构建官方CoreOS COSA 镜像并构建 CoreOS
Posted rtoax
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了构建官方CoreOS COSA 镜像并构建 CoreOS相关的知识,希望对你有一定的参考价值。
文档修改日志
| 日期 | 修改内容 | 修改人 | 备注 |
|---|---|---|---|
| 2022-03-22 | 创建 | 荣涛 |
引言
设置repo库
参见https://gitee.com/cestcos/coreos-assembler分支fedora35-test1中build.sh的修改。见提交 0a84678c19533a8740c87d9e3eede520cbbbd51d。
设置go代理
[root@fedora coreos-assembler]# git diff
diff --git a/tools/Makefile b/tools/Makefile
index 9d2f96ba4..d00bc8739 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -5,6 +5,8 @@ export GO11MODULE=on
export GOOS=linux
export CGO_ENABLED=0
export GOPATH=$(shell readlink -f .)
+# see https://goproxy.io/zh/
+export GOPROXY=https://proxy.golang.com.cn,direct
GOARCH := $(shell go env GOARCH)
build:
mkdir -p bin
构建
$ sudo podman build .
此过程相当漫长,请耐心等待。构建的详细日志见文件: Official-Build-COSA.log.txt
然后,查看构建的镜像:
[root@fedora coreos-assembler]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 76bfd29b3f12 About a minute ago 6.26 GB
registry.fedoraproject.org/fedora 35 750037c05cfe 4 weeks ago 159 MB
为生成的容器设置tag
podman tag IMAGE_ID REPO:TAG
如:
[rongtao@fedora ~]$ sudo podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 76bfd29b3f12 7 minutes ago 6.26 GB
registry.fedoraproject.org/fedora 35 750037c05cfe 4 weeks ago 159 MB
[rongtao@fedora ~]$ sudo podman tag 76bfd29b3f12 coreos-assembler:latest
[rongtao@fedora ~]$ sudo podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/coreos-assembler latest 76bfd29b3f12 8 minutes ago 6.26 GB
registry.fedoraproject.org/fedora 35 750037c05cfe 4 weeks ago 159 MB
运行容器
容器cosa脚本
官方文档中运行容器的指令为:
cosa()
env | grep COREOS_ASSEMBLER
local -r COREOS_ASSEMBLER_CONTAINER_LATEST="quay.io/coreos-assembler/coreos-assembler:latest"
if [[ -z $COREOS_ASSEMBLER_CONTAINER ]] && $(podman image exists $COREOS_ASSEMBLER_CONTAINER_LATEST); then
local -r cosa_build_date_str="$(podman inspect -f ".Created" $COREOS_ASSEMBLER_CONTAINER_LATEST | awk 'print $1')"
local -r cosa_build_date="$(date -d $cosa_build_date_str +%s)"
if [[ $(date +%s) -ge $((cosa_build_date + 60*60*24*7)) ]] ; then
echo -e "\\e[0;33m----" >&2
echo "The COSA container image is more that a week old and likely outdated." >&2
echo "You should pull the latest version with:" >&2
echo "podman pull $COREOS_ASSEMBLER_CONTAINER_LATEST" >&2
echo -e "----\\e[0m" >&2
sleep 10
fi
fi
set -x
podman run --rm -ti --security-opt label=disable --privileged \\
--uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 \\
-v $PWD:/srv/ --device /dev/kvm --device /dev/fuse \\
--tmpfs /tmp -v /var/tmp:/var/tmp --name cosa \\
$COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro \\
$COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro \\
$COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS \\
$COREOS_ASSEMBLER_CONTAINER:-$COREOS_ASSEMBLER_CONTAINER_LATEST "$@"
rc=$?; set +x; return $rc
我们需要进行简单的修改:
cosa()
env | grep COREOS_ASSEMBLER
local -r COREOS_ASSEMBLER_CONTAINER_LATEST="localhost/coreos-assembler:latest"
set -x
podman run --rm -ti --security-opt label=disable --privileged \\
--uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 \\
-v $PWD:/srv/ --device /dev/kvm --device /dev/fuse \\
--tmpfs /tmp -v /var/tmp:/var/tmp --name cosa \\
$COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro \\
$COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro \\
$COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS \\
$COREOS_ASSEMBLER_CONTAINER:-$COREOS_ASSEMBLER_CONTAINER_LATEST "$@"
rc=$?; set +x; return $rc
然后使能cosa,并执行命令:
[rongtao@fedora coreos-assembler]$ sudo su
[root@fedora coreos-assembler]# . cosa
[root@fedora coreos-assembler]# cosa shell
+ podman run --rm -ti --security-opt label=disable --privileged --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 -v /home/rongtao/Git/coreos-assembler:/srv/ --device /dev/kvm --device /dev/fuse --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa localhost/coreos-assembler:latest shell
[coreos-assembler]$
[coreos-assembler]$ exit # 退出容器
exit
+ rc=0
+ set +x
进入容器后,可以查看命令
coreos-assembler:
[coreos-assembler]$ coreos-assembler
Usage: coreos-assembler CMD ...
Build commands:
init
fetch
build
run
prune
clean
list
Advanced build commands:
buildfetch
buildupload
oc-adm-release
push-container
upload-oscontainer
buildextend-aliyun
buildextend-aws
buildextend-azure
buildextend-digitalocean
buildextend-exoscale
buildextend-gcp
buildextend-ibmcloud
buildextend-live
buildextend-metal
buildextend-metal4k
buildextend-nutanix
buildextend-openstack
buildextend-qemu
buildextend-vmware
buildextend-vultr
Utility commands:
aws-replicate
compress
generate-hashlist
koji-upload
kola
remote-prune
sign
tag
Other commands:
meta
shell
[coreos-assembler]$
导出镜像
我们上面构建出了镜像,直接执行下面命令:
# 保存镜像
$ sudo podman save -o coreos-assembler.tar localhost/coreos-assembler:latest
Copying blob c550c8e0f355 done
Copying blob 911fa4c263c4 done
Copying blob 71664e0e1125 done
Copying blob 947a8843ae62 done
Copying blob a8d723cec197 done
Copying blob 999152ffc6de done
Copying blob ee5d4de44c7d done
Copying blob a523d59b86c2 done
Copying blob c68be03578b2 done
Copying blob 00cba0df9c8c done
Copying blob 1a5913e3b777 done
Copying blob 594291359593 done
Copying blob 74106acd67be done
Copying blob 3a558264a25e done
Copying config 76bfd29b3f done
Writing manifest to image destination
Storing signatures
# 查看大小
$ du -sh coreos-assembler.tar
5.9G coreos-assembler.tar
为什么不用
export命令导出?
因为export命令不会保存历史commit记录。其实也无所谓。
测试镜像
上面已经生成了镜像文件coreos-assembler.tar,将他拷贝到另一个服务器:
$ scp coreos-assembler.tar rongtao@10.253.12.68:
加载镜像
[rongtao@hg-68 ~]$ sudo podman load -i coreos-assembler.tar
Getting image source signatures
Copying blob 999152ffc6de done
Copying blob a8d723cec197 done
Copying blob 911fa4c263c4 done
Copying blob c550c8e0f355 skipped: already exists
Copying blob 947a8843ae62 done
Copying blob 71664e0e1125 done
Copying blob ee5d4de44c7d done
Copying blob a523d59b86c2 done
Copying blob c68be03578b2 done
Copying blob 00cba0df9c8c done
Copying blob 1a5913e3b777 done
Copying blob 594291359593 done
Copying blob 74106acd67be done
Copying blob 3a558264a25e done
Copying config 76bfd29b3f done
Writing manifest to image destination
Storing signatures
Loaded image(s): localhost/coreos-assembler:latest
查看导入的镜像:
[rongtao@hg-68 ~]$ sudo podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/coreos-assembler latest 76bfd29b3f12 34 minutes ago 6.26 GB
quay.io/coreos-assembler/coreos-assembler latest eb4efbf452a5 11 days ago 5.43 GB
quay.io/coreos/butane release 015f6d6140ba 7 weeks ago 6.61 MB
使用镜像构建CoreOS
这一步和常规构建方法相同即可。
可能遇到的问题
Error: OCI runtime error
此问题出现场景:
在虚拟机中生成cosa镜像,通过save保存tar,在另一台服务器上使用load加载镜像tar,运行cosa shell出现如下问题:
[root@hg-68 ceaos-coreos]# cosa shell
+ podman run --rm -ti --security-opt label=disable --privileged --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 -v /home/rongtao/test-os/coreos-assembler/fcos/ceaos-coreos:/srv/ --device /dev/kvm --device /dev/fuse --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa localhost/coreos-assembler:latest shell
Error: OCI runtime error: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: rootfs_linux.go:71: creating device nodes caused: open /var/lib/containers/storage/overlay/c4b361545c3ea1c9c39d627c9e3dcd5445b71d7198691c8dcf45e4bbfdaee584/merged/dev/tty: no such device or address
+ rc=126
+ set +x
这是因为runc版本导致,runc已经解决这个问题,升级runc版本到
1.1.0,如下:
$ runc --version
runc version 1.1.0
commit: 9ac869a-dirty
spec: 1.0.2-dev
go: go1.16.13
libseccomp: 2.5.0
参考链接
- https://coreos.github.io/coreos-assembler/
- Building Fedora CoreOS
- Using coreos-assembler to build custom FCOS derivatives
Copyright (C) CESTC Com.
以上是关于构建官方CoreOS COSA 镜像并构建 CoreOS的主要内容,如果未能解决你的问题,请参考以下文章