container layer build failure: keepalived needs older iptables

Bug #1950513 reported by Scott Little
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Critical
M. Vefa Bicakci

Bug Description

Brief Description
-----------------
Container layer build fails since iptables was up-versioned from 1.4.21 to 1.8.4.
keepalived-1.3.5 requires iptables-1.4.21.

Severity
--------
Critical: Can't build

Steps to Reproduce
------------------
build-stx-images.sh --prefix master --latest-prefix master --os centos --stream stable --version 20211110T150604Z --base docker.io/starlingx/stx-centos:master-stable-20211110T150604Z --wheels http://mirror.starlingx.cengn.ca:80//mirror/starlingx/master/centos/containers/20211110T150604Z/outputs/wheels/stx-centos-stable-wheels.tar --user starlingx --registry docker.io --attempts 5 --push --latest --clean

Expected Behavior
------------------
All images build

Actual Behavior
----------------
stx-neutron image fails to build

Reproducibility
---------------
100%

System Configuration
--------------------
N/A

Branch/Pull Time/Commit
-----------------------
Nov 10 2021

Last Pass
---------
Oct 27 2021

Timestamp/Logs
--------------
02:35:22.382 Error: Package: keepalived-1.3.5-19.el7.x86_64 (base)
02:35:22.382 Requires: libxtables.so.10()(64bit)
02:35:22.382 Available: iptables-1.4.21-35.el7.x86_64 (base)
02:35:22.382 libxtables.so.10()(64bit)
02:35:22.382 Installing: iptables-1.8.4-21.tis.5.x86_64 (stx-mirror-distro)
02:35:22.382 Not found

Test Activity
-------------
Build

Workaround
----------
N/A

Revision history for this message
M. Vefa Bicakci (vbicakci) wrote :
Frank Miller (sensfan22)
Changed in starlingx:
status: New → Triaged
importance: Undecided → Critical
assignee: nobody → M. Vefa Bicakci (vbicakci)
tags: added: stx.6.0
Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/817645
Committed: https://opendev.org/starlingx/integ/commit/b75f375c62bcafab9cd6f48568f130b0107356de
Submitter: "Zuul (22348)"
Branch: master

commit b75f375c62bcafab9cd6f48568f130b0107356de
Author: Joe Slater <email address hidden>
Date: Thu Nov 11 16:09:03 2021 -0500

    sriov-network-device-plugin: update repo commit id

    Set SOURCE_REF to the latest release.

    [Submitted on behalf of Vefa Bicakci.]
    Closes-Bug: #1950513
    Change-Id: Id9a0ac2e2c62fa4c829e280cd740fab1f40a2131
    Signed-off-by: Joe Slater <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Ghada Khalil (gkhalil)
tags: added: stx.build stx.distro.openstack
Revision history for this message
Frank Miller (sensfan22) wrote :

Launchpad is re-opened for Vefa to continue to address this issue as an additional change is required in addition to https://review.opendev.org/c/starlingx/integ/+/817645 which merged yesterday. From Vefa:
"This change was required to build one of the container images successfully, but it is unfortunately not sufficient on its own to resolve the original build failure."

Changed in starlingx:
status: Fix Released → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to integ (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/integ/+/817796

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/817796
Committed: https://opendev.org/starlingx/integ/commit/6da5c5ecbe55047f68e74a9d180eae91ad7c9598
Submitter: "Zuul (22348)"
Branch: master

commit 6da5c5ecbe55047f68e74a9d180eae91ad7c9598
Author: M. Vefa Bicakci <email address hidden>
Date: Wed Nov 10 18:43:13 2021 -0500

    networking: Update keepalived from 1.3.5 to 2.1.5

    This commit updates keepalived from v1.3.5 to v2.1.5 to avoid failures
    encountered when building StarlingX flock container images, which
    started to fail with the following errors after the recent iptables
    update introduced by commit 36673774ee3c ("iproute-5.12, iptables-1.8.4,
    and libnftnl-1.1.5", 2021-10-27):

    === 8< ===
    Error: Package: keepalived-1.3.5-19.el7.x86_64 (base)
           Requires: libxtables.so.10()(64bit)
           Available: iptables-1.4.21-35.el7.x86_64 (base)
               libxtables.so.10()(64bit)
           Installing: iptables-1.8.4-21.tis.5.x86_64 (stx-mirror-distro)
               Not found
    === >8 ===

    keepalived-2.1.5 was imported from CentOS 8-Stream where it is the
    latest version as of this writing. It should be noted that rebuilding
    keepalived-1.3.5 (i.e., CentOS 7's version) was not suitable as
    keepalived-1.3.5 does not support iptables-nftables, and the CentOS
    8-Stream keepalived RPM cannot be used as is due to the specific
    versions of some of its dependencies.

    During the preparation of this patch, an unexpected build failure had to
    be worked around by disabling SNMP support in keepalived, which is
    assumed to not have a negative impact on StarlingX according to a
    software architect colleague at Wind River. Please see the description
    of the patch named "keepalived.spec-Disable-dependency-on-snmp.patch"
    for further details regarding the build failure.

    Verification:
    - Layered and monolithic StarlingX master branch builds succeed.
    - StarlingX container builds, which used to fail without this commit,
      succeed as well.

    Closes-Bug: #1950513

    Signed-off-by: M. Vefa Bicakci <email address hidden>
    Change-Id: I59bd7d4f8ed89c73248ecd97e6985f91b88c4623

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.