断念: AlmaLinux8から9へのアップグレード
VPSがAlma Linux8なので、9にアップグレードしようと思った。しかし、面倒なのでやめておいた。
アップグレード手順自体は非常に簡単なものだ。How To Upgrade to AlmaLinux 9 from AlmaLinux 8の手順通りにやれば良いようだ。
しかし、途中でアップグレード可能性チェックがあり、そこでエラーが発生し、そのエラーの意味がわからないので、アップグレードややめることにした。具体的には以下のログが出る。
$ sudo leapp preupgrade
==> Processing phase `configuration_phase`
====> * ipu_workflow_config
IPU workflow config actor
==> Processing phase `FactsCollection`
====> * vendor_repositories_mapping
Scan the vendor repository mapping files and provide the data to other actors.
====> * system_facts
Provides data about many facts from system.
====> * check_enabled_vendor_repos
Create a list of vendors whose repositories are present on the system.
(途中略)
==> Processing phase `Reports`
====> * verify_check_results
Check all dialogs and notify that user needs to make some choices.
====> * verify_check_results
Check all generated results messages and notify user about them.
============================================================
UPGRADE INHIBITED
============================================================
Upgrade has been inhibited due to the following problems:
1. Inhibitor: Unsupported network configuration
2. Inhibitor: Firewalld Configuration AllowZoneDrifting Is Unsupported
Consult the pre-upgrade report for details and possible remediation.
============================================================
UPGRADE INHIBITED
============================================================
Debug output written to /var/log/leapp/leapp-preupgrade.log
============================================================
REPORT
============================================================
A report has been generated at /var/log/leapp/leapp-report.json
A report has been generated at /var/log/leapp/leapp-report.txt
============================================================
END OF REPORT
============================================================
Answerfile has been generated at /var/log/leapp/answerfile
このログファイルは以下のようなものだ。
$ cat /var/log/leapp/leapp-report.txt
Risk Factor: high (inhibitor)
Title: Unsupported network configuration
Summary: Detected multiple physical network interfaces where one or more use kernel naming (e.g. eth0). Upgrade process can not continue because stability of names can not be guaranteed. Please read the article at https://access.redhat.com/solutions/4067471 for more information.
Remediation: [hint] Rename all ethX network interfaces following the attached KB solution article.
Key: d3050d265759a79ce895e64f45e9c56e49b3a953
----------------------------------------
Risk Factor: high (inhibitor)
Title: Firewalld Configuration AllowZoneDrifting Is Unsupported
Summary: Firewalld has enabled configuration option "AllowZoneDrifiting" which has been removed in RHEL-9. New behavior is as if "AllowZoneDrifiting" was set to "no".
Remediation: [hint] Set AllowZoneDrifting=no in /etc/firewalld/firewalld.conf
[command] sed -i "s/^AllowZoneDrifting=.*/AllowZoneDrifting=no/" /etc/firewalld/firewalld.conf
Key: 5b1cf050e1a877b0358b6e8c612277c591d40c13
----------------------------------------
Risk Factor: high
Title: Packages not signed by Red Hat found on the system
Summary: The following packages have not been signed by Red Hat and may be removed during the upgrade process in case Red Hat-signed packages to be removed during the upgrade depend on them:
- containerd.io
- docker-buildx-plugin
- docker-ce
- docker-ce-cli
- docker-ce-rootless-extras
- docker-compose-plugin
- docker-scan-plugin
- gpg-pubkey
- leapp-data-almalinux
- leapp-upgrade-el8toel9
- leapp-upgrade-el8toel9-deps
- ncdu
- tailscale
Key: 13f0791ae5f19f50e7d0d606fb6501f91b1efb2c
----------------------------------------
Risk Factor: high
Title: Leapp could not identify where GRUB core is located
Summary: We assume GRUB core is located on the same device as /boot. Leapp needs to update GRUB core as it is not done automatically on legacy (BIOS) systems.
Remediation: [hint] Please run "grub2-install <GRUB_DEVICE> command manually after upgrade
Key: ca7a1a66906a7df3da890aa538562708d3ea6ecd
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/common/actors/persistentnetnamesdisable/actor.py:57
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/persistentnetnamesdisable/actor.py:57
Near: reporting.Tags([reporting.Tags.NETWORK]),
Key: 87f84227e1149ef967fd502c76a1009a67b420eb
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Flags" at /etc/leapp/repos.d/system_upgrade/common/actors/persistentnetnamesdisable/actor.py:58
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/persistentnetnamesdisable/actor.py:58
Near: reporting.Flags([reporting.Flags.INHIBITOR])
Key: 6c59552f2b8e8ef066eaa70e88dede5e805c3022
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/el8toel9/actors/firewalldcheckallowzonedrifting/actor.py:42
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/el8toel9/actors/firewalldcheckallowzonedrifting/actor.py:42
Near: reporting.Tags([reporting.Tags.SANITY, reporting.Tags.FIREWALL]),
Key: ed726dd2aec3dacd254d6369ac26bb8d3c38d1f2
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Flags" at /etc/leapp/repos.d/system_upgrade/el8toel9/actors/firewalldcheckallowzonedrifting/actor.py:43
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/el8toel9/actors/firewalldcheckallowzonedrifting/actor.py:43
Near: reporting.Flags([reporting.Flags.INHIBITOR]),
Key: 50a4986068d0af014b45ad9a174eabfea07be6f9
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py:24
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/redhatsignedrpmcheck/libraries/redhatsignedrpmcheck.py:24
Near: reporting.Tags(COMMON_REPORT_TAGS)
Key: b3b8d552a4464a2f0b0340e8798669b3e2af704f
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/common/actors/checkselinux/libraries/checkselinux.py:29
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/checkselinux/libraries/checkselinux.py:29
Near: reporting.Tags([reporting.Tags.SELINUX]),
Key: 29599e259616a9931a9f2a26e34bc5e38af9aa5d
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/common/actors/checkselinux/libraries/checkselinux.py:47
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/checkselinux/libraries/checkselinux.py:47
Near: reporting.Tags([reporting.Tags.SELINUX, reporting.Tags.SECURITY])
Key: 1763f7e8bdfd709914d3cf2c0116987d321a92ce
----------------------------------------
Risk Factor: high
Title: Usage of deprecated class "Tags" at /etc/leapp/repos.d/system_upgrade/common/actors/checkgrubcore/actor.py:52
Summary: The primitive is deprecated as Tags and Flags have been joined into the Groups primitive.Please use Groups for report message typing instead.
Since: 2022-08-23
Location: /etc/leapp/repos.d/system_upgrade/common/actors/checkgrubcore/actor.py:52
Near: reporting.Tags([reporting.Tags.BOOT]),
Key: 6d83d476441749a96937d77c68fa4f6137d15e0f
----------------------------------------
Risk Factor: info
Title: LEAPP detected SELinux disabled in "/etc/selinux/config"
Summary: On RHEL 9, disabling SELinux in "/etc/selinux/config" is no longer possible. This way, the system starts with SELinux enabled but with no policy loaded. LEAPP will automatically disable SELinux using "SELINUX=0" kernel command line parameter. However, Red Hat strongly recommends to have SELinux enabled
Key: a32598d132c02dc20fd3daf631e85770623d3f8e
----------------------------------------
Risk Factor: info
Title: SElinux disabled
Summary: SElinux disabled, continuing...
Key: 4f25fea9b15b9d1d07d52cc1de02073f295dac3d
----------------------------------------
新たなバージョンでfirewalldのオプションが変わったこと。これ自体もこのあたりの素人には意味不明なのだが、もうひとつは、dockerが作成している仮想ネットワークインターフェースが問題らしい。
トラブルに巻き込まれるのも嫌なので、アップグレードは断念することにした。