From f35b3697c31abe29546de846fad8a799f0172425 Mon Sep 17 00:00:00 2001 From: Darren Shepherd Date: Wed, 3 Nov 2021 22:06:12 -0700 Subject: [PATCH] Fix installation and trim packages --- Dockerfile | 48 ++++++++++++++++++-------- cmd/ros-installer/main.go | 2 +- framework/files/etc/luet/luet.yaml | 11 +++++- framework/files/usr/sbin/suc-upgrade | 17 +++++++++ opensuse/files/etc/os-release.tmpl | 9 +++++ pkg/apis/rancheros.cattle.io/v1/os.go | 1 + pkg/config/read.go | 38 ++++++++++++++++---- pkg/controllers/managedos/managedos.go | 7 +++- pkg/controllers/managedos/template.go | 34 ++++++++++++++++-- pkg/install/install.go | 13 +++---- ros-image-build | 30 ++++++++++------ 11 files changed, 167 insertions(+), 43 deletions(-) create mode 100644 opensuse/files/etc/os-release.tmpl diff --git a/Dockerfile b/Dockerfile index bfe872ea..1ac2ce53 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,11 +1,14 @@ FROM opensuse/leap:15.3 AS build RUN zypper ref RUN zypper in -y squashfs xorriso go1.16 upx busybox-static curl tar git gzip -RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.5/luet-0.20.5-linux-$(go env GOARCH) && \ - chmod +x /usr/bin/luet +RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.6/luet-0.20.6-linux-$(go env GOARCH) && \ + chmod +x /usr/bin/luet && \ + upx /usr/bin/luet RUN curl -Lo /usr/bin/rancherd https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha11/rancherd-$(go env GOARCH) && \ - chmod +x /usr/bin/rancherd -RUN curl -L https://get.helm.sh/helm-v3.7.1-linux-$(go env GOARCH).tar.gz | tar xzf - -C /usr/bin --strip-components=1 + chmod +x /usr/bin/rancherd && \ + upx /usr/bin/rancherd +RUN curl -L https://get.helm.sh/helm-v3.7.1-linux-$(go env GOARCH).tar.gz | tar xzf - -C /usr/bin --strip-components=1 && \ + upx /usr/bin/helm COPY go.mod go.sum /usr/src/ COPY cmd /usr/src/cmd COPY pkg /usr/src/pkg @@ -48,8 +51,10 @@ RUN ["/usr/bin/busybox", "rm", "-rf", "/var", "/etc/ssl", "/usr/bin/busybox"] # Make OS image FROM opensuse/leap:15.3 as os +RUN sed -i -s 's/^# rpm.install.excludedocs/rpm.install.excludedocs/' /etc/zypp/zypp.conf RUN zypper ref -RUN zypper in -y \ +RUN zypper dup -y +RUN zypper in -y -- \ apparmor-parser \ avahi \ bash-completion \ @@ -69,7 +74,6 @@ RUN zypper in -y \ grub2-x86_64-efi \ haveged \ hdparm \ - iotop \ iproute2 \ iptables \ iputils \ @@ -90,7 +94,7 @@ RUN zypper in -y \ kernel-firmware-qlogic \ kernel-firmware-realtek \ kernel-firmware-usb-network \ - libtspi1 \ + -kubic-locale-archive \ less \ lshw \ lsof \ @@ -98,43 +102,48 @@ RUN zypper in -y \ lvm2 \ mdadm \ multipath-tools \ - nano \ netcat-openbsd \ nfs-utils \ open-iscsi \ open-vm-tools \ + openssh \ parted \ + -perl \ pciutils \ pigz \ - policycoreutils \ procps \ psmisc \ - python-azure-agent \ qemu-guest-agent \ - rng-tools \ rsync \ squashfs \ strace \ - SUSEConnect \ sysstat \ systemd \ + systemd-presets-branding-openSUSE \ + -systemd-presets-branding-MicroOS \ systemd-sysvinit \ tar \ - tcpdump \ timezone \ - vim \ + vim-small \ which \ zstd # Copy in some local OS customizations COPY opensuse/files / +ARG IMAGE_TAG=latest +RUN cat /etc/os-release.tmpl | env \ + "VERSION=${IMAGE_TAG}" \ + "VERSION_ID=$(echo ${IMAGE_TAG} | sed s/^v//)" \ + "PRETTY_NAME=RancherOS ${IMAGE_TAG}" \ + envsubst > /etc/os-release && \ + rm /etc/os-release.tmpl + # Starting from here are the lines needed for RancherOS to work # IMPORTANT: Setup rancheros-release used for versioning/upgrade. The # values here should reflect the tag of the image being built ARG IMAGE_REPO=norepo -ARG IMAGE_TAG=latest RUN echo "IMAGE_REPO=${IMAGE_REPO}" > /usr/lib/rancheros-release && \ echo "IMAGE_TAG=${IMAGE_TAG}" >> /usr/lib/rancheros-release && \ echo "IMAGE=${IMAGE_REPO}:${IMAGE_TAG}" >> /usr/lib/rancheros-release @@ -147,3 +156,12 @@ RUN mkinitrd && \ # aarch64 has an uncompressed kernel so we need to link it to vmlinuz kernel=$(ls /boot/Image-* | head -n1) && \ if [ -e "$kernel" ]; then ln -sf "${kernel#/boot/}" /boot/vmlinuz; fi + +# Save some space +RUN zypper clean --all && \ + rm -rf /var/log/update* && \ + >/var/log/lastlog && \ + rm -rf /boot/vmlinux* + +FROM scratch as default +COPY --from=os / / diff --git a/cmd/ros-installer/main.go b/cmd/ros-installer/main.go index 8cc40beb..3d99e30b 100644 --- a/cmd/ros-installer/main.go +++ b/cmd/ros-installer/main.go @@ -21,7 +21,7 @@ var ( func main() { flag.Parse() if *printConfig { - cfg, err := config.ReadConfig(*configFile) + cfg, err := config.ReadConfig(*configFile, *automatic) if err != nil { logrus.Fatal(err) } diff --git a/framework/files/etc/luet/luet.yaml b/framework/files/etc/luet/luet.yaml index faa7a4fb..baca4c97 100644 --- a/framework/files/etc/luet/luet.yaml +++ b/framework/files/etc/luet/luet.yaml @@ -5,8 +5,17 @@ general: debug: false spinner_charset: 9 repositories: -- name: "cos-toolkit-green" +- name: "cos-toolkit-green-amd64" type: "docker" enable: true + arch: amd64 + reference: 20211103130314-repository.yaml urls: - "quay.io/costoolkit/releases-green" +- name: "cos-toolkit-green-arm64" + type: "docker" + enable: true + arch: arm64 + reference: 20211103171213-repository.yaml + urls: + - "quay.io/costoolkit/releases-green-arm64" diff --git a/framework/files/usr/sbin/suc-upgrade b/framework/files/usr/sbin/suc-upgrade index ae7f92f8..c537322e 100755 --- a/framework/files/usr/sbin/suc-upgrade +++ b/framework/files/usr/sbin/suc-upgrade @@ -2,15 +2,32 @@ set -x -e HOST_DIR="${HOST_DIR:-/host}" RELEASE_FILE="${RELEASE_FILE:-/usr/lib/rancheros-release}" +CONF_FILE="${CONF_FILE:-/run/data/cloud-config}" + +function config() +{ + if [ ! -e $CONF_FILE ]; then + return 0 + fi + + if [ ! -e ${HOST}/oem/90_operator.yaml ] || ! diff $CONF_FILE ${HOST}/oem/90/operator.yaml >/dev/null; then + cp -f $CONF_FILE ${HOST}/oem/90/operator.yaml + $REBOOT + fi +} if [ "$FORCE" != "true" ]; then if diff $RELEASE_FILE ${HOST_DIR}${RELEASE_FILE} >/dev/null; then echo Update to date with cat ${RELEASE_FILE} + + REBOOT="nsenter -i -m -t 1 -- reboot" + config exit 0 fi fi +config mount --rbind $HOST_DIR/dev /dev mount --rbind $HOST_DIR/run /run bash -x cos-upgrade --directory / diff --git a/opensuse/files/etc/os-release.tmpl b/opensuse/files/etc/os-release.tmpl new file mode 100644 index 00000000..89f87d50 --- /dev/null +++ b/opensuse/files/etc/os-release.tmpl @@ -0,0 +1,9 @@ +NAME="RancherOS" +ID="rancheros" +ID_LIKE="suse opensuse" +BUG_REPORT_URL="https://github.com/rancher/os2/issues" +HOME_URL="https://github.com/rancher/os2" + +VERSION="${VERSION}" +VERSION_ID="${VERSION_ID}" +PRETTY_NAME="${PRETTY_NAME}" diff --git a/pkg/apis/rancheros.cattle.io/v1/os.go b/pkg/apis/rancheros.cattle.io/v1/os.go index 120ec9e9..54e3e609 100644 --- a/pkg/apis/rancheros.cattle.io/v1/os.go +++ b/pkg/apis/rancheros.cattle.io/v1/os.go @@ -19,6 +19,7 @@ type ManagedOSImage struct { type ManagedOSImageSpec struct { OSImage string `json:"osImage,omitempty"` + CloudConfig *fleet.GenericMap `json:"cloudConfig,omitempty"` NodeSelector *metav1.LabelSelector `json:"nodeSelector,omitempty"` Concurrency *int64 `json:"concurrency,omitempty"` diff --git a/pkg/config/read.go b/pkg/config/read.go index 3da03e3e..690802e0 100644 --- a/pkg/config/read.go +++ b/pkg/config/read.go @@ -146,11 +146,24 @@ func merge(readers ...reader) (map[string]interface{}, error) { return d, nil } -func readConfigMap(cfg string) (map[string]interface{}, error) { - data, err := merge(readCmdline, readFileFunc(cfg)) - if err != nil { - return nil, err +func readConfigMap(cfg string, includeCmdline bool) (map[string]interface{}, error) { + var ( + data map[string]interface{} + err error + ) + + if includeCmdline { + data, err = merge(readCmdline, readFileFunc(cfg)) + if err != nil { + return nil, err + } + } else { + data, err = merge(readFileFunc(cfg)) + if err != nil { + return nil, err + } } + if cfg != "" { values.PutValue(data, cfg, "rancheros", "install", "configUrl") } @@ -180,7 +193,18 @@ func ToFile(cfg Config, output string) error { } func ToBytes(cfg Config) ([]byte, error) { - data := values.MergeMaps(nil, cfg.Data) + var ( + data map[string]interface{} + err error + ) + if len(cfg.Data) > 0 { + data = values.MergeMaps(nil, cfg.Data) + } else { + data, err = convert.EncodeToMap(cfg) + if err != nil { + return nil, err + } + } values.RemoveValue(data, "install") values.RemoveValue(data, "rancheros", "install") bytes, err := yaml.Marshal(data) @@ -191,8 +215,8 @@ func ToBytes(cfg Config) ([]byte, error) { return append([]byte("#cloud-config\n"), bytes...), nil } -func ReadConfig(cfg string) (result Config, err error) { - data, err := readConfigMap(cfg) +func ReadConfig(cfg string, includeCmdline bool) (result Config, err error) { + data, err := readConfigMap(cfg, includeCmdline) if err != nil { return result, err } diff --git a/pkg/controllers/managedos/managedos.go b/pkg/controllers/managedos/managedos.go index cab5eb03..dcc92dbe 100644 --- a/pkg/controllers/managedos/managedos.go +++ b/pkg/controllers/managedos/managedos.go @@ -67,7 +67,12 @@ func (h *handler) OnChange(mos *provv1.ManagedOSImage, status provv1.ManagedOSIm return nil, status, err } - resources, err := ToResources(objects(mos, prefix)) + objs, err := objects(mos, prefix) + if err != nil { + return nil, status, err + } + + resources, err := ToResources(objs) if err != nil { return nil, status, err } diff --git a/pkg/controllers/managedos/template.go b/pkg/controllers/managedos/template.go index 2fb30055..9122385c 100644 --- a/pkg/controllers/managedos/template.go +++ b/pkg/controllers/managedos/template.go @@ -6,13 +6,30 @@ import ( osv1 "github.com/rancher/os2/pkg/apis/rancheros.cattle.io/v1" "github.com/rancher/os2/pkg/clients" upgradev1 "github.com/rancher/system-upgrade-controller/pkg/apis/upgrade.cattle.io/v1" + "gopkg.in/yaml.v3" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" ) -func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object { +func cloudConfig(mos *osv1.ManagedOSImage) ([]byte, error) { + if mos.Spec.CloudConfig == nil || len(mos.Spec.CloudConfig.Data) == 0 { + return []byte{}, nil + } + data, err := yaml.Marshal(mos.Spec.CloudConfig.Data) + if err != nil { + return nil, err + } + return append([]byte("#cloud-config\n"), data...), nil +} + +func objects(mos *osv1.ManagedOSImage, prefix string) ([]runtime.Object, error) { + cloudConfig, err := cloudConfig(mos) + if err != nil { + return nil, err + } + concurrency := int64(1) if mos.Spec.Concurrency != nil { concurrency = *mos.Spec.Concurrency @@ -66,6 +83,15 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object { Namespace: clients.SystemNamespace, }, }, + &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "os-upgrader-data", + Namespace: clients.SystemNamespace, + }, + Data: map[string][]byte{ + "cloud-config": cloudConfig, + }, + }, &upgradev1.Plan{ TypeMeta: metav1.TypeMeta{ Kind: "Plan", @@ -86,6 +112,10 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object { Cordon: cordon, Drain: mos.Spec.Drain, Prepare: mos.Spec.Prepare, + Secrets: []upgradev1.SecretSpec{{ + Name: "os-upgrader-data", + Path: "/run/data", + }}, Upgrade: &upgradev1.ContainerSpec{ Image: PrefixPrivateRegistry(image[0], prefix), Command: []string{ @@ -94,7 +124,7 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object { }, }, }, - } + }, nil } func PrefixPrivateRegistry(image, prefix string) string { diff --git a/pkg/install/install.go b/pkg/install/install.go index cff254dd..0af086b1 100644 --- a/pkg/install/install.go +++ b/pkg/install/install.go @@ -12,7 +12,7 @@ import ( ) func Run(automatic bool, configFile string, powerOff bool, silent bool) error { - cfg, err := config.ReadConfig(configFile) + cfg, err := config.ReadConfig(configFile, automatic) if err != nil { return err } @@ -58,6 +58,7 @@ func runInstall(cfg config.Config, output string) error { if err != nil || !val { return err } + cfg.Data = nil } if cfg.RancherOS.Install.ConfigURL == "" && !cfg.RancherOS.Install.Automatic { @@ -91,13 +92,13 @@ func runInstall(cfg config.Config, output string) error { return err } cfg.RancherOS.Install.ConfigURL = output + ".yip" + } else { + if err := config.ToFile(cfg, output); err != nil { + return err + } + cfg.RancherOS.Install.ConfigURL = output } - if err := config.ToFile(cfg, output); err != nil { - return err - } - cfg.RancherOS.Install.ConfigURL = output - ev, err := config.ToEnv(cfg) if err != nil { return err diff --git a/ros-image-build b/ros-image-build index d55f2ce3..7dc3f4a4 100755 --- a/ros-image-build +++ b/ros-image-build @@ -27,14 +27,10 @@ RUN cd /usr/sbin && \ rm tmp RUN cd /usr/src && \ git clone https://github.com/rancher-sandbox/cOS-toolkit -RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.5/luet-0.20.5-linux-$(go env GOARCH) && \ +RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.6/luet-0.20.6-linux-$(go env GOARCH) && \ chmod +x /usr/bin/luet RUN mkdir -p /iso/iso-overlay/boot/grub2 /etc/luet -RUN export SUFFIX; \ -if [ "$(uname -m)" == "aarch64" ]; then \ - SUFFIX=-arm64 \ -;fi && \ -echo -e \ +RUN echo -e \ 'logging:\n'\ ' color: false\n'\ ' enable_emoji: false\n'\ @@ -42,11 +38,18 @@ echo -e \ ' debug: false\n'\ ' spinner_charset: 9\n'\ 'repositories:\n'\ +'- name: "cos-toolkit-green-amd64"\n'\ +' type: "docker"\n'\ +' enable: true\n'\ +' arch: amd64\n'\ +' urls:\n'\ +' - "quay.io/costoolkit/releases-green"\n'\ '- name: "cos-toolkit-green"\n'\ ' type: "docker"\n'\ ' enable: true\n'\ +' arch: arm64\n'\ ' urls:\n'\ -" - \"quay.io/costoolkit/releases-green${SUFFIX}\"\n" > /etc/luet/luet.yaml && \ +' - "quay.io/costoolkit/releases-green-arm64"\n' > /etc/luet/luet.yaml && \ echo -e \ 'packages:\n'\ ' uefi:\n'\ @@ -71,15 +74,22 @@ echo -e \ 'label: "COS_LIVE"\n'\ '\n'\ 'squashfs_options:\n'\ -' compression: gzip\n'\ +' compression: xz\n'\ '\n'\ 'luet:\n'\ ' repositories:\n'\ -' - name: "cos-toolkit-green"\n'\ +' - name: "cos-toolkit-green-amd64"\n'\ ' type: "docker"\n'\ ' enable: true\n'\ +' arch: amd64\n'\ ' urls:\n'\ -" - \"quay.io/costoolkit/releases-green${SUFFIX}\"\n" > /iso/iso.yaml +' - "quay.io/costoolkit/releases-green"\n'\ +' - name: "cos-toolkit-green-arm64"\n'\ +' type: "docker"\n'\ +' enable: true\n'\ +' arch: arm64\n'\ +' urls:\n'\ +' - "quay.io/costoolkit/releases-green-arm64"\n' > /iso/iso.yaml RUN echo -e \ 'search --file --set=root /boot/kernel.xz\n'\ 'set default=0\n'\