-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding Dockerfile to build RHEL 9 base image
- Loading branch information
Vadim Zharov
committed
May 29, 2024
1 parent
90de60f
commit 48e50d2
Showing
3 changed files
with
117 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| ARG BASE_IMAGE=registry.access.redhat.com/ubi9-init:9.4-6 | ||
|
|
||
| FROM $BASE_IMAGE | ||
| ARG USERNAME | ||
| ARG PASSWORD | ||
|
|
||
| RUN dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm -y | ||
| # Subscription manager in redhat does not run directly in containers unless you run on a redhat host, hence we remove the rhsm-host, login to the redhat subscription and add the repos | ||
| RUN rm /etc/rhsm-host && subscription-manager register --username ${USERNAME} --password ${PASSWORD} \ | ||
| && yum repolist \ | ||
| && subscription-manager attach --auto \ | ||
| && subscription-manager repos --enable rhel-9-for-x86_64-appstream-rpms \ | ||
| && yum repolist | ||
| RUN echo "install_weak_deps=False" >> /etc/dnf/dnf.conf | ||
| # Generate machine-id because https://bugzilla.redhat.com/show_bug.cgi?id=1737355#c6 | ||
| RUN uuidgen > /etc/machine-id && dnf install -y \ | ||
| squashfs-tools \ | ||
| dracut-live \ | ||
| livecd-tools \ | ||
| dracut-squash \ | ||
| dracut-network \ | ||
| systemd-resolved \ | ||
| efibootmgr \ | ||
| dhclient \ | ||
| audit \ | ||
| sudo \ | ||
| systemd \ | ||
| systemd-networkd \ | ||
| systemd-timesyncd \ | ||
| parted \ | ||
| dracut \ | ||
| e2fsprogs \ | ||
| dosfstools \ | ||
| coreutils-single \ | ||
| device-mapper \ | ||
| grub2 \ | ||
| which \ | ||
| nano \ | ||
| gawk \ | ||
| haveged \ | ||
| polkit \ | ||
| ncurses \ | ||
| tar \ | ||
| kbd \ | ||
| lvm2 \ | ||
| zstd \ | ||
| openssh-server \ | ||
| openssh-clients \ | ||
| shim-x64 \ | ||
| grub2-pc \ | ||
| grub2-efi-x64 \ | ||
| grub2-efi-x64-modules \ | ||
| open-vm-tools \ | ||
| iscsi-initiator-utils \ | ||
| iptables ethtool socat iproute-tc conntrack \ | ||
| kernel kernel-modules kernel-modules-extra \ | ||
| rsync jq && dnf clean all | ||
|
|
||
| COPY --from=quay.io/kairos/framework:v2.4.3_generic / / | ||
| RUN mkdir -p /run/lock | ||
| RUN touch /usr/libexec/.keep | ||
|
|
||
| # Fix systemd link for sshd | ||
| #RUN ln -s -f /usr/lib/systemd/system/sshd.service /etc/systemd/system/sshd.service | ||
| #RUN rm /etc/systemd/system/sshd.service | ||
|
|
||
| # Configure the box. The ubi image masks services for containers, we unmask them | ||
| RUN systemctl list-unit-files |grep masked |cut -f 1 -d " " | xargs systemctl unmask | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable [email protected] | ||
| RUN systemctl enable systemd-networkd | ||
| RUN systemctl enable systemd-resolved | ||
| RUN systemctl enable sshd | ||
| RUN systemctl disable selinux-autorelabel-mark.service | ||
| #RUN systemctl enable tmp.mount | ||
|
|
||
| COPY overlay/rhel9/ / | ||
|
|
||
| RUN kernel=$(ls /boot/vmlinuz-* | head -n1) && \ | ||
| ln -sf "${kernel#/boot/}" /boot/vmlinuz | ||
| RUN kernel=$(ls /lib/modules | head -n1) && \ | ||
| dracut -v -N -f "/boot/initrd-${kernel}" "${kernel}" && \ | ||
| ln -sf "initrd-${kernel}" /boot/initrd && depmod -a "${kernel}" | ||
| RUN rm -rf /boot/initramfs-* | ||
|
|
||
| RUN envsubst >>/etc/os-release </usr/lib/os-release.tmpl | ||
| RUN mkdir -p /etc/luet/repos.conf.d | ||
| RUN luet repo add kairos -y --url quay.io/kairos/packages --type docker --priority 99 && luet repo update && luet install -y system/elemental-cli | ||
| ## Clear cache | ||
| RUN rm -rf /var/cache/* && journalctl --vacuum-size=1K && rm /etc/machine-id | ||
|
|
||
|
|
||
| RUN subscription-manager unregister |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| # Kairos RHEL 8 and RHEL 9 images | ||
|
|
||
| To build the image provide username and password for Red Hat Subscription Manager to register the system and install packages during the build process. | ||
|
|
||
| To build RHEL 8 Kairos Image, execute: | ||
| ``` | ||
| docker build -t <local-registry>/<image>:<image-tag> --build-arg USERNAME=<RHSM username> --build-arg PASSWORD='<RHSM password>' -f Dockerfile.rhel8 . | ||
| ``` | ||
|
|
||
| To build RHEL 9 Kairos Image, execute: | ||
| ``` | ||
| docker build -t <local-registry>/<image>:<image-tag> --build-arg USERNAME=<RHSM username> --build-arg PASSWORD='<RHSM password>' -f Dockerfile.rhel9 . | ||
| ``` |
10 changes: 10 additions & 0 deletions
10
rhel-core-images/overlay/rhel9/system/oem/33_tmp_mount.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| name: " tmp layout setup" | ||
| stages: | ||
| initramfs.after: | ||
| - name: mount tmp | ||
| commands: | ||
| - systemctl enable tmp.mount | ||
| fs.before: | ||
| - name: start tmp | ||
| commands: | ||
| - systemctl start tmp.mount |