From 2072aaad9c554ebd74f151ade545801aac83cbab Mon Sep 17 00:00:00 2001 From: Darren Shepherd Date: Sun, 27 Jun 2021 00:14:52 -0700 Subject: [PATCH] Work arounds --- Dockerfile | 2 +- files/etc/cos/bootargs.cfg | 8 +++++++ .../issue.d/90-SUSE => etc/issue.d/10-SUSE} | 0 files/etc/luet/luet.yaml | 3 +-- .../systemd/system/cos-setup-rootfs.service | 14 ++++++++++++ files/lib/systemd/system/rancherd.service | 22 +++++++++++++++++++ files/system/oem/00_ros-rootfs.yaml | 22 +++++++++++-------- 7 files changed, 59 insertions(+), 12 deletions(-) create mode 100644 files/etc/cos/bootargs.cfg rename files/{usr/lib/issue.d/90-SUSE => etc/issue.d/10-SUSE} (100%) create mode 100644 files/lib/systemd/system/cos-setup-rootfs.service create mode 100644 files/lib/systemd/system/rancherd.service diff --git a/Dockerfile b/Dockerfile index 2f157ed6..78aa668e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -72,7 +72,7 @@ RUN zypper in -y \ vim \ which -RUN curl -L https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha04/rancherd-${ARCH} > /usr/bin/rancherd && \ +RUN curl -L https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha05/rancherd-${ARCH} > /usr/bin/rancherd && \ chmod +x /usr/bin/rancherd ARG CACHEBUST diff --git a/files/etc/cos/bootargs.cfg b/files/etc/cos/bootargs.cfg new file mode 100644 index 00000000..f2801b85 --- /dev/null +++ b/files/etc/cos/bootargs.cfg @@ -0,0 +1,8 @@ +set kernel=/boot/vmlinuz +if [ -n "$recoverylabel" ]; then + set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5" +else + set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label cos-img/filename=$img panic=5 security=selinux selinux=1" +fi + +set initramfs=/boot/initrd diff --git a/files/usr/lib/issue.d/90-SUSE b/files/etc/issue.d/10-SUSE similarity index 100% rename from files/usr/lib/issue.d/90-SUSE rename to files/etc/issue.d/10-SUSE diff --git a/files/etc/luet/luet.yaml b/files/etc/luet/luet.yaml index 608f310d..4273416a 100644 --- a/files/etc/luet/luet.yaml +++ b/files/etc/luet/luet.yaml @@ -13,6 +13,5 @@ repositories: priority: 1 verify: false urls: - - "ibuildthecloud/releases-sle" - #- "quay.io/costoolkit/releases-opensuse" + - "quay.io/costoolkit/releases-opensuse" diff --git a/files/lib/systemd/system/cos-setup-rootfs.service b/files/lib/systemd/system/cos-setup-rootfs.service new file mode 100644 index 00000000..48520528 --- /dev/null +++ b/files/lib/systemd/system/cos-setup-rootfs.service @@ -0,0 +1,14 @@ +[Unit] +Description=cOS system early rootfs setup +DefaultDependencies=no +After=initrd-root-fs.target +Requires=initrd-root-fs.target +Conflicts=initrd-switch-root.target + +[Service] +Type=oneshot +ExecStartPre=/usr/bin/ln -sf -t / /sysroot/system +ExecStart=/usr/bin/cos-setup rootfs + +[Install] +RequiredBy=initrd-fs.target diff --git a/files/lib/systemd/system/rancherd.service b/files/lib/systemd/system/rancherd.service new file mode 100644 index 00000000..891f3a63 --- /dev/null +++ b/files/lib/systemd/system/rancherd.service @@ -0,0 +1,22 @@ +[Unit] +Description=Rancher Bootstrap +Documentation=https://github.com/rancher/rancherd +Wants=network-online.target +After=network-online.target + +[Install] +WantedBy=multi-user.target + +[Service] +Type=oneshot +EnvironmentFile=-/etc/default/%N +EnvironmentFile=-/etc/sysconfig/%N +KillMode=process +# Having non-zero Limit*s causes performance problems due to accounting overhead +# in the kernel. We recommend using cgroups to do container-local accounting. +LimitNOFILE=1048576 +LimitNPROC=infinity +LimitCORE=infinity +TasksMax=infinity +TimeoutStartSec=0 +ExecStart=/usr/bin/rancherd bootstrap diff --git a/files/system/oem/00_ros-rootfs.yaml b/files/system/oem/00_ros-rootfs.yaml index 913e474a..0c8f786b 100644 --- a/files/system/oem/00_ros-rootfs.yaml +++ b/files/system/oem/00_ros-rootfs.yaml @@ -1,36 +1,40 @@ name: "ROS Rootfs Layout Settings" stages: - rootfs.after: + initramfs: - if: '[ -z "$(blkid -L COS_SYSTEM || true)" ]' commands: - | - set -x - target=/sysroot/usr/local/.ros-state + target=/usr/local/.ros-state # Always want the latest update of systemd conf from the image mkdir -p ${target}/etc/systemd/ - rsync -a /sysroot/etc/systemd/ ${target}/etc/systemd/ + rsync -av /etc/systemd/ ${target}/etc/systemd/ # Only populate ssh conf once if [ ! -e ${target}/etc/ssh ]; then mkdir -p ${target}/etc/ssh/ - rsync -a /sysroot/etc/ssh/ ${target}/etc/ssh/ + rsync -a /etc/ssh/ ${target}/etc/ssh/ fi + sed -i '/overlay \/home /d' /etc/fstab + sed -i '/overlay \/opt /d' /etc/fstab + nsenter -m -t 1 -- umount /sysroot/home + nsenter -m -t 1 -- umount /sysroot/opt + # setup directories as persistent for i in root opt home var/lib/rancher var/lib/kubelet etc/systemd etc/rancher etc/ssh usr/libexec var/log var/lib/wicked; do - mkdir -p ${target}/$i /sysroot/$i - mount ${target}/$i /sysroot/$i -t none -o bind + mkdir -p ${target}/$i /$i + nsenter -m -t 1 -- mount /sysroot${target}/$i /sysroot/$i -t none -o bind done # This is hidden so that if you run some selinux label checking or relabeling the bind # mount won't screw up things. If you have two files at different paths they will get # labeled with two different labels. mkdir -p ${target}/empty - mount ${target}/empty ${target} -o bind,ro + nsenter -m -t 1 -- mount /sysroot${target}/empty /sysroot${target} -o bind,ro # ensure /var/log/journal exists so it's labeled correctly - mkdir -p /sysroot/var/log/journal + nsenter -m -t 1 -- mkdir -p /sysroot/var/log/journal initramfs.after: - if: '[ -z "$(blkid -L COS_SYSTEM || true)" ]' commands: