build a working Base container

This commit is contained in:
Neil Hanlon 2023-11-21 16:29:12 -05:00
parent ba30a1acfb
commit 198a7bf0da
Signed by: neil
GPG key ID: 705BC21EC3C70F34
9 changed files with 69 additions and 39 deletions

View file

@ -1,5 +1,5 @@
- imagename: Rocky-9-Container
types: [tgz]
types: [raw]
docker-target: git.resf.org/sig_cloud/images:9.3
elements: [rocky-container-base]
arch: ppc64le

@ -1 +1 @@
Subproject commit b2d4d75686d72cb67327736144e0b40b662ca9c4
Subproject commit e2c20bf2cff0721fc1724afe1d979a382bfdbe04

View file

@ -0,0 +1,2 @@
export DIB_DISABLE_KERNEL_CLEANUP=${DIB_DISABLE_KERNEL_CLEANUP:-0}
export DIB_INIT_SYSTEM=systemd

View file

@ -1 +1,2 @@
rocky-minimal-yum
no-final-image

View file

@ -1,3 +1,3 @@
redhat-common
rocky-common
rpm-distro
yum

View file

@ -1,28 +0,0 @@
#!/bin/bash
#
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# Ensure that dbus-daemon is enabled; fedora 30 and above has switched to
# dbus-broker.
if [[ ${DISTRO_NAME} == 'fedora' && ${DIB_RELEASE} -eq 29 ]]; then
systemctl --no-reload enable dbus-daemon.service
fi

View file

@ -2,6 +2,8 @@
"family": {
"redhat": {
"lsb_release": "ed hostname patch postfix tar time"
"iscsi_package": " "
"open-iscsi": " "
}
}
}

View file

@ -0,0 +1,52 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# Stay compatible
echo 'container' > /etc/dnf/vars/infra
#Generate installtime file record
/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
# Limit languages to help reduce size.
LANG="en_US"
echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
# https://bugzilla.redhat.com/show_bug.cgi?id=1727489
echo 'LANG="C.UTF-8"' > /etc/locale.conf
for dir in $(ls -d /usr/share/locale/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
rm -fr /usr/share/man
# Cleanup caches left by chroot
rm -fr /usr/lib64/python*/__pycache__/
rm -fr /var/cache/dnf/*
rm -fr /run
rm -fr /home/ansible/
# systemd fixes
:> /etc/machine-id
systemd-tmpfiles --create --boot
# mask mounts and login bits
systemctl mask \
console-getty.service \
dev-hugepages.mount \
getty.target \
sys-fs-fuse-connections.mount \
systemd-logind.service \
systemd-remount-fs.service
# Cleanup the image
rm -fv /etc/udev/hwdb.bin
rm -rfv /usr/lib/udev/hwdb.d/ \
/boot /var/lib/dnf/history.* \
"/tmp/*" "/tmp/.*" /var/log/* || true
ls /dev/ -artlh

View file

@ -224,7 +224,7 @@ function _install_pkg_manager {
# satisfies the locale dependency (rhbz#1349258).
# Work-around this by explicitly requring the minimal and
# english (for en_US.UTF-8) pack.
_lang_pack="glibc-minimal-langpack glibc-langpack-en"
_lang_pack="glibc-minimal-langpack"
fi
# Yum has some issues choosing weak dependencies. It can end
@ -251,6 +251,7 @@ function _install_pkg_manager {
--disableexcludes=all \
--setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \
--setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \
--setopt=install_weak_deps=0 \
--releasever=${DIB_RELEASE/-*/} \
--installroot $TARGET_ROOT \
install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$?
@ -318,7 +319,7 @@ _install_repos
# (https://docs.fedoraproject.org/en-US/modularity/) we can pick up
# seemingly mismatched libraries.
if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then
_install_pkg_manager dnf dnf-plugins-core curl-minimal libcurl-minimal
_install_pkg_manager dnf curl-minimal libcurl-minimal
elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then
_install_pkg_manager dnf dnf-plugins-core curl libcurl
else
@ -366,19 +367,19 @@ _run_chroot ${YUM} clean all
echo "%_install_langs C:en_US:en_US.UTF-8" | \
sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null
_base_packages="systemd passwd findutils sudo util-linux-ng "
_base_packages="findutils sudo passwd util-linux-ng "
# This package is split out from systemd on >F24, dracut is
# missing the dependency and will fail to make an initrd without
# it; see
# https://bugzilla.redhat.com/show_bug.cgi?id=1398505
_base_packages+="systemd-udev "
# bootstrap the environment within the chroot; bring in new
# metadata with an update and install some base packages we need.
_run_chroot ${YUM} -y update
_run_chroot ${YUM} -y \
--setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
--setopt=install_weak_deps=0 \
install ${_base_packages}
# Put in a dummy /etc/resolv.conf over the temporary one we used
@ -401,10 +402,10 @@ _run_chroot ln -sf /usr/share/zoneinfo/UTC \
# TODO : move this into a exit trap; and reconsider how
# this integrates with the global exit cleanup path.
sudo umount $TMP_MOUNT_PATH/tmp/yum
sudo umount $TARGET_ROOT/proc
sudo umount $TARGET_ROOT/dev/pts
sudo umount $TARGET_ROOT/dev
sudo umount $TARGET_ROOT/sys
sudo umount -lf $TARGET_ROOT/proc
sudo umount -lf $TARGET_ROOT/dev/pts
sudo umount -lf $TARGET_ROOT/dev
sudo umount -lf $TARGET_ROOT/sys
# RPM doesn't know whether files have been changed since install
# At this point though, we know for certain that we have changed no