rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-07-16 16:11:03 +00:00
Code Issues Releases Wiki Activity

Include Harvester changes

Browse Source
This commit is contained in:
Darren Shepherd 2021-10-02 22:27:31 -07:00
parent 3040e886dc
commit 5e4cfa19ab
15 changed files with 169 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
Dockerfile
View File

@ -36,21 +36,26 @@ RUN ["/usr/bin/busybox", "rm", "-rf", "/var", "/etc/ssl", "/usr/bin/busybox"]
# Make OS image # Make OS image
FROM opensuse/leap:15.3 as os FROM opensuse/leap:15.3 as os
RUN zypper in -y \ RUN zypper in -y \
apparmor-parser \
avahi \ avahi \
bash-completion \ bash-completion \
conntrack-tools \ conntrack-tools \
coreutils \ coreutils \
curl \ curl \
device-mapper \ device-mapper \
dmidecode \
dosfstools \ dosfstools \
dracut \ dracut \
e2fsprogs \ e2fsprogs \
ethtool \
findutils \ findutils \
gawk \ gawk \
gptfdisk \ gptfdisk \
grub2-i386-pc \ grub2-i386-pc \
grub2-x86_64-efi \ grub2-x86_64-efi \
haveged \ haveged \
hdparm \
iotop \
iproute2 \ iproute2 \
iptables \ iptables \
iputils \ iputils \
@ -58,14 +63,22 @@ RUN zypper in -y \
jq \ jq \
kernel-default \ kernel-default \
kernel-firmware-bnx2 \ kernel-firmware-bnx2 \
kernel-firmware-chelsio \
kernel-firmware-i915 \ kernel-firmware-i915 \
kernel-firmware-intel \ kernel-firmware-intel \
kernel-firmware-iwlwifi \ kernel-firmware-iwlwifi \
kernel-firmware-liquidio \
kernel-firmware-marvell \
kernel-firmware-mediatek \
kernel-firmware-mellanox \ kernel-firmware-mellanox \
kernel-firmware-network \ kernel-firmware-network \
kernel-firmware-platform \ kernel-firmware-platform \
kernel-firmware-qlogic \
kernel-firmware-realtek \ kernel-firmware-realtek \
kernel-firmware-usb-network \
less \ less \
lshw \
lsof \
lsscsi \ lsscsi \
lvm2 \ lvm2 \
mdadm \ mdadm \
@ -76,23 +89,27 @@ RUN zypper in -y \
open-iscsi \ open-iscsi \
open-vm-tools \ open-vm-tools \
parted \ parted \
pciutils \
pigz \ pigz \
policycoreutils \ policycoreutils \
psmisc \
procps \ procps \
psmisc \
python-azure-agent \ python-azure-agent \
qemu-guest-agent \ qemu-guest-agent \
rng-tools \
rsync \ rsync \
squashfs \ squashfs \
strace \ strace \
SUSEConnect \ SUSEConnect \
sysstat \
systemd \ systemd \
systemd-sysvinit \ systemd-sysvinit \
tcpdump \
tar \ tar \
tcpdump \
timezone \ timezone \
vim \ vim \
which which \
zstd
# Copy in some local OS customizations # Copy in some local OS customizations
COPY opensuse/files / COPY opensuse/files /
@ -100,7 +117,7 @@ COPY opensuse/files /
# Starting from here are the lines needed for RancherOS to work # Starting from here are the lines needed for RancherOS to work
# IMPORTANT: Setup rancheros-release used for versioning/upgrade. The # IMPORTANT: Setup rancheros-release used for versioning/upgrade. The
# values here should reflect the tag of the image building built # values here should reflect the tag of the image being built
ARG IMAGE_REPO=norepo ARG IMAGE_REPO=norepo
ARG IMAGE_TAG=latest ARG IMAGE_TAG=latest
RUN echo "IMAGE_REPO=${IMAGE_REPO}" > /usr/lib/rancheros-release && \ RUN echo "IMAGE_REPO=${IMAGE_REPO}" > /usr/lib/rancheros-release && \

14
Makefile
View File

@ -18,6 +18,14 @@ ci: .dapper
clean: clean:
rm -rf build rm -rf build
.PHONY: build-framework
build-framework:
docker build \
--build-arg CACHEBUST=${CACHEBUST} \
--build-arg IMAGE_TAG=${TAG} \
--build-arg IMAGE_REPO=${REPO}-framework \
-t ${REPO}-framework:${TAG} .
.PHONY: build .PHONY: build
build: build:
docker build \ docker build \
@ -27,9 +35,13 @@ build:
-t ${IMAGE} . -t ${IMAGE} .
.PHONY: push .PHONY: push
push: build push:
docker push ${IMAGE} docker push ${IMAGE}
.PHONY: push
push-framework:
docker push ${REPO}-framework:${TAG}
.PHONY: iso .PHONY: iso
iso: build iso: build
./ros-image-build ${IMAGE} iso ./ros-image-build ${IMAGE} iso

8
framework/files/etc/cos/bootargs.cfg Normal file
View File

@ -0,0 +1,8 @@
set kernel=/boot/vmlinuz
if [ -n "$recoverylabel" ]; then
set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5"
else
set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label cos-img/filename=$img panic=5 security=selinux selinux=1"
fi
set initramfs=/boot/initrd

26
framework/files/etc/cos/config Normal file
View File

@ -0,0 +1,26 @@
# cOS configuration file
# This file allows to tweak cOS configuration such as: default upgrade/recovery image and GRUB menu entry
# Disable/enable image verification during upgrades ( default: true )
VERIFY=false
# Disable/enable upgrades via release channels instead of container images. ( default: true )
CHANNEL_UPGRADES=false
# Default container image used for upgrades. ( defaults to system/cos with channel CHANNEL_UPGRADES enabled )
#UPGRADE_IMAGE="quay.io/mudler/cos-test:cos-standard"
# Default recovery image to use when upgrading the recovery partition
# ( defaults to recovery/cos in vanilla cOS images with channel CHANNEL_UPGRADES enabled. Otherwise it defaults to UPGRADE_IMAGE ).
#RECOVERY_IMAGE="quay.io/mudler/cos-test:cos-standard"
# GRUB entry to display on boot. ( defaults: cOS )
GRUB_ENTRY_NAME="RancherOS"
# Space separated list of additional paths that are used to
# source cloud-config from. ( defaults paths are: /system/oem /oem/ /usr/local/cloud-config/ )
#CLOUD_INIT_PATHS=""
# This is the directory that can be used to store cloud-init files that can be enabled/disabled in runtime
# by cos-features. ( defaults to /system/features )
#COS_FEATURESDIR="/system/features"

2
framework/files/etc/dracut.conf.d/51-livenet-initrd.conf Normal file
View File

@ -0,0 +1,2 @@
# This is required for booting a squashfs from network
add_dracutmodules+=" livenet "

67
framework/files/system/oem/00_ros-rootfs.yaml
View File

@ -1,67 +0,0 @@
name: "ROS Rootfs Layout Settings"
stages:
initramfs:
- if: '[ ! -f /run/cos/recovery_mode ]'
commands:
- |
target=/usr/local/.ros-state
# Always want the latest update of systemd conf from the image
mkdir -p ${target}/etc/systemd/
rsync -av /etc/systemd/ ${target}/etc/systemd/
if [ ! -e /usr/local/etc/hostname ]; then
echo rancher-${RANDOM} > /usr/local/etc/hostname
fi
ln -sf /usr/local/etc/hostname /etc/hostname
# Only populate ssh conf once
if [ ! -e ${target}/etc/ssh ]; then
mkdir -p ${target}/etc/ssh/
rsync -a /etc/ssh/ ${target}/etc/ssh/
fi
sed -i '/overlay \/home /d' /etc/fstab
sed -i '/overlay \/opt /d' /etc/fstab
nsenter -m -t 1 -- umount /sysroot/home
nsenter -m -t 1 -- umount /sysroot/opt
# setup directories as persistent
for i in root opt home var/lib/rancher var/lib/kubelet etc/systemd etc/rancher etc/ssh usr/libexec var/log var/lib/wicked; do
mkdir -p ${target}/$i /$i
nsenter -m -t 1 -- mount /sysroot${target}/$i /sysroot/$i -t none -o bind
done
# This is hidden so that if you run some selinux label checking or relabeling the bind
# mount won't screw up things. If you have two files at different paths they will get
# labeled with two different labels.
mkdir -p ${target}/empty
nsenter -m -t 1 -- mount /sysroot${target}/empty /sysroot${target} -o bind,ro
# ensure /var/log/journal exists so it's labeled correctly
nsenter -m -t 1 -- mkdir -p /sysroot/var/log/journal
initramfs.after:
- if: '[ ! -f /run/cos/recovery_mode ]'
commands:
- restorecon -R -v /etc /home /opt /var /usr/local /tmp /srv /root
fs.before:
- name: "Pull data from provider (local)"
datasource:
providers: ["aws", "gcp", "openstack", "cdrom"]
path: "/oem"
- if: '[ ! -f /run/cos/recovery_mode ]'
commands:
- restorecon -R -v /etc /home /opt /var /usr/local /tmp /srv /root
rootfs.after:
- if: '[ ! -f /run/cos/recovery_mode ] && [ ! -f /run/cos/live_mode ]'
name: "Grow persistent"
layout:
device:
label: COS_PERSISTENT
expand_partition:
size: 0
fs.before:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -f /run/cos/live_mode ]'
name: "Grow persistent fs"
commands:
- resize2fs $(blkid -L COS_PERSISTENT)

58
framework/files/system/oem/01_ros-rootfs.yaml Normal file
View File

@ -0,0 +1,58 @@
name: "ROS Rootfs Layout Settings"
stages:
initramfs:
- if: '[ ! -f /run/cos/recovery_mode ]'
commands:
- |
if [ ! -e /usr/local/etc/hostname ]; then
echo rancher-${RANDOM} > /usr/local/etc/hostname
fi
ln -sf /usr/local/etc/hostname /etc/hostname
rootfs:
- if: '[ ! -f "/run/cos/recovery_mode" ]'
name: "Layout configuration"
environment_file: /run/cos/cos-layout.env
environment:
VOLUMES: "LABEL=COS_OEM:/oem LABEL=COS_PERSISTENT:/usr/local"
OVERLAY: "tmpfs:25%"
RW_PATHS: "/var /etc /srv"
PERSISTENT_STATE_PATHS: >-
/etc/systemd
/etc/rancher
/etc/ssh
/etc/iscsi
/etc/cni
/home
/opt
/root
/usr/libexec
/var/log
/var/lib/rancher
/var/lib/kubelet
/var/lib/wicked
/var/lib/longhorn
/var/lib/cni
PERSISTENT_STATE_BIND: "true"
rootfs.before:
- name: "Pull data from provider"
datasource:
providers: ["cdrom"]
path: "/oem"
fs.before:
- name: "Pull data from provider (local)"
datasource:
providers: ["aws", "gcp", "openstack", "cdrom"]
path: "/oem"
rootfs.after:
- if: '[ ! -f /run/cos/recovery_mode ] && [ ! -f /run/cos/live_mode ]'
name: "Grow persistent"
layout:
device:
label: COS_PERSISTENT
expand_partition:
size: 0
fs.before:
- if: '[ ! -f "/run/cos/recovery_mode" ] && [ ! -f /run/cos/live_mode ]'
name: "Grow persistent fs"
commands:
- resize2fs $(blkid -L COS_PERSISTENT)

2
framework/files/system/oem/05_elemental-installer.yaml → framework/files/system/oem/05_rancheros-installer.yaml
View File

@ -1,4 +1,4 @@
name: "Elemental Installer" name: "RancherOS Installer"
stages: stages:
initramfs: initramfs:
- if: '[ -f /run/cos/live_mode ]' - if: '[ -f /run/cos/live_mode ]'

0
framework/files/var/log/journal/.placeholder Normal file
View File

5
opensuse/files/etc/bash.bashrc.local
View File

@ -13,3 +13,8 @@ fi
if [ -z "$IMAGE_SERVICE_ENDPOINT" ]; then if [ -z "$IMAGE_SERVICE_ENDPOINT" ]; then
export IMAGE_SERVICE_ENDPOINT=unix:///var/run/k3s/containerd/containerd.sock export IMAGE_SERVICE_ENDPOINT=unix:///var/run/k3s/containerd/containerd.sock
fi fi
# For ctr
if [ -z "$CONTAINERD_ADDRESS" ]; then
export CONTAINERD_ADDRESS=/run/k3s/containerd/containerd.sock
fi

4
pkg/config/config.go
View File

@ -1,6 +1,6 @@
package config package config
type Elemental struct { type Rancher struct {
Install Install `json:"install,omitempty"` Install Install `json:"install,omitempty"`
} }
@ -22,7 +22,7 @@ type Install struct {
type Config struct { type Config struct {
SSHAuthorizedKeys []string `json:"sshAuthorizedKeys,omitempty"` SSHAuthorizedKeys []string `json:"sshAuthorizedKeys,omitempty"`
Elemental Elemental `json:"elemental,omitempty"` Rancher Rancher `json:"rancher,omitempty"`
} }
type YipConfig struct { type YipConfig struct {

2
pkg/config/read.go
View File

@ -40,7 +40,7 @@ func mapToEnv(prefix string, data map[string]interface{}) []string {
var result []string var result []string
for k, v := range data { for k, v := range data {
keyName := strings.ToUpper(prefix + convert.ToYAMLKey(k)) keyName := strings.ToUpper(prefix + convert.ToYAMLKey(k))
keyName = strings.ReplaceAll(keyName, "ELEMENTAL_", "COS_") keyName = strings.ReplaceAll(keyName, "RANCHER_", "COS_")
if data, ok := v.(map[string]interface{}); ok { if data, ok := v.(map[string]interface{}); ok {
subResult := mapToEnv(keyName+"_", data) subResult := mapToEnv(keyName+"_", data)
result = append(result, subResult...) result = append(result, subResult...)

6
pkg/config/write.go
View File

@ -6,10 +6,10 @@ import (
) )
func PrintInstall(cfg Config) ([]byte, error) { func PrintInstall(cfg Config) ([]byte, error) {
if cfg.Elemental.Install.Password != "" { if cfg.Rancher.Install.Password != "" {
cfg.Elemental.Install.Password = "******" cfg.Rancher.Install.Password = "******"
} }
data, err := convert.EncodeToMap(cfg.Elemental.Install) data, err := convert.EncodeToMap(cfg.Rancher.Install)
if err != nil { if err != nil {
return nil, err return nil, err
} }

30
pkg/install/ask.go
View File

@ -10,7 +10,7 @@ import (
) )
func Ask(cfg *config.Config) error { func Ask(cfg *config.Config) error {
if cfg.Elemental.Install.Silent { if cfg.Rancher.Install.Silent {
return nil return nil
} }
@ -22,7 +22,7 @@ func Ask(cfg *config.Config) error {
return err return err
} }
if cfg.Elemental.Install.ConfigURL == "" { if cfg.Rancher.Install.ConfigURL == "" {
if err := AskGithub(cfg); err != nil { if err := AskGithub(cfg); err != nil {
return err return err
} }
@ -40,7 +40,7 @@ func Ask(cfg *config.Config) error {
} }
func AskInstallDevice(cfg *config.Config) error { func AskInstallDevice(cfg *config.Config) error {
if cfg.Elemental.Install.Device != "" { if cfg.Rancher.Install.Device != "" {
return nil return nil
} }
@ -54,7 +54,7 @@ func AskInstallDevice(cfg *config.Config) error {
return err return err
} }
cfg.Elemental.Install.Device = "/dev/" + fields[i] cfg.Rancher.Install.Device = "/dev/" + fields[i]
return nil return nil
} }
@ -64,7 +64,7 @@ func AskToken(cfg *config.Config, server bool) error {
err error err error
) )
if cfg.Elemental.Install.Token != "" { if cfg.Rancher.Install.Token != "" {
return nil return nil
} }
@ -77,7 +77,7 @@ func AskToken(cfg *config.Config, server bool) error {
} else { } else {
token, err = questions.Prompt(msg+": ", "") token, err = questions.Prompt(msg+": ", "")
} }
cfg.Elemental.Install.Token = token cfg.Rancher.Install.Token = token
return err return err
} }
@ -93,7 +93,7 @@ func isServer(cfg *config.Config) (bool, error) {
} }
func AskServerAgent(cfg *config.Config) error { func AskServerAgent(cfg *config.Config) error {
if cfg.Elemental.Install.ServerURL != "" { if cfg.Rancher.Install.ServerURL != "" {
return nil return nil
} }
@ -110,13 +110,13 @@ func AskServerAgent(cfg *config.Config) error {
if err != nil { if err != nil {
return err return err
} }
cfg.Elemental.Install.ServerURL = url cfg.Rancher.Install.ServerURL = url
return AskToken(cfg, false) return AskToken(cfg, false)
} }
func AskPassword(cfg *config.Config) error { func AskPassword(cfg *config.Config) error {
if cfg.Elemental.Install.Silent || cfg.Elemental.Install.Password != "" { if cfg.Rancher.Install.Silent || cfg.Rancher.Install.Password != "" {
return nil return nil
} }
@ -140,12 +140,12 @@ func AskPassword(cfg *config.Config) error {
} }
} }
cfg.Elemental.Install.Password = pass cfg.Rancher.Install.Password = pass
return nil return nil
} }
func AskGithub(cfg *config.Config) error { func AskGithub(cfg *config.Config) error {
if len(cfg.SSHAuthorizedKeys) > 0 || cfg.Elemental.Install.Password != "" { if len(cfg.SSHAuthorizedKeys) > 0 || cfg.Rancher.Install.Password != "" {
return nil return nil
} }
@ -167,11 +167,11 @@ func AskGithub(cfg *config.Config) error {
} }
func AskConfigURL(cfg *config.Config) error { func AskConfigURL(cfg *config.Config) error {
if cfg.Elemental.Install.ConfigURL != "" { if cfg.Rancher.Install.ConfigURL != "" {
return nil return nil
} }
ok, err := questions.PromptBool("Configure system using an Elemental config file?", false) ok, err := questions.PromptBool("Configure system using an cloud-config file?", false)
if err != nil { if err != nil {
return err return err
} }
@ -180,11 +180,11 @@ func AskConfigURL(cfg *config.Config) error {
return nil return nil
} }
str, err := questions.Prompt("Elemental config file location (file path or http URL): ", "") str, err := questions.Prompt("cloud-config file location (file path or http URL): ", "")
if err != nil { if err != nil {
return err return err
} }
cfg.Elemental.Install.ConfigURL = str cfg.Rancher.Install.ConfigURL = str
return nil return nil
} }

26
pkg/install/install.go
View File

@ -16,10 +16,10 @@ func Run(automatic bool) error {
return err return err
} }
if automatic && !cfg.Elemental.Install.Automatic { if automatic && !cfg.Rancher.Install.Automatic {
return nil return nil
} else if automatic { } else if automatic {
cfg.Elemental.Install.Silent = true cfg.Rancher.Install.Silent = true
} }
err = Ask(&cfg) err = Ask(&cfg)
@ -27,7 +27,7 @@ func Run(automatic bool) error {
return err return err
} }
tempFile, err := ioutil.TempFile("", "elemental-install") tempFile, err := ioutil.TempFile("", "ros-install")
if err != nil { if err != nil {
return err return err
} }
@ -44,7 +44,7 @@ func runInstall(cfg config.Config, output string) error {
return err return err
} }
if !cfg.Elemental.Install.Silent { if !cfg.Rancher.Install.Silent {
val, err := questions.PromptBool("\nConfiguration\n"+"-------------\n\n"+ val, err := questions.PromptBool("\nConfiguration\n"+"-------------\n\n"+
string(installBytes)+ string(installBytes)+
"\nYour disk will be formatted and installed with the above configuration.\nContinue?", false) "\nYour disk will be formatted and installed with the above configuration.\nContinue?", false)
@ -53,30 +53,30 @@ func runInstall(cfg config.Config, output string) error {
} }
} }
if cfg.Elemental.Install.ConfigURL == "" { if cfg.Rancher.Install.ConfigURL == "" {
yip := config.YipConfig{ yip := config.YipConfig{
Rancherd: config.Rancherd{ Rancherd: config.Rancherd{
Server: cfg.Elemental.Install.ServerURL, Server: cfg.Rancher.Install.ServerURL,
Token: cfg.Elemental.Install.Token, Token: cfg.Rancher.Install.Token,
}, },
} }
if cfg.Elemental.Install.ServerURL == "" { if cfg.Rancher.Install.ServerURL == "" {
yip.Rancherd.Role = "cluster-init" yip.Rancherd.Role = "cluster-init"
} else { } else {
yip.Rancherd.Role = "agent" yip.Rancherd.Role = "agent"
} }
if cfg.Elemental.Install.Password != "" || len(cfg.SSHAuthorizedKeys) > 0 { if cfg.Rancher.Install.Password != "" || len(cfg.SSHAuthorizedKeys) > 0 {
yip.Stages = map[string][]config.Stage{ yip.Stages = map[string][]config.Stage{
"initramfs": {{ "network": {{
Users: map[string]config.User{ Users: map[string]config.User{
"root": { "root": {
Name: "root", Name: "root",
PasswordHash: cfg.Elemental.Install.Password, PasswordHash: cfg.Rancher.Install.Password,
SSHAuthorizedKeys: cfg.SSHAuthorizedKeys, SSHAuthorizedKeys: cfg.SSHAuthorizedKeys,
}, },
}}, }},
}} }}
cfg.Elemental.Install.Password = "" cfg.Rancher.Install.Password = ""
} }
data, err := yaml.Marshal(yip) data, err := yaml.Marshal(yip)
@ -87,7 +87,7 @@ func runInstall(cfg config.Config, output string) error {
if err := ioutil.WriteFile(output+".yip", data, 0600); err != nil { if err := ioutil.WriteFile(output+".yip", data, 0600); err != nil {
return err return err
} }
cfg.Elemental.Install.ConfigURL = output + ".yip" cfg.Rancher.Install.ConfigURL = output + ".yip"
} }
ev, err := config.ToEnv(cfg) ev, err := config.ToEnv(cfg)