From 75f0a84b56c1f9c8fbfa1109991360aaa950a38e Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Mon, 13 Oct 2025 09:42:40 -0400 Subject: [PATCH 1/6] bootlinux: Show any warnings from "make olddefconfig" At some point, the allowed values for CONFIG_HYPERV went from tristate to boolean. RHEL 9 kernel configs set CONFIG_HYPERV to m but if I use that configuration for 6.17, "make olddefconfig" silently turns that into n. It actually does warn before switching off the setting, but Ansible does not relay that output to the controller, so the warning is lost. I discovered this because the NFSD CI runs on Azure stopped working entirely. After rebooting into the test kernel, the test instances became unreachable via ssh. They could no longer use the Hyper-V network device. I've fixed my config-kdevops, but it would be helpful if bootlinux watched for warnings from "make olddefconfig" so such problems can be identified faster. Signed-off-by: Chuck Lever --- .../roles/bootlinux/tasks/build/builder.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/playbooks/roles/bootlinux/tasks/build/builder.yml b/playbooks/roles/bootlinux/tasks/build/builder.yml index f981ad975..30118b88e 100644 --- a/playbooks/roles/bootlinux/tasks/build/builder.yml +++ b/playbooks/roles/bootlinux/tasks/build/builder.yml @@ -110,10 +110,18 @@ community.general.make: chdir: "{{ target_linux_dir_path }}" target: "olddefconfig" + register: olddefconfig_output when: - bootlinux_compiler_gcc|bool - not bootlinux_use_config_fragments|default(false)|bool +- name: Report unexpected Kconfig setting changes + ansible.builtin.debug: + var: olddefconfig_output.stderr_lines + when: + - bootlinux_compiler_gcc|bool + - "'warning:' in olddefconfig_output.stderr" + - name: Build {{ target_linux_tree }} community.general.make: chdir: "{{ target_linux_dir_path }}" @@ -128,10 +136,18 @@ params: LLVM: 1 target: "olddefconfig" + register: olddefconfig_llvm_output when: - bootlinux_compiler_clang|bool - not bootlinux_use_config_fragments|default(false)|bool +- name: Report unexpected Kconfig setting changes + ansible.builtin.debug: + var: olddefconfig_output.stderr_lines + when: + - bootlinux_compiler_clang|bool + - "'warning:' in olddefconfig_llvm_output.stderr" + - name: Build {{ target_linux_tree }} community.general.make: chdir: "{{ target_linux_dir_path }}" From 6b09201bff6b908d9e7e6c22e3de83dba890f2ab Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Fri, 17 Oct 2025 13:25:15 -0400 Subject: [PATCH 2/6] scripts: Clean up generate_cloud_configs.py When Claude is checking code cleanliness, it keeps making this tiny clean-up in scripts/generate_cloud_configs.py. Let's merge it to keep America beautiful. Fixes: 29b19225dcba ("scripts: Add AWS support to generate_cloud_configs.py") Signed-off-by: Chuck Lever --- scripts/generate_cloud_configs.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate_cloud_configs.py b/scripts/generate_cloud_configs.py index ceb2eafc6..4f833c406 100755 --- a/scripts/generate_cloud_configs.py +++ b/scripts/generate_cloud_configs.py @@ -134,7 +134,7 @@ def generate_aws_kconfig() -> bool: if result.returncode == 0: # Write the output to the corresponding Kconfig file try: - with open(output_path, 'w') as f: + with open(output_path, "w") as f: f.write(result.stdout) except IOError as e: print(f"Error writing {kconfig_file}: {e}", file=sys.stderr) From c16c9649b4d9e2d3a21ac2d96b93ada56895b2f4 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Tue, 14 Oct 2025 14:27:24 -0400 Subject: [PATCH 3/6] terraform: Clean up ssh user help text Fix nits in the Kconfig prompt and help text. Signed-off-by: Chuck Lever --- terraform/Kconfig.ssh | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/terraform/Kconfig.ssh b/terraform/Kconfig.ssh index 8a19d7c56..5092783f5 100644 --- a/terraform/Kconfig.ssh +++ b/terraform/Kconfig.ssh @@ -1,11 +1,10 @@ config TERRAFORM_SSH_USER_INFER - bool "Selecting this will infer your username from you local system" + bool "Infer the ssh user name" default y if !TERRAFORM_LAMBDALABS default n if TERRAFORM_LAMBDALABS help - If enabled we and you are running 'make menuconfig' as user sonia, - then we'd infer this and peg sonia as the default user name for you. - We'll simply run $(shell echo $USER). + If enabled and you are running 'make menuconfig' as user sonia, + then use "sonia" as the ssh user name. Note: This is automatically disabled for Lambda Labs since they don't support custom SSH users. @@ -16,13 +15,9 @@ config TERRAFORM_SSH_CONFIG_USER default "ubuntu" if TERRAFORM_LAMBDALABS default "admin" if !TERRAFORM_SSH_USER_INFER && !TERRAFORM_LAMBDALABS help - The SSH username to use for connecting to the target systems. - - For Lambda Labs, this is set to 'ubuntu' as Lambda Labs doesn't - support custom users and typically deploys Ubuntu instances. - - For other providers, this will be inferred from your local username - or set to a default value. + The SSH username Ansible will use to connect to its target + nodes. Generally this username has to match a user that is + pre-created when terraform provisions a cloud instance. config TERRAFORM_SSH_CONFIG_PUBKEY_FILE string "The ssh public key to use to log in" From 398e62fe856d96b41c2e02d23411ad43ba5d5316 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Tue, 14 Oct 2025 16:41:46 -0400 Subject: [PATCH 4/6] terraform: Remove CONFIG_TERRAFORM_SSH_CONFIG_PRIVKEY_FILE Clean up. Commit 535726de9d71 ("ansible/terraform: integrate Lambda Labs into build system") added CONFIG_TERRAFORM_SSH_CONFIG_PRIVKEY_FILE, but there are already uses of kdevops_config_terraform_ssh_config_privkey_file throughout the tree because scripts/terraform.Makefile already sets it. Thus the kconfig menu setting of CONFIG_TERRAFORM_SSH_CONFIG_PRIVKEY_FILE is completely ignored. Fixes: 535726de9d71 ("ansible/terraform: integrate Lambda Labs into build system") Signed-off-by: Chuck Lever --- terraform/Kconfig.ssh | 24 +++++------------------- 1 file changed, 5 insertions(+), 19 deletions(-) diff --git a/terraform/Kconfig.ssh b/terraform/Kconfig.ssh index 5092783f5..4e239a352 100644 --- a/terraform/Kconfig.ssh +++ b/terraform/Kconfig.ssh @@ -20,28 +20,14 @@ config TERRAFORM_SSH_CONFIG_USER pre-created when terraform provisions a cloud instance. config TERRAFORM_SSH_CONFIG_PUBKEY_FILE - string "The ssh public key to use to log in" + string "File containing Ansible's ssh public key" default "~/.ssh/kdevops_terraform_$(shell, echo $(TOPDIR_PATH) | sha256sum | cut -c1-8).pub" if TERRAFORM_LAMBDALABS default "~/.ssh/kdevops_terraform.pub" help - The ssh public key which will be pegged onto the systems's - ~/.ssh/authorized_keys file so you can log in. - - For Lambda Labs, the key path is made unique per directory by appending - the directory checksum to avoid conflicts when running multiple kdevops - instances. - -config TERRAFORM_SSH_CONFIG_PRIVKEY_FILE - string "The ssh private key file for authentication" - default "~/.ssh/kdevops_terraform_$(shell, echo $(TOPDIR_PATH) | sha256sum | cut -c1-8)" if TERRAFORM_LAMBDALABS - default "~/.ssh/kdevops_terraform" - help - The ssh private key file used for authenticating to the systems. - This should correspond to the public key specified above. - - For Lambda Labs, the key path is made unique per directory by appending - the directory checksum to avoid conflicts when running multiple kdevops - instances. + The filename of the file containing an ssh public key + Ansible is to use to manage its target nodes. The + matching private key should be located in a file using + the same basename (without the ".pub"). config TERRAFORM_SSH_CONFIG_GENKEY bool "Should we create a new random key for you?" From 9c8fc687319fb6f56de8e7486bbd52e71b387928 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Thu, 16 Oct 2025 16:55:38 -0400 Subject: [PATCH 5/6] terraform/aws: Rename the terraform ssh_keyname variable Clean up: This variable is unique to AWS, so rename it to follow the usual convention. The variable is currently set to a default and never modified, but a subsequent patch will make use of it. Signed-off-by: Chuck Lever --- terraform/aws/main.tf | 4 ++-- terraform/aws/vars.tf | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/terraform/aws/main.tf b/terraform/aws/main.tf index 0de2e5371..151677614 100644 --- a/terraform/aws/main.tf +++ b/terraform/aws/main.tf @@ -70,7 +70,7 @@ resource "aws_security_group" "kdevops_internal_group" { resource "aws_key_pair" "kdevops_keypair" { - key_name = var.ssh_keyname + key_name = var.aws_ssh_key_name public_key = var.ssh_config_pubkey_file != "" ? file(var.ssh_config_pubkey_file) : "" } @@ -133,7 +133,7 @@ resource "aws_instance" "kdevops_instance" { aws_security_group.kdevops_sec_group.id, aws_security_group.kdevops_internal_group.id ] - key_name = var.ssh_keyname + key_name = var.aws_ssh_key_name subnet_id = aws_subnet.kdevops_subnet.id user_data_base64 = element( data.template_cloudinit_config.kdevops_config.*.rendered, diff --git a/terraform/aws/vars.tf b/terraform/aws/vars.tf index e5466c9aa..bb54cb42a 100644 --- a/terraform/aws/vars.tf +++ b/terraform/aws/vars.tf @@ -74,9 +74,9 @@ variable "aws_shared_credentials_file" { default = "~/.aws/credentials" } -variable "ssh_keyname" { +variable "aws_ssh_key_name" { default = "kdevops_aws_key" - description = "The name of your ssh key, this is just the name displayed and used on aws in the backend" + description = "The name of the ssh key-pair to install in instances" type = string } From 6bfc6594b294890b8458065fd61238f4b951ebf7 Mon Sep 17 00:00:00 2001 From: Chuck Lever Date: Fri, 17 Oct 2025 16:38:33 -0400 Subject: [PATCH 6/6] base_image: Replace distro checks Daniel Gomez reports: > Updating and loading repositories: > Repositories loaded. > Failed to resolve the transaction: > No match for argument: isc-dhcp-client > No match for argument: ifupdown > You can try to add to command line: > --skip-unavailable to skip unavailable packages > virt-builder: error: dnf -y install 'isc-dhcp-client' 'ifupdown': command > exited with an error when trying to run Fedora guests on a Debian host. Checks in the virt_builder.j2 template file that look like this: {% if distro_debian_based is defined and distro_debian_based %} assume that the host and guests are running the same OS. Previously, bringup_guestfs.sh used virtbuilder_os_version for these checks: OS_VERSION=${CONFIG_VIRT_BUILDER_OS_VERSION} ... if echo $OS_VERSION | grep -q '^debian'; then cat <<_EOT >>$cmdfile append-line /etc/network/interfaces.d/enp1s0:auto enp1s0 append-line /etc/network/interfaces.d/enp1s0:allow-hotplug enp1s0 append-line /etc/network/interfaces.d/enp1s0:iface enp1s0 inet dhcp firstboot-command dpkg-reconfigure openssh-server _EOT Reported-by: Daniel Gomez Signed-off-by: Chuck Lever --- kconfigs/Kconfig.guestfs | 4 ++++ playbooks/roles/base_image/templates/virt-builder.j2 | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/kconfigs/Kconfig.guestfs b/kconfigs/Kconfig.guestfs index 52506a3b7..891901380 100644 --- a/kconfigs/Kconfig.guestfs +++ b/kconfigs/Kconfig.guestfs @@ -76,6 +76,7 @@ choice config GUESTFS_FEDORA bool "Fedora (or derived distro)" + output yaml select HAVE_DISTRO_XFS_PREFERS_MANUAL if FSTESTS_XFS select HAVE_DISTRO_BTRFS_PREFERS_MANUAL if FSTESTS_BTRFS select HAVE_DISTRO_EXT4_PREFERS_MANUAL if FSTESTS_EXT4 @@ -87,6 +88,7 @@ config GUESTFS_FEDORA config GUESTFS_DEBIAN bool "Debian" + output yaml select HAVE_CUSTOM_DISTRO_HOST_PREFIX select HAVE_DISTRO_XFS_PREFERS_MANUAL if FSTESTS_XFS select HAVE_DISTRO_BTRFS_PREFERS_MANUAL if FSTESTS_BTRFS @@ -108,6 +110,7 @@ choice config GUESTFS_DEBIAN_TRIXIE bool "Debian 13 - Trixie" + output yaml select GUESTFS_REQUIRES_UEFI select GUESTFS_HAS_CUSTOM_RAW_IMAGE select GUESTFS_HAS_CUSTOM_RAW_IMAGE_URL @@ -126,6 +129,7 @@ config GUESTFS_DEBIAN_TRIXIE config GUESTFS_DEBIAN_BUSTER bool "Debian 12 - Buster" + output yaml help Select this for debian buster, debian 12. diff --git a/playbooks/roles/base_image/templates/virt-builder.j2 b/playbooks/roles/base_image/templates/virt-builder.j2 index 608dc31f7..1cee429cb 100644 --- a/playbooks/roles/base_image/templates/virt-builder.j2 +++ b/playbooks/roles/base_image/templates/virt-builder.j2 @@ -29,7 +29,7 @@ root-password password:kdevops sm-unregister {% endif %} -{% if distro_debian_based is defined and distro_debian_based %} +{% if guestfs_debian is defined and guestfs_debian %} {# Ugh, debian has to be told to bring up the network and regenerate ssh keys #} {# Hope we get that interface name right! #} install isc-dhcp-client,ifupdown @@ -44,7 +44,7 @@ firstboot-command systemctl start ssh firstboot-command apt update && apt upgrade --yes uninstall unattended-upgrades -{% if distro_debian_trixie is defined and distro_debian_trixie %} +{% if guestfs_debian_trixie is defined and guestfs_debian_trixie %} {# CONFIG_GUESTFS_COPY_SOURCES_FROM_HOST_TO_GUEST will not work #} {# if /etc/nsswitch.conf has a line like this: #} {# #}