Go to file
Steve Baker 27a326dafb Support secure-boot bootloader where possible
As of grub2 >= 2.02-95 on redhat family distros, calling grub2-install
on an EFI partition will fail with: "this utility cannot be used for
EFI platforms because it does not support UEFI Secure Boot."

This version of grub is now in centos8-stream and non-eus repos of
RHEL-8. It is not currently possible to build whole-disk UEFI images
on these distros, and when this package is promoted this will also
affect centos8 and RHEL-8 eus. The grub maintainers made this change
because the grub2-install generated /boot/efi/EFI/BOOT/BOOTX64.EFI
will never be capable of booting with Secure Boot.

This change defines a $EFI_BOOT_DIR for every distro element. When
directory /boot/efi/$EFI_BOOT_DIR exists a grub.cfg file in will be
generated there. This change also installs the shim package on redhat
family distros, which installs a copy of the shim bootloader to
/boot/efi/EFI/BOOT/BOOTX64.EFI. Using centos as an example, this
allows UEFI to boot the shim /boot/efi/EFI/BOOT/BOOTX64.EFI which
then chains to /boot/efi/EFI/centos/grubx64.efi.

If /boot/efi/$EFI_BOOT_DIR doesn't exist (such as for Ubuntu,
/boot/efi/EFI/ubuntu) the current behaviour of running grub-install to
generate /boot/efi/EFI/BOOT/BOOTX64.EFI will continue. For distros
such as Ubutnu where packaging does not populate /boot/efi/EFI/ubuntu
with .efi files, secure boot can be added in the future by copying
.efi files to /boot/efi/EFI/ubuntu and copying the shim file to
/boot/efi/EFI/BOOT/BOOTX64.EFI.

Change-Id: I90925218ff2aa4c4daffcf86e686b6d98d6b0f21
2021-03-11 10:27:59 +13:00
.zuul.d Remove fedora-31 testing 2021-02-18 09:14:40 -08:00
bin Revert "dib-lint: use yamllint to parse YAML files" 2020-05-28 16:44:49 +10:00
contrib yum-minimal : update mirrors for Centos 8 2019-10-03 00:22:05 +00:00
diskimage_builder Support secure-boot bootloader where possible 2021-03-11 10:27:59 +13:00
doc Remove the deprecated ironic-agent element 2021-01-21 14:06:08 +01:00
playbooks Remove virtualenv activation 2020-06-11 16:49:15 +10:00
releasenotes Add aarch64 support for rhel 2021-03-08 07:00:15 +00:00
roles Remove virtualenv activation 2020-06-11 16:49:15 +10:00
tests run_functests: handle build without tar 2020-03-31 08:56:26 +11:00
.gitignore Merge "Add .eggs to gitignore" 2020-06-16 11:43:38 +00:00
.gitreview OpenDev Migration Patch 2019-04-19 19:26:30 +00:00
.testr.conf package-installs: provide for skip from env var 2018-11-30 10:02:47 +11:00
bindep.txt Do not install python2 packages in ubuntu focal 2020-08-12 10:16:44 +00:00
LICENSE Fix copyrights for HP work. 2012-11-15 16:20:32 +13:00
lower-constraints.txt Remove centos-repos package for Centos 8.3 2020-12-14 16:55:21 +00:00
pylint.cfg Refactor: use lazy logging 2017-05-30 14:39:58 +10:00
README.rst Update readme to clarify an ubuntu bionic image is built 2020-06-07 19:53:46 +02:00
requirements.txt Drop six usage 2020-06-05 12:04:37 +02:00
setup.cfg Remove dib-block-device console entrypoint 2020-11-09 16:43:19 +11:00
setup.py Cleanup py27 and docs support 2020-06-05 12:04:30 +02:00
test-requirements.txt Cleanup py27 and docs support 2020-06-05 12:04:30 +02:00
tox.ini Remove install unnecessary package 2020-09-23 14:17:08 +08:00

Image building tools for OpenStack
==================================

``diskimage-builder`` is a flexible suite of components for building a
wide-range of disk images, filesystem images and ramdisk images for
use with OpenStack.

This repository has the core functionality for building such images,
both virtual and bare metal. Images are composed using `elements`;
while fundamental elements are provided here, individual projects have
the flexibility to customise the image build with their own elements.

For example::

  $ DIB_RELEASE=bionic disk-image-create -o ubuntu-bionic.qcow2 vm ubuntu

will create a bootable Ubuntu Bionic based ``qcow2`` image.

``diskimage-builder`` is useful to anyone looking to produce
customised images for deployment into clouds. These tools are the
components of `TripleO <https://wiki.openstack.org/wiki/TripleO>`__
that are responsible for building disk images. They are also used
extensively to build images for testing OpenStack itself, particularly
with `nodepool
<https://docs.openstack.org/infra/system-config/nodepool.html>`__.
Platforms supported include Ubuntu, CentOS, RHEL and Fedora.

Full documentation, the source of which is in ``doc/source/``, is
published at:

* https://docs.openstack.org/diskimage-builder/latest/

Copyright
=========

Copyright 2012 Hewlett-Packard Development Company, L.P.
Copyright (c) 2012 NTT DOCOMO, INC.

All Rights Reserved.

Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.