diff --git a/fedora-kata-osbuilder.sh b/fedora-kata-osbuilder.sh index 6287028..e5c036c 100755 --- a/fedora-kata-osbuilder.sh +++ b/fedora-kata-osbuilder.sh @@ -11,7 +11,6 @@ readonly KERNEL_SYMLINK="${IMAGE_TOPDIR}/vmlinuz.container" readonly KVERSION=`uname -r` readonly SCRIPTNAME="$0" -readonly DRACUT_OVERLAY=`mktemp --directory -t kata-dracut-overlay-XXXXXX` readonly DRACUT_ROOTFS=`mktemp --directory -t kata-dracut-rootfs-XXXXXX` readonly DRACUT_IMAGES=`mktemp --directory -t kata-dracut-images-XXXXXX` trap exit_handler EXIT @@ -46,7 +45,7 @@ info() exit_handler() { - rm -rf "${DRACUT_OVERLAY}" "${DRACUT_ROOTFS}" "${DRACUT_IMAGES}" + rm -rf "${DRACUT_ROOTFS}" "${DRACUT_IMAGES}" } @@ -122,6 +121,53 @@ find_host_kernel_path() } +generate_rootfs() +{ + # To generate the rootfs, we build an initrd with dracut, extract + # the initrd content, and then discard the initrd. We then rebuild + # the initrd using the osbuilder native scripts. + # + # This is a bit wasteful, but it's the easiest way to work around + # obuilder script inflexibility for now, which expect that some rootfs.sh + # code is called on a fully populated distro root. + + local agent_source_bin="/usr/libexec/kata-containers/osbuilder/agent/kata-agent" + local osbuilder_version="fedora-osbuilder-version-unknown" + local dracut_conf_dir="./dracut/dracut.conf.d" + local dracut_kmodules=`source ${dracut_conf_dir}/10-drivers.conf; echo "$drivers"` + local tmp_initrd=`mktemp --tmpdir=${DRACUT_IMAGES}` + unlink "$tmp_initrd" + + # Build the initrd + echo -e "+ Building dracut initrd" + dracut \ + --confdir "${dracut_conf_dir}" \ + --no-compress \ + --conf /dev/null \ + ${tmp_initrd} ${KVERSION} + + # Extract the generated rootfs + echo "+ Extracting dracut initrd rootfs" + cat ${tmp_initrd} | \ + cpio --extract --preserve-modification-time --make-directories --directory=${DRACUT_ROOTFS} + + # Using the busybox dracut module sets /sbin/init -> busybox + # We don't want that. Reset it to systemd + ln -sf ../lib/systemd/systemd ${DRACUT_ROOTFS}/usr/sbin/init + + # Make kata specific adjustments to our rootfs + echo "Calling osbuilder rootfs.sh on extracted rootfs" + AGENT_SOURCE_BIN="${agent_source_bin}" \ + ./rootfs-builder/rootfs.sh \ + -o ${osbuilder_version} \ + -r ${DRACUT_ROOTFS} + + # Add modules-load.d file for all our manually specified drivers + mkdir -p ${DRACUT_ROOTFS}/etc/modules-load.d + echo ${dracut_kmodules} | tr " " "\n" > ${DRACUT_ROOTFS}/etc/modules-load.d/kata-modules.conf +} + + move_images() { # Move images into place @@ -155,34 +201,20 @@ main() cd "${OSBUILDER_DIR}" - export AGENT_SOURCE_BIN="/usr/libexec/kata-containers/osbuilder/agent/kata-agent" - local osbuilder_version="fedora-osbuilder-version-unknown" - local dracut_conf_dir="./dracut/dracut.conf.d" - local dracut_kmodules=`source ${dracut_conf_dir}/10-drivers.conf; echo "$drivers"` - - # Build the dracut overlay fs - ./rootfs-builder/rootfs.sh -o ${osbuilder_version} -r ${DRACUT_OVERLAY} - mkdir -p ${DRACUT_OVERLAY}/etc/modules-load.d - echo ${dracut_kmodules} | tr " " "\n" > ${DRACUT_OVERLAY}/etc/modules-load.d/kata-modules.conf + # Generate the rootfs using dracut + generate_rootfs # Build the initrd - dracut \ - --no-compress \ - --conf /dev/null \ - --confdir ${dracut_conf_dir} \ - --include ${DRACUT_OVERLAY} \ - / ${GENERATED_INITRD} ${KVERSION} - - # Extract initrd filesystem for image build - cat ${GENERATED_INITRD} | \ - cpio --extract --preserve-modification-time --make-directories --directory=${DRACUT_ROOTFS} + echo "+ Calling osbuilder initrd_builder.sh" + ./initrd-builder/initrd_builder.sh -o ${GENERATED_INITRD} ${DRACUT_ROOTFS} # Build the FS image + echo "+ Calling osbuilder image_builder.sh" ./image-builder/image_builder.sh -o ${GENERATED_IMAGE} ${DRACUT_ROOTFS} # This is a workaround till issue[0] is fixed, released and packaged. # [0]: https://github.com/kata-containers/osbuilder/issues/394 - rm image-builder/nsdax + rm -f image-builder/nsdax move_images } diff --git a/kata-osbuilder.spec b/kata-osbuilder.spec index a71533a..6c02d65 100644 --- a/kata-osbuilder.spec +++ b/kata-osbuilder.spec @@ -41,7 +41,7 @@ Source4: agent-0001-mount-Use-virtiofs-instead-of-virtio_fs-as-typeVirti.patch Patch01: osbuilder-0001-rootfs-allow-using-systemd-units-from-AGENT_SOURCE_B.patch # Fix symlinks in the dracut_overlay to not clobber Fedora. # Needs to be submitted upstream -Patch02: osbuilder-0002-rootfs-Fix-systemd-sbin-init-symlinking.patch +Patch02: osbuilder-0002-rootfs-Don-t-overwrite-init-if-it-already-exists.patch # List of drivers needed in the initrd. # Needs to be submitted upstream Patch03: osbuilder-0003-dracut-Add-Fedora-virtio-kernel-modules-to-the-initr.patch @@ -136,6 +136,7 @@ mkdir -p %{buildroot}%{katalocalstatecachedir} rm rootfs-builder/.gitignore cp -aR rootfs-builder %{buildroot}/%{kataosbuilderdir} cp -aR image-builder %{buildroot}/%{kataosbuilderdir} +cp -aR initrd-builder %{buildroot}/%{kataosbuilderdir} cp -aR scripts %{buildroot}%{kataosbuilderdir} cp -aR dracut %{buildroot}%{kataosbuilderdir} cp -a %{SOURCE2} %{buildroot}%{kataosbuilderdir} diff --git a/osbuilder-0002-rootfs-Don-t-overwrite-init-if-it-already-exists.patch b/osbuilder-0002-rootfs-Don-t-overwrite-init-if-it-already-exists.patch new file mode 100644 index 0000000..bd2806a --- /dev/null +++ b/osbuilder-0002-rootfs-Don-t-overwrite-init-if-it-already-exists.patch @@ -0,0 +1,33 @@ +From 80645c689418f13d6fbe60e8c87ca16787705687 Mon Sep 17 00:00:00 2001 +From: Cole Robinson +Date: Wed, 4 Mar 2020 17:56:03 -0500 +Subject: [PATCH] rootfs: Don't overwrite /init if it already exists + +Signed-off-by: Cole Robinson +--- + rootfs-builder/rootfs.sh | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/rootfs-builder/rootfs.sh b/rootfs-builder/rootfs.sh +index 5a5655e..554ed67 100755 +--- a/rootfs-builder/rootfs.sh ++++ b/rootfs-builder/rootfs.sh +@@ -455,9 +455,15 @@ prepare_overlay() + { + pushd "${ROOTFS_DIR}" > /dev/null + mkdir -p ./etc ./lib/systemd ./sbin ./var +- ln -sf ./usr/lib/systemd/systemd ./init +- ln -sf ../../init ./lib/systemd/systemd +- ln -sf ../init ./sbin/init ++ if [ ! -e ./init ]; then ++ # This symlink hacking is mostly to make later rootfs ++ # validation work correctly for the dracut case. ++ # We skip this if /init exists in the rootfs, meaning ++ # we were passed a pre-populated rootfs directory ++ ln -sf ./usr/lib/systemd/systemd ./init ++ ln -sf ../../init ./lib/systemd/systemd ++ ln -sf ../init ./sbin/init ++ fi + # Kata sytemd unit file + mkdir -p ./etc/systemd/system/basic.target.wants/ + ln -sf /usr/lib/systemd/system/kata-containers.target ./etc/systemd/system/basic.target.wants/kata-containers.target diff --git a/osbuilder-0002-rootfs-Fix-systemd-sbin-init-symlinking.patch b/osbuilder-0002-rootfs-Fix-systemd-sbin-init-symlinking.patch deleted file mode 100644 index 78e0818..0000000 --- a/osbuilder-0002-rootfs-Fix-systemd-sbin-init-symlinking.patch +++ /dev/null @@ -1,31 +0,0 @@ ->From 183645ca57f466ac89eb018c72348c2a3a5b38a3 Mon Sep 17 00:00:00 2001 -Message-Id: <183645ca57f466ac89eb018c72348c2a3a5b38a3.1567901440.git.crobinso@redhat.com> -In-Reply-To: -References: -From: Cole Robinson -Date: Sat, 7 Sep 2019 15:53:08 -0400 -Subject: [PATCH 2/3] rootfs: Fix systemd /sbin/init symlinking - -Signed-off-by: Cole Robinson ---- - rootfs-builder/rootfs.sh | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/rootfs-builder/rootfs.sh b/rootfs-builder/rootfs.sh -index 4bdc10d..fb020c0 100755 ---- a/rootfs-builder/rootfs.sh -+++ b/rootfs-builder/rootfs.sh -@@ -388,9 +388,7 @@ prepare_overlay() - { - pushd "${ROOTFS_DIR}" > /dev/null - mkdir -p ./etc ./lib/systemd ./sbin ./var -- ln -sf ./usr/lib/systemd/systemd ./init -- ln -sf ../../init ./lib/systemd/systemd -- ln -sf ../init ./sbin/init -+ ln -sf ../lib/systemd/systemd ./sbin/init - # Kata sytemd unit file - mkdir -p ./etc/systemd/system/basic.target.wants/ - ln -sf /usr/lib/systemd/system/kata-containers.target ./etc/systemd/system/basic.target.wants/kata-containers.target --- -2.21.0 -