fix(bootstrap): RHEL 9 bootstrap from Arch ISO compatibility

- Generate resolv.conf from inventory DNS settings instead of copying host file (Arch ISO has systemd-resolved stub 127.0.0.53) - Add XFS compat options for GRUB 2.06 and kernel 5.14 across LVM volumes, /boot partition, and data disks - Mount API filesystems (proc, sys, dev) into chroot for RPM scriptlets - Bypass GPG Sequoia validation with _pkgverify_level none - Tolerate grub2-common scriptlet warnings - Handle libvirt VM destroy gracefully during cleanup
2026-02-20 16:45:29 +01:00
parent 603abe63cb
commit 09b3ed44ba
7 changed files with 52 additions and 5 deletions
--- a/roles/bootstrap/tasks/main.yml
+++ b/roles/bootstrap/tasks/main.yml
@@ -1,4 +1,28 @@
 ---
+- name: Create API filesystem mountpoints in installroot
+  when: is_rhel | bool
+  ansible.builtin.file:
+    path: "/mnt/{{ item }}"
+    state: directory
+    mode: "0755"
+  loop:
+    - dev
+    - proc
+    - sys
+
+- name: Mount API filesystems into installroot
+  when: is_rhel | bool
+  ansible.posix.mount:
+    src: "{{ item.src }}"
+    path: "/mnt/{{ item.path }}"
+    fstype: "{{ item.fstype }}"
+    opts: "{{ item.opts | default(omit) }}"
+    state: ephemeral
+  loop:
+    - { src: proc, path: proc, fstype: proc }
+    - { src: sysfs, path: sys, fstype: sysfs }
+    - { src: /dev, path: dev, fstype: none, opts: bind }
+
 - name: Run OS-specific bootstrap process
  vars:
    bootstrap_os_task_map:
--- a/roles/bootstrap/tasks/rhel.yml
+++ b/roles/bootstrap/tasks/rhel.yml
@@ -9,12 +9,21 @@
        groupinstall -y core base standard
      register: bootstrap_result
      changed_when: bootstrap_result.rc == 0
+      failed_when:
+        - bootstrap_result.rc != 0
+        - "'grub2-common' not in (bootstrap_result.stderr | default(''))"

-    - name: Ensure chroot has resolv.conf
-      ansible.builtin.file:
-        src: /run/NetworkManager/resolv.conf
+    - name: Write resolv.conf into chroot
+      ansible.builtin.copy:
        dest: /mnt/etc/resolv.conf
-        state: link
+        mode: "0644"
+        content: |
+          {% for dns in system_cfg.network.dns.servers %}
+          nameserver {{ dns }}
+          {% endfor %}
+          {% if system_cfg.network.dns.search | default([]) | length > 0 %}
+          search {{ system_cfg.network.dns.search | join(' ') }}
+          {% endif %}

    - name: Ensure chroot RHEL DVD directory exists
      ansible.builtin.file:
--- a/roles/cleanup/tasks/libvirt.yml
+++ b/roles/cleanup/tasks/libvirt.yml
@@ -92,6 +92,7 @@
      community.libvirt.virt:
        name: "{{ hostname }}"
        state: destroyed
+      failed_when: false

    - name: Start the VM
      community.libvirt.virt:
--- a/roles/environment/tasks/main.yml
+++ b/roles/environment/tasks/main.yml
@@ -205,6 +205,13 @@
                opts: "ro,loop"
                state: mounted

+        - name: Relax RPM Sequoia signature policy for RHEL bootstrap
+          when: is_rhel | bool
+          ansible.builtin.copy:
+            dest: /etc/rpm/macros
+            content: "%_pkgverify_level none\n"
+            mode: "0644"
+
        - name: Configure RHEL Repos for installation
          when: is_rhel | bool
          block:
--- a/roles/partitioning/tasks/extra_disks.yml
+++ b/roles/partitioning/tasks/extra_disks.yml
@@ -51,10 +51,14 @@

 - name: Create filesystems on additional disks
  when: partitioning_extra_disks | length > 0
+  vars:
+    _label_opt: "{{ ('-L ' ~ item.mount.label) if (item.mount.label | default('') | string | length) > 0 else '' }}"
+    _compat_opt: "{{ '-m bigtime=0 -i nrext64=0,exchange=0 -n parent=0' if (is_rhel | bool and item.mount.fstype == 'xfs') else '' }}"
+    _all_opts: "{{ ([_label_opt, _compat_opt] | select | join(' ')) or omit }}"
  community.general.filesystem:
    dev: "{{ item.partition }}"
    fstype: "{{ item.mount.fstype }}"
-    opts: "{{ ('-L ' ~ item.mount.label) if (item.mount.label | default('') | string | length) > 0 else omit }}"
+    opts: "{{ _all_opts }}"
    force: true
  loop: "{{ partitioning_extra_disks }}"
  loop_control:
--- a/roles/partitioning/tasks/main.yml
+++ b/roles/partitioning/tasks/main.yml
@@ -418,6 +418,7 @@
      community.general.filesystem:
        dev: "{{ install_drive }}{{ partitioning_boot_fs_partition_suffix }}"
        fstype: "{{ partitioning_boot_fs_fstype }}"
+        opts: "{{ '-m bigtime=0 -i nrext64=0,exchange=0 -n parent=0' if (is_rhel | bool and partitioning_boot_fs_fstype == 'xfs') else omit }}"
        force: true

    - name: Remove unsupported ext4 features from /boot
--- a/roles/partitioning/tasks/xfs.yml
+++ b/roles/partitioning/tasks/xfs.yml
@@ -4,6 +4,7 @@
  community.general.filesystem:
    dev: /dev/sys/{{ item.lv }}
    fstype: xfs
+    opts: "{{ '-m bigtime=0 -i nrext64=0,exchange=0 -n parent=0' if is_rhel | bool else omit }}"
    force: true
  loop:
    - { lv: root }