Skip to content
GitLab
Verified Commit 22e54f1b authored by Neil Hanlon's avatar Neil Hanlon
Browse files

Lots of WIP items for image and container building

parent df1ba63d
Hide whitespace changes
Inline Side-by-side
base/Dockerfile 0 → 100644
View file @ 22e54f1b
FROM scratch
ADD Rocky-8-Container-Minimal.tar.xz /
CMD ["/usr/bin/bash"]
base/scripts/build-container-rootfs.sh
View file @ 22e54f1b
#!/bin/bash
#!/bin/bash -x
version=${VERSION:-"8"}
#mirror=${MIRROR:-http://192.168.20.160}
mirror=${MIRROR:-https://dl.rockylinux.org/stg}
type="${TYPE:-Base}"
version=${VERSION:-"8.5"}
mirror=${MIRROR:-http://192.168.20.160}
output_type=tar
output_file="Rocky-${version}-Container-Minimal.tar"
output_type=gpt_xfs
output_file="Rocky-${version}-GenericCloud.raw"
output_file="Rocky-${version}-Container-${type}.tar.xz"
#output_type=gpt_xfs
#output_file="Rocky-${version}-GenericCloud.raw"
# Container only
#sudo mkosi -d rocky -r ${version} -m ${mirror} -t ${output_type} -o ${output_file} \
#-p rootfiles \
#-p coreutils \
#-p dnf \
#-p rocky-release \
#-p rocky-repos \
#-p systemd
# Bootable (?)
#--qcow2 --boot-protocols=uefi,bios \
#--without-unified-kernel-images \
sudo mkosi -d rocky -r ${version} -m ${mirror} -t ${output_type} -o ${output_file} \
--bootable \
--base-packages=1 \
--password=rocky \
-p NetworkManager \
-p chrony \
-p cloud-init \
-p cloud-utils-growpart \
-p coreutils \
-p dhcp-client \
-p dnf \
-p dnf-utils \
-p openssh-server \
-p openssh-clients \
-p python3-jsonschema \
-p qemu-guest-agent \
-p rng-tools \
--postinst-script=$(dirname $0)/genclo/common.sh \
$@
-p cockpit-system \
-p cockpit-ws \
-p dracut-config-generic \
-p dracut-norescue \
-p firewalld \
-p gdisk \
-p grub2 \
-p kernel \
-p nfs-utils \
-p rocky-release \
-p rocky-repos \
-p rootfiles \
-p rsync \
-p systemd \
-p tar \
-p yum \
-p yum-utils \
case $type in
Base)
packages='bash binutils coreutils-single dnf glibc-minimal-langpack hostname iputils less rocky-release rocky-repos rootfiles tar vim-minimal yum !iputils'
;;
Minimal)
packages='bash microdnf coreutils-single glibc-minimal-langpack !iputils'
;;
esac
python3.10 -m mkosi -d rocky -r ${version} -m ${mirror} -t ${output_type} -o ${output_file} \
--compress xz \
--package="$(echo $packages | tr ' ' ',')" \
--base-packages 0 \
--postinst-script scripts/postinst-container.sh \
--clean-package-metadata=false \
$@
base/scripts/build-genclorootfs.sh 0 → 100755
View file @ 22e54f1b
#!/bin/bash
version=${VERSION:-"8.6"}
mirror=${MIRROR:-http://192.168.20.160}
output_type=gpt_xfs
output_file="Rocky-${version}-GenericCloud.raw"
# Bootable (?)
#--qcow2 --boot-protocols=uefi,bios \
#--without-unified-kernel-images \
sudo mkosi -d rocky -r ${version} -m ${mirror} -t ${output_type} -o ${output_file} \
--bootable \
--base-packages=1 \
--password=rocky \
-p NetworkManager \
-p chrony \
-p cloud-init \
-p cloud-utils-growpart \
-p coreutils \
-p dhcp-client \
-p dnf \
-p dnf-utils \
-p openssh-server \
-p openssh-clients \
-p python3-jsonschema \
-p qemu-guest-agent \
-p rng-tools \
-p cockpit-system \
-p cockpit-ws \
-p dracut-config-generic \
-p dracut-norescue \
-p firewalld \
-p gdisk \
-p grub2 \
-p kernel \
-p nfs-utils \
-p rocky-release \
-p rocky-repos \
-p rootfiles \
-p rsync \
-p systemd \
-p tar \
-p yum \
-p yum-utils \
--postinst-script=$(dirname $0)/genclo/common.sh \
--qcow2 --boot-protocols=uefi,bios \
--without-unified-kernel-images \
$@
base/scripts/build.sh 0 → 100755
View file @ 22e54f1b
#!/bin/bash
true
base/scripts/postinst-container.sh 0 → 100755
View file @ 22e54f1b
#!/bin/bash
rpm --rebuilddb
/bin/date +%Y-%m-%d_%H:%M:%S > /etc/BUILDTIME
echo 'container' > /etc/dnf/vars/infra
LANG="en_US"
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf
echo 'LANG="C.UTF-8"' > /etc/locale.conf
rm -f /var/lib/dnf/history.*
rm -fr /var/log/* /tmp/* /tmp/.*
for dir in $(ls -d /usr/share/{locale,i18n}/* | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
vagrant/box/libvirt/Vagrantfile 0 → 100644
View file @ 22e54f1b
# frozen_string_literal: true
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
# Example configuration of new VM..
#
#config.vm.define :test_vm do |test_vm|
# Box name
#
#test_vm.vm.box = "centos64"
# Domain Specific Options
#
# See README for more info.
#
#test_vm.vm.provider :libvirt do |domain|
# domain.memory = 2048
# domain.cpus = 2
#end
# Interfaces for VM
#
# Networking features in the form of `config.vm.network`
#
#test_vm.vm.network :private_network, :ip => '10.20.30.40'
#test_vm.vm.network :public_network, :ip => '10.20.30.41'
#end
# Options for Libvirt Vagrant provider.
config.vm.provider :libvirt do |libvirt|
# A hypervisor name to access. Different drivers can be specified, but
# this version of provider creates KVM machines only. Some examples of
# drivers are KVM (QEMU hardware accelerated), QEMU (QEMU emulated),
# Xen (Xen hypervisor), lxc (Linux Containers),
# esx (VMware ESX), vmwarews (VMware Workstation) and more. Refer to
# documentation for available drivers (http://libvirt.org/drivers.html).
libvirt.driver = "kvm"
# The name of the server, where Libvirtd is running.
# libvirt.host = "localhost"
# If use ssh tunnel to connect to Libvirt.
libvirt.connect_via_ssh = false
# The username and password to access Libvirt. Password is not used when
# connecting via ssh.
libvirt.username = "root"
#libvirt.password = "secret"
# Libvirt storage pool name, where box image and instance snapshots will
# be stored.
libvirt.storage_pool_name = "default"
# Set a prefix for the machines that's different than the project dir name.
#libvirt.default_prefix = ''
end
end
vagrant/box/vbox/Vagrantfile 0 → 100644
View file @ 22e54f1b
# The contents below were provided by the Packer Vagrant post-processor
Vagrant.configure("2") do |config|
config.vm.base_mac = "080027FCE996"
end
# The contents below (if any) are custom contents provided by the
# Packer template during image build.
vagrant/box/vbox/box.ovf 0 → 100644
View file @ 22e54f1b
<?xml version="1.0"?>
<Envelope ovf:version="1.0" xml:lang="en-US" xmlns="http://schemas.dmtf.org/ovf/envelope/1" xmlns:ovf="http://schemas.dmtf.org/ovf/envelope/1" xmlns:rasd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:vssd="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:vbox="http://www.virtualbox.org/ovf/machine">
<References>
<File ovf:id="file1" ovf:href="packer-rocky-85-1650557551-disk001.vmdk"/>
</References>
<DiskSection>
<Info>List of the virtual disks used in the package</Info>
<Disk ovf:capacity="41943040000" ovf:diskId="vmdisk1" ovf:fileRef="file1" ovf:format="http://www.vmware.com/interfaces/specifications/vmdk.html#streamOptimized" vbox:uuid="289f1414-3b53-40b9-8d43-1993c752c5cc"/>
</DiskSection>
<NetworkSection>
<Info>Logical networks used in the package</Info>
<Network ovf:name="NAT">
<Description>Logical network used by this appliance.</Description>
</Network>
</NetworkSection>
<VirtualSystem ovf:id="packer-rocky-85-1650557551">
<Info>A virtual machine</Info>
<OperatingSystemSection ovf:id="80">
<Info>The kind of installed guest operating system</Info>
<Description>RedHat_64</Description>
<vbox:OSType ovf:required="false">RedHat_64</vbox:OSType>
</OperatingSystemSection>
<VirtualHardwareSection>
<Info>Virtual hardware requirements for a virtual machine</Info>
<System>
<vssd:ElementName>Virtual Hardware Family</vssd:ElementName>
<vssd:InstanceID>0</vssd:InstanceID>
<vssd:VirtualSystemIdentifier>packer-rocky-85-1650557551</vssd:VirtualSystemIdentifier>
<vssd:VirtualSystemType>virtualbox-2.2</vssd:VirtualSystemType>
</System>
<Item>
<rasd:Caption>2 virtual CPU</rasd:Caption>
<rasd:Description>Number of virtual CPUs</rasd:Description>
<rasd:ElementName>2 virtual CPU</rasd:ElementName>
<rasd:InstanceID>1</rasd:InstanceID>
<rasd:ResourceType>3</rasd:ResourceType>
<rasd:VirtualQuantity>2</rasd:VirtualQuantity>
</Item>
<Item>
<rasd:AllocationUnits>MegaBytes</rasd:AllocationUnits>
<rasd:Caption>8192 MB of memory</rasd:Caption>
<rasd:Description>Memory Size</rasd:Description>
<rasd:ElementName>8192 MB of memory</rasd:ElementName>
<rasd:InstanceID>2</rasd:InstanceID>
<rasd:ResourceType>4</rasd:ResourceType>
<rasd:VirtualQuantity>8192</rasd:VirtualQuantity>
</Item>
<Item>
<rasd:Address>0</rasd:Address>
<rasd:Caption>ideController0</rasd:Caption>
<rasd:Description>IDE Controller</rasd:Description>
<rasd:ElementName>ideController0</rasd:ElementName>
<rasd:InstanceID>3</rasd:InstanceID>
<rasd:ResourceSubType>PIIX4</rasd:ResourceSubType>
<rasd:ResourceType>5</rasd:ResourceType>
</Item>
<Item>
<rasd:Address>1</rasd:Address>
<rasd:Caption>ideController1</rasd:Caption>
<rasd:Description>IDE Controller</rasd:Description>
<rasd:ElementName>ideController1</rasd:ElementName>
<rasd:InstanceID>4</rasd:InstanceID>
<rasd:ResourceSubType>PIIX4</rasd:ResourceSubType>
<rasd:ResourceType>5</rasd:ResourceType>
</Item>
<Item>
<rasd:AddressOnParent>0</rasd:AddressOnParent>
<rasd:Caption>disk1</rasd:Caption>
<rasd:Description>Disk Image</rasd:Description>
<rasd:ElementName>disk1</rasd:ElementName>
<rasd:HostResource>/disk/vmdisk1</rasd:HostResource>
<rasd:InstanceID>5</rasd:InstanceID>
<rasd:Parent>3</rasd:Parent>
<rasd:ResourceType>17</rasd:ResourceType>
</Item>
<Item>
<rasd:AutomaticAllocation>true</rasd:AutomaticAllocation>
<rasd:Caption>Ethernet adapter on 'NAT'</rasd:Caption>
<rasd:Connection>NAT</rasd:Connection>
<rasd:ElementName>Ethernet adapter on 'NAT'</rasd:ElementName>
<rasd:InstanceID>6</rasd:InstanceID>
<rasd:ResourceSubType>E1000</rasd:ResourceSubType>
<rasd:ResourceType>10</rasd:ResourceType>
</Item>
</VirtualHardwareSection>
<vbox:Machine ovf:required="false" version="1.16-macosx" uuid="{c93f1200-846a-460f-a220-9a6e712c7399}" name="packer-rocky-85-1650557551" OSType="RedHat_64" snapshotFolder="Snapshots" lastStateChange="2021-06-24T18:37:59Z">
<ovf:Info>Complete VirtualBox machine configuration in VirtualBox format</ovf:Info>
<Hardware>
<CPU count="2">
<PAE enabled="true"/>
<LongMode enabled="true"/>
<X2APIC enabled="true"/>
<HardwareVirtExLargePages enabled="true"/>
</CPU>
<Memory RAMSize="8192"/>
<Boot>
<Order position="1" device="HardDisk"/>
<Order position="2" device="DVD"/>
<Order position="3" device="None"/>
<Order position="4" device="None"/>
</Boot>
<Display VRAMSize="4"/>
<VideoCapture file="." fps="25"/>
<RemoteDisplay enabled="true">
<VRDEProperties>
<Property name="TCP/Address" value="127.0.0.1"/>
<Property name="TCP/Ports" value="5902"/>
</VRDEProperties>
</RemoteDisplay>
<BIOS>
<IOAPIC enabled="true"/>
<SmbiosUuidLittleEndian enabled="true"/>
</BIOS>
<Network>
<Adapter slot="0" enabled="true" MACAddress="080027FCE996" type="82540EM">
<NAT/>
</Adapter>
</Network>
<AudioAdapter driver="CoreAudio" enabledIn="false" enabledOut="false"/>
<Clipboard/>
</Hardware>
<StorageControllers>
<StorageController name="IDE Controller" type="PIIX4" PortCount="2" useHostIOCache="true" Bootable="true">
<AttachedDevice type="HardDisk" hotpluggable="false" port="0" device="0">
<Image uuid="{289f1414-3b53-40b9-8d43-1993c752c5cc}"/>
</AttachedDevice>
</StorageController>
</StorageControllers>
</vbox:Machine>
</VirtualSystem>
</Envelope>
vagrant/box/vbox/metadata.json 0 → 100644
View file @ 22e54f1b
{"provider":"virtualbox"}
vagrant/box/vmware/metadata.json 0 → 100644
View file @ 22e54f1b
{
"provider": "vmware_desktop"
}
vagrant/http/aarch64.ks 0 → 100644
View file @ 22e54f1b
# Install
text
skipx
poweroff
auth --enableshadow --pasalgo=sha512
firewall --enable --service=ssh # Enable firewall, only allow SSH.
firstboot --disabled
# Rocky User
user --name=rocky --password=rocky --plaintext
user --name=ansible --password=ilikepotatoesandthisisfake --iscrypted
# System language and keyboard, Timezone
lang en_US.UTF-8
keyboard us
timezone UTC --isUtc
# Network standard to dhcp
network --bootproto=dhcp --device=link --activate --onboot=on
network --hostname=localhost.provisioning.rockylinux.org
# Root PW
rootpw --iscrypted ilikepotatoesandthisstringmeansnothing
# Selinux and services
selinux --enforcing
services --disabled="kdump" --enabled="tmp.mount,NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
repo --name="BaseOS" --baseurl=http://192.168.20.4/centos/8.3.2011/BaseOS/aarch64/os/
repo --name="AppStream" --baseurl=http://192.168.20.4/centos/8.3.2011/AppStream/aarch64/os/
url --url http://192.168.20.4/centos/8/BaseOS/aarch64/kickstart/
bootloader --append="console=ttys0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10" --location=mbr --timeout=1 --boot-drive=sda
# Partition configuration created in preinstall script
%include /tmp/part-include
## PRE SCRIPTS
%pre
(
#!/bin/sh
set -x
PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin
# UEFI partitioning
if [ -d /sys/firmware/efi ]; then
cat >/tmp/part-include <<EOF
clearpart --all --initlabel --drives sda
part /boot --fstype xfs --size 1024 --asprimary --ondisk sda
part /boot/efi --fstype vfat --size 512 --asprimary --ondisk sda
EOF
else # BIOS Partitioning
cat >/tmp/part-include <<EOF
clearpart --all --drives=sda
zerombr
part /boot --fstype xfs --size=1024 --asprimary --ondisk=sda
EOF
fi
# Common part
cat >>/tmp/part-include <<EOF
part pv.01 --size=1 --grow --asprimary --ondisk=sda
volgroup vg_root pv.01
# Initial volume sizes are small, but can be extended later
# total: just under 24GB, leaves some space for expansion.. Massive, yeah.
logvol / --fstype xfs --name=lv_root --vgname=vg_root --size=6144
logvol /home --fstype xfs --fsoptions="nodev" --name=lv_home --vgname=vg_root --size=1024
logvol /var --fstype xfs --name=lv_var --vgname=vg_root --size=4096
logvol /var/log/ --fstype xfs --name=lv_var_log --vgname=vg_root --size=4096
logvol /var/log/audit --fstype xfs --name=lv_var_log_audit --vgname=vg_root --size=4096
logvol swap --fstype swap --name=swap --vgname=vg_root --size=4096
EOF
) >/tmp/kickstart-pre.log 2>&1
%end
## END PRE
## PACKAGES
%packages
@^minimal-environment
@core
audit
curl
nfs-utils
nmap-ncat
openssh
openssh-server
parted
rpm
tcpdump
tmux
traceroute
vim-common
vim-enhanced
wget
cloud-init
-iwl*-firmware
%end
## END PACKAGES
## POST SCRIPTS
%post --erroronfail
(
#!/bin/sh
## From CentOS Kickstart ec2
passwd -d root
passwd -l root
# pvgrub support
echo -n "Creating grub.conf for pvgrub"
rootuuid=$( awk '$2=="/" { print $1 };' /etc/fstab )
mkdir /boot/grub
echo -e 'default=0\ntimeout=0\n\n' > /boot/grub/grub.conf
for kv in $( ls -1v /boot/vmlinuz* |grep -v rescue |sed s/.*vmlinuz-// ); do
echo "title CentOS Linux 8 ($kv)" >> /boot/grub/grub.conf
echo -e "\troot (hd0)" >> /boot/grub/grub.conf
echo -e "\tkernel /boot/vmlinuz-$kv ro root=$rootuuid console=hvc0 LANG=en_US.UTF-8" >> /boot/grub/grub.conf
echo -e "\tinitrd /boot/initramfs-$kv.img" >> /boot/grub/grub.conf
echo
done
ln -sf grub.conf /boot/grub/menu.lst
ln -sf /boot/grub/grub.conf /etc/grub.conf
# setup systemd to boot to the right runlevel
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
dnf -C -y remove linux-firmware
# Keep firewalld, removing avahi seems sane
dnf -C -y remove avahi\*
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
# revert consistent interface naming to traditional eth0, eth1, etc.
ln -sf /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# simple eth0 config, again not hard-coded to the build hardware
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
echo "virtual-guest" > /etc/tuned/active_profile
# generic localhost names
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo .
systemctl mask tmp.mount
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
# rocky cloud user
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
# Ansible setup
echo -e 'ansible\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
dnf clean all
# XXX instance type markers - MUST match CentOS Infra expectation
echo 'ec2' > /etc/yum/vars/infra
# change dhcp client retry/timeouts to resolve #6866
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
rm -fr /var/log/yum.log
rm -fr "/var/lib/yum/*"
rm -fr /root/install.log
rm -fr /root/install.log.syslog
rm -fr /root/anaconda-ks.cfg
rm -fr /var/log/anaconda*
rm -f /var/lib/systemd/random-seed
cat /dev/null > /etc/machine-id
echo "Fixing SELinux contexts."
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
# remove these for ec2 debugging
sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
blacklist nouveau
EOL
# enable resizing on copied AMIs
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
echo 'add_drivers+="xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
# Rerun dracut for the installed kernel (not the running kernel):
KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
# reorder console entries
sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg