-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding Dockerfile to build RHEL 9 base image #203
Closed
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| ARG BASE_IMAGE=registry.access.redhat.com/ubi9-init:9.4-6 | ||
|
|
||
| FROM $BASE_IMAGE | ||
| ARG USERNAME | ||
| ARG PASSWORD | ||
|
|
||
| RUN dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y | ||
| # Subscription manager in redhat does not run directly in containers unless you run on a redhat host, hence we remove the rhsm-host, login to the redhat subscription and add the repos | ||
| RUN rm /etc/rhsm-host && subscription-manager register --username ${USERNAME} --password ${PASSWORD} \ | ||
| && yum repolist \ | ||
| && subscription-manager attach --auto \ | ||
| && subscription-manager repos --enable rhel-9-for-x86_64-appstream-rpms \ | ||
| && yum repolist | ||
| RUN echo "install_weak_deps=False" >> /etc/dnf/dnf.conf | ||
| # Generate machine-id because https://bugzilla.redhat.com/show_bug.cgi?id=1737355#c6 | ||
| RUN uuidgen > /etc/machine-id && dnf install -y \ | ||
| squashfs-tools \ | ||
| dracut-live \ | ||
| livecd-tools \ | ||
| dracut-squash \ | ||
| dracut-network \ | ||
| systemd-resolved \ | ||
| efibootmgr \ | ||
| dhclient \ | ||
| audit \ | ||
| sudo \ | ||
| systemd \ | ||
| systemd-networkd \ | ||
| systemd-timesyncd \ | ||
| parted \ | ||
| dracut \ | ||
| e2fsprogs \ | ||
| dosfstools \ | ||
| coreutils-single \ | ||
| device-mapper \ | ||
| grub2 \ | ||
| which \ | ||
| nano \ | ||
| gawk \ | ||
| haveged \ | ||
| polkit \ | ||
| ncurses \ | ||
| tar \ | ||
| kbd \ | ||
| lvm2 \ | ||
| zstd \ | ||
| openssh-server \ | ||
| openssh-clients \ | ||
| shim-x64 \ | ||
| grub2-pc \ | ||
| grub2-efi-x64 \ | ||
| grub2-efi-x64-modules \ | ||
| open-vm-tools \ | ||
| iscsi-initiator-utils \ | ||
| iptables ethtool socat iproute-tc conntrack \ | ||
| kernel kernel-modules kernel-modules-extra \ | ||
| rsync jq && dnf clean all | ||
|
|
||
| COPY --from=quay.io/kairos/framework:v2.4.3_generic / / | ||
| RUN mkdir -p /run/lock | ||
| RUN touch /usr/libexec/.keep | ||
|
|
||
| # Fix systemd link for sshd | ||
| #RUN ln -s -f /usr/lib/systemd/system/sshd.service /etc/systemd/system/sshd.service | ||
| #RUN rm /etc/systemd/system/sshd.service | ||
|
|
||
| # Configure the box. The ubi image masks services for containers, we unmask them | ||
| RUN systemctl list-unit-files |grep masked |cut -f 1 -d " " | xargs systemctl unmask | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable systemd-networkd | ||
| RUN systemctl enable systemd-resolved | ||
| RUN systemctl enable sshd | ||
| RUN systemctl disable selinux-autorelabel-mark.service | ||
| #RUN systemctl enable tmp.mount | ||
|
|
||
| COPY overlay/rhel9/ / | ||
|
|
||
| RUN kernel=$(ls /boot/vmlinuz-* | head -n1) && \ | ||
| ln -sf "${kernel#/boot/}" /boot/vmlinuz | ||
| RUN kernel=$(ls /lib/modules | head -n1) && \ | ||
| dracut -v -N -f "/boot/initrd-${kernel}" "${kernel}" && \ | ||
| ln -sf "initrd-${kernel}" /boot/initrd && depmod -a "${kernel}" | ||
| RUN rm -rf /boot/initramfs-* | ||
|
|
||
| RUN envsubst >>/etc/os-release </usr/lib/os-release.tmpl | ||
| RUN mkdir -p /etc/luet/repos.conf.d | ||
| RUN luet repo add kairos -y --url quay.io/kairos/packages --type docker --priority 99 && luet repo update && luet install -y system/elemental-cli | ||
| ## Clear cache | ||
| RUN rm -rf /var/cache/* && journalctl --vacuum-size=1K && rm /etc/machine-id | ||
|
|
||
|
|
||
| RUN subscription-manager unregister | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Kairos RHEL 8 and RHEL 9 images | ||
|
|
||
| To build the image provide username and password for Red Hat Subscription Manager to register the system and install packages during the build process. | ||
|
|
||
| To build RHEL 8 Kairos Image, execute: | ||
| ``` | ||
| docker build -t <local-registry>/<image>:<image-tag> --build-arg USERNAME=<RHSM username> --build-arg PASSWORD='<RHSM password>' -f Dockerfile.rhel8 . | ||
| ``` | ||
|
|
||
| To build RHEL 9 Kairos Image, execute: | ||
| ``` | ||
| docker build -t <local-registry>/<image>:<image-tag> --build-arg USERNAME=<RHSM username> --build-arg PASSWORD='<RHSM password>' -f Dockerfile.rhel9 . | ||
| ``` |
10 changes: 10 additions & 0 deletions
10
rhel-core-images/overlay/rhel9/system/oem/33_tmp_mount.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| name: " tmp layout setup" | ||
| stages: | ||
| initramfs.after: | ||
| - name: mount tmp | ||
| commands: | ||
| - systemctl enable tmp.mount | ||
| fs.before: | ||
| - name: start tmp | ||
| commands: | ||
| - systemctl start tmp.mount |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kairos framework version is v2.7.33 in the rhel8 docker file. This would map to kairos release version 3.0.11
v2.4.3 maps to an older release of kairos and palette release 4.3
Palette edge - release 4.4 will use kairos 3.x