diff --git a/internal/distro/rhel8/distro.go b/internal/distro/rhel8/distro.go index 5968abdfb..ad7008284 100644 --- a/internal/distro/rhel8/distro.go +++ b/internal/distro/rhel8/distro.go @@ -215,207 +215,6 @@ func newDistro(name string, minor int) *distribution { bootType: distro.LegacyBootType, } - // GCE BYOS image - defaultGceByosImageConfig := &distro.ImageConfig{ - Timezone: common.ToPtr("UTC"), - TimeSynchronization: &osbuild.ChronyStageOptions{ - Servers: []osbuild.ChronyConfigServer{{Hostname: "metadata.google.internal"}}, - }, - Firewall: &osbuild.FirewallStageOptions{ - DefaultZone: "trusted", - }, - EnabledServices: []string{ - "sshd", - "rngd", - "dnf-automatic.timer", - }, - DisabledServices: []string{ - "sshd-keygen@", - "reboot.target", - }, - DefaultTarget: common.ToPtr("multi-user.target"), - Locale: common.ToPtr("en_US.UTF-8"), - Keyboard: &osbuild.KeymapStageOptions{ - Keymap: "us", - }, - DNFConfig: []*osbuild.DNFConfigStageOptions{ - { - Config: &osbuild.DNFConfig{ - Main: &osbuild.DNFConfigMain{ - IPResolve: "4", - }, - }, - }, - }, - DNFAutomaticConfig: &osbuild.DNFAutomaticConfigStageOptions{ - Config: &osbuild.DNFAutomaticConfig{ - Commands: &osbuild.DNFAutomaticConfigCommands{ - ApplyUpdates: common.ToPtr(true), - UpgradeType: osbuild.DNFAutomaticUpgradeTypeSecurity, - }, - }, - }, - YUMRepos: []*osbuild.YumReposStageOptions{ - { - Filename: "google-cloud.repo", - Repos: []osbuild.YumRepository{ - { - Id: "google-compute-engine", - Name: "Google Compute Engine", - BaseURL: []string{"https://packages.cloud.google.com/yum/repos/google-compute-engine-el8-x86_64-stable"}, - Enabled: common.ToPtr(true), - GPGCheck: common.ToPtr(true), - RepoGPGCheck: common.ToPtr(false), - GPGKey: []string{ - "https://packages.cloud.google.com/yum/doc/yum-key.gpg", - "https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg", - }, - }, - }, - }, - }, - RHSMConfig: map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{ - distro.RHSMConfigNoSubscription: { - SubMan: &osbuild.RHSMStageOptionsSubMan{ - Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ - AutoRegistration: common.ToPtr(true), - }, - // Don't disable RHSM redhat.repo management on the GCE - // image, which is BYOS and does not use RHUI for content. - // Otherwise subscribing the system manually after booting - // it would result in empty redhat.repo. Without RHUI, such - // system would have no way to get Red Hat content, but - // enable the repo management manually, which would be very - // confusing. - }, - }, - distro.RHSMConfigWithSubscription: { - SubMan: &osbuild.RHSMStageOptionsSubMan{ - Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ - AutoRegistration: common.ToPtr(true), - }, - // do not disable the redhat.repo management if the user - // explicitly request the system to be subscribed - }, - }, - }, - SshdConfig: &osbuild.SshdConfigStageOptions{ - Config: osbuild.SshdConfigConfig{ - PasswordAuthentication: common.ToPtr(false), - ClientAliveInterval: common.ToPtr(420), - PermitRootLogin: osbuild.PermitRootLoginValueNo, - }, - }, - Sysconfig: []*osbuild.SysconfigStageOptions{ - { - Kernel: &osbuild.SysconfigKernelOptions{ - DefaultKernel: "kernel-core", - UpdateDefault: true, - }, - }, - }, - Modprobe: []*osbuild.ModprobeStageOptions{ - { - Filename: "blacklist-floppy.conf", - Commands: osbuild.ModprobeConfigCmdList{ - osbuild.NewModprobeConfigCmdBlacklist("floppy"), - }, - }, - }, - GCPGuestAgentConfig: &osbuild.GcpGuestAgentConfigOptions{ - ConfigScope: osbuild.GcpGuestAgentConfigScopeDistro, - Config: &osbuild.GcpGuestAgentConfig{ - InstanceSetup: &osbuild.GcpGuestAgentConfigInstanceSetup{ - SetBotoConfig: common.ToPtr(false), - }, - }, - }, - } - - if rd.osVersion == "8.4" { - // NOTE(akoutsou): these are enabled in the package preset, but for - // some reason do not get enabled on 8.4. - // the reason is unknown and deeply myserious - defaultGceByosImageConfig.EnabledServices = append(defaultGceByosImageConfig.EnabledServices, - "google-oslogin-cache.timer", - "google-guest-agent.service", - "google-shutdown-scripts.service", - "google-startup-scripts.service", - "google-osconfig-agent.service", - ) - } - - gceImgType := imageType{ - name: "gce", - filename: "image.tar.gz", - mimeType: "application/gzip", - packageSets: map[string]packageSetFunc{ - buildPkgsKey: distroBuildPackageSet, - osPkgsKey: gcePackageSet, - }, - packageSetChains: map[string][]string{ - osPkgsKey: {osPkgsKey, blueprintPkgsKey}, - }, - defaultImageConfig: defaultGceByosImageConfig, - kernelOptions: "net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y crashkernel=auto console=ttyS0,38400n8d", - bootable: true, - bootType: distro.UEFIBootType, - defaultSize: 20 * common.GibiByte, - pipelines: gcePipelines, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "archive"}, - exports: []string{"archive"}, - basePartitionTables: defaultBasePartitionTables, - } - - defaultGceRhuiImageConfig := &distro.ImageConfig{ - RHSMConfig: map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{ - distro.RHSMConfigNoSubscription: { - SubMan: &osbuild.RHSMStageOptionsSubMan{ - Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ - AutoRegistration: common.ToPtr(true), - }, - Rhsm: &osbuild.SubManConfigRHSMSection{ - ManageRepos: common.ToPtr(false), - }, - }, - }, - distro.RHSMConfigWithSubscription: { - SubMan: &osbuild.RHSMStageOptionsSubMan{ - Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ - AutoRegistration: common.ToPtr(true), - }, - // do not disable the redhat.repo management if the user - // explicitly request the system to be subscribed - }, - }, - }, - } - defaultGceRhuiImageConfig = defaultGceRhuiImageConfig.InheritFrom(defaultGceByosImageConfig) - - gceRhuiImgType := imageType{ - name: "gce-rhui", - filename: "image.tar.gz", - mimeType: "application/gzip", - packageSets: map[string]packageSetFunc{ - buildPkgsKey: distroBuildPackageSet, - osPkgsKey: gceRhuiPackageSet, - }, - packageSetChains: map[string][]string{ - osPkgsKey: {osPkgsKey, blueprintPkgsKey}, - }, - defaultImageConfig: defaultGceRhuiImageConfig, - kernelOptions: "net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y crashkernel=auto console=ttyS0,38400n8d", - bootable: true, - bootType: distro.UEFIBootType, - defaultSize: 20 * common.GibiByte, - pipelines: gcePipelines, - buildPipelines: []string{"build"}, - payloadPipelines: []string{"os", "image", "archive"}, - exports: []string{"archive"}, - basePartitionTables: defaultBasePartitionTables, - } - tarImgType := imageType{ name: "tar", filename: "root.tar.xz", @@ -535,7 +334,7 @@ func newDistro(name string, minor int) *distribution { x86_64.addImageTypes( gceX86Platform, - gceImgType, + gceImgType(rd), ) x86_64.addImageTypes( @@ -689,7 +488,7 @@ func newDistro(name string, minor int) *distribution { } // add GCE RHUI image to RHEL only - x86_64.addImageTypes(gceX86Platform, gceRhuiImgType) + x86_64.addImageTypes(gceX86Platform, gceRhuiImgType(rd)) // add s390x to RHEL distro only rd.addArches(s390x) diff --git a/internal/distro/rhel8/gce.go b/internal/distro/rhel8/gce.go new file mode 100644 index 000000000..fb0b40fab --- /dev/null +++ b/internal/distro/rhel8/gce.go @@ -0,0 +1,302 @@ +package rhel8 + +import ( + "github.com/osbuild/osbuild-composer/internal/common" + "github.com/osbuild/osbuild-composer/internal/distro" + "github.com/osbuild/osbuild-composer/internal/osbuild" + "github.com/osbuild/osbuild-composer/internal/rpmmd" +) + +func gceImgType(rd distribution) imageType { + return imageType{ + name: "gce", + filename: "image.tar.gz", + mimeType: "application/gzip", + packageSets: map[string]packageSetFunc{ + buildPkgsKey: distroBuildPackageSet, + osPkgsKey: gcePackageSet, + }, + packageSetChains: map[string][]string{ + osPkgsKey: {osPkgsKey, blueprintPkgsKey}, + }, + defaultImageConfig: defaultGceByosImageConfig(rd), + kernelOptions: "net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y crashkernel=auto console=ttyS0,38400n8d", + bootable: true, + bootType: distro.UEFIBootType, + defaultSize: 20 * common.GibiByte, + pipelines: gcePipelines, + buildPipelines: []string{"build"}, + payloadPipelines: []string{"os", "image", "archive"}, + exports: []string{"archive"}, + basePartitionTables: defaultBasePartitionTables, + } +} + +func gceRhuiImgType(rd distribution) imageType { + return imageType{ + name: "gce-rhui", + filename: "image.tar.gz", + mimeType: "application/gzip", + packageSets: map[string]packageSetFunc{ + buildPkgsKey: distroBuildPackageSet, + osPkgsKey: gceRhuiPackageSet, + }, + packageSetChains: map[string][]string{ + osPkgsKey: {osPkgsKey, blueprintPkgsKey}, + }, + defaultImageConfig: defaultGceRhuiImageConfig(rd), + kernelOptions: "net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y crashkernel=auto console=ttyS0,38400n8d", + bootable: true, + bootType: distro.UEFIBootType, + defaultSize: 20 * common.GibiByte, + pipelines: gcePipelines, + buildPipelines: []string{"build"}, + payloadPipelines: []string{"os", "image", "archive"}, + exports: []string{"archive"}, + basePartitionTables: defaultBasePartitionTables, + } +} + +func defaultGceByosImageConfig(rd distribution) *distro.ImageConfig { + ic := &distro.ImageConfig{ + Timezone: common.ToPtr("UTC"), + TimeSynchronization: &osbuild.ChronyStageOptions{ + Servers: []osbuild.ChronyConfigServer{{Hostname: "metadata.google.internal"}}, + }, + Firewall: &osbuild.FirewallStageOptions{ + DefaultZone: "trusted", + }, + EnabledServices: []string{ + "sshd", + "rngd", + "dnf-automatic.timer", + }, + DisabledServices: []string{ + "sshd-keygen@", + "reboot.target", + }, + DefaultTarget: common.ToPtr("multi-user.target"), + Locale: common.ToPtr("en_US.UTF-8"), + Keyboard: &osbuild.KeymapStageOptions{ + Keymap: "us", + }, + DNFConfig: []*osbuild.DNFConfigStageOptions{ + { + Config: &osbuild.DNFConfig{ + Main: &osbuild.DNFConfigMain{ + IPResolve: "4", + }, + }, + }, + }, + DNFAutomaticConfig: &osbuild.DNFAutomaticConfigStageOptions{ + Config: &osbuild.DNFAutomaticConfig{ + Commands: &osbuild.DNFAutomaticConfigCommands{ + ApplyUpdates: common.ToPtr(true), + UpgradeType: osbuild.DNFAutomaticUpgradeTypeSecurity, + }, + }, + }, + YUMRepos: []*osbuild.YumReposStageOptions{ + { + Filename: "google-cloud.repo", + Repos: []osbuild.YumRepository{ + { + Id: "google-compute-engine", + Name: "Google Compute Engine", + BaseURL: []string{"https://packages.cloud.google.com/yum/repos/google-compute-engine-el8-x86_64-stable"}, + Enabled: common.ToPtr(true), + GPGCheck: common.ToPtr(true), + RepoGPGCheck: common.ToPtr(false), + GPGKey: []string{ + "https://packages.cloud.google.com/yum/doc/yum-key.gpg", + "https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg", + }, + }, + }, + }, + }, + RHSMConfig: map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{ + distro.RHSMConfigNoSubscription: { + SubMan: &osbuild.RHSMStageOptionsSubMan{ + Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ + AutoRegistration: common.ToPtr(true), + }, + // Don't disable RHSM redhat.repo management on the GCE + // image, which is BYOS and does not use RHUI for content. + // Otherwise subscribing the system manually after booting + // it would result in empty redhat.repo. Without RHUI, such + // system would have no way to get Red Hat content, but + // enable the repo management manually, which would be very + // confusing. + }, + }, + distro.RHSMConfigWithSubscription: { + SubMan: &osbuild.RHSMStageOptionsSubMan{ + Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ + AutoRegistration: common.ToPtr(true), + }, + // do not disable the redhat.repo management if the user + // explicitly request the system to be subscribed + }, + }, + }, + SshdConfig: &osbuild.SshdConfigStageOptions{ + Config: osbuild.SshdConfigConfig{ + PasswordAuthentication: common.ToPtr(false), + ClientAliveInterval: common.ToPtr(420), + PermitRootLogin: osbuild.PermitRootLoginValueNo, + }, + }, + Sysconfig: []*osbuild.SysconfigStageOptions{ + { + Kernel: &osbuild.SysconfigKernelOptions{ + DefaultKernel: "kernel-core", + UpdateDefault: true, + }, + }, + }, + Modprobe: []*osbuild.ModprobeStageOptions{ + { + Filename: "blacklist-floppy.conf", + Commands: osbuild.ModprobeConfigCmdList{ + osbuild.NewModprobeConfigCmdBlacklist("floppy"), + }, + }, + }, + GCPGuestAgentConfig: &osbuild.GcpGuestAgentConfigOptions{ + ConfigScope: osbuild.GcpGuestAgentConfigScopeDistro, + Config: &osbuild.GcpGuestAgentConfig{ + InstanceSetup: &osbuild.GcpGuestAgentConfigInstanceSetup{ + SetBotoConfig: common.ToPtr(false), + }, + }, + }, + } + if rd.osVersion == "8.4" { + // NOTE(akoutsou): these are enabled in the package preset, but for + // some reason do not get enabled on 8.4. + // the reason is unknown and deeply mysterious + ic.EnabledServices = append(ic.EnabledServices, + "google-oslogin-cache.timer", + "google-guest-agent.service", + "google-shutdown-scripts.service", + "google-startup-scripts.service", + "google-osconfig-agent.service", + ) + } + + return ic +} + +func defaultGceRhuiImageConfig(rd distribution) *distro.ImageConfig { + ic := &distro.ImageConfig{ + RHSMConfig: map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{ + distro.RHSMConfigNoSubscription: { + SubMan: &osbuild.RHSMStageOptionsSubMan{ + Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ + AutoRegistration: common.ToPtr(true), + }, + Rhsm: &osbuild.SubManConfigRHSMSection{ + ManageRepos: common.ToPtr(false), + }, + }, + }, + distro.RHSMConfigWithSubscription: { + SubMan: &osbuild.RHSMStageOptionsSubMan{ + Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{ + AutoRegistration: common.ToPtr(true), + }, + // do not disable the redhat.repo management if the user + // explicitly request the system to be subscribed + }, + }, + }, + } + ic = ic.InheritFrom(defaultGceByosImageConfig(rd)) + return ic +} + +// common GCE image +func gceCommonPackageSet(t *imageType) rpmmd.PackageSet { + return rpmmd.PackageSet{ + Include: []string{ + "@core", + "langpacks-en", // not in Google's KS + "acpid", + "dhcp-client", + "dnf-automatic", + "net-tools", + //"openssh-server", included in core + "python3", + "rng-tools", + "tar", + "vim", + + // GCE guest tools + "google-compute-engine", + "google-osconfig-agent", + "gce-disk-expand", + + // Not explicitly included in GCP kickstart, but present on the image + // for time synchronization + "chrony", + "timedatex", + // EFI + "grub2-tools-efi", + }, + Exclude: []string{ + "alsa-utils", + "b43-fwcutter", + "dmraid", + "eject", + "gpm", + "irqbalance", + "microcode_ctl", + "smartmontools", + "aic94xx-firmware", + "atmel-firmware", + "b43-openfwwf", + "bfa-firmware", + "ipw2100-firmware", + "ipw2200-firmware", + "ivtv-firmware", + "iwl100-firmware", + "iwl1000-firmware", + "iwl3945-firmware", + "iwl4965-firmware", + "iwl5000-firmware", + "iwl5150-firmware", + "iwl6000-firmware", + "iwl6000g2a-firmware", + "iwl6050-firmware", + "kernel-firmware", + "libertas-usb8388-firmware", + "ql2100-firmware", + "ql2200-firmware", + "ql23xx-firmware", + "ql2400-firmware", + "ql2500-firmware", + "rt61pci-firmware", + "rt73usb-firmware", + "xorg-x11-drv-ati-firmware", + "zd1211-firmware", + // RHBZ#2075815 + "qemu-guest-agent", + }, + }.Append(bootPackageSet(t)).Append(distroSpecificPackageSet(t)) +} + +// GCE BYOS image +func gcePackageSet(t *imageType) rpmmd.PackageSet { + return gceCommonPackageSet(t) +} + +// GCE RHUI image +func gceRhuiPackageSet(t *imageType) rpmmd.PackageSet { + return rpmmd.PackageSet{ + Include: []string{ + "google-rhui-client-rhel8", + }, + }.Append(gceCommonPackageSet(t)) +} diff --git a/internal/distro/rhel8/package_sets.go b/internal/distro/rhel8/package_sets.go index bdfb321ee..08ed7edfa 100644 --- a/internal/distro/rhel8/package_sets.go +++ b/internal/distro/rhel8/package_sets.go @@ -241,90 +241,6 @@ func s390xLegacyBootPackageSet(t *imageType) rpmmd.PackageSet { } } -// common GCE image -func gceCommonPackageSet(t *imageType) rpmmd.PackageSet { - return rpmmd.PackageSet{ - Include: []string{ - "@core", - "langpacks-en", // not in Google's KS - "acpid", - "dhcp-client", - "dnf-automatic", - "net-tools", - //"openssh-server", included in core - "python3", - "rng-tools", - "tar", - "vim", - - // GCE guest tools - "google-compute-engine", - "google-osconfig-agent", - "gce-disk-expand", - - // Not explicitly included in GCP kickstart, but present on the image - // for time synchronization - "chrony", - "timedatex", - // EFI - "grub2-tools-efi", - }, - Exclude: []string{ - "alsa-utils", - "b43-fwcutter", - "dmraid", - "eject", - "gpm", - "irqbalance", - "microcode_ctl", - "smartmontools", - "aic94xx-firmware", - "atmel-firmware", - "b43-openfwwf", - "bfa-firmware", - "ipw2100-firmware", - "ipw2200-firmware", - "ivtv-firmware", - "iwl100-firmware", - "iwl1000-firmware", - "iwl3945-firmware", - "iwl4965-firmware", - "iwl5000-firmware", - "iwl5150-firmware", - "iwl6000-firmware", - "iwl6000g2a-firmware", - "iwl6050-firmware", - "kernel-firmware", - "libertas-usb8388-firmware", - "ql2100-firmware", - "ql2200-firmware", - "ql23xx-firmware", - "ql2400-firmware", - "ql2500-firmware", - "rt61pci-firmware", - "rt73usb-firmware", - "xorg-x11-drv-ati-firmware", - "zd1211-firmware", - // RHBZ#2075815 - "qemu-guest-agent", - }, - }.Append(bootPackageSet(t)).Append(distroSpecificPackageSet(t)) -} - -// GCE BYOS image -func gcePackageSet(t *imageType) rpmmd.PackageSet { - return gceCommonPackageSet(t) -} - -// GCE RHUI image -func gceRhuiPackageSet(t *imageType) rpmmd.PackageSet { - return rpmmd.PackageSet{ - Include: []string{ - "google-rhui-client-rhel8", - }, - }.Append(gceCommonPackageSet(t)) -} - func bareMetalPackageSet(t *imageType) rpmmd.PackageSet { ps := rpmmd.PackageSet{ Include: []string{