diff --git a/.github/workflows/vsphere-e2e.yaml b/.github/workflows/vsphere-e2e.yaml index adf1a5efb..a27476478 100644 --- a/.github/workflows/vsphere-e2e.yaml +++ b/.github/workflows/vsphere-e2e.yaml @@ -84,4 +84,4 @@ jobs: GITHUB_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }} VSPHERE_SERVER: ${{ secrets.VSPHERE_SERVER }} VSPHERE_DATASTORE: ${{ secrets.VSPHERE_DATASTORE }} - VSPHERE_DATACENTER: dc1 + VSPHERE_DATACENTER: ${{ secrets.VSPHERE_DATACENTER }} diff --git a/ansible/roles/containerd/tasks/main.yaml b/ansible/roles/containerd/tasks/main.yaml index 41b373d68..a588cf3f8 100644 --- a/ansible/roles/containerd/tasks/main.yaml +++ b/ansible/roles/containerd/tasks/main.yaml @@ -4,6 +4,12 @@ path: "/etc/systemd/system/containerd.service.d/" state: directory +- name: Create containerd max files + template: + dest: /etc/systemd/system/containerd.service.d/max-files.conf + src: etc/systemd/system/containerd.service.d/max-files.conf + mode: 0644 + - name: Create containerd proxy conf template: dest: /etc/systemd/system/containerd.service.d/http-proxy.conf diff --git a/ansible/roles/containerd/templates/etc/systemd/system/containerd.service.d/max-files.conf b/ansible/roles/containerd/templates/etc/systemd/system/containerd.service.d/max-files.conf new file mode 100644 index 000000000..351327a65 --- /dev/null +++ b/ansible/roles/containerd/templates/etc/systemd/system/containerd.service.d/max-files.conf @@ -0,0 +1,2 @@ +[Service] +LimitNOFILE=1048576 diff --git a/ansible/roles/repo/tasks/redhat.yaml b/ansible/roles/repo/tasks/redhat.yaml index 3ef9695e2..1232f689e 100644 --- a/ansible/roles/repo/tasks/redhat.yaml +++ b/ansible/roles/repo/tasks/redhat.yaml @@ -37,7 +37,7 @@ msg: "WARN: Your system is not using subscription manager fetching packages such as kernel-headers might fail" when: - ansible_distribution == 'RedHat' - - rhelorg.subscribed_pool is not defined and rheluser.subscribed_pool is not defined + - rhelorg.subscribed_pool_ids is not defined and rheluser.subscribed_pool_ids is not defined - ansible_distribution_major_version == '8' # make sure rhsm can manage repos + refresh and attach if needed @@ -45,7 +45,7 @@ shell: subscription-manager config --rhsm.manage_repos=1 && subscription-manager refresh && subscription-manager attach --auto when: - ansible_distribution == 'RedHat' - - rhelorg.subscribed_pool is defined or rheluser.subscribed_pool is defined + - rhelorg.subscribed_pool_ids is defined or rheluser.subscribed_pool_ids is defined - ansible_distribution_major_version == '8' # The AppStream repo for Centos 8 is not available from centos mirror list. diff --git a/cmd/konvoy-image-wrapper/cmd/wrapper.go b/cmd/konvoy-image-wrapper/cmd/wrapper.go index 265bce776..6f1dcaf04 100644 --- a/cmd/konvoy-image-wrapper/cmd/wrapper.go +++ b/cmd/konvoy-image-wrapper/cmd/wrapper.go @@ -39,14 +39,20 @@ const ( envAzureLocation = "AZURE_LOCATION" - envVSphereServer = "VSPHERE_SERVER" - envVSphereUser = "VSPHERE_USERNAME" - envVSpherePassword = "VSPHERE_PASSWORD" - envRedHatSubscriptionManagerUser = "RHSM_USER" - envRedHatSubscriptionManagerPassword = "RHSM_PASS" - envVSphereSSHUserName = "SSH_USERNAME" - envVSphereSSHPassword = "SSH_PASSWORD" - envVsphereSSHPrivatekeyFile = "SSH_PRIVATE_KEY_FILE" + envVSphereServer = "VSPHERE_SERVER" + envVSphereUser = "VSPHERE_USERNAME" + envVSpherePassword = "VSPHERE_PASSWORD" + envVSphereDatacenter = "VSPHERE_DATACENTER" + envVsphereDatastore = "VSPHERE_DATASTORE" + + envRedHatSubscriptionManagerUser = "RHSM_USER" + envRedHatSubscriptionManagerPassword = "RHSM_PASS" + envRedHatSubscriptionManagerActivationKey = "RHSM_ACTIVATION_KEY" + envRedHatSubscriptionManagerOrgID = "RHSM_ORG_ID" + + envVSphereSSHUserName = "SSH_USERNAME" + envVSphereSSHPassword = "SSH_PASSWORD" + envVsphereSSHPrivatekeyFile = "SSH_PRIVATE_KEY_FILE" //nolint:gosec // environment var set by user envGCPApplicationCredentials = "GOOGLE_APPLICATION_CREDENTIALS" @@ -61,7 +67,7 @@ const ( var ErrEnv = errors.New("manifest not support") -func ENvError(o string) error { +func EnvError(o string) error { return fmt.Errorf("%w: %s", ErrEnv, o) } @@ -125,7 +131,7 @@ func (r *Runner) setUserAndGroups() error { if err == nil { gid, err := strconv.Atoi(dockerGroup.Gid) if err != nil { - return ENvError(fmt.Sprintf("docker gid '%s' is not an int", dockerGroup.Gid)) + return EnvError(fmt.Sprintf("docker gid '%s' is not an int", dockerGroup.Gid)) } r.supplementaryGroupIDs = append(r.supplementaryGroupIDs, gid) } @@ -190,8 +196,12 @@ func (r *Runner) setVSphereEnv() error { envVSphereServer, envVSphereUser, envVSpherePassword, + envVSphereDatacenter, + envVsphereDatastore, envRedHatSubscriptionManagerUser, envRedHatSubscriptionManagerPassword, + envRedHatSubscriptionManagerActivationKey, + envRedHatSubscriptionManagerOrgID, envVSphereSSHUserName, envVSphereSSHPassword, } { diff --git a/pkg/packer/manifests/vsphere/packer.pkr.hcl b/pkg/packer/manifests/vsphere/packer.pkr.hcl index 72c33e2ae..aea885ac7 100644 --- a/pkg/packer/manifests/vsphere/packer.pkr.hcl +++ b/pkg/packer/manifests/vsphere/packer.pkr.hcl @@ -479,7 +479,7 @@ build { strip_path = true } post-processor "shell-local" { - inline = [ "if ${var.dry_run}; then echo 'destroying VM ${local.vm_name}'; govc vm.destroy -dc=${var.vsphere_datacenter} ${local.vm_name}; fi"] + inline = [ "if ${var.dry_run}; then echo 'destroying VM ${local.vm_name} with command: govc vm.destroy -dc=${var.vsphere_datacenter} ${local.vm_name}'; govc vm.destroy -dc=${var.vsphere_datacenter} ${local.vm_name}; fi"] environment_vars =[ "GOVC_URL=${var.vcenter_server}", "GOVC_USERNAME=${var.vsphere_username}",