1 # SPDX-FileCopyrightText: 2021 Intel Corporation.
3 # SPDX-License-Identifier: Apache-2.0
6 - name: enable PowerTools repository on CentOS >= 8 and < 8.3
7 # noqa 303 - yum is called intenionallly here
8 command: yum config-manager --set-enabled PowerTools
10 - ansible_distribution == "CentOS"
11 - ansible_distribution_version >= '8' and ansible_distribution_version < '8.3'
13 - name: enable powertools repository on CentOS >= 8.3
14 # noqa 303 - yum is called intenionallly here
15 command: yum config-manager --set-enabled powertools
17 - ansible_distribution == "CentOS"
18 - ansible_distribution_version >= '8.3'
20 - name: enable CodeReady Linux Builder repository on RHEL 8
22 name: codeready-builder-for-rhel-8-x86_64-rpms
24 - ansible_distribution == "RedHat"
25 - ansible_distribution_version >= '8'
27 - name: install epel-release on CentOS
31 - ansible_distribution == "CentOS"
33 - name: obtain EPEL GPG key on RHEL8
36 key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8
38 - ansible_distribution == "RedHat"
39 - ansible_distribution_version >= '8'
41 - name: install epel-release on RHEL8
43 name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
45 - ansible_distribution == "RedHat"
46 - ansible_distribution_version >= '8'
48 - name: get full distribution versions
49 command: cat /etc/redhat-release
53 - name: set full distribution version
55 full_dist_version: "{{ release.stdout | regex_replace('.*(\\d+.\\d+.\\d\\d\\d\\d).*', '\\1') }}"
57 - name: update CentOS Vault yum repository on CentOS 7
59 name: C{{ full_dist_version }}-base
60 description: CentOS-{{ full_dist_version }} - Base
62 baseurl: http://vault.centos.org/{{ full_dist_version }}/os/$basearch/
64 gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-{{ ansible_distribution_major_version }}
67 - ansible_distribution == "CentOS"
68 - ansible_distribution_version < '7.9'
71 #- name: update CentOS Vault yum repository on CentOS 8
73 # name: C{{ full_dist_version }}-base
74 # description: CentOS-{{ full_dist_version }} - Base
76 # baseurl: http://vault.centos.org/{{ full_dist_version }}/BaseOS/$basearch/os/
77 # baseurl: http://vault.centos.org/{{ full_dist_version }}/BaseOS/Source/
79 # gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
82 # - ansible_distribution == "CentOS"
83 # - ansible_distribution_version >= '8' and ansible_distribution_version < '8.3'
86 # CentOS-Vault repo not working for CentOS 8, so install kernel headers directly
87 - name: pull matching kernel headers on CentOS 8.2
93 register: source_status
94 until: source_status is not failed
96 - "https://vault.centos.org/8.2.2004/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-193.el8.x86_64.rpm"
97 - "https://vault.centos.org/8.2.2004/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-193.el8.x86_64.rpm"
99 - ansible_distribution == "CentOS"
100 - ansible_distribution_version == '8.2'
103 - name: pull matching kernel headers on CentOS 8.3
107 register: source_status
109 - "https://vault.centos.org/8.3.2011/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-240.el8.x86_64.rpm"
110 - "https://vault.centos.org/8.3.2011/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-240.el8.x86_64.rpm"
112 - ansible_distribution == "CentOS"
113 - ansible_distribution_version == '8.3'
116 - name: pull matching kernel headers on CentOS 8.4
120 register: source_status
122 - "http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-305.3.1.el8.x86_64.rpm"
123 - "http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-305.3.1.el8.x86_64.rpm"
124 # - "https://vault.centos.org/8.4.2105/BaseOS/x86_64/os/Packages/kernel-headers-4.18.0-305.el8.x86_64.rpm"
125 # - "https://vault.centos.org/8.4.2105/BaseOS/x86_64/os/Packages/kernel-devel-4.18.0-305.el8.x86_64.rpm"
127 - ansible_distribution == "CentOS"
128 - ansible_distribution_version == '8.4'
131 # pull the matching kernel headers if kernel is not updated
132 - name: pull matching kernel headers from configured repos
133 # noqa 503 - more than one condition, can't be a handler
136 - kernel-headers-{{ ansible_kernel }}
137 - kernel-devel-{{ ansible_kernel }}
138 register: kernel_source
140 until: kernel_source is success
142 - not source_status.changed
143 - ansible_os_family == "RedHat"
146 - name: install the 'Development tools' package group
148 name: "@Development tools"
150 - ansible_os_family == "RedHat"
156 - ansible_distribution in ["RedHat", "CentOS"]
157 - ansible_distribution_version < '8'
163 - ansible_distribution in ["RedHat", "CentOS"]
164 - ansible_distribution_version >= '8'
166 - name: update all packages
169 state: latest # noqa 403
172 - ansible_os_family == "RedHat"
173 - update_all_packages | default(false)
175 - name: update to the latest kernel and kernel headers on the Red Hat OS family
180 state: latest # noqa 403
184 - ansible_os_family == "RedHat"
185 - update_kernel | default(false)
187 #note(przemeklal): fixes issue with missing selinux in packet.net CentOS 7 images
188 - name: ensure selinux is installed on CentOS/RHEL 7
192 - policycoreutils-python
194 - selinux-policy-targeted
202 - ansible_distribution in ["RedHat", "CentOS"]
203 - ansible_distribution_version < '8'
205 # Workaround for Equinix Metal CentOS 7
206 - name: set selinux to permissive
208 path: "/etc/sysconfig/selinux"
209 regexp: '^SELINUX=enforcing'
210 line: 'SELINUX=permissive'
212 - ansible_distribution in ["RedHat", "CentOS"]
213 - ansible_distribution_version < '8'
215 - name: set python is python3
218 path: /usr/bin/python3
219 link: /usr/bin/python
221 - ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat'
222 - ansible_distribution_version >= '8'
224 - name: install command line tools to collect hardware details
231 when: ansible_distribution in ["RedHat", "CentOS"]
233 - name: Add kubic yum repo and install updated version of podman
235 - name: disable container-tools module
236 # noqa 305 - shell is used intentionally here
237 shell: dnf -y module disable container-tools
238 - name: enable rhcontainerbot/container-selinux repository
239 # noqa 305 - shell is used intentionally here
240 shell: dnf -y copr enable rhcontainerbot/container-selinux
241 - name: Add kubic yum repo
243 name: devel_kubic_libcontainers_stable
244 description: Stable Releases of Upstream github.com/containers packages (CentOS_$releasever)
245 baseurl: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_$releasever/
247 gpgkey: https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_$releasever/repodata/repomd.xml.key
253 - name: install podman package
258 - ansible_os_family == "RedHat" and ansible_distribution_version >= '8.2'
259 - '"docker" not in container_runtime'
261 # SELINUX will be disabled later stage so, these packages are required when container_runtime is docker
262 - name: install packages in RHEL >= 8.4 when container_runtime is docker
274 - ansible_distribution == "RedHat" and ansible_distribution_version >= '8.4'
275 - container_runtime == "docker"
277 # Workaround - Set pip to a version that supports correct version of packages needed
278 - name: use the correct pip version for CentOS 7
283 - ansible_distribution == "CentOS"
284 - ansible_distribution_version < '7.9'
286 - name: Install pip3 required by dpdk
291 - ansible_distribution == "CentOS"
292 - ansible_distribution_version < '7.9'