7af Mon Sep 17 00:00:00 2001 From: Micah Abbott Date: Tue, 7 Jun 2022 09:10:08 -0400 Subject: [PATCH 4/6] Revert "Remove statoverride file from 25rhcos-azure-udev-rules dir" This reverts commit 7334d1180e19889e721caf592ae34c91903def23. --- overlay.d/25rhcos-azure-udev-rules/statoverride | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 overlay.d/25rhcos-azure-udev-rules/statoverride diff --git a/overlay.d/25rhcos-azure-udev-rules/statoverride b/overlay.d/25rhcos-azure-udev-rules/statoverride new file mode 100644 index 000000000..27a95affe --- /dev/null +++ b/overlay.d/25rhcos-azure-udev-rules/statoverride @@ -0,0 +1,2 @@ +# Config file for overriding permission bits on overlay files/dirs +# Format: = From 46cf486df5587053b12280e472e8f7e212b00d67 Mon Sep 17 00:00:00 2001 From: Micah Abbott Date: Tue, 7 Jun 2022 09:10:17 -0400 Subject: [PATCH 5/6] Revert "Revert "overlay.d: add 25rhcos-azure-udev-rules"" This reverts commit b38e707044e45ec5adbdd04f030a8810e4df3871. --- .../lib/udev/rules.d/66-azure-storage.rules | 28 +++++++++++++++++++ .../udev/rules.d/99-azure-product-uuid.rules | 9 ++++++ overlay.d/README.md | 9 ++++++ 3 files changed, 46 insertions(+) create mode 100644 overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/66-azure-storage.rules create mode 100644 overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/99-azure-product-uuid.rules diff --git a/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/66-azure-storage.rules b/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/66-azure-storage.rules new file mode 100644 index 000000000..5fb369303 --- /dev/null +++ b/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/66-azure-storage.rules @@ -0,0 +1,28 @@ +ACTION=="add|change", SUBSYSTEM=="block", ENV{ID_VENDOR}=="Msft", ENV{ID_MODEL}=="Virtual_Disk", GOTO="azure_disk" +GOTO="azure_end" + +LABEL="azure_disk" +# Root has a GUID of 0000 as the second value +# The resource/resource has GUID of 0001 as the second value +ATTRS{device_id}=="?00000000-0000-*", ENV{fabric_name}="root", GOTO="azure_names" +ATTRS{device_id}=="?00000000-0001-*", ENV{fabric_name}="resource", GOTO="azure_names" +ATTRS{device_id}=="?00000001-0001-*", ENV{fabric_name}="BEK", GOTO="azure_names" +# Wellknown SCSI controllers +ATTRS{device_id}=="{f8b3781a-1e82-4818-a1c3-63d806ec15bb}", ENV{fabric_scsi_controller}="scsi0", GOTO="azure_datadisk" +ATTRS{device_id}=="{f8b3781b-1e82-4818-a1c3-63d806ec15bb}", ENV{fabric_scsi_controller}="scsi1", GOTO="azure_datadisk" +ATTRS{device_id}=="{f8b3781c-1e82-4818-a1c3-63d806ec15bb}", ENV{fabric_scsi_controller}="scsi2", GOTO="azure_datadisk" +ATTRS{device_id}=="{f8b3781d-1e82-4818-a1c3-63d806ec15bb}", ENV{fabric_scsi_controller}="scsi3", GOTO="azure_datadisk" +GOTO="azure_end" + +# Retrieve LUN number for datadisks +LABEL="azure_datadisk" +ENV{DEVTYPE}=="partition", PROGRAM="/bin/sh -c 'readlink /sys/class/block/%k/../device|cut -d: -f4'", ENV{fabric_name}="$env{fabric_scsi_controller}/lun$result", GOTO="azure_names" +PROGRAM="/bin/sh -c 'readlink /sys/class/block/%k/device|cut -d: -f4'", ENV{fabric_name}="$env{fabric_scsi_controller}/lun$result", GOTO="azure_names" +GOTO="azure_end" + +# Create the symlinks +LABEL="azure_names" +ENV{DEVTYPE}=="disk", SYMLINK+="disk/azure/$env{fabric_name}" +ENV{DEVTYPE}=="partition", SYMLINK+="disk/azure/$env{fabric_name}-part%n" + +LABEL="azure_end" diff --git a/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/99-azure-product-uuid.rules b/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/99-azure-product-uuid.rules new file mode 100644 index 000000000..a5af9b1f4 --- /dev/null +++ b/overlay.d/25rhcos-azure-udev-rules/usr/lib/udev/rules.d/99-azure-product-uuid.rules @@ -0,0 +1,9 @@ +SUBSYSTEM!="dmi", GOTO="product_uuid-exit" +ATTR{sys_vendor}!="Microsoft Corporation", GOTO="product_uuid-exit" +ATTR{product_name}!="Virtual Machine", GOTO="product_uuid-exit" +TEST!="/sys/devices/virtual/dmi/id/product_uuid", GOTO="product_uuid-exit" + +RUN+="/bin/chmod 0444 /sys/devices/virtual/dmi/id/product_uuid" + +LABEL="product_uuid-exit" + diff --git a/overlay.d/README.md b/overlay.d/README.md index 0484b287a..7589fca1d 100644 --- a/overlay.d/README.md +++ b/overlay.d/README.md @@ -37,3 +37,12 @@ defaults (https://bugzilla.redhat.com/show_bug.cgi?id=1828434), and handling in 20-chrony and chrony-helper using the defaults lands in downstream packages. See upstream thread: https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-dev/2020/05/msg00022.html + +25rhcos-azure-udev-rules +------------------------ + +Ships udev rules for Azure. This works in tandem with the +`25coreos-azure-udev` dracut module in 05core which ships +them in the initramfs. In the future, we should be able to +drop this overlay and instead ship `WALinuxAgent-udev` as we +do in FCOS (https://bugzilla.redhat.com/show_bug.cgi?id=1913074). From 029eaba185737242526c9ffcb86c5385f0897f20 Mon Sep 17 00:00:00 2001 From: Micah Abbott Date: Tue, 7 Jun 2022 09:10:24 -0400 Subject: [PATCH 6/6] Revert "Rebase to RHEL 8.6" This reverts commit d62e313e1bc8aa3a472bacef589ba6d4e191b763. --- ci/prow-build.sh | 10 ++++++---- extensions.yaml | 2 +- kola-denylist.yaml | 9 +++++++++ manifest.yaml | 5 +++-- networking-tools.yaml | 16 ++++++++++++++++ 5 files changed, 35 insertions(+), 7 deletions(-) create mode 100644 networking-tools.yaml diff --git a/ci/prow-build.sh b/ci/prow-build.sh index 99a0381b7..ee9a65caa 100755 --- a/ci/prow-build.sh +++ b/ci/prow-build.sh @@ -43,10 +43,12 @@ fi ocpver=$(rpm-ostree compose tree --print-only src/config/manifest.yaml | jq -r '.["mutate-os-release"]') ocpver_mut=$(rpm-ostree compose tree --print-only src/config/manifest.yaml | jq -r '.["mutate-os-release"]' | sed 's|\.|-|') prev_build_url=${REDIRECTOR_URL}/rhcos-${ocpver}/ - -# Fetch RHEL 8.6 repos -curl -L http://base-"${ocpver_mut}"-rhel86.ocp.svc.cluster.local > src/config/ocp.repo - +# we want to use RHEL 8.5 for testing until we can start using 8.6 +# see https://github.com/openshift/release/pull/26193 +curl -L http://base-"${ocpver_mut}"-rhel85.ocp.svc.cluster.local > src/config/ocp.repo +# fetch the 8.6 appstream repo to enable building of extensions +# see: https://github.com/openshift/os/issues/795 +curl -Ls http://base-"${ocpver_mut}"-rhel86.ocp.svc.cluster.local | grep -A 3 rhel-8-appstream | sed '1,3 s/rhel-8-appstream/rhel-86-appstream/g' >> src/config/ocp.repo cosa buildfetch --url=${prev_build_url} cosa fetch cosa build diff --git a/extensions.yaml b/extensions.yaml index d989e3b06..1f0d8b805 100644 --- a/extensions.yaml +++ b/extensions.yaml @@ -57,6 +57,6 @@ extensions: enable: - virt:rhel repos: - - rhel-8-appstream + - rhel-86-appstream packages: - kata-containers diff --git a/kola-denylist.yaml b/kola-denylist.yaml index 3d5e7adc2..fc25034b2 100644 --- a/kola-denylist.yaml +++ b/kola-denylist.yaml @@ -27,3 +27,12 @@ tracker: https://github.com/coreos/coreos-assembler/issues/2725 arches: - ppc64le +# Disable until we rebase back to RHEL 8.6 +- pattern: ext.config.shared.var-mount.scsi-id + tracker: https://github.com/openshift/os/issues/710 + arches: + - s390x +# Disable until we revert NM back to RHEL 8.6 +- pattern: ext.config.shared.networking.default-network-behavior-change + tracker: https://bugzilla.redhat.com/show_bug.cgi?id=2077605 + snooze: 2022-05-05 diff --git a/manifest.yaml b/manifest.yaml index 3fd09bf66..a15068457 100644 --- a/manifest.yaml +++ b/manifest.yaml @@ -7,12 +7,13 @@ rojig: include: - fedora-coreos-config/manifests/ignition-and-ostree.yaml - fedora-coreos-config/manifests/file-transfer.yaml - - fedora-coreos-config/manifests/networking-tools.yaml + # - fedora-coreos-config/manifests/networking-tools.yaml - fedora-coreos-config/manifests/system-configuration.yaml - fedora-coreos-config/manifests/user-experience.yaml - fedora-coreos-config/manifests/shared-workarounds.yaml # RHCOS owned packages - rhcos-packages.yaml + - networking-tools.yaml ostree-layers: - overlay/01fcos @@ -46,7 +47,7 @@ repos: rpmdb: bdb # We include hours/minutes to avoid version number reuse -automatic-version-prefix: "411.86." +automatic-version-prefix: "411.85." # This ensures we're semver-compatible which OpenShift wants automatic-version-suffix: "-" # Keep this is sync with the version in postprocess diff --git a/networking-tools.yaml b/networking-tools.yaml new file mode 100644 index 000000000..3f186fcee --- /dev/null +++ b/networking-tools.yaml @@ -0,0 +1,16 @@ +# This defines a set of tools that are useful for configuring, debugging, +# or manipulating the network of a system. It is desired to keep this list +# generic enough to be shared downstream with RHCOS. + +packages: + # Standard tools for configuring network/hostname + - hostname + # Teaming https://github.com/coreos/fedora-coreos-config/pull/289 + # and http://bugzilla.redhat.com/1758162 + - teamd + # Route manipulation and QoS + - iproute iproute-tc + # Firewall manipulation + - iptables nftables + # Interactive network tools for admins + - socat net-tools bind-utils