Add support for EL10

This patch implements support for deployment on EL10. As of today LXC is not present in EPEL, so we use Neil's COPR repository right now. Once EPEL will add LXC package, we should replace COPR with it. Change-Id: Iac16f239805f391a4a93caa3737f65280a0bbf46
2025-06-03 20:06:49 +02:00
parent fc304c6e72
commit 00cd3feb42
5 changed files with 70 additions and 1 deletions
--- a/templates/lxc-openstack.conf.j2
+++ b/templates/lxc-openstack.conf.j2
@@ -1,7 +1,9 @@
 # {{ ansible_managed }}

+{% if ansible_facts['os_family'] | lower == 'debian' %}
 lxc.apparmor.profile = generated
 lxc.apparmor.allow_nesting = 1
+{% endif %}
 lxc.start.auto = 1
 lxc.start.delay = 15
 lxc.group = onboot
--- a/templates/prep-scripts/redhat_prep.sh.j2
+++ b/templates/prep-scripts/redhat_prep.sh.j2
@@ -11,6 +11,7 @@ fi

 # The containers do not need the LXC repository (only hosts need it).
 rm -f /etc/yum.repos.d/thm-lxc3.0*
+rm -f /etc/yum.repos.d/epel-lxc_hosts.repo
 # This repo should be installed from package, so requires extra vars to work properly
 rm -f /etc/yum.repos.d/CentOS-NFV-OpenvSwitch.repo

--- a/vars/redhat-10-host.yml
+++ b/vars/redhat-10-host.yml
@@ -0,0 +1,61 @@
+---
+# Copyright 2016, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+system_config_dir: "/etc/sysconfig"
+systemd_utils_prefix: "/lib/systemd"
+
+_lxc_hosts_epel_packages:
+  - lxc*
+  - python3-lxc
+
+lxc_centos_repo_keys:
+  - key: "/etc/pki/rpm-gpg/neil-lxc4.0.gpg"
+    url: "https://download.copr.fedorainfracloud.org/results/neil/lxc4.0/pubkey.gpg"
+    state: present
+
+lxc_centos_repos:
+  - name: epel-lxc_hosts
+    description: Copr repo for lxc4.0 owned by neil
+    baseurl: https://download.copr.fedorainfracloud.org/results/neil/lxc4.0/epel-10-$basearch/
+    gpgcheck: true
+    gpgkey: "file:///etc/pki/rpm-gpg/neil-lxc4.0.gpg"
+    enabled: true
+    state: present
+    includepkgs: "{{ _lxc_hosts_epel_packages }}"
+
+# Required rpm packages.
+_lxc_hosts_distro_packages:
+  - dbus
+  - dnsmasq
+  - e2fsprogs
+  - git-core
+  - iptables
+  - "kernel-modules-extra-{{ ansible_facts['kernel'] }}" # required by iptables/ebtables to avoid kernel upgrade
+  - libseccomp
+  - lxc
+  - lxc-devel
+  - lxc-libs
+  - lxc-templates
+  - policycoreutils-python-utils
+  - procps
+  - python3-lxc
+  - systemd-container
+  - tar
+  - unzip
+  - xz
+
+lxc_ssh_service_name: sshd
+
+lxc_xz_bin: xz
--- a/vars/redhat-host.yml
+++ b/vars/redhat-host.yml
@@ -40,7 +40,7 @@ _lxc_hosts_distro_packages:
  - dbus
  - dnsmasq
  - e2fsprogs
-  - git
+  - git-core
  - iptables
  - libseccomp
  - lxc
--- a/vars/redhat.yml
+++ b/vars/redhat.yml
@@ -39,6 +39,7 @@ _lxc_cache_prep_template: "prep-scripts/redhat_prep.sh.j2"
 _lxc_cache_distro_packages:
  - ca-certificates
  - git-core # needed everywhere when wheel_build=false
+  - gnupg2
  - iputils
  - iproute
  - libxml2
@@ -46,6 +47,10 @@ _lxc_cache_distro_packages:
  - procps
  - python3
  - python3-libs
+  - python3-setuptools
  - setup
  - sudo
+  - systemd
+  - systemd-networkd
+  - systemd-resolved
  - tzdata