diff options
| -rw-r--r-- | README.md | 26 | ||||
| -rw-r--r-- | deploy.yml | 9 | ||||
| -rw-r--r-- | templates/bootcblade.containerfile.j2 | 16 |
3 files changed, 39 insertions, 12 deletions
@@ -58,10 +58,6 @@ will need to be run, either remotely or as localhost, and the required variables ### ```/root/bootcblade.containerfile``` is gone: You can use ```update.yml``` to recreate this, assuming you have the correct inventory. -### Cockpit wont work -Currently there is a known issue, ```cockpit-ws``` is having issues installing properly inside the container during the build. On a reboot, you will have to do the following commands as sudo: -```$ bootc usr-overlay ; dnf -y reinstall cockpit-ws ; systemctl restart cockpit.socket``` - ### BootcBlade will no longer build The default tag used for ```centos-bootc``` is referenced in ```templates/bootcblade.containerfile.j2``` - its possible that there was a kernel update, or a release update, that breaks ZFS. Usually these issues are transient and resolve on their own. If you need a build now (perhaps for a fresh system) you can try and see if there is an older release (tag) from the upstream repo, and adjust it using the ```bootc_image_tag``` variable. @@ -87,7 +83,7 @@ if this is defined - so this can override the default and remove that | create_user_password | X | - | | create_user_ssh_pub | X | X | | create_user_shell | X | - | -| bootc_image_tag | X | - | +| bootc_image_tag | X | - | | bootc_acknowledge | X | - | ### iso.yml @@ -97,7 +93,7 @@ if this is defined - so this can override the default and remove that | create_user_password | X | - | | create_user_ssh_pub | X | X | | create_user_shell | - | - | -| bootc_image_tag | X | - | +| bootc_image_tag | X | - | | bootc_acknowledge | - | - | ### update.yml @@ -107,6 +103,22 @@ if this is defined - so this can override the default and remove that | create_user_password | - | - | | create_user_ssh_pub | - | - | | create_user_shell | - | - | -| bootc_image_tag | X | - | +| bootc_image_tag | X | - | | bootc_acknowledge | - | - | +## Hacks / Workarounds +### ZFS +I ran into a few problems with ZFS - the ZFS on Linux packages for CentOS didn't quite work for CentOS Stream. +Yes the older kernel was still in use and didn't change major versions however sometimes Red Hat backported changes from newer kernels. +I considered using Fedora Server (instead of CentOS Stream) however the problem was reverse then, sometimes Fedora changes major kernel versions mid-release. +So I settled with using CentOS Stream for the base and the Fedora ZoL release packages. I may tweak the code or the exact release being used but this seems +to be the most stable so far. + +### Cockpit +I ran into a problem where the ```cockpit-ws``` package would not install onto the base image [https://github.com/containers/bootc/issues/571](https://github.com/containers/bootc/issues/571). +There was some advice in that thread about using the containerized version of ```cockpit-ws``` so that is what I am doing, however this is being applied after deployment via Ansible +and not baked into the image. +[https://quay.io/repository/cockpit/ws](https://quay.io/repository/cockpit/ws) + +This also explains why I'm using rpm vs dnf to install the 45Drives Cockpit packages - they have a dependency on ```cockpit-ws``` that I need to override. +Once the official ```cockpit-files``` package is released I will be using that instead of ```cockpit-navigator```. @@ -102,6 +102,15 @@ loop: - "bootc-fetch-apply-updates.timer" - "bootc-fetch-apply-updates.service" + + - name: Enable install container-based cockpit-ws + ansible.builtin.shell: "podman container runlabel INSTALL quay.io/cockpit/ws systemctl enable cockpit.service" + + - name: Start container-based Cockpit + ansible.builtin.systemd: + name: "cockpit.service" + state: "started" + enabled: true vars: ansible_user: "root" tags: configure diff --git a/templates/bootcblade.containerfile.j2 b/templates/bootcblade.containerfile.j2 index 98fc3c8..637c62d 100644 --- a/templates/bootcblade.containerfile.j2 +++ b/templates/bootcblade.containerfile.j2 @@ -9,14 +9,15 @@ RUN dnf -y install epel-release git && \ sed -i s/\$releasever/38/g /etc/yum.repos.d/zfs.repo && \ dnf -y install kernel-devel-$(ls /usr/lib/modules) && \ dnf -y install zfs && \ + dnf clean all && \ dkms build zfs/$(rpm -q --qf '%{VERSION}' zfs) -k $(ls /usr/lib/modules) && \ dkms install zfs/$(rpm -q --qf '%{VERSION}' zfs) -k $(ls /usr/lib/modules) # KVM & Cockpit RUN echo "qemu:x:107:107:qemu user:/:/sbin/nologin" >> /etc/passwd && \ dnf -y install qemu-kvm libvirt virt-install virt-viewer && \ - dnf -y install cockpit cockpit-bridge cockpit-machines cockpit-pcp cockpit-podman cockpit-storaged cockpit-system cockpit-navigator cockpit-selinux cockpit-ostree && \ - systemctl enable cockpit.socket + dnf -y install cockpit-bridge cockpit-machines cockpit-pcp cockpit-podman cockpit-storaged cockpit-system cockpit-navigator cockpit-selinux cockpit-ostree && \ + dnf clean all # Cockpit ZFS Manager RUN git clone https://github.com/45drives/cockpit-zfs-manager.git /root/cockpit-zfs-manager && \ @@ -31,8 +32,10 @@ RUN git clone https://github.com/45drives/cockpit-zfs-manager.git /root/cockpit- curl -sSL https://scripts.45drives.com/cockpit_font_fix/fonts/OpenSans-Semibold-webfont.woff -o /usr/share/cockpit/static/fonts/OpenSans-Semibold-webfont.woff # Cockpit file sharing, and Samba users -RUN dnf -y install https://github.com/45Drives/cockpit-identities/releases/download/v0.1.12/cockpit-identities-0.1.12-1.el8.noarch.rpm \ - https://github.com/45Drives/cockpit-file-sharing/releases/download/v3.3.7/cockpit-file-sharing-3.3.7-1.el8.noarch.rpm +RUN dnf -y install perl samba-common-tools nfs-utils samba-winbind-clients && \ + dnf clean all && \ + rpm --nodeps -i https://github.com/45Drives/cockpit-identities/releases/download/v0.1.12/cockpit-identities-0.1.12-1.el8.noarch.rpm && \ + rpm --nodeps -i https://github.com/45Drives/cockpit-file-sharing/releases/download/v3.3.7/cockpit-file-sharing-3.3.7-1.el8.noarch.rpm # Sanoid & Syncoid RUN git clone https://github.com/jimsalterjrs/sanoid.git /root/sanoid && \ @@ -40,10 +43,12 @@ RUN git clone https://github.com/jimsalterjrs/sanoid.git /root/sanoid && \ mkdir /etc/sanoid && cp sanoid.defaults.conf /etc/sanoid && touch /etc/sanoid/sanoid.conf && cp sanoid.conf /etc/sanoid/sanoid.example.conf && \ rm -r /root/sanoid RUN dnf -y install perl-Data-Dumper perl-Getopt-Long lzop mbuffer mhash pv && \ + dnf clean all && \ PERL_MM_USE_DEFAULT=1 cpan install Capture::Tiny && PERL_MM_USE_DEFAULT=1 cpan install Config::IniFiles # Firewall RUN dnf -y install firewalld && \ + dnf clean all && \ systemctl enable firewalld && \ firewall-offline-cmd --add-service cockpit && \ firewall-offline-cmd --add-service ssh @@ -52,4 +57,5 @@ RUN dnf -y install firewalld && \ RUN echo "%wheel ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/wheel-passwordless-sudo # Other tools -RUN dnf -y install vim podman fish ansible wget dstat byobu smartmontools +RUN dnf -y install vim podman fish ansible wget dstat byobu smartmontools && \ + dnf clean all |