Add logically bound images for EDPM services #39
Conversation
bshephar
force-pushed
the
logically-bound-images
branch
from
9a2602d to
7f1ca6e
Compare
bootc/Containerfile.centos9
Outdated
| COPY embedded-services/quadlets/multipathd/multipathd.yaml /usr/share/containers/systemd/multipathd.yaml | ||
| COPY embedded-services/quadlets/multipathd/multipathd.image /usr/share/containers/systemd/multipathd.image | ||
| COPY embedded-services/quadlets/ceilometer_agent_compute/ceilometer_agent_compute.yaml /usr/share/containers/systemd/ceilometer_agent_compute.yaml | ||
| COPY embedded-services/quadlets/ceilometer_agent_compute/ceilometer_agent_compute.image /usr/share/containers/systemd/ceilometer_agent_compute.image |
There was a problem hiding this comment.
Each directive creates a layer, if all the files were in the quadlets directory this could become a single directive:
COPY embedded-services/quadlets/* /usr/share/containers/systemd/
There was a problem hiding this comment.
I'll squash them all once this is ready to go. I don't see any issue with them all being in one layer
| RUN podman pull quay.io/podified-antelope-centos9/openstack-multipathd:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-nova-compute:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-ovn-controller:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-neutron-metadata-agent-ovn:current-podified |
There was a problem hiding this comment.
Do we want each pull in its own layer? I don't know?? If we didn't then this could be reduced to a single RUN
There was a problem hiding this comment.
This actually isn't working anymore. Complains about things not being available in the container environment. I'm actually noticing the same error with my laptop bootc image too. Maybe something changed in the base edpm centos image. For now, I'm just commenting these lines when I build the image and letting systemd pull the containers when the node boots.
There was a problem hiding this comment.
these commands give me a lot of cannot set user namespace errors. sometimes it works, sometimes it doesn't.
There was a problem hiding this comment.
I believe using podman pull in the Containerfile would make these images be classified as "physically bound"
AIUI, a difference between logically and physically images for bootc is that logically bound images are only referenced. And in order to reference them, the .container or .image unit files should be symlinked under /usr/lib/bootc/bound-images.d. This is explained in detail in https://containers.github.io/bootc/logically-bound-images.html#using-logically-bound-images.
There was a problem hiding this comment.
Yeah, it stopped working for me too. I think we can probably leave this particular part out for now and just pull the images we need during the deployment.
We'll just need to make sure we do all of the container registries.conf configuration before we try to pull them. Currently, in air-gapped deployments, we re-use the registries.conf from the OpenShift cluster when a ImageContentSourcePolicy is present:
https://github.com/openstack-k8s-operators/openstack-operator/blob/main/docs/assemblies/proc_deploying-in-disconnected-environments.adoc
So we just need to make sure we maintain the ordering for bootc deployments as well.
bshephar
force-pushed
the
logically-bound-images
branch
5 times, most recently
from
39bcd79 to
2da9f5a
Compare
bshephar
force-pushed
the
logically-bound-images
branch
7 times, most recently
from
1659a11 to
b7bc09a
Compare
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/6cd41fcfa86443e89d4286d9870ddd75 ✔️ eib-content-provider-build-images SUCCESS in 1h 02m 13s |
bshephar
force-pushed
the
logically-bound-images
branch
from
b7bc09a to
d0c72b7
Compare
|
Build failed (check pipeline). Post https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/4a956ce329eb4fb995be4bab5e3572d1 ❌ eib-content-provider-build-images FAILURE in 4m 21s |
bshephar
force-pushed
the
logically-bound-images
branch
4 times, most recently
from
d3d98a3 to
f21a11d
Compare
bshephar
force-pushed
the
logically-bound-images
branch
from
f21a11d to
fe3c83c
Compare
bootc/Containerfile.centos9
Outdated
| tmpwatch \ | ||
| tuned-profiles-cpu-partitioning \ | ||
| qemu-kvm" | ||
|
|
There was a problem hiding this comment.
don't re-format from spaces to tabs
| RUN podman pull quay.io/podified-antelope-centos9/openstack-multipathd:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-nova-compute:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-ovn-controller:current-podified | ||
| RUN podman pull quay.io/podified-antelope-centos9/openstack-neutron-metadata-agent-ovn:current-podified |
There was a problem hiding this comment.
these commands give me a lot of cannot set user namespace errors. sometimes it works, sometimes it doesn't.
bootc/Containerfile.centos9
Outdated
| ARG ENABLE_UNITS="openvswitch" | ||
|
|
||
| RUN dnf -y update && dnf -y install $PACKAGES && dnf clean all && systemctl enable $ENABLE_UNITS | ||
| RUN sudo dnf install centos-release-nfv-openvswitch centos-release-openstack-dalmatian -y && dnf -y install $PACKAGES && dnf clean all && systemctl enable $ENABLE_UNITS |
There was a problem hiding this comment.
where are you getting the rpms centos-release-nfv-openvswitch centos-release-openstack-dalmatian from? you must be customizing the repo-setup command for the build somehow?
those are available on the base quay.io/centos-bootc/centos-bootc:stream9 image, but since our first command is RUN rm -rf /etc/yum.repos.d/*.repo, the enabled repos get removed, and then those packages are no longer available
This change adds logically bound images for use with bootc. This is implementing based on: https://containers.github.io/bootc/logically-bound-images.html Signed-off-by: Brendan Shephard <[email protected]>
This change adds logically bound images for use with bootc. This is implementing based on: https://containers.github.io/bootc/logically-bound-images.html Signed-off-by: Brendan Shephard <[email protected]> Add QEMU to image Quadlet files in correct location pyroute
Signed-off-by: Brendan Shephard <[email protected]>
bshephar
force-pushed
the
logically-bound-images
branch
from
fe3c83c to
1dcd6cd
Compare
This change adds logically bound images for use with bootc. This is implementing based on: https://containers.github.io/bootc/logically-bound-images.html