18922761a6
Signed-off-by: Dean Troyer <dtroyer@gmail.com> |
||
---|---|---|
.. | ||
README |
There are three prebuilt files that we can update when we need to make changes to the installer: - vmlinuz - The kernel - initrd.img - Initial initrd loaded when the installer boots. Has kernel modules, etc, and loads the squashfs.img - squashfs.img - Provides the rootfs for the installer, which includes components like anaconda The original stock CentOS files are found: /import/mirrors/CentOS/7.4.1708/os/x86_64/isolinux/initrd.img /import/mirrors/CentOS/7.4.1708/os/x86_64/LiveOS/squashfs.img # NOTE: before updating these files, assure that you've had a successful build for the necessary files used in "kernel-rpms" and "rootfs-rpms". # here are build procedures: # kernel, kernel modules will be generated by this step build-pkgs # anaconda-*.tis.*.rpm rpm-*.tis*.rpm will be generated by this step build-srpms --installer && build-rpms --installer # systemd-*.tis.*.rpm and bind-utils-9.9.4-61.el7.x86_64.rpm, ima-evm-utils-1.0-1.el7.x86_64.rpm # will be available after this step done build-iso =========== vmlinuz: We're using the runtime kernel for this, so when we update the installer, we just grab the kernel from build server or your own build environment. Note -- The kernel to be used should be signed. The Jenkins builds will produce signed kernels, but if you are concerned about the signature (for example, if you are concerned that a developer kernel is being used or if the signing server is behaving odd) then you can verify the integrity of the kernel by going onto yow-cgts3-lx and using the command: sbverify --cert [CERT] vmlinuz The certificate specfied as the argument can be found in $MY_REPO/addons/wr-cgcs/layers/cgcs/recipes-extended/shim-unsigned/files/tis-shim.crt =========== initrd.img: When we update the kernel and kernel modules for the installer, we need to update the initrd.img. This is a manual procedure currently, and must be done as **root**. # First, extract the initrd.img: ORIG_INITRD=$PWD/initrd.img mkdir initrd.work cd initrd.work xzcat $ORIG_INITRD | cpio -i # Make the necessary changes, and rebuild the initrd # We want to include our kernel and required modules in the initrd. Copy their RPMs from # the Jenkins build or local build folders (~/export/dist/isolinux/Packages/ and ~/std/rpmbuild/RPMS/) # to ../kernel-rpms, to be extracted with rpm2cpio: # kernel # kmod-i40e # kmod-ixgbe # kmod-e1000e # kmod-tpm # mlnx-ofa_kernel-modules # # Also adding in dmidecode for debug purposes # Delete the old kernel files: rm -rf boot/ etc/modules-load.d/ etc/ld.so.conf.d/kernel-3.10.0-693.2.2.el7.tis.29.x86_64.conf lib/modules/3.10.0-693.2.2.el7.tis.29.x86_64/ # Extract the RPMs from the build system # FYI, here are RPMs in "kernel-rpms": # ls kernel-rpms/ kernel-3.10.0-693.2.2.el7.33.tis.x86_64.rpm kmod-i40e-rt-2.4.3-0.tis.6.x86_64.rpm mlnx-ofa_kernel-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm kernel-rt-3.10.0-693.2.2.rt56.623.el7.tis.39.x86_64.rpm kmod-ixgbe-5.2.3-0.tis.2.x86_64.rpm mlnx-ofa_kernel-devel-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm kmod-e1000e-3.3.6-0.tis.1.x86_64.rpm kmod-ixgbe-rt-5.2.3-0.tis.2.x86_64.rpm mlnx-ofa_kernel-modules-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm kmod-e1000e-rt-3.3.6-0.tis.1.x86_64.rpm kmod-tpm-4.12-0.tis.5.x86_64.rpm kmod-i40e-2.4.3-0.tis.6.x86_64.rpm kmod-tpm-rt-4.12-0.tis.5.x86_64.rpm for f in ../kernel-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done # In a chroot, run depmods. The command is available from the kmod-i40e for syntax/args: # [root@yow-cgts4-lx initrd.work]# rpm -qp --scripts ../kernel-rpms/kmod-i40e-* |grep depmod # /usr/sbin/depmod -aeF "/boot/System.map-3.10.0-327.36.2.el7.9.tis.x86_64" "3.10.0-327.36.2.el7.9.tis.x86_64" > /dev/null || : # /usr/sbin/depmod -aeF "/boot/System.map-3.10.0-327.36.2.el7.9.tis.x86_64" "3.10.0-327.36.2.el7.9.tis.x86_64" > /dev/null || : chroot . # <actual-kernel-version> need be replaced, for example, 3.10.0-693.2.2.el7.33.tis.x86_64 /usr/sbin/depmod -aeF "/boot/System.map-<actual-kernel-version>" "<actual-kernel-version>" exit # Remove the bisodevname package from initrd and squashfs rm -f ./usr/lib/udev/rules.d/71-biosdevname.rules ./usr/sbin/biosdevname # Rebuild the initrd find . \ | cpio -o -H newc \ | xz --check=crc32 --x86 --lzma2=dict=512KiB \ > ../new-initrd.img =========== squashfs.img: If we want to make changes to the rootfs of the installer (ie. update anaconda), we need to update the squashfs.img file. This file can be mounted, and contains a rootfs image: LiveOS/rootfs.img # Build the TIS-modified installer RPMs first (see anaconda jiggery-pokery at end of this file): build-srpms --installer && build-rpms --installer # We also need TIS-built systemd for NVME support, so copy the following from Jenkins build: systemd-219-42.el7_4.1.tis.10.x86_64.rpm systemd-libs-219-42.el7_4.1.tis.10.x86_64.rpm systemd-sysv-219-42.el7_4.1.tis.10.x86_64.rpm # We need to update the following RPMs in the rootfs ima-evm-utils-1.0-1.el7.x86_64.rpm rpm-4.14.0-1.tis.1.x86_64.rpm rpm-build-4.14.0-1.tis.1.x86_64.rpm rpm-build-libs-4.14.0-1.tis.1.x86_64.rpm rpm-libs-4.14.0-1.tis.1.x86_64.rpm rpm-plugin-systemd-inhibit-4.14.0-1.tis.1.x86_64.rpm rpm-python-4.14.0-1.tis.1.x86_64.rpm # We also now need bind-utils in the squashfs, due to the anaconda-preexec we've added. bind-utils-9.9.4-51.el7.x86_64.rpm # Mount the squashfs.img and copy the rootfs out: ORIG_SQUASHFS=$PWD/squashfs.img mkdir squashfs.mnt mount -o loop -t squashfs $ORIG_SQUASHFS squashfs.mnt mkdir LiveOS cp squashfs.mnt/LiveOS/rootfs.img LiveOS/ umount squashfs.mnt # Now mount the rootfs.img file: mkdir squashfs.work mount -o loop LiveOS/rootfs.img squashfs.work cd squashfs.work # You can now make changes as needed, and they're reflected in the rootfs.img # For anaconda, ignore these RPMs that are built: # anaconda-debuginfo # anaconda-dracut # anaconda-widgets-devel # anaconda-gui # # FYI, here are RPMs from "rootfs-rpms": ls rootfs-rpms/ anaconda-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-4.14.0-1.tis.1.x86_64.rpm anaconda-core-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-build-4.14.0-1.tis.1.x86_64.rpm anaconda-debuginfo-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-build-libs-4.14.0-1.tis.1.x86_64.rpm anaconda-dracut-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-libs-4.14.0-1.tis.1.x86_64.rpm anaconda-gui-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-plugin-systemd-inhibit-4.14.0-1.tis.1.x86_64.rpm anaconda-tui-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-python-4.14.0-1.tis.1.x86_64.rpm anaconda-widgets-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm systemd-219-42.el7_4.1.tis.10.x86_64.rpm anaconda-widgets-devel-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm systemd-libs-219-42.el7_4.1.tis.10.x86_64.rpm bind-utils-9.9.4-61.el7.x86_64.rpm systemd-sysv-219-42.el7_4.1.tis.10.x86_64.rpm ima-evm-utils-1.0-1.el7.x86_64.rpm # IMPORTANT Note: when copying “systemd-219-42.el7_4.1.tis.10.x86_64.rpm” from build target folders to “rootfs-rpms”, # we need to get it from “../export/dist/isolinux/Packages/systemd-219-42.el7_4.1.tis.10.x86_64.rpm”, instead of other # folders (for example, ../std/rpmbuild/RPMS/systemd-219-42.el7_4.1.tis.10.x86_64.rpm), they are actually having # different sizes and delta in contents. # Extract the rest into the squashfs rm -rf usr/lib64/python2.7/site-packages/pyanaconda/ rm -rf usr/lib64/python2.7/site-packages/rpm/ # get files from RPMs and copy them into corresponding folders for f in ../rootfs-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done #find old .pyo files and delete them find usr/lib64/python2.7/site-packages/pyanaconda/ usr/lib64/python2.7/site-packages/rpm/ -name *.pyo | xargs rm # IMPORTANT Note, please do NOT forget the following step: # MUST HAVE!!! Update the kernel and related kernel modules, same as what was done for "initrd.img" updating for f in ../kernel-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done # Remove the bisodevname package from initrd and squashfs rm -f ./usr/lib/udev/rules.d/71-biosdevname.rules ./usr/sbin/biosdevname cd .. umount squashfs.work # Build/rebuild a new squashfs.img (output file is test.squashfs.img in this # example) # Note: You may need to install "squashfs-tools" in advance #remove the old version named test.squashfs.img rm -f test.squashfs.img #make the new squashfs image named "test.squashfs.img" or another name mksquashfs LiveOS test.squashfs.img -keep-as-directory -comp xz -b 1M =========== To test with design build, update the following files with paths to your test files and filenames: recipes-installer/pxe-network-installer/centos/build_srpm.data recipes-installer/pxe-network-installer/centos/pxe-network-installer.spec =========== Delivering changes: Copy the updated vmlinuz (from kernel rpm), initrd.img, and squashfs.img files, with appropriate version suffixes, to mirror folder where you placethese files. Update the pxe-network-installer files to point to the new versions. =========== NOTE: The following jiggery-pokery is no longer required after recent mirror updates. I'm keeping the text here, though, for future reference. Just in case. Jiggery-pokery required to build anaconda after rebase to 7.3: The anaconda build reports a dependency error: 12:45:41 Error: Package: libgudev1-219-19.el7_2.13.x86_64 (TisCentos7Distro) 12:45:41 Requires: systemd-libs = 219-19.el7_2.13 12:45:41 Installed: systemd-libs-219-30.el7_3.6.x86_64 (@TisCentos7Distro) 12:45:41 systemd-libs = 219-30.el7_3.6 12:45:41 Available: systemd-libs-219-19.el7_2.13.x86_64 (TisCentos7Distro) 12:45:41 systemd-libs = 219-19.el7_2.13 12:45:41 You could try using --skip-broken to work around the problem 12:45:41 You could try running: rpm -Va --nofiles --nodigest Our build system is setup to install the highest versions of packages, but there's a dependency that has a version-specific dependency to an older version of the RPM, so it requires a little massaging to get the anaconda RPM to build. Step 1: Add a symlink into the cgcs-centos-repo dir: ln -s /import/mirrors/CentOS/tis-r4-CentOS/mitaka/Binary/x86_64/systemd-libs-219-19.el7_2.13.x86_64.rpm \ $MY_REPO/cgcs-centos-repo/Binary/x86_64/ Step 2: Try to build, so the repodata is updated (this will still fail) build-srpms --installer && build-rpms --installer Step 3: Short-circuit the update_cgcs_repo function in build-rpms to avoid repodata update and mock env clearout Step 4: Manually install RPM in mock env mock -r installer/${MY_BUILD_ENVIRONMENT}-installer.cfg --copyin systemd-libs-219-19.el7_2.13.x86_64.rpm systemd-libs-219-19.el7_2.13.x86_64.rpm mock -r installer/${MY_BUILD_ENVIRONMENT}-installer.cfg --shell rpm -i --force systemd-libs-219-19.el7_2.13.x86_64.rpm Step 5: Build with success! build-srpms --installer && build-rpms --installer