The OpenVZ site provides a yum repo built against RHEL-7 that includes
the prlsdk-devel RPM needed for the VZ driver. This repo has quite alot
of packages that replace stuff from standard RHEL repos, so the yum
config file is set to whitelist only the minimal RPMs we need to do
builds. Fortunately they have no deps which would cause replacement of
standard RHEL RPMs.
Note this does not use the latest OpenVZ repo link, since that currently
has broken dependencies present
Error: Package: libprlcommon-7.0.183-1.vz7.x86_64 (vz)
Requires: libjson-c.so.2(libjson-c.so.2)(64bit)
The Requires line ought to be
libjson-c.so.2()(64bit)
Once that's fixed we can switch to the latest repo link.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
guests/lcitool | 22 ++++++++++++++++
guests/playbooks/update/tasks/base.yml | 25 +++++++++++++++++++
guests/playbooks/update/templates/openvz.key | 20 +++++++++++++++
.../playbooks/update/templates/openvz.repo.j2 | 9 +++++++
4 files changed, 76 insertions(+)
create mode 100644 guests/playbooks/update/templates/openvz.key
create mode 100644 guests/playbooks/update/templates/openvz.repo.j2
diff --git a/guests/lcitool b/guests/lcitool
index d617beb..4f874b3 100755
--- a/guests/lcitool
+++ b/guests/lcitool
@@ -593,6 +593,18 @@ class Application:
self._execute_playbook("build", args.hosts, args.projects,
args.git_revision)
+ def _get_openvz_repo(self):
+ basedir = os.path.dirname(sys.argv[0])
+ repofile = os.path.join(basedir, "playbooks", "update",
"templates", "openvz.repo.j2")
+ with open(repofile, "r") as r:
+ return r.read().rstrip()
+
+ def _get_openvz_key(self):
+ basedir = os.path.dirname(sys.argv[0])
+ repofile = os.path.join(basedir, "playbooks", "update",
"templates", "openvz.key")
+ with open(repofile, "r") as r:
+ return r.read().rstrip()
+
def _action_dockerfile(self, args):
mappings = self._projects.get_mappings()
pip_mappings = self._projects.get_pip_mappings()
@@ -723,6 +735,16 @@ class Application:
{package_manager} clean all -y
""").format(**varmap))
elif os_name == "CentOS" and os_version == "7":
+ repo = self._get_openvz_repo()
+ repocmd = "\\n\\\n".join(repo.split("\n"))
+ key = self._get_openvz_key()
+ keycmd = "\\n\\\n".join(key.split("\n"))
+
+ sys.stdout.write(
+ "RUN echo -e '%s' > /etc/yum.repos.d/openvz.repo
&& \\\n" % repocmd +
+ " echo -e '%s' >
/etc/pki/rpm-gpg/RPM-GPG-KEY-OpenVZ && \\\n" % keycmd +
+ " rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-OpenVZ")
+
sys.stdout.write(textwrap.dedent("""
RUN {package_manager} update -y && \\
{package_manager} install -y epel-release && \\
diff --git a/guests/playbooks/update/tasks/base.yml
b/guests/playbooks/update/tasks/base.yml
index 3d83e78..e17b50b 100644
--- a/guests/playbooks/update/tasks/base.yml
+++ b/guests/playbooks/update/tasks/base.yml
@@ -13,6 +13,31 @@
package:
name: epel-release
state: latest
+
+- name: Create OpenVZ key
+ template:
+ src: '{{ playbook_base }}/templates/openvz.key'
+ dest: /etc/pki/rpm-gpg/RPM-GPG-KEY-OpenVZ
+ owner: root
+ group: root
+ when:
+ - os_name == 'CentOS'
+ - os_version == '7'
+
+- name: Import OpenVZ key
+ command: 'rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-OpenVZ'
+ args:
+ warn: no
+ when:
+ - os_name == 'CentOS'
+ - os_version == '7'
+
+- name: Enable OpenVZ repository
+ template:
+ src: '{{ playbook_base }}/templates/openvz.repo.j2'
+ dest: /etc/yum.repos.d/openvz.repo
+ owner: root
+ group: root
when:
- os_name == 'CentOS'
- os_version == '7'
diff --git a/guests/playbooks/update/templates/openvz.key
b/guests/playbooks/update/templates/openvz.key
new file mode 100644
index 0000000..b77a137
--- /dev/null
+++ b/guests/playbooks/update/templates/openvz.key
@@ -0,0 +1,20 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+mI0EVl80nQEEAKrEeyeTCwrzS9kYedZ/sAc/GUqlb81C7pA9SaR3fyck5mVw1Ogk
+YdmNBPM2kY7QDxR9F0EpSpnxSCAXZXugsQ8KzZ0DRLVeBDQyGs9IGK5hI0zzxIil
+BzfvIexLiQQhLy7YlIi8Jt/uUqKkW0pIMNMGcduY97VATtczpncpkmSzABEBAAG0
+SFZpcnR1b3p6byBUZWFtIChHUEcga2V5IHNpZ25hdHVyZSBmb3IgcGFja2FnZXMp
+IDxzZWN1cml0eUB2aXJ0dW96em8uY29tPoi5BBMBAgAjBQJWXzSdAhsDBwsJCAcD
+AgEGFQgCCQoLBBYCAwECHgECF4AACgkQygt9GUTNrSruIgP/er70Eyo73A1gfrjv
+oPUkyo4rslVRZu3qqCwoMFtJc/Z/UxWgEka1buorlcGLa6eO/EZ49c0n+KGa4Kvt
+EUboIq0yEu5i0FyAj92ifm+hNhoAbGfm0cZ4/fD0oGr3l8OsQo4+iHX4xAPwFe7Y
+zABuB8I1ZDZ4OIp5tDfTTuF2LT24jQRWXzSdAQQAog2Aqb+Ptl68O7cQhWLjVGkj
+yyigZrdeReLx3HloKJPBeQ/kA6uvMJc/IYS3uppMWXv9v+QenS6uhP1TUJ2k9FvM
+t94MQZfALN7Vpf8AF+UeWu4Ru+y4BNzcFhrPhIFNFChOR2QqW6FkgE57D9I177NC
+oJMyrlNe8wcGa178An8AEQEAAYifBBgBAgAJBQJWXzSdAhsMAAoJEMoLfRlEza0q
+bKwD/3+OFVIEXnIv5XgdGRNX5fHggsUN1bb8gva7HANRlKdd4LD8foDM3F/yv/3V
+igG14D5EjKz56SaBDNgiI4++hOzb2M8jhAsR86jxkXFrrP1U3ZNRKg6av9DPFAPS
+WEiJKtQrZDJloqtyi/mmRa1VsV7RYR0VPJjhK/R8EQ7Ysshy
+=fRMg
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/guests/playbooks/update/templates/openvz.repo.j2
b/guests/playbooks/update/templates/openvz.repo.j2
new file mode 100644
index 0000000..19a9546
--- /dev/null
+++ b/guests/playbooks/update/templates/openvz.repo.j2
@@ -0,0 +1,9 @@
+[openvz]
+name=OpenVZ addons
+baseurl=https://download.openvz.org/virtuozzo/releases/openvz-7.0.11-235/x86_64/os/
+enabled=1
+gpgcheck=1
+skip_if_unavailable=0
+metadata_expire=6h
+priority=90
+includepkgs=libprl*
--
2.23.0