Change `flatcar-openstack-hostname.service` to use afterburn `openstack` provider implemented on coreos/afterburn#462 instead of `openstack-metadata`.
BootEngine PR: flatcar/bootengine#96
fero-client is a dependency of the Flatcar SDK. Keyword it so that the Flatcar
SDK can be built for arm64. The keyword entry from the profile can be removed,
it wasn't used since the ebuild was upreved to -r1.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
ccid-1.5.4 is marked ~arm64 but is a depdendency of the Flatcar SDK. Keyword in
profile so that an arm64 SDK can be built.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
They are copying sys-libs/libxcrypt from new portage-stable and
updating package masks and USE flags in order to migrate from
glibc-provided libcrypt to libxcrypt-provided libcrypt.
The migration seems to be a bit complicated to do, because
bootstrapping a system using glibc with libxcrypt-provided libcrypt
using a build environment using glibc with glibc-provided libcrypt
results in some slot conflicts. Without the stage1 hooks the failure
happened in stage2. With the hooks, but without the seed SDK update,
the failure happened already in stage1.
Updating the seed SDK to use libxcrypt seems to do the trick. The
update of the seed SDK will happen only when transition happens - if
the seed SDK is already using libxcrypt, these hooks are noops.
It's long overdue and glibc 2.39 will drop crypt stuff altogether. Or
so I heard. Whatever happens, the crypt library in glibc is deprecated
for a long time already.
- take care of nscd.conf via tmpfiles, add files/nscd-conf.tmpfiles.
- comment out 'dostrip -x' to force the OS image binaries to be stripped
- remove everything glibc wants to put under /etc since we use
baselayout to provide that
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
Enabled user session dbus in base image to support podman rootless mode.
Extension images can now be created from multiple packages by seperating
them with a comma. The podman sysext includes app-containers/podman and
net-misc/passt.
It can be enabled by adding podman to /etc/flatcar/enabled-sysext.conf.
Potential TODO: gpgme had to be added as BDEPEND to podman ebuild.
The if-up-down to trigger the DHCP request causes problems. It's better
to directly ask systemd-networkd to issue the request. It seems that
one needs to use "reconfigure" instead of "forcerenew", so I went with
only that instead of somehow trying to see if "forcerenew" has an
effect.
This reverts commit 9556c7f94b932ded3658738d616c2f666a364ba8
because waagent looks for internal hostname changes and wants to
propagate them to the Azure VM properties by issuing a new DHCP request.
As Ignition supports KubeVirt, add a custom oem for it and also the
required parts to be able to build an image in .qcow2 format that
is already using internal .qcow2 gzip compression.
Fixes: https://github.com/flatcar/Flatcar/issues/1358
Signed-off-by: Adrian Vladu <avladu@cloudbasesolutions.com>
This is a new package that is being developed to handle providing
symlinks for nvme disks (os,data,temporary) on newer Azure instances.
It needs to be part of the OS, and not oem-azure, because it carries
udev rules.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Flatcar prepares /etc/hostname from the initrd through afterburn. After
switching root, systemd-networkd fetches a dhcp lease with the correct
hostname already. This publishes the hostname to the vnet DNS server as
well. When WALinuxAgent starts, it tries to do the same steps: configure
the hostname, bounce the link to force dhcp lease renewal. This has
caused issues in the past with multi-nic configurations but also with
networked services that are trying to use the network (etcd/flanneld).
The link bouncing by WALinuxAgent is not necessary because of Flatcars
boot design, so return without bouncing the link. Tested that DNS from
other VMs in the same vnet works.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
When CoreosCommonUtil was factored out, we missed updating the class
name in a call to super(). This results in an error when executing
`/usr/sbin/waagent -force -deprovision+user`. Fix the class name.
Create a compatibility symlink at the old config file location
(/usr/share/oem/waagent.conf) to handle the case of enabling
auto-updates on the agent. The upstream version of the agent does not
have our downstream patch so doesn't know about the updated config file
location. We should upstream our changes.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
In case of sysext of zfs-kmod, pkg_setup() calls linux-info_get_any_version()
of eclass/linux-info.eclass with MERGE_TYPE=binary and
LINUX_INFO_BINARY_RESET=0. That results in KV_FULL and KV_OUT_DIR being
unset, which is not what we want. So set LINUX_INFO_BINARY_RESET=1 to
avoid such side effect.
Without setting them, build_sysext complains like below, i.e. it tries to find
System.map of a wrong Kernel version 6.6.21, when it should find a newer
version like 6.6.23. That results in subsequent zfs CI tests failing due to
missing files like System.map and module deps.
```
System.map for kernel 6.6.21-flatcar was not found, may be due to the
built kernel sources no longer being available and lacking the fallback:
```
Suggested-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
