Create SUSE Linux Enterprise images for OCI from keg-recipes
This article describes how to generate SUSE Linux Enterprise Server image descriptions from keg-recipes and how to use those to build binary images for use in Oracle Cloud Infrastructure, either using KIWI directly, the Open Build Service, or SUSE Manager.
Keg-recipes is a GitHub repository that contains the source for public cloud images SUSE builds and images that are published. It is open to contributions and may also contain descriptions that serve as examples, such as the Oracle loud Infrastructure images. SUSE will remove the current images published in OCI in the coming weeks. The image definitions in keg-recipes can be used to generate image descriptions and build these images as outlined below.
Requirements
git
Needed to access the keg-recipes repository.
keg
Used to generated KIWI image descriptions from keg-recipes. See keg documentation for installation instructions and general information.
KIWI (optional)
KIWI is the tool that is used to build a binary image from an image description generated by keg. It can be used directly, in which case it will need to be installed on the build host. See KIWI documentation for detailed information about using KIWI to build appliances. KIWI is available for all openSUSE and SLES distributions as well as from PyPI.
openSUSE Build Service account (optional)
Instead of building images manually, the openSUSE Build Service can be used to build images. An advantage of this approach is that images automatically get rebuild when packages included in the image get updated in their origin roject/repository. NOTE: All projects in the openSUSE Build Service are public.
See the User Guide for in-depth information about the Open Build Service.
SUSE Manager (optional)
SUSE Manager has the capability to build OS images from KIWI image descriptions.
Information about image building and management using SUSE Manager can be found in the SUSE Manager administration guide.
Linux build host
Any system that git, keg, and optionally KIWI can be installed on should work. Git is included in most distributions. Keg is part of the openSUSE Tumbleweed distribution (package name “python3-kiwi-keg”) and also available for openSUSE Leap 15.4 and SLES 15.4 from the openSUSE Build Service and from PyPI.
Building a binary image
As mentioned, there are a few ways to build the binary image from the image description generated above. Following is a brief description of each, with pointers to more detailed information.
KIWI
To build the binary image manually using KIWI, direct access to SLES 15 SP3 package repositories needs to be available. By default, the image descriptions generated from keg-recipes use the “obsrepositories:/” repository specification, which only works when building in the Open Build Service. For building manually, the repository specification needs to be adjusted. In this guide, KIWI command line options are used to supply the repository paths.
Packages can be made available to KIWI via http(s), local directories, or ISO mounts. See 7.2 Setting up Repositories in the Concept and Workflow section of the KIWI documentation.
A convenient way to provide access to the full and up-to-date package tree is using a public cloud BYOS instance. The instance must use the same base OS (SLES 15 SP3 in this case) and be registered with SUSE Customer Center directly (not with the SUSE update infrastructure, i.e. registration needs to be done with SUSEConnect not registercloudguest). It needs to have all modules enabled that are required for the build, in this case those are containers, desktop applications, development, public cloud, and server applications modules.
If that is the case, the instance has https access to all package repositories. The following command generates a command line argument list for use with KIWI from all enabled SUSE Linux Enterprise repositories of the instance:
rc=set ; for id in $(zypper lr -E | grep SLE- | cut -d'|' -f1); do echo -n "--${rc}-repo=$(zypper lr -r ${id} | sed -n -e '/^URI/ s/URI *: *//p') "; rc=add; done > repos
Afterwards, the image can be build with the following command:
kiwi system build --target-dir=/var/tmp/kiwi-out --description=sles15-sp3-oci --add-bootstrap-package ca-certificates-mozilla $(cat repos)
The path for “–description” needs to be adjusted if the sles15-sp3-oci directory is not in the current working directory. The target directory can be any path that should be used for the build process. The “ca-certificates-mozilla” package needs to be added to the bootstrap so https works inside the build environment.
Once KIWI is finished, there should be a file called something like SLES15-SP3-OCI-BYOS.x86_64-0.9.0.qcow2 in /var/tmp/kiwi-out. This is the binary image that can be uploaded to Oracle Cloud Infrastructure.
In case a public cloud instance is used for image building, it should be de-registered from the SUSE Customer Center using the command
registercloudguest --clean
before terminating the instance.
openSUSE Build Service
The openSUSE Build Service can build SUSE Linux Enterprise images in an automated fashion. An image description produced by keg can be used as-is in Open Build Service, although it is advantageous to add a _constraints file to the keg output directory with the following content:
<constraints> <hardware> <disk> <size unit="G">12</size> </disk> </hardware> </constraints>
This avoids builds failing due to running on a worker without enough free disk space.
See the User Guide for documentation on the Open Build Service.
See project SUSE:Templates:Images:SLE-15-SP3:Base for an example for an Open Build Service project configured to build SUSE Linux Enterprise Server images.
SUSE Manager
SUSE Manager has the capability to build an OS image from a KIWI image description on a host that is managed by it. The image description generated by keg needs to be placed in a git repository that is accessible by the build host, and the build host must use the same base OS as the target image (SLES 15 SP3 in this example case). The activation key used for the build must include all repository channels required for the image.
See the SUSE Manager administration guide for details on how to build images with SUSE Manager.
Upload image to Oracle Cloud Infrastructure
To use a newly built binary image in Oracle Cloud Infrastructure it needs to be uploaded to an Object Storage bucket and then imported into OCI Compute. See the section Importing a Linux-Based VM in the Oracle Cloud Infrastructure documentation for detailed instructions on how to do this manually. The image type is QCOW2.
The MASH project provides a solution for automating image upload to various cloud service provider frameworks including Oracle Cloud Infrastructure and has support for Open Build Service.
Related Articles
Oct 18th, 2024
Updates over IPv6 in the public clouds
Oct 01st, 2024