Image Builder (composer-cli) in Red Hat Enterprise Linux 8 (RHEL8)

Image Builder - Configuration aka Blueprints

Lets start with basic configuration manipulation. Blueprint uses .toml files with a git-like workflow. Blueprints are a weird inbetween of DSL and a config file.

[root@localhost ~]# composer-cli blueprints list
example-atlas
example-development
example-http-server
[root@localhost ~]# composer-cli blueprints show example-http-server
name = "example-http-server"
description = "An example http server with PHP and MySQL support."
version = "0.0.1"
groups = []

[[modules]]
name = "httpd"
version = "2.4.*"

[[modules]]
name = "mod_ssl"
version = "2.4.*"

[[modules]]
name = "php"
version = "7.2.*"

[[modules]]
name = "php-mysqlnd"
version = "7.2.*"

[[packages]]
name = "openssh-server"
version = "7.*"

[[packages]]
name = "rsync"
version = "3.1.*"

[[packages]]
name = "tmux"
version = "2.7"



[root@localhost ~]#

Here we can see the list of blueprints, and “show” the config of example-http-server. Lets copy this example, and then lets make some changes.

[root@localhost ~]# composer-cli blueprints save example-http-server
[root@localhost ~]# ls -l example-http-server.toml 
-rw-r--r--. 1 root root 461 May 29 13:12 example-http-server.toml
[root@localhost ~]# mv example-http-server.toml example-strace.toml 
[root@localhost ~]# vim example-strace.toml 
[root@localhost ~]# rpm -qi strace | grep Version
Version     : 4.24
[root@localhost ~]#

Lets break this down. I saved the example-http-server configuration. Then renamed it, and started editing it. I removed a few things, and added the strace package. One thing to remember, check rpm for what the version is. Some people have weird version/release numbers, and its easy to think the version is 1.2.3-0.4af333330 rather than just 1.2.3.

[root@localhost ~]# composer-cli blueprints push example-strace.toml 
[root@localhost ~]# composer-cli blueprints list
example-atlas
example-development
example-http-server
example-strace     <----
[root@localhost ~]# composer-cli blueprints show example-strace
name = "example-strace"
description = "An example with strace and http"
version = "0.0.1"
groups = []

[[modules]]
name = "httpd"
version = "2.4.*"

[[packages]]
name = "openssh-server"
version = "7.*"

[[packages]]
name = "strace"
version = "4.24"



[root@localhost ~]#

Remember when I said git-like? This is what I meant. You push your changes to composer, and if you actually look on the backend, it really is using git.

I pushed my .toml file to composer, and it created my blueprint. If you update it, make sure to bump the version number in the toml file. eg: 0.0.1 -> 0.0.2. Since I created a new blueprint, the version wouldnt have already been in composer. Therefore I wouldnt need to bump the version number. But if I make any changes to this, I will need to.

Image Builder - Building your blueprints

OK, no that we have a blueprint in place(exampe-strace), lets get into building. Building is referred to as composing, and can be done via cockpit, or composer-cli. I have never been a huge fan of the UI. So lets do this via command line.

[root@localhost blueprints]# composer-cli compose types
ami
ext4-filesystem
live-iso
openstack
partitioned-disk
qcow2
tar
vhd
vmdk
[root@localhost blueprints]# composer-cli compose start example-strace tar 
Compose 41720861-12c8-434e-a6bd-30909cffac56 added to the queue
[root@localhost blueprints]#

First, we listed the available types to build. I went with one we can validate easily later. Then I added it to the composer queue.

[root@localhost blueprints]# composer-cli compose status | grep 41720861-12c8-434e-a6bd-30909cffac56
41720861-12c8-434e-a6bd-30909cffac56 RUNNING  Wed May 29 13:26:59 2019 example-strace  0.0.1 tar              
[root@localhost blueprints]# composer-cli compose log  41720861-12c8-434e-a6bd-30909cffac56 | head
13:27:03,110 INF isys: 16389616 kB (16005 MB) are available
13:27:03,135 INF startup_utils: check_memory(): total:16005, needed:320, graphical:410
13:27:03,136 INF startup_utils: Switching logging level to debug
13:27:03,137 INF flags: Not doing 'syslog setup' in directory installation
13:27:03,137 INF flags: Not doing 'early exception handler' in directory installation
13:27:03,138 INF flags: Not doing 'start audit daemon' in directory installation
13:27:03,138 INF main: anaconda called with cmdline = ['/usr/sbin/anaconda', '--kickstart', '/var/lib/lorax/composer/results/41720861-12c8-434e-a6bd-30909cffac56/final-kickstart.ks', '--cmdline', '--loglevel', 'debug', '--dirinstall', '--remotelog', '127.0.0.1:33305']
13:27:03,141 INF main: Default encoding = utf-8 
13:27:03,188 INF dbus.connection: Connecting to a default bus at unix:abstract=/tmp/dbus-cQXw6SLIHw,guid=39aff92b3899232306cbc36d5ceec0e7.
13:27:03,836 INF startup_utils: Waiting 600 sec for modules to be started.
[root@localhost blueprints]#

We can check the status using composer-cli-compose status, and if you are so inclined, you can watch the verbose ouput by using composer-cli compose log .

Image Builder - Validate

[root@localhost blueprints]# composer-cli compose log  41720861-12c8-434e-a6bd-30909cffac56 | grep cmdline
13:27:03,138 INF main: anaconda called with cmdline = ['/usr/sbin/anaconda', '--kickstart', '/var/lib/lorax/composer/results/41720861-12c8-434e-a6bd-30909cffac56/final-kickstart.ks', '--cmdlin', '--loglevel', 'debug', '--dirinstall', '--remotelog', '127.0.0.1:33305']
[root@localhost blueprints]# cd /var/lib/lorax/composer/results/41720861-12c8-434e-a6bd-30909cffac56/
[root@localhost 41720861-12c8-434e-a6bd-30909cffac56]# ls 
blueprint.toml  COMMIT  config.toml  deps.toml  final-kickstart.ks  frozen.toml  logs  root.tar.xz  STATUS  tar.ks  times.toml
[root@localhost 41720861-12c8-434e-a6bd-30909cffac56]#

Once its finished, we can use the cmdline to tell us the directory location of the tarball. From there, we can see all the neat little artifacts that composer/lorax left us. Lets take a look in the tarball and see if strace is really there!

[root@localhost 41720861-12c8-434e-a6bd-30909cffac56]# tar -tvf root.tar.xz  | grep -e bin/strace$ -e sbin/httpd$ 
-rwxr-xr-x root/root    1606648 2018-09-04 03:58 ./usr/bin/strace
-rwxr-xr-x root/root     599672 2018-10-16 06:47 ./usr/sbin/httpd
lrwxrwxrwx root/root          0 2018-09-04 04:00 ./usr/lib/.build-id/1a/37738e4bbfd30878e5530e8d4e42293d24872a -> ../../../../usr/bin/strace
lrwxrwxrwx root/root          0 2018-10-16 06:47 ./usr/lib/.build-id/b2/ee4818aec0d81fa6ae643a60cbf6ebf998b3d9 -> ../../../../usr/sbin/httpd
[root@localhost 41720861-12c8-434e-a6bd-30909cffac56]#

As you can see, both httpd and strace are in our tar file.

Conclusion

I am happy to see that Red Hat is working on being better at “cloud”. A lot of us have been piecing it together for years to generate AMIs, VHDs, OVAs, etc. While Image Builder still has some work on actually integrating with providers, it brings the building process under one roof. That alone is a significant improvement. I can script out the integration with the cloud providers myself pretty easily. While it is pretty clear they aren’t consumers, it is nice that they are listening to us. What a time we live in.

Setting up Network Bound Disk Encryption(NBDE) on CentOS 8 (Categories: linux)
Update CUDA from 9.1 to 10.1 (Categories: linux)
The simplest dpkg you will ever build (Categories: linux)
RHEL8: Adding a second drive to LVM (Categories: linux)
Centos 8: live updating the kernel using kpatch (Categories: linux)
Building Syslog-NG with TLS/SSL support on CentOS6 (Categories: linux)

« Building Syslog-NG with TLS/SSL support on CentOS6 Instagram: Shaping up to be a nice looking #gladius »

James J