[DIB][diskimage-builder] Rocky Linux image build method

Neil Hanlon neil at shrug.pw
Mon Aug 1 13:08:44 UTC 2022 

On Mon, 2022-08-01 at 10:21 +0200, Pierre Riteau wrote:
> Hello,
> 
> I am curious about the choice of providing only a rocky-container element
> in DIB, which works differently to the centos element, which uses cloud
> images.
As Jeremy mentions, it was a conscious choice to use the containerfile method to build Rocky images for the
reasons he discusses. It is more in line with the Fedora images, and from a building perspective, it's often
better to layer things on top, rather than try and remove them afterwards.

> 
> It makes it hard to produce working images for VMs or bare metal, as
> various packages that would normally be installed are missing, such as
> cloud-utils-growpart or openssh-server. See the kickstarts for reference
> [1] [2].
> 
> It seems to also occasionally cause complex failures such as the one that
> rendered Rocky Linux 8 images unbootable last week [3]. I am guessing this
> wouldn't have happened had the build been from a cloud image.
> 
> Would the DIB community be open to also have a rocky element using
> GenericCloud images, like centos?

It's possible it may have not happened when building from a Cloud image, but you similarly begin to rely on the
upstream to produce images the same way forever. Building from a known minimal source and layering on the
elements required, including writing any boot/kernel files needed will a more manageable process for the DIB
community, in my opinion (as the one who makes the Upstream images for Rocky). Building from the ground up
guarantees a much more repeatable process for DIB image building.

In the short term, there's some uplift to make sure the images build correctly, but once they're working,
working from Containerfile should lead to faster builds of more lean images with only what's needed on them--
and that's good for Security, too.

Please do reach out via email or IRC/Chat (either of OFTC or Libera in the #rockylinux- channels) any time, by
the way :) 

I'm one of the Infrastructure leads for Rocky Linux and spend time over here with the OSA folks! Nice to meet
you, and thank you for using Rocky!

> 
> Thanks,
> Pierre Riteau (priteau)
> 
> [1]
> https://git.rockylinux.org/rocky/kickstarts/-/blob/r8/Rocky-8-Container-Base.ks
> [2]
> https://git.rockylinux.org/rocky/kickstarts/-/blob/r8/Rocky-8-GenericCloud.ks
> [3] https://review.opendev.org/c/openstack/diskimage-builder/+/851687

More information about the openstack-discuss mailing list