sig_cloud/images
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

build a working Base container

Browse Source
This commit is contained in:
Neil Hanlon 2023-11-21 16:29:12 -05:00
parent ba30a1acfb
commit 198a7bf0da
Signed by: neil
GPG Key ID: 705BC21EC3C70F34
9 changed files with 69 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
9-container.yml
View File

@ -1,5 +1,5 @@
- imagename: Rocky-9-Container - imagename: Rocky-9-Container
types: [tgz] types: [raw]
docker-target: git.resf.org/sig_cloud/images:9.3 docker-target: git.resf.org/sig_cloud/images:9.3
elements: [rocky-container-base] elements: [rocky-container-base]
arch: ppc64le arch: ppc64le

2
diskimage-builder

@ -1 +1 @@
Subproject commit b2d4d75686d72cb67327736144e0b40b662ca9c4 Subproject commit e2c20bf2cff0721fc1724afe1d979a382bfdbe04

2
elements/rocky-common/environment.d/50-rocky-common Normal file
View File

@ -0,0 +1,2 @@
export DIB_DISABLE_KERNEL_CLEANUP=${DIB_DISABLE_KERNEL_CLEANUP:-0}
export DIB_INIT_SYSTEM=systemd

1
elements/rocky-container-base/element-deps
View File

@ -1 +1,2 @@
rocky-minimal-yum rocky-minimal-yum
no-final-image

2
elements/rocky-minimal-yum/element-deps
View File

@ -1,3 +1,3 @@
redhat-common rocky-common
rpm-distro rpm-distro
yum yum

28
elements/rocky-minimal-yum/install.d/11-ensure-dbus-daemon
View File

@ -1,28 +0,0 @@
#!/bin/bash
#
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# Ensure that dbus-daemon is enabled; fedora 30 and above has switched to
# dbus-broker.
if [[ ${DISTRO_NAME} == 'fedora' && ${DIB_RELEASE} -eq 29 ]]; then
systemctl --no-reload enable dbus-daemon.service
fi

2
elements/rocky-minimal-yum/pkg-map
View File

@ -2,6 +2,8 @@
"family": { "family": {
"redhat": { "redhat": {
"lsb_release": "ed hostname patch postfix tar time" "lsb_release": "ed hostname patch postfix tar time"
"iscsi_package": " "
"open-iscsi": " "
} }
} }
} }

52
elements/rocky-minimal-yum/post-install.d/80-cleanup-locales-etc Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
set -x
fi
set -eu
set -o pipefail
# Stay compatible
echo 'container' > /etc/dnf/vars/infra
#Generate installtime file record
/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
# Limit languages to help reduce size.
LANG="en_US"
echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
# https://bugzilla.redhat.com/show_bug.cgi?id=1727489
echo 'LANG="C.UTF-8"' > /etc/locale.conf
for dir in $(ls -d /usr/share/locale/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
rm -fr /usr/share/man
# Cleanup caches left by chroot
rm -fr /usr/lib64/python*/__pycache__/
rm -fr /var/cache/dnf/*
rm -fr /run
rm -fr /home/ansible/
# systemd fixes
:> /etc/machine-id
systemd-tmpfiles --create --boot
# mask mounts and login bits
systemctl mask \
console-getty.service \
dev-hugepages.mount \
getty.target \
sys-fs-fuse-connections.mount \
systemd-logind.service \
systemd-remount-fs.service
# Cleanup the image
rm -fv /etc/udev/hwdb.bin
rm -rfv /usr/lib/udev/hwdb.d/ \
/boot /var/lib/dnf/history.* \
"/tmp/*" "/tmp/.*" /var/log/* || true
ls /dev/ -artlh

17
elements/rocky-minimal-yum/root.d/08-yum-chroot
View File

@ -224,7 +224,7 @@ function _install_pkg_manager {
# satisfies the locale dependency (rhbz#1349258). # satisfies the locale dependency (rhbz#1349258).
# Work-around this by explicitly requring the minimal and # Work-around this by explicitly requring the minimal and
# english (for en_US.UTF-8) pack. # english (for en_US.UTF-8) pack.
_lang_pack="glibc-minimal-langpack glibc-langpack-en" _lang_pack="glibc-minimal-langpack"
fi fi
# Yum has some issues choosing weak dependencies. It can end # Yum has some issues choosing weak dependencies. It can end
@ -251,6 +251,7 @@ function _install_pkg_manager {
--disableexcludes=all \ --disableexcludes=all \
--setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \ --setopt=cachedir=$YUM_CACHE/$ARCH/$DIB_RELEASE \
--setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \ --setopt=reposdir=$TARGET_ROOT/etc/yum.repos.d \
--setopt=install_weak_deps=0 \
--releasever=${DIB_RELEASE/-*/} \ --releasever=${DIB_RELEASE/-*/} \
--installroot $TARGET_ROOT \ --installroot $TARGET_ROOT \
install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$? install $@ ${_lang_pack} ${_extra_pkgs} && rc=$? || rc=$?
@ -318,7 +319,7 @@ _install_repos
# (https://docs.fedoraproject.org/en-US/modularity/) we can pick up # (https://docs.fedoraproject.org/en-US/modularity/) we can pick up
# seemingly mismatched libraries. # seemingly mismatched libraries.
if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then if [[ ${DISTRO_NAME} =~ (fedora|openeuler|rocky) ]]; then
_install_pkg_manager dnf dnf-plugins-core curl-minimal libcurl-minimal _install_pkg_manager dnf curl-minimal libcurl-minimal
elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then elif [[ ${DISTRO_NAME} == centos && $DIB_RELEASE > "7" ]]; then
_install_pkg_manager dnf dnf-plugins-core curl libcurl _install_pkg_manager dnf dnf-plugins-core curl libcurl
else else
@ -366,19 +367,19 @@ _run_chroot ${YUM} clean all
echo "%_install_langs C:en_US:en_US.UTF-8" | \ echo "%_install_langs C:en_US:en_US.UTF-8" | \
sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null sudo tee -a $TARGET_ROOT/etc/rpm/macros.langs > /dev/null
_base_packages="systemd passwd findutils sudo util-linux-ng " _base_packages="findutils sudo passwd util-linux-ng "
# This package is split out from systemd on >F24, dracut is # This package is split out from systemd on >F24, dracut is
# missing the dependency and will fail to make an initrd without # missing the dependency and will fail to make an initrd without
# it; see # it; see
# https://bugzilla.redhat.com/show_bug.cgi?id=1398505 # https://bugzilla.redhat.com/show_bug.cgi?id=1398505
_base_packages+="systemd-udev "
# bootstrap the environment within the chroot; bring in new # bootstrap the environment within the chroot; bring in new
# metadata with an update and install some base packages we need. # metadata with an update and install some base packages we need.
_run_chroot ${YUM} -y update _run_chroot ${YUM} -y update
_run_chroot ${YUM} -y \ _run_chroot ${YUM} -y \
--setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \ --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
--setopt=install_weak_deps=0 \
install ${_base_packages} install ${_base_packages}
# Put in a dummy /etc/resolv.conf over the temporary one we used # Put in a dummy /etc/resolv.conf over the temporary one we used
@ -401,10 +402,10 @@ _run_chroot ln -sf /usr/share/zoneinfo/UTC \
# TODO : move this into a exit trap; and reconsider how # TODO : move this into a exit trap; and reconsider how
# this integrates with the global exit cleanup path. # this integrates with the global exit cleanup path.
sudo umount $TMP_MOUNT_PATH/tmp/yum sudo umount $TMP_MOUNT_PATH/tmp/yum
sudo umount $TARGET_ROOT/proc sudo umount -lf $TARGET_ROOT/proc
sudo umount $TARGET_ROOT/dev/pts sudo umount -lf $TARGET_ROOT/dev/pts
sudo umount $TARGET_ROOT/dev sudo umount -lf $TARGET_ROOT/dev
sudo umount $TARGET_ROOT/sys sudo umount -lf $TARGET_ROOT/sys
# RPM doesn't know whether files have been changed since install # RPM doesn't know whether files have been changed since install
# At this point though, we know for certain that we have changed no # At this point though, we know for certain that we have changed no