Fix installation and trim packages

rancher · Nov 4, 2021 · f35b369 · f35b369
1 parent 85e1eb9
commit f35b369
Show file tree

Hide file tree

Showing 11 changed files with 167 additions and 43 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,11 +1,14 @@
 FROM opensuse/leap:15.3 AS build
 RUN zypper ref
 RUN zypper in -y squashfs xorriso go1.16 upx busybox-static curl tar git gzip
-RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.5/luet-0.20.5-linux-$(go env GOARCH) && \
-    chmod +x /usr/bin/luet
+RUN curl -Lo /usr/bin/luet https://github.com/mudler/luet/releases/download/0.20.6/luet-0.20.6-linux-$(go env GOARCH) && \
+    chmod +x /usr/bin/luet && \
+    upx /usr/bin/luet
 RUN curl -Lo /usr/bin/rancherd https://github.com/rancher/rancherd/releases/download/v0.0.1-alpha11/rancherd-$(go env GOARCH) && \
-    chmod +x /usr/bin/rancherd
-RUN curl -L https://get.helm.sh/helm-v3.7.1-linux-$(go env GOARCH).tar.gz | tar xzf - -C /usr/bin --strip-components=1
+    chmod +x /usr/bin/rancherd && \
+    upx /usr/bin/rancherd
+RUN curl -L https://get.helm.sh/helm-v3.7.1-linux-$(go env GOARCH).tar.gz | tar xzf - -C /usr/bin --strip-components=1 && \
+    upx /usr/bin/helm
 COPY go.mod go.sum /usr/src/
 COPY cmd /usr/src/cmd
 COPY pkg /usr/src/pkg
@@ -48,8 +51,10 @@ RUN ["/usr/bin/busybox", "rm", "-rf", "/var", "/etc/ssl", "/usr/bin/busybox"]
 
 # Make OS image
 FROM opensuse/leap:15.3 as os
+RUN sed -i -s 's/^# rpm.install.excludedocs/rpm.install.excludedocs/' /etc/zypp/zypp.conf
 RUN zypper ref
-RUN zypper in -y \
+RUN zypper dup -y
+RUN zypper in -y -- \
     apparmor-parser \
     avahi \
     bash-completion \
@@ -69,7 +74,6 @@ RUN zypper in -y \
     grub2-x86_64-efi \
     haveged \
     hdparm \
-    iotop \
     iproute2 \
     iptables \
     iputils \
@@ -90,51 +94,56 @@ RUN zypper in -y \
     kernel-firmware-qlogic \
     kernel-firmware-realtek \
     kernel-firmware-usb-network \
-    libtspi1 \
+    -kubic-locale-archive \
     less \
     lshw \
     lsof \
     lsscsi \
     lvm2 \
     mdadm \
     multipath-tools \
-    nano \
     netcat-openbsd \
     nfs-utils \
     open-iscsi \
     open-vm-tools \
+    openssh \
     parted \
+    -perl \
     pciutils \
     pigz \
-    policycoreutils \
     procps \
     psmisc \
-    python-azure-agent \
     qemu-guest-agent \
-    rng-tools \
     rsync \
     squashfs \
     strace \
-    SUSEConnect \
     sysstat \
     systemd \
+    systemd-presets-branding-openSUSE \
+    -systemd-presets-branding-MicroOS \
     systemd-sysvinit \
     tar \
-    tcpdump \
     timezone \
-    vim \
+    vim-small \
     which \
     zstd
 
 # Copy in some local OS customizations
 COPY opensuse/files /
 
+ARG IMAGE_TAG=latest
+RUN cat /etc/os-release.tmpl | env \
+    "VERSION=${IMAGE_TAG}" \
+    "VERSION_ID=$(echo ${IMAGE_TAG} | sed s/^v//)" \
+    "PRETTY_NAME=RancherOS ${IMAGE_TAG}" \
+    envsubst > /etc/os-release && \
+    rm /etc/os-release.tmpl
+
 # Starting from here are the lines needed for RancherOS to work
 
 # IMPORTANT: Setup rancheros-release used for versioning/upgrade. The
 # values here should reflect the tag of the image being built
 ARG IMAGE_REPO=norepo
-ARG IMAGE_TAG=latest
 RUN echo "IMAGE_REPO=${IMAGE_REPO}"          > /usr/lib/rancheros-release && \
     echo "IMAGE_TAG=${IMAGE_TAG}"           >> /usr/lib/rancheros-release && \
     echo "IMAGE=${IMAGE_REPO}:${IMAGE_TAG}" >> /usr/lib/rancheros-release
@@ -147,3 +156,12 @@ RUN mkinitrd && \
     # aarch64 has an uncompressed kernel so we need to link it to vmlinuz
     kernel=$(ls /boot/Image-* | head -n1) && \
     if [ -e "$kernel" ]; then ln -sf "${kernel#/boot/}" /boot/vmlinuz; fi
+
+# Save some space
+RUN zypper clean --all && \
+    rm -rf /var/log/update* && \
+    >/var/log/lastlog && \
+    rm -rf /boot/vmlinux*
+
+FROM scratch as default
+COPY --from=os / /
diff --git a/cmd/ros-installer/main.go b/cmd/ros-installer/main.go
@@ -21,7 +21,7 @@ var (
 func main() {
 	flag.Parse()
 	if *printConfig {
-		cfg, err := config.ReadConfig(*configFile)
+		cfg, err := config.ReadConfig(*configFile, *automatic)
 		if err != nil {
 			logrus.Fatal(err)
 		}

diff --git a/framework/files/etc/luet/luet.yaml b/framework/files/etc/luet/luet.yaml
@@ -5,8 +5,17 @@ general:
    debug: false
    spinner_charset: 9
 repositories:
-- name: "cos-toolkit-green"
+- name: "cos-toolkit-green-amd64"
   type: "docker"
   enable: true
+  arch: amd64
+  reference: 20211103130314-repository.yaml
   urls:
   - "quay.io/costoolkit/releases-green"
+- name: "cos-toolkit-green-arm64"
+  type: "docker"
+  enable: true
+  arch: arm64
+  reference: 20211103171213-repository.yaml
+  urls:
+  - "quay.io/costoolkit/releases-green-arm64"
diff --git a/framework/files/usr/sbin/suc-upgrade b/framework/files/usr/sbin/suc-upgrade
@@ -2,15 +2,32 @@
 set -x -e
 HOST_DIR="${HOST_DIR:-/host}"
 RELEASE_FILE="${RELEASE_FILE:-/usr/lib/rancheros-release}"
+CONF_FILE="${CONF_FILE:-/run/data/cloud-config}"
+
+function config()
+{
+    if [ ! -e $CONF_FILE ]; then
+        return 0
+    fi
+
+    if [ ! -e ${HOST}/oem/90_operator.yaml ] || ! diff $CONF_FILE ${HOST}/oem/90/operator.yaml >/dev/null; then
+        cp -f $CONF_FILE ${HOST}/oem/90/operator.yaml
+        $REBOOT
+    fi
+}
 
 if [ "$FORCE" != "true" ]; then
     if diff $RELEASE_FILE ${HOST_DIR}${RELEASE_FILE} >/dev/null; then
         echo Update to date with
         cat ${RELEASE_FILE}
+
+        REBOOT="nsenter -i -m -t 1 -- reboot"
+        config
         exit 0
     fi
 fi
 
+config
 mount --rbind $HOST_DIR/dev /dev
 mount --rbind $HOST_DIR/run /run
 bash -x cos-upgrade --directory /

diff --git a/opensuse/files/etc/os-release.tmpl b/opensuse/files/etc/os-release.tmpl
@@ -0,0 +1,9 @@
+NAME="RancherOS"
+ID="rancheros"
+ID_LIKE="suse opensuse"
+BUG_REPORT_URL="https://github.com/rancher/os2/issues"
+HOME_URL="https://github.com/rancher/os2"
+
+VERSION="${VERSION}"
+VERSION_ID="${VERSION_ID}"
+PRETTY_NAME="${PRETTY_NAME}"
diff --git a/pkg/apis/rancheros.cattle.io/v1/os.go b/pkg/apis/rancheros.cattle.io/v1/os.go
@@ -19,6 +19,7 @@ type ManagedOSImage struct {
 
 type ManagedOSImageSpec struct {
 	OSImage      string                `json:"osImage,omitempty"`
+	CloudConfig  *fleet.GenericMap     `json:"cloudConfig,omitempty"`
 	NodeSelector *metav1.LabelSelector `json:"nodeSelector,omitempty"`
 	Concurrency  *int64                `json:"concurrency,omitempty"`
 

diff --git a/pkg/config/read.go b/pkg/config/read.go
@@ -146,11 +146,24 @@ func merge(readers ...reader) (map[string]interface{}, error) {
 	return d, nil
 }
 
-func readConfigMap(cfg string) (map[string]interface{}, error) {
-	data, err := merge(readCmdline, readFileFunc(cfg))
-	if err != nil {
-		return nil, err
+func readConfigMap(cfg string, includeCmdline bool) (map[string]interface{}, error) {
+	var (
+		data map[string]interface{}
+		err  error
+	)
+
+	if includeCmdline {
+		data, err = merge(readCmdline, readFileFunc(cfg))
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		data, err = merge(readFileFunc(cfg))
+		if err != nil {
+			return nil, err
+		}
 	}
+
 	if cfg != "" {
 		values.PutValue(data, cfg, "rancheros", "install", "configUrl")
 	}
@@ -180,7 +193,18 @@ func ToFile(cfg Config, output string) error {
 }
 
 func ToBytes(cfg Config) ([]byte, error) {
-	data := values.MergeMaps(nil, cfg.Data)
+	var (
+		data map[string]interface{}
+		err  error
+	)
+	if len(cfg.Data) > 0 {
+		data = values.MergeMaps(nil, cfg.Data)
+	} else {
+		data, err = convert.EncodeToMap(cfg)
+		if err != nil {
+			return nil, err
+		}
+	}
 	values.RemoveValue(data, "install")
 	values.RemoveValue(data, "rancheros", "install")
 	bytes, err := yaml.Marshal(data)
@@ -191,8 +215,8 @@ func ToBytes(cfg Config) ([]byte, error) {
 	return append([]byte("#cloud-config\n"), bytes...), nil
 }
 
-func ReadConfig(cfg string) (result Config, err error) {
-	data, err := readConfigMap(cfg)
+func ReadConfig(cfg string, includeCmdline bool) (result Config, err error) {
+	data, err := readConfigMap(cfg, includeCmdline)
 	if err != nil {
 		return result, err
 	}

diff --git a/pkg/controllers/managedos/managedos.go b/pkg/controllers/managedos/managedos.go
@@ -67,7 +67,12 @@ func (h *handler) OnChange(mos *provv1.ManagedOSImage, status provv1.ManagedOSIm
 		return nil, status, err
 	}
 
-	resources, err := ToResources(objects(mos, prefix))
+	objs, err := objects(mos, prefix)
+	if err != nil {
+		return nil, status, err
+	}
+
+	resources, err := ToResources(objs)
 	if err != nil {
 		return nil, status, err
 	}

diff --git a/pkg/controllers/managedos/template.go b/pkg/controllers/managedos/template.go
@@ -6,13 +6,30 @@ import (
 	osv1 "github.com/rancher/os2/pkg/apis/rancheros.cattle.io/v1"
 	"github.com/rancher/os2/pkg/clients"
 	upgradev1 "github.com/rancher/system-upgrade-controller/pkg/apis/upgrade.cattle.io/v1"
+	"gopkg.in/yaml.v3"
 	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
-func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object {
+func cloudConfig(mos *osv1.ManagedOSImage) ([]byte, error) {
+	if mos.Spec.CloudConfig == nil || len(mos.Spec.CloudConfig.Data) == 0 {
+		return []byte{}, nil
+	}
+	data, err := yaml.Marshal(mos.Spec.CloudConfig.Data)
+	if err != nil {
+		return nil, err
+	}
+	return append([]byte("#cloud-config\n"), data...), nil
+}
+
+func objects(mos *osv1.ManagedOSImage, prefix string) ([]runtime.Object, error) {
+	cloudConfig, err := cloudConfig(mos)
+	if err != nil {
+		return nil, err
+	}
+
 	concurrency := int64(1)
 	if mos.Spec.Concurrency != nil {
 		concurrency = *mos.Spec.Concurrency
@@ -66,6 +83,15 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object {
 				Namespace: clients.SystemNamespace,
 			},
 		},
+		&corev1.Secret{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "os-upgrader-data",
+				Namespace: clients.SystemNamespace,
+			},
+			Data: map[string][]byte{
+				"cloud-config": cloudConfig,
+			},
+		},
 		&upgradev1.Plan{
 			TypeMeta: metav1.TypeMeta{
 				Kind:       "Plan",
@@ -86,6 +112,10 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object {
 				Cordon:             cordon,
 				Drain:              mos.Spec.Drain,
 				Prepare:            mos.Spec.Prepare,
+				Secrets: []upgradev1.SecretSpec{{
+					Name: "os-upgrader-data",
+					Path: "/run/data",
+				}},
 				Upgrade: &upgradev1.ContainerSpec{
 					Image: PrefixPrivateRegistry(image[0], prefix),
 					Command: []string{
@@ -94,7 +124,7 @@ func objects(mos *osv1.ManagedOSImage, prefix string) []runtime.Object {
 				},
 			},
 		},
-	}
+	}, nil
 }
 
 func PrefixPrivateRegistry(image, prefix string) string {

diff --git a/pkg/install/install.go b/pkg/install/install.go
@@ -12,7 +12,7 @@ import (
 )
 
 func Run(automatic bool, configFile string, powerOff bool, silent bool) error {
-	cfg, err := config.ReadConfig(configFile)
+	cfg, err := config.ReadConfig(configFile, automatic)
 	if err != nil {
 		return err
 	}
@@ -58,6 +58,7 @@ func runInstall(cfg config.Config, output string) error {
 		if err != nil || !val {
 			return err
 		}
+		cfg.Data = nil
 	}
 
 	if cfg.RancherOS.Install.ConfigURL == "" && !cfg.RancherOS.Install.Automatic {
@@ -91,13 +92,13 @@ func runInstall(cfg config.Config, output string) error {
 			return err
 		}
 		cfg.RancherOS.Install.ConfigURL = output + ".yip"
+	} else {
+		if err := config.ToFile(cfg, output); err != nil {
+			return err
+		}
+		cfg.RancherOS.Install.ConfigURL = output
 	}
 
-	if err := config.ToFile(cfg, output); err != nil {
-		return err
-	}
-	cfg.RancherOS.Install.ConfigURL = output
-
 	ev, err := config.ToEnv(cfg)
 	if err != nil {
 		return err