Merge "Unify debian and ubuntu cache prep scripts"

templates/prep-scripts/_container_sys_setup.sh.j2

@@ -11,17 +11,23 @@ mkdir -p /root/.gnupg
 # In order for the package manager to function /dev/null, /dev/random and
 # /dev/urandom must exist. This is is being run here because some images do not
 # create /dev/null by default.
-[ ! -e /dev/null ] && mknod -m 0666 /dev/null c 1 3
-[ ! -e /dev/random ] && mknod -m 0666 /dev/random c 1 8
-[ ! -e /dev/urandom ] && mknod -m 0666 /dev/urandom c 1 9
+[ ! -e /dev/null ] && mknod /dev/null c 1 3
+chown 0666 /dev/null
+[ ! -e /dev/random ] && mknod /dev/random c 1 8
+chown 0666 /dev/random
+[ ! -e /dev/urandom ] && mknod /dev/urandom c 1 9
+chown 0666 /dev/urandom
 ln -sf /proc/self/fd /dev/fd
 
 for i in {0..5}; do
-  [ ! -e "/dev/pts/$i" ] && mknod -m 0666 "/dev/pts/$i" c 136 $i
+  [ ! -e "/dev/pts/$i" ] && mknod "/dev/pts/$i" c 136 $i
+  chown 0666 "/dev/pts/$i"
 done
 # file check does not seem to work at all times
-[ ! -e /dev/ptmx ] && mknod -m 0666 /dev/ptmx c 5 2 || true
-[ ! -e /dev/pts/ptmx ] && mknod -m 0000 /dev/pts/ptmx c 5 2
+[ ! -e /dev/ptmx ] && mknod /dev/ptmx c 5 2 || true
+chown 0666 /dev/ptmx
+[ ! -e /dev/pts/ptmx ] && mknod /dev/pts/ptmx c 5 2
+chown 0000 /dev/pts/ptmx
 
 # Create the directory where local facts will be stored
 mkdir -p /etc/ansible/facts.d

templates/prep-scripts/debian_prep.sh.j2

@@ -1,5 +1,4 @@
 #!/usr/bin/env bash
-
 set -e -x
 
 {{ lxc_cache_prep_pre_commands }}
@@ -13,7 +12,7 @@ export DEBIAN_FRONTEND=noninteractive
 apt-get remove -y --purge snap* lxc* lxd* resolvconf* || true
 
 # Update base distribution
-apt-get update --allow-releaseinfo-change
+apt-get update
 
 apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes eatmydata
 export LD_PRELOAD=/usr/lib/{{ ansible_facts['architecture'] }}-linux-gnu/libeatmydata.so
@@ -22,8 +21,6 @@ apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--fo
 apt-get upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
 apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ lxc_cache_distro_packages | join(' ') }}
 apt-get upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
-apt-get remove -y --purge mariadb* || true
-
 rm /etc/machine-id || true
 rm /var/lib/dbus/machine-id || true
 touch /etc/machine-id

templates/prep-scripts/ubuntu_20_prep.sh.j2

@@ -1,51 +0,0 @@
-#!/usr/bin/env bash
-# TODO(evrardjp): Make this script ubuntu version agnostic or
-# remove it if no change happens in bionic vs xenial
-set -e -x
-
-{{ lxc_cache_prep_pre_commands }}
-
-{% include 'templates/prep-scripts/_container_sys_setup.sh.j2' %}
-
-export DEBIAN_FRONTEND=noninteractive
-apt-get remove -y --purge snap* lxc* lxd* resolvconf* || true
-
-# Update base distribution
-apt-get update
-
-apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes eatmydata
-export LD_PRELOAD=/usr/lib/{{ ansible_facts['architecture'] }}-linux-gnu/libeatmydata.so
-
-apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes gnupg
-apt-get upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
-apt-get install -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes {{ lxc_cache_distro_packages | join(' ') }}
-apt-get upgrade -y -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" --force-yes
-rm /etc/machine-id || true
-rm /var/lib/dbus/machine-id || true
-touch /etc/machine-id
-rm /etc/sysctl.d/* || true
-echo '' > /etc/sysctl.conf
-mkdir -p /root/.ssh
-chmod 700 /root/.ssh
-userdel --force --remove ubuntu || true
-apt-get clean
-mkdir -p /var/backup
-mkdir -p /etc/network/interfaces.d
-chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
-for action in disable mask; do
-  systemctl ${action} resolvconf.service || true
-  systemctl ${action} systemd-networkd-resolvconf-update.path || true
-  systemctl ${action} systemd-networkd-resolvconf-update.service || true
-done
-
-{% for locale in lxc_cache_locales %}
-locale-gen {{ locale }}
-{% if loop.first | bool %}
-update-locale LANG={{ locale }}
-{% endif %}
-{% endfor %}
-
-# Set the IP of the lxcbr0 interface as the DNS server
-echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
-systemctl enable systemd-networkd
-{{ lxc_cache_prep_post_commands }}

vars/debian-host.yml

@@ -28,6 +28,7 @@ _lxc_hosts_distro_packages:
   - debootstrap
   - dnsmasq-base
   - git
+  - gzip
   - ifupdown
   - iptables
   - irqbalance
@@ -36,8 +37,8 @@ _lxc_hosts_distro_packages:
   - lxc-dev
   - lxc-templates
   - procps
-  - python3-dev
   - python3-lxc
+  - python3-dev
   - systemd-container
   - xz-utils
 

vars/debian.yml

@@ -16,13 +16,13 @@
 _lxc_hosts_container_build_command: "debootstrap --variant minbase {{ ansible_facts['distribution_release'] }} /var/lib/machines/{{ lxc_container_base_name }} "
 
 _lxc_cache_map:
-  distro: debian
+  distro: "{{ ansible_facts['distribution'] | lower }}"
   arch: "{{ lxc_architecture_mapping.get( ansible_facts['architecture'] ) }}"
   release: "{{ ansible_facts['distribution_major_version'] }}"
   copy_from_host:
     - /etc/apt/sources.list
     - /etc/apt/apt.conf.d/
-    - /etc/apt/trusted.gpg.d
+    - /etc/apt/trusted.gpg.d/
     - /etc/apt/trusted.gpg
     - /etc/apt/preferences.d/
     - /etc/environment
@@ -31,18 +31,23 @@ _lxc_cache_map:
 
 _lxc_cache_prep_template: "prep-scripts/debian_prep.sh.j2"
 
+_lxc_cache_distro_libpython:
+  buster: libpython3.7
+  bullseye: libpython3.9
+  focal: libpython3.8
+  jammy: libpython3.10
+
 # This list should contain a minimum set of packages. Add extra packages via roles that require them.
 _lxc_cache_distro_packages:
   - ca-certificates
   - dbus
-  - iproute2
   - iputils-ping
+  - iproute2
   - locales
   - netbase
   - openssh-server
-  - procps             # provides sysctl which is a requirement
   - python3
-  - libpython3.9
+  -  "{{ _lxc_cache_distro_libpython[ansible_facts['distribution_release'] | lower] }}"
   - rsync              # os_keystone runs serial=1 and uses rsync before the distro packages have been installed on all keystone targets
   - sudo
   - systemd

vars/ubuntu-20.04-host.yml

@@ -1,58 +0,0 @@
----
-# Copyright 2016, Rackspace US, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-## APT Cache Options
-cache_timeout: 600
-
-# Required apt packages.
-_lxc_hosts_distro_packages:
-  - apparmor
-  - apparmor-profiles
-  - apparmor-utils
-  - aria2
-  - bridge-utils
-  - btrfs-progs
-  - cgroup-lite
-  - dbus
-  - debootstrap
-  - dnsmasq-base
-  - git
-  - gzip
-  - ifupdown
-  - iptables
-  - irqbalance
-  - language-pack-en
-  - liblxc1
-  - lxc
-  - lxc-dev
-  - lxc-templates
-  - procps
-  - python3-lxc
-  - python3-dev
-  - systemd-container
-  - xz-utils
-
-# Package to remove from the host
-lxc_hosts_remove_distro_packages:
-  - dnsmasq
-
-lxc_xz_bin: xz
-
-system_config_dir: "/etc/default"
-systemd_utils_prefix: "/lib/systemd"
-
-lxc_cached_network_interfaces:
-  - src: "lxc-net-bridge.cfg.j2"
-    dest: "/etc/network/interfaces.d/lxc-net-bridge.cfg"

vars/ubuntu-20.04.yml

@@ -1,49 +0,0 @@
----
-# Copyright 2016, Rackspace US, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-_lxc_hosts_container_build_command: "debootstrap --variant minbase {{ ansible_facts['distribution_release'] }} /var/lib/machines/{{ lxc_container_base_name }} "
-
-_lxc_cache_map:
-  distro: ubuntu
-  arch: "{{ lxc_architecture_mapping.get( ansible_facts['architecture'] ) }}"
-  release: focal
-  copy_from_host:
-    - /etc/apt/sources.list
-    - /etc/apt/apt.conf.d/
-    - /etc/apt/trusted.gpg.d/
-    - /etc/apt/trusted.gpg
-    - /etc/apt/preferences.d/
-    - /etc/environment
-    - /etc/localtime
-    - /etc/protocols
-
-_lxc_cache_prep_template: "prep-scripts/ubuntu_20_prep.sh.j2"
-
-# This list should contain a minimum set of packages. Add extra packages via roles that require them.
-_lxc_cache_distro_packages:
-  - ca-certificates
-  - dbus
-  - iputils-ping
-  - iproute2
-  - locales
-  - netbase
-  - openssh-server
-  - python3
-  - libpython3.8
-  - rsync              # os_keystone runs serial=1 and uses rsync before the distro packages have been installed on all keystone targets
-  - sudo
-  - systemd
-  - systemd-sysv
-  - tzdata