Skip to content

Latest commit

 

History

History
191 lines (135 loc) · 5.68 KB

README.md

File metadata and controls

191 lines (135 loc) · 5.68 KB
Raw

ManageIQ Appliance Build

CI License

Introduction

This repository contains code to build ManageIQ appliances in the various virtualization formats.

Below are instructions on configuring a dedicated build machine to generate appliance images.

Installation

  • Hardware requirements:
    • CPU: 2 cores minimum
    • RAM: 12GB minimum
    • HD: 80GB Minimum - 200GB Recommended

Get the kickstart from kickstarts/centos8_build_machine.ks and adjust it as needed based on your environment and hardware. Example iPXE boot script for the kickstart:

#!ipxe

kernel http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/isolinux/vmlinuz inst.ks=http://pxeserver.example.com/ipxe/mac/centos8_build_machine.ks net.ifnames=0 biosdevname=0
#ramdisk_size=10000
initrd http://mirror.centos.org/centos/8-stream/BaseOS/x86_64/os/isolinux/initrd.img
boot

Download CentOS 8 ISO

  • Download latest CentOS 8 ISO from http://isoredirect.centos.org/centos/8-stream/isos/x86_64/

    curl -L http://isoredirect.centos.org/centos/8-stream/isos/x86_64/CentOS-Stream-8-x86_64-20210608-dvd1.iso \
  -o /build/isos/CentOS-Stream-8-x86_64-20210608-dvd1.iso

  • Add "-joliet-long" option to genisoimage command in /usr/lib/python3.6/site-packages/oz/RedHat.py to avoid the following error:

    genisoimage: Error: /var/lib/oz/isocontent/factory-build-244d0db5-0be5-4948-b20a-d4eaf74b814e-iso/AppStream/Packages/clang-resource-filesystem-13.0.0-2.module_el8.6.0+1029+6594c364.i686.rpm and /var/lib/oz/isocontent/factory-build-244d0db5-0be5-4948-b20a-d4eaf74b814e-iso/AppStream/Packages/clang-resource-filesystem-13.0.0-2.module_el8.6.0+1029+6594c364.x86_64.rpm have the same Joliet name
Joliet tree sort failed. The -joliet-long switch may help you.

Setup docker for container build

  • Install docker and start service

    dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
dnf install docker-ce --nobest
systemctl enable --now docker

  • Login to a registry (for pushing image)

    docker login --username <user> <server> (e.g. docker.io)

Configure virtualization hardware (if running build machine in a VM)

  • Network: NAT or Bridged

  • Time Sync with Host

  • Install appropriate guest agent (rhevm-guest-agent for RHV, open-vm-tools for vSphere)

  • Enable nested virtualization

    • For vSphere: in hosting's VM's .vmx file: 
      monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
vhv.enable = "TRUE"

  • Start imagefactory vm and verify hardware:

    egrep '(vmx|svm)' /proc/cpuinfo

virsh nodeinfo

lsmod | grep kvm

  • To manually load kernel modules:

    modprobe kvm
modprobe kvm_intel

  • Start kvm_intel with nested enabled:

    • Append options in /etc/modprobe.d/dist.conf (create file if not there) options kvm-intel nested=y

Optional: Setup Apache for sharing built images

dnf install httpd
firewall-cmd --permanent --add-port=80/tcp
firewall-cmd --permanent --add-port=443/tcp
firewall-cmd --reload

mv /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/welcome.conf.orig   (Ok not to have index.html)
systemctl start httpd
systemctl enable httpd

cd /var/www/html
ln -s /build/fileshare builds
ln -s /build/isos      isos

  • For Apache to be able to see the directories above: (SELinux)

    chmod -R a+rx /build/fileshare
chcon -R -t httpd_sys_content_t /build/fileshare
chmod -R a+rx /build/isos
chcon -R -t httpd_sys_content_t /build/isos

  • At each update, or simply disable SELinux

    vi /etc/sysconfig/selinux
SELINUX=disabled

Cleanup imagefactory temp storage

  • To avoid imagefactory filling up the disk with in flight .meta and .body files, we'll create a daily cron job to clean this up:
chmod +x /build/bin/clean_imagefactory_storage.sh
ln -s /build/bin/clean_imagefactory_storage.sh /etc/cron.daily

To setup a daily build:

  • To make the build run every weekday at 8pm local time:

    # crontab -e

# run the appliance build week nights at 8 pm
0 20 * * 1-5 /build/bin/nightly-build.sh

  • Or, we can just run via cron.daily (sometime in the early morning)

    ln -s /build/bin/nightly-build.sh /etc/cron.daily

Usage

With installs, vnc is not directly available, but can be accessed via local vncviewer installed on the VM hosting imagefactory.

virsh list

to determine which VM ID is doing the install and then

virsh domdisplay <id_of_domain>

You'll get a local VNC display number for the actual VM doing the install. (As opposed to a VNC server being run inside of Anaconda on the VM. And you can use that display to get to a debug shell and do other installer-like things.

So ...

# sudo virsh list
 Id    Name                           State
----------------------------------------------------
 4     factory-build-4cc03248-2ae3-4614-989e-5982e6850a8c running

# sudo virsh domdisplay 4
vnc://127.0.0.1:0

# vncviewer :0

Assuming, running in Graphical/X mode.

Above is provided with the /build/bin/vncviewer_build.sh [--wait]

Note: vncviewer has an "F8" menu we need to use if we want to send an "alt" keypress to the VM. On t540p thinkpad, with the function lock key on, pressing F8 actually disables WIFI.

License

See LICENSE.txt