dev-scripts/01_install_requirements.sh at master · openshift-metal3/dev-scripts · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
#!/usr/bin/env bash
set -ex


source logging.sh
source common.sh
source sanitychecks.sh
source utils.sh
source validation.sh

early_deploy_validation true

if [ -z "${METAL3_DEV_ENV}" ]; then
  export REPO_PATH=${WORKING_DIR}
  sync_repo_and_patch metal3-dev-env https://github.com/metal3-io/metal3-dev-env.git
  pushd ${METAL3_DEV_ENV_PATH}
  # Pin to a specific metal3-dev-env commit to ensure we catch breaking
  # changes before they're used by everyone and CI.
  # TODO -- come up with a plan for continuously updating this
  # Note we only do this in the case where METAL3_DEV_ENV is
  # unset, to enable developer testing of local checkouts
  git reset f5c0b859717e71c35701905161caa6e65221b3fb --hard

  # Ansible 9+ requires Python 3.10+, but CentOS Stream 9 ships Python 3.9.
  # Patch metal3-dev-env to use Ansible 8.x on centos9/rhel9.
  sed -i '/ANSIBLE_VERSION/{ s/10\.7\.0/8.7.0/; }' lib/common.sh

  popd
fi

# This must be aligned with the metal3-dev-env pinned version above, see
# https://github.com/metal3-io/metal3-dev-env/blob/master/lib/common.sh
export ANSIBLE_VERSION=${ANSIBLE_VERSION:-"8.7.0"}

# Speed up dnf downloads
sudo sh -c "echo 'fastestmirror=1' >> /etc/dnf/dnf.conf"
sudo sh -c "echo 'max_parallel_downloads=8' >> /etc/dnf/dnf.conf"

# Refresh dnf data
# We could also use --refresh to just force metadata update
# in the upgrade command,but this is more explicit and complete
sudo dnf -y clean all

old_version=$(sudo dnf info NetworkManager | grep Version | cut -d ':' -f 2)

# Update to latest packages first
# Number of attempts
MAX_RETRIES=5
# Delay between attempts (in seconds)
_YUM_RETRY_BACKOFF=15

attempt=1
while (( attempt <= MAX_RETRIES )); do
    if sudo dnf -y upgrade --nobest; then
        echo "System upgraded successfully."
        break
    else
        echo "Upgrade failed (attempt $attempt). Cleaning cache and retrying..."
        sudo dnf clean all
        sudo rm -rf /var/cache/dnf/*
        sleep $(( _YUM_RETRY_BACKOFF * attempt ))
    fi

    (( attempt++ ))
done

if (( attempt > MAX_RETRIES )); then
    echo "ERROR: Failed to upgrade system after $MAX_RETRIES attempts."
    exit 1
fi

new_version=$(sudo dnf info NetworkManager | grep Version | cut -d ':' -f 2)
# If NetworkManager was upgraded it needs to be restarted
if [ "$old_version" != "$new_version" ]; then
  sudo systemctl restart NetworkManager
fi

# Install additional repos as needed for each OS version
# shellcheck disable=SC1091
source /etc/os-release

# NOTE(elfosardo): Hacks required for legacy and missing things due to bump in
#metal3-dev-env commit hash.
# All of those are needed because we're still behind for OS support.
# passlib needs to be installed as system dependency
if [[ -x "/usr/libexec/platform-python" ]]; then
  sudo /usr/libexec/platform-python -m pip install passlib || sudo dnf -y install python3-pip && sudo /usr/libexec/platform-python -m pip install passlib
fi

# Install ansible, other packages are installed via
# vm-setup/install-package-playbook.yml
case $DISTRO in
  "centos9"|"rhel9"|"almalinux9"|"rocky9")
    sudo dnf -y install python3-pip
    if [[ $DISTRO == "centos9" || $DISTRO == "almalinux9" || $DISTRO == "rocky9" ]] ; then
      sudo dnf config-manager --set-enabled crb
      sudo dnf -y install epel-release
    elif [[ $DISTRO == "rhel9" ]]; then
      # NOTE(raukadah): If a system is subscribed to RHEL subscription then
      # sudo subscription-manager identity will return exit 0 else 1.
      if sudo subscription-manager identity > /dev/null 2>&1; then
	# NOTE(elfosardo): a valid RHEL subscription is needed to be able to
	# enable the CRB repository
	sudo subscription-manager repos --enable codeready-builder-for-rhel-9-$(arch)-rpms
      fi
      sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
    fi
    sudo ln -s /usr/bin/python3 /usr/bin/python || true
    PYTHON_DEVEL="python3-devel"
    ;;
  *)
    echo -n "CentOS 9 or RHEL 9 required (el8 is no longer supported due to glibc requirements)"
    exit 1
    ;;
esac

# We use yq in a few places for processing YAML but it isn't packaged
# for CentOS/RHEL so we have to install from pip. We do not want to
# overwrite an existing installation of the golang version, though,
# so check if we have a yq before installing.
if ! which yq 2>&1 >/dev/null; then
    sudo python -m pip install 'yq>=3,<4'
else
    echo "Using yq from $(which yq)"
fi

GO_VERSION=${GO_VERSION:-1.24.10}
GO_CUSTOM_MIRROR=${GO_CUSTOM_MIRROR:-"https://go.dev/dl"}

GOARCH=$(uname -m)
if [[ $GOARCH == "aarch64" ]]; then
    GOARCH="arm64"
    sudo dnf -y install $PYTHON_DEVEL libxml2-devel libxslt-devel
elif [[ $GOARCH == "x86_64" ]]; then
    GOARCH="amd64"
fi

VERSION="go${GO_VERSION}"
OS="linux"

GO_CHECKSUM="$(
  curl -s "https://go.dev/dl/?mode=json&include=all" | jq -r \
    --arg version "$VERSION" \
    --arg os "$OS" \
    --arg arch "$GOARCH" \
    '
      .[]
      | select(.version == $version)
      | .files[]
      | select(.os == $os and .arch == $arch)
      | .sha256
    '
)"

if [ -z "$GO_CHECKSUM" ]; then
  echo "Error: Could not find checksum for $VERSION ($OS/$ARCH)" >&2
else
  echo "Checksum: $GO_CHECKSUM"
fi

# Also need the 3.9 version of netaddr for ansible.netcommon
# and lxml for the pyxpath script
sudo python -m pip install netaddr lxml

sudo python -m pip install ansible=="${ANSIBLE_VERSION}"

pushd ${METAL3_DEV_ENV_PATH}
ansible-galaxy install -r vm-setup/requirements.yml
# Let's temporarily pin these collections to the latest compatible with ansible-2.15
#ansible-galaxy collection install --upgrade ansible.netcommon ansible.posix ansible.utils community.general
ansible-galaxy collection install 'ansible.netcommon<8.0.0' ansible.posix 'ansible.utils<6.0.0' community.general
ANSIBLE_FORCE_COLOR=true ansible-playbook \
  -e "working_dir=$WORKING_DIR" \
  -e "virthost=$HOSTNAME" \
  -e "go_version=$GO_VERSION" \
  -e "go_custom_mirror=$GO_CUSTOM_MIRROR" \
  -e "go_checksum=$GO_CHECKSUM" \
  -e "GOARCH=$GOARCH" \
  -i vm-setup/inventory.ini \
  -b -vvv vm-setup/install-package-playbook.yml
popd

if [ -n "${KNI_INSTALL_FROM_GIT}" ]; then
    # zip is required for building the installer from source
    sudo dnf -y install zip
fi

# Install nfs for persistent volumes
if [ "${PERSISTENT_IMAGEREG}" == true ] ; then
    sudo dnf -y install nfs-utils
fi

if [[ "${NODES_PLATFORM}" == "baremetal" ]] ; then
    sudo dnf -y install ipmitool
fi

retry_with_timeout 5 60 "curl -L $OPENSHIFT_CLIENT_TOOLS_URL | sudo tar -U -C /usr/local/bin -xzf -"
sudo chmod +x /usr/local/bin/oc
oc version --client -o json