-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OSDOCS-8216: embed microshift in rpm-ostree commit
- Loading branch information
1 parent
b1c0429
commit bd8b7ea
Showing
7 changed files
with
203 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
microshift_running_apps/microshift-embed-microshift-offline-deploy.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| :_content-type: ASSEMBLY | ||
| [id="microshift-embed-microshift-offline-deployments"] | ||
| = Running a cluster in an offline deployment | ||
| include::_attributes/attributes-microshift.adoc[] | ||
| :context: microshift-embed-apps-offline-use | ||
|
|
||
| toc::[] | ||
|
|
||
| Embedding {microshift-short} containers in an `rpm-ostree` commit means that you can run a cluster in air-gapped, disconnected, or offline environments. You can embed {product-title} containers in a {op-system-ostree-first} image so that container engines do not need to pull images over a network from a container registry. Workloads can start up immediately without network connectivity. | ||
|
|
||
| include::modules/microshift-embed-microshift-image-offline-deploy.adoc[leveloffset=+1] | ||
|
|
||
| include::modules/microshift-embed-microshift-update-osbuilder-worker.adoc[leveloffset=+1] | ||
|
|
||
| include::modules/microshift-embed-microshift-build-image.adoc[leveloffset=+1] | ||
|
|
||
| include::modules/microshift-adding-service-to-blueprint.adoc[leveloffset=+2] | ||
|
|
||
| include::modules/microshift-creating-ostree-iso.adoc[leveloffset=+2] | ||
|
|
||
| [id="additional-resources_microshift-embed-microshift-offline-deployments_{context}"] | ||
| [role="_additional-resources"] | ||
| == Additional resources | ||
|
|
||
| * link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/composing_a_customized_rhel_system_image/assembly_pushing-a-container-to-a-register-and-embedding-it-into-a-image_composing-a-customized-rhel-system-image#con_the-container-registry-credentials_assembly_pushing-a-container-to-a-register-and-embedding-it-into-a-image[Pushing a container to a registry and embedding it into an image] | ||
| * link:https://www.osbuild.org/guides/image-builder-on-premises/container-auth.html[Container registry credentials] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // microshift_running_applications/embed-microshift-offline-deploy.adoc | ||
|
|
||
| :_content-type: CONCEPT | ||
| [id="microshift-embed-microshift-build-image-offline-deployment_{context}"] | ||
| = Build and use the rpm-ostree image for offline deployments | ||
|
|
||
| You can use Image Builder to create `rpm-ostree` system images with embedded {microshift-short} container images. To embed container images, you must add the image references to your Image Builder blueprint. You can create the commit and ISO as needed for your use case. | ||
|
|
||
| Add the prerequisites listed here to the ones that are included in the procedures that follow. | ||
|
|
||
| [id="microshift-embed-microshift-build-image-offline-deployment-prereqs_{context}"] | ||
| == Additional prerequisites for offline deployments | ||
|
|
||
| * You have created and updated a {op-system-ostree} image blueprint for offline use. The following procedures use the example of a blueprint created with container images. You must use the updated blueprint you created in the "Embedding MicroShift containers for offline deployments" procedure. | ||
| * You have updated the `/etc/osbuild-worker/osbuild-worker.toml` configuration file for offline use. | ||
|
|
||
| [IMPORTANT] | ||
| ==== | ||
| Replace `minimal-microshift.toml` in the following procedures with the name of the TOML you updated for offline use, <my_blueprint_name>. | ||
| ==== |
117 changes: 117 additions & 0 deletions
117
modules/microshift-embed-microshift-image-offline-deploy.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,117 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // microshift_running_applications/embed-microshift-offline-deploy.adoc | ||
|
|
||
| :_content-type: PROCEDURE | ||
| [id="microshift-embed-microshift-image-offline-deployment_{context}"] | ||
| = Embedding {microshift-short} containers for offline deployments | ||
|
|
||
| You can use Image Builder to create `rpm-ostree` system images with embedded {microshift-short} container images. To embed container images, you must add the image references to your Image Builder blueprint. | ||
|
|
||
| .Prerequisites | ||
|
|
||
| * You have root-user access to your build host. | ||
| * Your build host meets the Image Builder system requirements. | ||
| * You have installed and set up Image Builder and the `composer-cli` tool. | ||
| * You have created a {op-system-ostree} image blueprint. | ||
| * You have installed jq. | ||
| .Procedure | ||
|
|
||
| . Get the exact list of container image references used by the {microshift-short} version you are deploying. You can either install the `microshift-release-info` RPM package by following step 2 or download and unpack the RPM by following step 3. | ||
|
|
||
| . To install the `microshift-release-info` RPM package: | ||
|
|
||
| .. Install the `microshift-release-info` RPM package by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ sudo dnf install -y microshift-release-info-<release_version> | ||
| ---- | ||
| Replace `<release_version>` with the numerical value of the release you are deploying, using the entire version number, such as `4.14.0`. | ||
|
|
||
| .. List the contents of the `/usr/share/microshift/release` directory to verify the presence of the release information files by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ ls /usr/share/microshift/release | ||
| ---- | ||
| + | ||
| .Example output | ||
| [source,terminal] | ||
| ---- | ||
| release-x86_64.json | ||
| release-aarch64.json | ||
| ---- | ||
| + | ||
| If you installed the `microshift-release-info` RPM, you can proceed to step 4. | ||
|
|
||
| . If you did not complete step 2, download and unpack the `microshift-release-info` RPM without installing it: | ||
|
|
||
| .. Download the RPM package by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ sudo dnf download microshift-release-info-<release_version> | ||
| ---- | ||
| Replace `<release_version>` with the numerical value of the release you are deploying, using the entire version number, such as `4.14.0`. | ||
| + | ||
| .Example rpm | ||
| [source,terminal] | ||
| ---- | ||
| microshift-release-info-4.14.0.*.el9.noarch.rpm <1> | ||
| ---- | ||
| <1> The `*` represents the date and commit ID. Your output should contain both, for example `-202311101230.p0.g7dc6a00.assembly.4.14.0`. | ||
|
|
||
| .. Unpack the RPM package without installing it by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ rpm2cpio <my_microshift_release_info> | cpio -idmv <1> | ||
| ./usr/share/microshift/release/release-aarch64.json | ||
| ./usr/share/microshift/release/release-x86_64.json | ||
| ---- | ||
| <1> Replace `<my_microshift_release_info>` with the name of the RPM package from the previous step. | ||
|
|
||
| . Define the location of your JSON file, which contains the container reference information, by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ RELEASE_FILE=</path/to/your/release-$(uname -m).json> | ||
| ---- | ||
| Replace `</path/to/your/release-$(uname -m).json>` with the full path to your JSON file. Be sure to use the file needed for your architecture. | ||
|
|
||
| . Define the location of your TOML file, which contains instructions for building the image, by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ BLUEPRINT_FILE=</path/to/your/blueprint.toml> | ||
| ---- | ||
| Replace `</path/to/your/blueprint.toml>` with the full path to your JSON file. | ||
|
|
||
| . Generate and then embed the container image references in your blueprint TOML file by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ jq -r '.images | .[] | ("[[containers]]\nsource = \"" + . + "\"\n")' "${RELEASE_FILE}" >> "${BLUEPRINT_FILE}" | ||
| ---- | ||
| + | ||
| .Example resulting `<my_blueprint.toml>` fragment showing container references | ||
| [source,terminal] | ||
| ---- | ||
| [[containers]] | ||
| source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:82cfef91557f9a70cff5a90accba45841a37524e9b93f98a97b20f6b2b69e5db" | ||
| [[containers]] | ||
| source = "quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:82cfef91557f9a70cff5a90accba45841a37524e9b93f98a97b20f6b2b69e5db" | ||
| ---- | ||
|
|
||
| . You can manually embed any container image by adding it to the Image Builder blueprint using the following example: | ||
| + | ||
| .Example section for manually embedding container image to Image Builder | ||
| [source,terminal] | ||
| ---- | ||
| [[containers]] | ||
| source = "<my_image_pullspec_with_tag_or_digest>" | ||
| ---- | ||
| Replace `<my_image_pullspec_with_tag_or_digest>` with the exact reference to a container image used by the {microshift-short} version you are deploying. |
32 changes: 32 additions & 0 deletions
32
modules/microshift-embed-microshift-update-osbuilder-worker.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // microshift_running_applications/embed-microshift-offline-deploy.adoc | ||
|
|
||
| :_content-type: PROCEDURE | ||
| [id="microshift-embed-microshift-update-osbuilder-worker_{context}"] | ||
| = Updating osbuilder worker configuration to prepare for image building | ||
|
|
||
| After you have updated the blueprint, you must update the osbuilder worker configuration to prepare for building the image with embedded {microshift-short} containers. | ||
|
|
||
| .Prerequisites | ||
|
|
||
| * You have root-user access to your build host. | ||
| * Your build host meets the Image Builder system requirements. | ||
| * You have installed and set up Image Builder and the `composer-cli` tool. | ||
| [NOTE] | ||
| ==== | ||
| You can create an `/etc/osbuild-worker/osbuild-worker.toml` directory and configuration file if they do not exist. | ||
| ==== | ||
|
|
||
| .Procedure | ||
|
|
||
| . Add a pull secret for authenticating to the registry by setting the `auth_file_path` in the `[containers]` section of the `/etc/osbuild-worker/osbuild-worker.toml` osbuilder worker configuration file: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| [containers] | ||
| auth_file_path = "/etc/osbuild-worker/pull-secret.json" | ||
| ---- | ||
|
|
||
| . Restart the `osbuild-worker` to apply configuration changes by restarting the host. Restarting the host ensures that all `osbuild-worker` services currently running are restarted. |