构建官方CoreOS COSA 镜像并构建 CoreOS

Posted rtoax

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了构建官方CoreOS COSA 镜像并构建 CoreOS相关的知识,希望对你有一定的参考价值。

构建官方CoreOS COSA 镜像并构建 CoreOS

荣涛
2022-03-22

文档修改日志

日期修改内容修改人备注
2022-03-22创建荣涛

引言

设置repo库

参见https://gitee.com/cestcos/coreos-assembler分支fedora35-test1build.sh的修改。见提交 0a84678c19533a8740c87d9e3eede520cbbbd51d。

设置go代理

[root@fedora coreos-assembler]# git diff
diff --git a/tools/Makefile b/tools/Makefile
index 9d2f96ba4..d00bc8739 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -5,6 +5,8 @@ export GO11MODULE=on
 export GOOS=linux
 export CGO_ENABLED=0
 export GOPATH=$(shell readlink -f .)
+# see https://goproxy.io/zh/
+export GOPROXY=https://proxy.golang.com.cn,direct
 GOARCH := $(shell go env GOARCH)
 build:
        mkdir -p bin

构建

$ sudo podman build .

此过程相当漫长,请耐心等待。构建的详细日志见文件: Official-Build-COSA.log.txt

然后,查看构建的镜像:

[root@fedora coreos-assembler]# podman images
REPOSITORY                         TAG         IMAGE ID      CREATED             SIZE
<none>                             <none>      76bfd29b3f12  About a minute ago  6.26 GB
registry.fedoraproject.org/fedora  35          750037c05cfe  4 weeks ago         159 MB

为生成的容器设置tag

podman tag IMAGE_ID REPO:TAG

如:

[rongtao@fedora ~]$ sudo podman images
REPOSITORY                         TAG         IMAGE ID      CREATED        SIZE
<none>                             <none>      76bfd29b3f12  7 minutes ago  6.26 GB
registry.fedoraproject.org/fedora  35          750037c05cfe  4 weeks ago    159 MB
[rongtao@fedora ~]$ sudo podman tag 76bfd29b3f12 coreos-assembler:latest
[rongtao@fedora ~]$ sudo podman images
REPOSITORY                         TAG         IMAGE ID      CREATED        SIZE
localhost/coreos-assembler         latest      76bfd29b3f12  8 minutes ago  6.26 GB
registry.fedoraproject.org/fedora  35          750037c05cfe  4 weeks ago    159 MB

运行容器

容器cosa脚本

参见: Building Fedora CoreOS

官方文档中运行容器的指令为:

cosa() 
   env | grep COREOS_ASSEMBLER
   local -r COREOS_ASSEMBLER_CONTAINER_LATEST="quay.io/coreos-assembler/coreos-assembler:latest"
   if [[ -z $COREOS_ASSEMBLER_CONTAINER ]] && $(podman image exists $COREOS_ASSEMBLER_CONTAINER_LATEST); then
       local -r cosa_build_date_str="$(podman inspect -f ".Created" $COREOS_ASSEMBLER_CONTAINER_LATEST | awk 'print $1')"
       local -r cosa_build_date="$(date -d $cosa_build_date_str +%s)"
       if [[ $(date +%s) -ge $((cosa_build_date + 60*60*24*7)) ]] ; then
         echo -e "\\e[0;33m----" >&2
         echo "The COSA container image is more that a week old and likely outdated." >&2
         echo "You should pull the latest version with:" >&2
         echo "podman pull $COREOS_ASSEMBLER_CONTAINER_LATEST" >&2
         echo -e "----\\e[0m" >&2
         sleep 10
       fi
   fi
   set -x
   podman run --rm -ti --security-opt label=disable --privileged                                    \\
              --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536                          \\
              -v $PWD:/srv/ --device /dev/kvm --device /dev/fuse                                  \\
              --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa                                         \\
              $COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro   \\
              $COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro  \\
              $COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS                                            \\
              $COREOS_ASSEMBLER_CONTAINER:-$COREOS_ASSEMBLER_CONTAINER_LATEST "$@"
   rc=$?; set +x; return $rc

我们需要进行简单的修改:

cosa() 
   env | grep COREOS_ASSEMBLER
   local -r COREOS_ASSEMBLER_CONTAINER_LATEST="localhost/coreos-assembler:latest"
   set -x
   podman run --rm -ti --security-opt label=disable --privileged                                    \\
              --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536                          \\
              -v $PWD:/srv/ --device /dev/kvm --device /dev/fuse                                  \\
              --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa                                         \\
              $COREOS_ASSEMBLER_CONFIG_GIT:+-v $COREOS_ASSEMBLER_CONFIG_GIT:/srv/src/config/:ro   \\
              $COREOS_ASSEMBLER_GIT:+-v $COREOS_ASSEMBLER_GIT/src/:/usr/lib/coreos-assembler/:ro  \\
              $COREOS_ASSEMBLER_CONTAINER_RUNTIME_ARGS                                            \\
              $COREOS_ASSEMBLER_CONTAINER:-$COREOS_ASSEMBLER_CONTAINER_LATEST "$@"
   rc=$?; set +x; return $rc

然后使能cosa,并执行命令:

[rongtao@fedora coreos-assembler]$ sudo su
[root@fedora coreos-assembler]# . cosa
[root@fedora coreos-assembler]# cosa shell
+ podman run --rm -ti --security-opt label=disable --privileged --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 -v /home/rongtao/Git/coreos-assembler:/srv/ --device /dev/kvm --device /dev/fuse --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa localhost/coreos-assembler:latest shell
[coreos-assembler]$
[coreos-assembler]$ exit  # 退出容器
exit
+ rc=0
+ set +x

进入容器后,可以查看命令coreos-assembler

[coreos-assembler]$ coreos-assembler
Usage: coreos-assembler CMD ...
Build commands:
  init
  fetch
  build
  run
  prune
  clean
  list
Advanced build commands:
  buildfetch
  buildupload
  oc-adm-release
  push-container
  upload-oscontainer
  buildextend-aliyun
  buildextend-aws
  buildextend-azure
  buildextend-digitalocean
  buildextend-exoscale
  buildextend-gcp
  buildextend-ibmcloud
  buildextend-live
  buildextend-metal
  buildextend-metal4k
  buildextend-nutanix
  buildextend-openstack
  buildextend-qemu
  buildextend-vmware
  buildextend-vultr
Utility commands:
  aws-replicate
  compress
  generate-hashlist
  koji-upload
  kola
  remote-prune
  sign
  tag
Other commands:
  meta
  shell
[coreos-assembler]$

导出镜像

我们上面构建出了镜像,直接执行下面命令:

# 保存镜像
$ sudo podman save -o coreos-assembler.tar localhost/coreos-assembler:latest
Copying blob c550c8e0f355 done
Copying blob 911fa4c263c4 done
Copying blob 71664e0e1125 done
Copying blob 947a8843ae62 done
Copying blob a8d723cec197 done
Copying blob 999152ffc6de done
Copying blob ee5d4de44c7d done
Copying blob a523d59b86c2 done
Copying blob c68be03578b2 done
Copying blob 00cba0df9c8c done
Copying blob 1a5913e3b777 done
Copying blob 594291359593 done
Copying blob 74106acd67be done
Copying blob 3a558264a25e done
Copying config 76bfd29b3f done
Writing manifest to image destination
Storing signatures
# 查看大小
$ du -sh  coreos-assembler.tar
5.9G	coreos-assembler.tar

为什么不用export命令导出?
因为export命令不会保存历史commit记录。其实也无所谓。

测试镜像

上面已经生成了镜像文件coreos-assembler.tar,将他拷贝到另一个服务器:

$ scp coreos-assembler.tar rongtao@10.253.12.68:

加载镜像

[rongtao@hg-68 ~]$ sudo podman load -i coreos-assembler.tar
Getting image source signatures
Copying blob 999152ffc6de done
Copying blob a8d723cec197 done
Copying blob 911fa4c263c4 done
Copying blob c550c8e0f355 skipped: already exists
Copying blob 947a8843ae62 done
Copying blob 71664e0e1125 done
Copying blob ee5d4de44c7d done
Copying blob a523d59b86c2 done
Copying blob c68be03578b2 done
Copying blob 00cba0df9c8c done
Copying blob 1a5913e3b777 done
Copying blob 594291359593 done
Copying blob 74106acd67be done
Copying blob 3a558264a25e done
Copying config 76bfd29b3f done
Writing manifest to image destination
Storing signatures
Loaded image(s): localhost/coreos-assembler:latest

查看导入的镜像:

[rongtao@hg-68 ~]$ sudo podman images
REPOSITORY                                 TAG      IMAGE ID      CREATED         SIZE
localhost/coreos-assembler                 latest   76bfd29b3f12  34 minutes ago  6.26 GB
quay.io/coreos-assembler/coreos-assembler  latest   eb4efbf452a5  11 days ago     5.43 GB
quay.io/coreos/butane                      release  015f6d6140ba  7 weeks ago     6.61 MB

使用镜像构建CoreOS

这一步和常规构建方法相同即可。

可能遇到的问题

Error: OCI runtime error

此问题出现场景:

在虚拟机中生成cosa镜像,通过save保存tar,在另一台服务器上使用load加载镜像tar,运行cosa shell出现如下问题:

[root@hg-68 ceaos-coreos]# cosa shell
+ podman run --rm -ti --security-opt label=disable --privileged --uidmap=1000:0:1 --uidmap=0:1:1000 --uidmap 1001:1001:64536 -v /home/rongtao/test-os/coreos-assembler/fcos/ceaos-coreos:/srv/ --device /dev/kvm --device /dev/fuse --tmpfs /tmp -v /var/tmp:/var/tmp --name cosa localhost/coreos-assembler:latest shell
Error: OCI runtime error: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: rootfs_linux.go:71: creating device nodes caused: open /var/lib/containers/storage/overlay/c4b361545c3ea1c9c39d627c9e3dcd5445b71d7198691c8dcf45e4bbfdaee584/merged/dev/tty: no such device or address
+ rc=126
+ set +x

这是因为runc版本导致,runc已经解决这个问题,升级runc版本到1.1.0,如下:

$ runc --version
runc version 1.1.0
commit: 9ac869a-dirty
spec: 1.0.2-dev
go: go1.16.13
libseccomp: 2.5.0

参考链接


Copyright (C) CESTC Com.

以上是关于构建官方CoreOS COSA 镜像并构建 CoreOS的主要内容,如果未能解决你的问题,请参考以下文章

构建官方CoreOS COSA 镜像并构建 CoreOS

coreos 创建使用密钥登陆的ubuntu 基础镜像

docker 构建基础镜像 时区问题

Docke--Dockerfile 构建LNMP环境

构建MySQL8.0镜像

2,docker基础之---镜像构建及挂载