e4bb7f4f16
Image types no longer report their chains. Instead, pipelines report their packages and chains and blueprint packages are added to the workload. The distro.ImageType interface retains the PackageSetsChains() methods for RHEL 7 until that is rewritten as well. The osbuild-dnf-json-test doesn't use the PackageSetsChains() method anymore. Instead, since it only test the centos-8 qcow2 image, it hardcodes the expected package set names.
321 lines
9 KiB
Go
321 lines
9 KiB
Go
package rhel8
|
|
|
|
import (
|
|
"github.com/osbuild/osbuild-composer/internal/common"
|
|
"github.com/osbuild/osbuild-composer/internal/distro"
|
|
"github.com/osbuild/osbuild-composer/internal/osbuild"
|
|
"github.com/osbuild/osbuild-composer/internal/platform"
|
|
"github.com/osbuild/osbuild-composer/internal/rpmmd"
|
|
)
|
|
|
|
const gceKernelOptions = "net.ifnames=0 biosdevname=0 scsi_mod.use_blk_mq=Y crashkernel=auto console=ttyS0,38400n8d"
|
|
|
|
func gceImgType(rd distribution) imageType {
|
|
return imageType{
|
|
name: "gce",
|
|
filename: "image.tar.gz",
|
|
mimeType: "application/gzip",
|
|
packageSets: map[string]packageSetFunc{
|
|
osPkgsKey: gcePackageSet,
|
|
},
|
|
defaultImageConfig: defaultGceByosImageConfig(rd),
|
|
kernelOptions: gceKernelOptions,
|
|
bootable: true,
|
|
bootType: distro.UEFIBootType,
|
|
defaultSize: 20 * common.GibiByte,
|
|
image: liveImage,
|
|
buildPipelines: []string{"build"},
|
|
payloadPipelines: []string{"os", "image", "archive"},
|
|
exports: []string{"archive"},
|
|
basePartitionTables: defaultBasePartitionTables,
|
|
}
|
|
}
|
|
|
|
func gceRhuiImgType(rd distribution) imageType {
|
|
return imageType{
|
|
name: "gce-rhui",
|
|
filename: "image.tar.gz",
|
|
mimeType: "application/gzip",
|
|
packageSets: map[string]packageSetFunc{
|
|
osPkgsKey: gceRhuiPackageSet,
|
|
},
|
|
defaultImageConfig: defaultGceRhuiImageConfig(rd),
|
|
kernelOptions: gceKernelOptions,
|
|
bootable: true,
|
|
bootType: distro.UEFIBootType,
|
|
defaultSize: 20 * common.GibiByte,
|
|
image: liveImage,
|
|
buildPipelines: []string{"build"},
|
|
payloadPipelines: []string{"os", "image", "archive"},
|
|
exports: []string{"archive"},
|
|
basePartitionTables: defaultBasePartitionTables,
|
|
}
|
|
}
|
|
|
|
func defaultGceByosImageConfig(rd distribution) *distro.ImageConfig {
|
|
ic := &distro.ImageConfig{
|
|
Timezone: common.ToPtr("UTC"),
|
|
TimeSynchronization: &osbuild.ChronyStageOptions{
|
|
Servers: []osbuild.ChronyConfigServer{{Hostname: "metadata.google.internal"}},
|
|
},
|
|
Firewall: &osbuild.FirewallStageOptions{
|
|
DefaultZone: "trusted",
|
|
},
|
|
EnabledServices: []string{
|
|
"sshd",
|
|
"rngd",
|
|
"dnf-automatic.timer",
|
|
},
|
|
DisabledServices: []string{
|
|
"sshd-keygen@",
|
|
"reboot.target",
|
|
},
|
|
DefaultTarget: common.ToPtr("multi-user.target"),
|
|
Locale: common.ToPtr("en_US.UTF-8"),
|
|
Keyboard: &osbuild.KeymapStageOptions{
|
|
Keymap: "us",
|
|
},
|
|
DNFConfig: []*osbuild.DNFConfigStageOptions{
|
|
{
|
|
Config: &osbuild.DNFConfig{
|
|
Main: &osbuild.DNFConfigMain{
|
|
IPResolve: "4",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
DNFAutomaticConfig: &osbuild.DNFAutomaticConfigStageOptions{
|
|
Config: &osbuild.DNFAutomaticConfig{
|
|
Commands: &osbuild.DNFAutomaticConfigCommands{
|
|
ApplyUpdates: common.ToPtr(true),
|
|
UpgradeType: osbuild.DNFAutomaticUpgradeTypeSecurity,
|
|
},
|
|
},
|
|
},
|
|
YUMRepos: []*osbuild.YumReposStageOptions{
|
|
{
|
|
Filename: "google-cloud.repo",
|
|
Repos: []osbuild.YumRepository{
|
|
{
|
|
Id: "google-compute-engine",
|
|
Name: "Google Compute Engine",
|
|
BaseURL: []string{"https://packages.cloud.google.com/yum/repos/google-compute-engine-el8-x86_64-stable"},
|
|
Enabled: common.ToPtr(true),
|
|
GPGCheck: common.ToPtr(true),
|
|
RepoGPGCheck: common.ToPtr(false),
|
|
GPGKey: []string{
|
|
"https://packages.cloud.google.com/yum/doc/yum-key.gpg",
|
|
"https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
SshdConfig: &osbuild.SshdConfigStageOptions{
|
|
Config: osbuild.SshdConfigConfig{
|
|
PasswordAuthentication: common.ToPtr(false),
|
|
ClientAliveInterval: common.ToPtr(420),
|
|
PermitRootLogin: osbuild.PermitRootLoginValueNo,
|
|
},
|
|
},
|
|
Sysconfig: []*osbuild.SysconfigStageOptions{
|
|
{
|
|
Kernel: &osbuild.SysconfigKernelOptions{
|
|
DefaultKernel: "kernel-core",
|
|
UpdateDefault: true,
|
|
},
|
|
},
|
|
},
|
|
Modprobe: []*osbuild.ModprobeStageOptions{
|
|
{
|
|
Filename: "blacklist-floppy.conf",
|
|
Commands: osbuild.ModprobeConfigCmdList{
|
|
osbuild.NewModprobeConfigCmdBlacklist("floppy"),
|
|
},
|
|
},
|
|
},
|
|
GCPGuestAgentConfig: &osbuild.GcpGuestAgentConfigOptions{
|
|
ConfigScope: osbuild.GcpGuestAgentConfigScopeDistro,
|
|
Config: &osbuild.GcpGuestAgentConfig{
|
|
InstanceSetup: &osbuild.GcpGuestAgentConfigInstanceSetup{
|
|
SetBotoConfig: common.ToPtr(false),
|
|
},
|
|
},
|
|
},
|
|
}
|
|
if rd.osVersion == "8.4" {
|
|
// NOTE(akoutsou): these are enabled in the package preset, but for
|
|
// some reason do not get enabled on 8.4.
|
|
// the reason is unknown and deeply mysterious
|
|
ic.EnabledServices = append(ic.EnabledServices,
|
|
"google-oslogin-cache.timer",
|
|
"google-guest-agent.service",
|
|
"google-shutdown-scripts.service",
|
|
"google-startup-scripts.service",
|
|
"google-osconfig-agent.service",
|
|
)
|
|
}
|
|
|
|
if rd.isRHEL() {
|
|
ic.RHSMConfig = map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{
|
|
distro.RHSMConfigNoSubscription: {
|
|
SubMan: &osbuild.RHSMStageOptionsSubMan{
|
|
Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{
|
|
AutoRegistration: common.ToPtr(true),
|
|
},
|
|
// Don't disable RHSM redhat.repo management on the GCE
|
|
// image, which is BYOS and does not use RHUI for content.
|
|
// Otherwise subscribing the system manually after booting
|
|
// it would result in empty redhat.repo. Without RHUI, such
|
|
// system would have no way to get Red Hat content, but
|
|
// enable the repo management manually, which would be very
|
|
// confusing.
|
|
},
|
|
},
|
|
distro.RHSMConfigWithSubscription: {
|
|
SubMan: &osbuild.RHSMStageOptionsSubMan{
|
|
Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{
|
|
AutoRegistration: common.ToPtr(true),
|
|
},
|
|
// do not disable the redhat.repo management if the user
|
|
// explicitly request the system to be subscribed
|
|
},
|
|
},
|
|
}
|
|
}
|
|
return ic
|
|
}
|
|
|
|
func defaultGceRhuiImageConfig(rd distribution) *distro.ImageConfig {
|
|
ic := &distro.ImageConfig{
|
|
RHSMConfig: map[distro.RHSMSubscriptionStatus]*osbuild.RHSMStageOptions{
|
|
distro.RHSMConfigNoSubscription: {
|
|
SubMan: &osbuild.RHSMStageOptionsSubMan{
|
|
Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{
|
|
AutoRegistration: common.ToPtr(true),
|
|
},
|
|
Rhsm: &osbuild.SubManConfigRHSMSection{
|
|
ManageRepos: common.ToPtr(false),
|
|
},
|
|
},
|
|
},
|
|
distro.RHSMConfigWithSubscription: {
|
|
SubMan: &osbuild.RHSMStageOptionsSubMan{
|
|
Rhsmcertd: &osbuild.SubManConfigRHSMCERTDSection{
|
|
AutoRegistration: common.ToPtr(true),
|
|
},
|
|
// do not disable the redhat.repo management if the user
|
|
// explicitly request the system to be subscribed
|
|
},
|
|
},
|
|
},
|
|
}
|
|
ic = ic.InheritFrom(defaultGceByosImageConfig(rd))
|
|
return ic
|
|
}
|
|
|
|
// common GCE image
|
|
func gceCommonPackageSet(t *imageType) rpmmd.PackageSet {
|
|
return rpmmd.PackageSet{
|
|
Include: []string{
|
|
"@core",
|
|
"langpacks-en", // not in Google's KS
|
|
"acpid",
|
|
"dhcp-client",
|
|
"dnf-automatic",
|
|
"net-tools",
|
|
//"openssh-server", included in core
|
|
"python3",
|
|
"rng-tools",
|
|
"tar",
|
|
"vim",
|
|
|
|
// GCE guest tools
|
|
"google-compute-engine",
|
|
"google-osconfig-agent",
|
|
"gce-disk-expand",
|
|
|
|
// Not explicitly included in GCP kickstart, but present on the image
|
|
// for time synchronization
|
|
"chrony",
|
|
"timedatex",
|
|
// EFI
|
|
"grub2-tools-efi",
|
|
},
|
|
Exclude: []string{
|
|
"alsa-utils",
|
|
"b43-fwcutter",
|
|
"dmraid",
|
|
"eject",
|
|
"gpm",
|
|
"irqbalance",
|
|
"microcode_ctl",
|
|
"smartmontools",
|
|
"aic94xx-firmware",
|
|
"atmel-firmware",
|
|
"b43-openfwwf",
|
|
"bfa-firmware",
|
|
"ipw2100-firmware",
|
|
"ipw2200-firmware",
|
|
"ivtv-firmware",
|
|
"iwl100-firmware",
|
|
"iwl1000-firmware",
|
|
"iwl3945-firmware",
|
|
"iwl4965-firmware",
|
|
"iwl5000-firmware",
|
|
"iwl5150-firmware",
|
|
"iwl6000-firmware",
|
|
"iwl6000g2a-firmware",
|
|
"iwl6050-firmware",
|
|
"kernel-firmware",
|
|
"libertas-usb8388-firmware",
|
|
"ql2100-firmware",
|
|
"ql2200-firmware",
|
|
"ql23xx-firmware",
|
|
"ql2400-firmware",
|
|
"ql2500-firmware",
|
|
"rt61pci-firmware",
|
|
"rt73usb-firmware",
|
|
"xorg-x11-drv-ati-firmware",
|
|
"zd1211-firmware",
|
|
// RHBZ#2075815
|
|
"qemu-guest-agent",
|
|
},
|
|
}.Append(bootPackageSet(t)).Append(distroSpecificPackageSet(t))
|
|
}
|
|
|
|
// GCE BYOS image
|
|
func gcePackageSet(t *imageType) rpmmd.PackageSet {
|
|
return gceCommonPackageSet(t)
|
|
}
|
|
|
|
// GCE RHUI image
|
|
func gceRhuiPackageSet(t *imageType) rpmmd.PackageSet {
|
|
return rpmmd.PackageSet{
|
|
Include: []string{
|
|
"google-rhui-client-rhel8",
|
|
},
|
|
}.Append(gceCommonPackageSet(t))
|
|
}
|
|
|
|
// gceX86 embeds the X86 platform and overrides the GetPackages() method to
|
|
// exclude the grub2-pc package.
|
|
// See the image type documentation for more information:
|
|
// https://github.com/osbuild/osbuild-composer/blob/d12d9674d6293f2c374a66ba2c4fac102633d360/image-types/rhel8/google-gce.md#rhel-8-byosrhui--rhel-9-byos-image-differences-compared-to-googles-image
|
|
type gceX86 struct {
|
|
platform.X86
|
|
}
|
|
|
|
func (p *gceX86) GetPackages() []string {
|
|
packages := p.BasePlatform.FirmwarePackages
|
|
|
|
packages = append(packages,
|
|
"dracut-config-generic",
|
|
"dracut-config-generic",
|
|
"efibootmgr",
|
|
"grub2-efi-x64",
|
|
"shim-x64")
|
|
|
|
return packages
|
|
|
|
}
|