From 7e2625bf0ffd4d58242909bb1e465cbdc07b1552 Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Thu, 13 Jun 2019 10:52:42 -0700 Subject: [PATCH 1/5] bottlecap: use kvm device instead of --privileged --- bottlecap | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bottlecap b/bottlecap index e93acb5b3c..bfca98996c 100755 --- a/bottlecap +++ b/bottlecap @@ -101,4 +101,4 @@ fi # we actually want work splitting here since $volumes is multiple args # shellcheck disable=SC2086 -$runtime run --rm -ti --privileged --userns=host $volumes --workdir /srv $entrypoint "$container" "$@" +$runtime run --rm -ti --device '/dev/kvm' $volumes --workdir /srv $entrypoint "$container" "$@" From 128671bf5901994c74ff26ac4d6a4acafc8f1156 Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Thu, 13 Jun 2019 11:37:30 -0700 Subject: [PATCH 2/5] vmdeps: add things needed for removing anaconda --- src/vmdeps.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/src/vmdeps.txt b/src/vmdeps.txt index 707e471909..c2ba98e256 100644 --- a/src/vmdeps.txt +++ b/src/vmdeps.txt @@ -17,3 +17,4 @@ selinux-policy selinux-policy-targeted policycoreutils # coreos-assembler #FEDORA python3 python3-gobject-base buildah podman skopeo iptables iptables-libs +gdisk xfsprogs e2fsprogs grub2 dosfstools From 95be85a70a8ce91085daabe27c548c01a6a58a52 Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Thu, 13 Jun 2019 11:38:38 -0700 Subject: [PATCH 3/5] src: add disk create script, grub config --- src/create_disk.sh | 66 ++++++++++++++++++++++++++++++++++++++++++++++ src/grub.cfg | 49 ++++++++++++++++++++++++++++++++++ 2 files changed, 115 insertions(+) create mode 100755 src/create_disk.sh create mode 100644 src/grub.cfg diff --git a/src/create_disk.sh b/src/create_disk.sh new file mode 100755 index 0000000000..4190c5b707 --- /dev/null +++ b/src/create_disk.sh @@ -0,0 +1,66 @@ +#!/bin/sh +set -euo pipefail + +if [ "$#" -ne 6 ]; then + echo 'create_disk ' + exit 1 +fi + +export PATH=$PATH:/sbin:/usr/sbin + +disk="$1" && shift +ostree="$1" && shift +ref="$1" && shift +grub_script="$1" && shift +os_name="$1" && shift +extrakargs="$1" && shift + +# partition and create fs +sgdisk -Z $disk \ + -n 1:0:+128M -c 1:boot \ + -n 2:0:+128M -c 2:EFI-SYSTEM -t 2:C12A7328-F81F-11D2-BA4B-00A0C93EC93B \ + -n 3:0:+128M -c 3:BIOS-BOOT -t 3:21686148-6449-6E6F-744E-656564454649 \ + -n 4:0:0 -c 4:root -t 4:4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709 +sgdisk -p "$disk" + +# HACK ALERT - wait for partition rescans +sleep 2 + +mkfs.ext4 "${disk}1" -L boot +mkfs.fat "${disk}2" -n EFI-SYSTEM +# partition 3 has no FS, its for bios grub +mkfs.xfs "${disk}4" -L root + +# mount the partitions +rm -rf rootfs +mkdir rootfs +mount "${disk}4" rootfs +mkdir rootfs/boot +mount "${disk}1" rootfs/boot +mkdir rootfs/boot/efi +mount "${disk}2" rootfs/boot/efi + +# init the ostree +ostree admin init-fs rootfs +ostree pull-local "$ostree" "$ref" --repo rootfs/ostree/repo +ostree admin os-init "$os_name" --sysroot rootfs +allkargs='root=/dev/disk/by-label/root rootflags=defaults,prjquota rw $ignition_firstboot' +allkargs="$allkargs $extrakargs" +kargsargs="" +for karg in $allkargs +do + kargsargs+="--karg-append=$karg " +done +ostree admin deploy "$ref" --sysroot rootfs --os fedora-coreos $kargsargs + +# install bios grub +grub2-install \ + --target i386-pc \ + --boot-directory rootfs/boot \ + $disk + +# copy the grub config and any other files we might need +cp $grub_script rootfs/boot/grub2/grub.cfg +touch rootfs/boot/ignition.firstboot + +umount -R rootfs diff --git a/src/grub.cfg b/src/grub.cfg new file mode 100644 index 0000000000..749c0ced9e --- /dev/null +++ b/src/grub.cfg @@ -0,0 +1,49 @@ +set pager=1 + +if [ -f ${config_directory}/grubenv ]; then + load_env -f ${config_directory}/grubenv +elif [ -s $prefix/grubenv ]; then + load_env +fi + +if [ x"${feature_menuentry_id}" = xy ]; then + menuentry_id_option="--id" +else + menuentry_id_option="" +fi + +function load_video { + if [ x$feature_all_video_module = xy ]; then + insmod all_video + else + insmod efi_gop + insmod efi_uga + insmod ieee1275_fb + insmod vbe + insmod vga + insmod video_bochs + insmod video_cirrus + fi +} + +serial --speed=115200 +terminal_input serial console +terminal_output serial console +if [ x$feature_timeout_style = xy ] ; then + set timeout_style=menu + set timeout=1 +# Fallback normal timeout code in case the timeout_style feature is +# unavailable. +else + set timeout=1 +fi + +set ignition_firstboot="" +# Determine if this is a first boot. +if [ -f "/ignition.firstboot" ]; then + set ignition_firstboot="ignition.firstboot" +fi + +set root='hd0,gpt1' +set boot='hd0,gpt1' +blscfg From c7df79528e534a9deec5d255457e63a5c43de0ae Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Fri, 14 Jun 2019 14:34:15 -0700 Subject: [PATCH 4/5] cmd-build: don't use anaconda for x86_64 Also switch to BLS. Continue to use anaconda on other arches. --- src/cmd-build | 16 +++++++++++++++- src/cmdlib.sh | 15 ++++++++++++++- src/gf-platformid | 26 ++++++++++++++------------ 3 files changed, 43 insertions(+), 14 deletions(-) diff --git a/src/cmd-build b/src/cmd-build index 63724017ff..25e2c3f7ab 100755 --- a/src/cmd-build +++ b/src/cmd-build @@ -242,9 +242,23 @@ img_base=tmp/${imageprefix}-base.qcow2 # forgive me for this sin checksum_location=$(find /usr/lib/coreos-assembler-anaconda/ -name '*CHECKSUM' | head -1) +build_image() { + local size kargs + size="$(python3 -c 'import sys, yaml; print(yaml.load(sys.stdin, Loader=yaml.CLoader)["size"])' < "$configdir/image.yaml")G" + kargs="$(python3 -c 'import sys, yaml; args = yaml.load(sys.stdin, Loader=yaml.CLoader).get("extra-kargs", []); print(" ".join(args))' < "$configdir/image.yaml")" + kargs="$kargs console=tty0 console=${VM_TERMINAL},115200n8" + + qemu-img create -f qcow2 "$img_base" "$size" + runvm_with_disk "$img_base" /usr/lib/coreos-assembler/create_disk.sh /dev/vda "$tmprepo" "${ref-:${commit}}" /usr/lib/coreos-assembler/grub.cfg "$name" "\"$kargs\"" +} + if [ -n "${build_qemu}" ]; then img_qemu=${imageprefix}-qemu.qcow2 - run_virtinstall "${tmprepo}" "${ref}" "${PWD}"/"${img_base}" --variant=cloud + if [ "$arch" == "x86_64" ]; then + build_image + else + run_virtinstall "${tmprepo}" "${ref}" "${PWD}"/"${img_base}" --variant=cloud + fi /usr/lib/coreos-assembler/gf-platformid "$(pwd)"/"${img_base}" "$(pwd)"/"${img_qemu}" qemu fi diff --git a/src/cmdlib.sh b/src/cmdlib.sh index 49c1e86152..e998527f1e 100755 --- a/src/cmdlib.sh +++ b/src/cmdlib.sh @@ -314,6 +314,12 @@ EOF } runvm() { + runvm_with_disk "" "$@" +} + +runvm_with_disk() { + local disk="$1" + shift local vmpreparedir=${workdir}/tmp/supermin.prepare local vmbuilddir=${workdir}/tmp/supermin.build @@ -381,6 +387,12 @@ EOF arch_args='-bios /usr/share/AAVMF/AAVMF_CODE.fd' fi + # if a disk image exists, attach it too + extradisk=() + if [ -n "$disk" ]; then + extradisk=("-drive" "if=virtio,id=target,format=qcow2,file=$disk") + fi + #shellcheck disable=SC2086 ${QEMU_KVM} ${arch_args:-} \ -nodefaults -nographic -m 2048 -no-reboot -cpu host \ @@ -394,7 +406,8 @@ EOF -device scsi-hd,bus=scsi0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0-0-0-0,id=scsi0-0-0-0,bootindex=1 \ "${cachedisk[@]}" \ -virtfs local,id=workdir,path="${workdir}",security_model=none,mount_tag=workdir \ - "${srcvirtfs[@]}" -serial stdio -append "root=/dev/sda console=${VM_TERMINAL} selinux=1 enforcing=0 autorelabel=1" + "${srcvirtfs[@]}" -serial stdio -append "root=/dev/sda console=${VM_TERMINAL} selinux=1 enforcing=0 autorelabel=1" \ + "${extradisk[@]}" if [ ! -f "${workdir}"/tmp/rc ]; then fatal "Couldn't find rc file, something went terribly wrong!" diff --git a/src/gf-platformid b/src/gf-platformid index 01c48095b6..ad5170ae3d 100755 --- a/src/gf-platformid +++ b/src/gf-platformid @@ -41,19 +41,21 @@ coreos_gf_run_mount "${tmp_dest}" # * grub config # * BLS config (for subsequent config regeneration) # First, the grub config. -if [ "$(coreos_gf exists '/boot/efi')" == 'true' ]; then - grubcfg_path=$(coreos_gf glob-expand /boot/efi/EFI/*/grub.cfg) -else - grubcfg_path=/boot/loader/grub.cfg +if [ "$arch" -ne "x86_64" ] || [ "$platformid" == "metal" ]; then + if [ "$(coreos_gf exists '/boot/efi')" == 'true' ]; then + grubcfg_path=$(coreos_gf glob-expand /boot/efi/EFI/*/grub.cfg) + else + grubcfg_path=/boot/loader/grub.cfg + fi + coreos_gf download "${grubcfg_path}" "${tmpd}"/grub.cfg + # Remove any platformid currently there + sed -i -e 's, ignition.platform.id=[a-zA-Z0-9]*,,g' "${tmpd}"/grub.cfg + # Insert our new platformid + # Match linux16, linux and linuxefi since only linux is available on aarch64 + # and linuxefi is available in grub2.cfg for UEFI + sed -i -e 's,^\(linux\(16\|efi\)\? .*\),\1 ignition.platform.id='"${platformid}"',' "${tmpd}"/grub.cfg + coreos_gf upload "${tmpd}"/grub.cfg "${grubcfg_path}" fi -coreos_gf download "${grubcfg_path}" "${tmpd}"/grub.cfg -# Remove any platformid currently there -sed -i -e 's, ignition.platform.id=[a-zA-Z0-9]*,,g' "${tmpd}"/grub.cfg -# Insert our new platformid -# Match linux16, linux and linuxefi since only linux is available on aarch64 -# and linuxefi is available in grub2.cfg for UEFI -sed -i -e 's,^\(linux\(16\|efi\)\? .*\),\1 ignition.platform.id='"${platformid}"',' "${tmpd}"/grub.cfg -coreos_gf upload "${tmpd}"/grub.cfg "${grubcfg_path}" # Now the BLS version blscfg_path=$(coreos_gf glob-expand /boot/loader/entries/ostree-*.conf) coreos_gf download "${blscfg_path}" "${tmpd}"/bls.conf From 5360e92fc41e6872e46bbeef628a9b45d6f34767 Mon Sep 17 00:00:00 2001 From: Andrew Jeddeloh Date: Mon, 17 Jun 2019 17:04:26 -0700 Subject: [PATCH 5/5] create_disk: build uefi+bios images Install both uefi and bios grub, but have them read the same config. --- src/create_disk.sh | 9 +++++++++ src/vmdeps.txt | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/src/create_disk.sh b/src/create_disk.sh index 4190c5b707..e1029e78d8 100755 --- a/src/create_disk.sh +++ b/src/create_disk.sh @@ -59,6 +59,15 @@ grub2-install \ --boot-directory rootfs/boot \ $disk +# install uefi grub +mkdir -p rootfs/boot/efi/EFI/boot +grub2-mkimage \ + --format x86_64-efi \ + --output rootfs/boot/efi/EFI/boot/bootx64.efi \ + --prefix '(hd0,gpt1)/grub2' \ + normal fat part_gpt gzio terminal configfile echo ext2 +cp -r /usr/lib/grub/x86_64-efi rootfs/boot/grub2/ + # copy the grub config and any other files we might need cp $grub_script rootfs/boot/grub2/grub.cfg touch rootfs/boot/ignition.firstboot diff --git a/src/vmdeps.txt b/src/vmdeps.txt index c2ba98e256..5407fdb015 100644 --- a/src/vmdeps.txt +++ b/src/vmdeps.txt @@ -17,4 +17,5 @@ selinux-policy selinux-policy-targeted policycoreutils # coreos-assembler #FEDORA python3 python3-gobject-base buildah podman skopeo iptables iptables-libs -gdisk xfsprogs e2fsprogs grub2 dosfstools + +gdisk xfsprogs e2fsprogs grub2 dosfstools grub2-efi-x64-modules