258 lines
11 KiB
Plaintext
258 lines
11 KiB
Plaintext
There are three prebuilt files that we can update when we need to make changes
|
|
to the installer:
|
|
- vmlinuz - The kernel
|
|
- initrd.img - Initial initrd loaded when the installer boots. Has kernel
|
|
modules, etc, and loads the squashfs.img
|
|
- squashfs.img - Provides the rootfs for the installer, which includes
|
|
components like anaconda
|
|
|
|
The original stock CentOS files are found:
|
|
/import/mirrors/CentOS/7.4.1708/os/x86_64/isolinux/initrd.img
|
|
/import/mirrors/CentOS/7.4.1708/os/x86_64/LiveOS/squashfs.img
|
|
|
|
# NOTE: before updating these files, assure that you've had a successful build
|
|
for the necessary files used in "kernel-rpms" and "rootfs-rpms".
|
|
# here are build procedures:
|
|
|
|
# kernel, kernel modules will be generated by this step
|
|
build-pkgs
|
|
|
|
# anaconda-*.tis.*.rpm rpm-*.tis*.rpm will be generated by this step
|
|
build-srpms --installer && build-rpms --installer
|
|
|
|
# systemd-*.tis.*.rpm and bind-utils-9.9.4-61.el7.x86_64.rpm, ima-evm-utils-1.0-1.el7.x86_64.rpm
|
|
# will be available after this step done
|
|
build-iso
|
|
|
|
===========
|
|
vmlinuz:
|
|
We're using the runtime kernel for this, so when we update the installer, we
|
|
just grab the kernel from build server or your own build environment.
|
|
|
|
Note -- The kernel to be used should be signed. The Jenkins builds will
|
|
produce signed kernels, but if you are concerned about the signature (for
|
|
example, if you are concerned that a developer kernel is being used or if
|
|
the signing server is behaving odd) then you can verify the integrity of
|
|
the kernel by going onto yow-cgts3-lx and using the command:
|
|
|
|
sbverify --cert [CERT] vmlinuz
|
|
|
|
The certificate specfied as the argument can be found in
|
|
$MY_REPO/stx/stx-integ/extended/shim-unsigned/files/tis-shim.crt
|
|
|
|
===========
|
|
initrd.img:
|
|
When we update the kernel and kernel modules for the installer, we need to
|
|
update the initrd.img. This is a manual procedure currently, and must be done
|
|
as **root**.
|
|
|
|
# First, extract the initrd.img:
|
|
|
|
ORIG_INITRD=$PWD/initrd.img
|
|
mkdir initrd.work
|
|
cd initrd.work
|
|
xzcat $ORIG_INITRD | cpio -i
|
|
|
|
# Make the necessary changes, and rebuild the initrd
|
|
|
|
# We want to include our kernel and required modules in the initrd. Copy their RPMs from
|
|
# the Jenkins build or local build folders (~/export/dist/isolinux/Packages/ and ~/std/rpmbuild/RPMS/)
|
|
# to ../kernel-rpms, to be extracted with rpm2cpio:
|
|
# kernel
|
|
# kmod-i40e
|
|
# kmod-ixgbe
|
|
# kmod-e1000e
|
|
# kmod-tpm
|
|
# mlnx-ofa_kernel-modules
|
|
#
|
|
# Also adding in dmidecode for debug purposes
|
|
|
|
|
|
# Delete the old kernel files:
|
|
rm -rf boot/ etc/modules-load.d/ etc/ld.so.conf.d/kernel-3.10.0-693.2.2.el7.tis.29.x86_64.conf lib/modules/3.10.0-693.2.2.el7.tis.29.x86_64/
|
|
|
|
# Extract the RPMs from the build system
|
|
# FYI, here are RPMs in "kernel-rpms":
|
|
|
|
# ls kernel-rpms/
|
|
kernel-3.10.0-693.2.2.el7.33.tis.x86_64.rpm kmod-i40e-rt-2.4.3-0.tis.6.x86_64.rpm mlnx-ofa_kernel-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm
|
|
kernel-rt-3.10.0-693.2.2.rt56.623.el7.tis.39.x86_64.rpm kmod-ixgbe-5.2.3-0.tis.2.x86_64.rpm mlnx-ofa_kernel-devel-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm
|
|
kmod-e1000e-3.3.6-0.tis.1.x86_64.rpm kmod-ixgbe-rt-5.2.3-0.tis.2.x86_64.rpm mlnx-ofa_kernel-modules-4.3-OFED.4.3.1.0.1.1.g8509e41.tis.1.x86_64.rpm
|
|
kmod-e1000e-rt-3.3.6-0.tis.1.x86_64.rpm kmod-tpm-4.12-0.tis.5.x86_64.rpm
|
|
kmod-i40e-2.4.3-0.tis.6.x86_64.rpm kmod-tpm-rt-4.12-0.tis.5.x86_64.rpm
|
|
|
|
|
|
for f in ../kernel-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done
|
|
|
|
# In a chroot, run depmods. The command is available from the kmod-i40e for syntax/args:
|
|
# [root@yow-cgts4-lx initrd.work]# rpm -qp --scripts ../kernel-rpms/kmod-i40e-* |grep depmod
|
|
# /usr/sbin/depmod -aeF "/boot/System.map-3.10.0-327.36.2.el7.9.tis.x86_64" "3.10.0-327.36.2.el7.9.tis.x86_64" > /dev/null || :
|
|
# /usr/sbin/depmod -aeF "/boot/System.map-3.10.0-327.36.2.el7.9.tis.x86_64" "3.10.0-327.36.2.el7.9.tis.x86_64" > /dev/null || :
|
|
|
|
chroot .
|
|
# <actual-kernel-version> need be replaced, for example, 3.10.0-693.2.2.el7.33.tis.x86_64
|
|
/usr/sbin/depmod -aeF "/boot/System.map-<actual-kernel-version>" "<actual-kernel-version>"
|
|
exit
|
|
|
|
# Remove the bisodevname package from initrd and squashfs
|
|
rm -f ./usr/lib/udev/rules.d/71-biosdevname.rules ./usr/sbin/biosdevname
|
|
|
|
# Rebuild the initrd
|
|
find . \
|
|
| cpio -o -H newc \
|
|
| xz --check=crc32 --x86 --lzma2=dict=512KiB \
|
|
> ../new-initrd.img
|
|
|
|
|
|
|
|
===========
|
|
squashfs.img:
|
|
If we want to make changes to the rootfs of the installer (ie. update anaconda),
|
|
we need to update the squashfs.img file. This file can be mounted, and contains
|
|
a rootfs image: LiveOS/rootfs.img
|
|
|
|
# Build the TIS-modified installer RPMs first (see anaconda jiggery-pokery at end of this file):
|
|
build-srpms --installer && build-rpms --installer
|
|
|
|
# We also need TIS-built systemd for NVME support, so copy the following from Jenkins build:
|
|
systemd-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
systemd-libs-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
systemd-sysv-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
|
|
# We need to update the following RPMs in the rootfs
|
|
ima-evm-utils-1.0-1.el7.x86_64.rpm
|
|
rpm-4.14.0-1.tis.1.x86_64.rpm
|
|
rpm-build-4.14.0-1.tis.1.x86_64.rpm
|
|
rpm-build-libs-4.14.0-1.tis.1.x86_64.rpm
|
|
rpm-libs-4.14.0-1.tis.1.x86_64.rpm
|
|
rpm-plugin-systemd-inhibit-4.14.0-1.tis.1.x86_64.rpm
|
|
rpm-python-4.14.0-1.tis.1.x86_64.rpm
|
|
|
|
# We also now need bind-utils in the squashfs, due to the anaconda-preexec we've added.
|
|
bind-utils-9.9.4-51.el7.x86_64.rpm
|
|
|
|
# Add ntpd to the rootfs
|
|
ntp-4.2.6p5-25.el7.centos.2.tis.3.x86_64.rpm
|
|
|
|
# Mount the squashfs.img and copy the rootfs out:
|
|
ORIG_SQUASHFS=$PWD/squashfs.img
|
|
mkdir squashfs.mnt
|
|
mount -o loop -t squashfs $ORIG_SQUASHFS squashfs.mnt
|
|
mkdir LiveOS
|
|
cp squashfs.mnt/LiveOS/rootfs.img LiveOS/
|
|
umount squashfs.mnt
|
|
|
|
# Now mount the rootfs.img file:
|
|
mkdir squashfs.work
|
|
mount -o loop LiveOS/rootfs.img squashfs.work
|
|
cd squashfs.work
|
|
|
|
# You can now make changes as needed, and they're reflected in the rootfs.img
|
|
|
|
# For anaconda, ignore these RPMs that are built:
|
|
# anaconda-debuginfo
|
|
# anaconda-dracut
|
|
# anaconda-widgets-devel
|
|
# anaconda-gui
|
|
#
|
|
|
|
# FYI, here are RPMs from "rootfs-rpms":
|
|
ls rootfs-rpms/
|
|
anaconda-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-core-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-build-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-debuginfo-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-build-libs-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-dracut-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-libs-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-gui-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-plugin-systemd-inhibit-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-tui-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm rpm-python-4.14.0-1.tis.1.x86_64.rpm
|
|
anaconda-widgets-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm systemd-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
anaconda-widgets-devel-21.48.22.121-1.el7.centos.tis.5.x86_64.rpm systemd-libs-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
bind-utils-9.9.4-61.el7.x86_64.rpm systemd-sysv-219-42.el7_4.1.tis.10.x86_64.rpm
|
|
ima-evm-utils-1.0-1.el7.x86_64.rpm
|
|
|
|
# IMPORTANT Note: when copying “systemd-219-42.el7_4.1.tis.10.x86_64.rpm” from build target folders to “rootfs-rpms”,
|
|
# we need to get it from “../export/dist/isolinux/Packages/systemd-219-42.el7_4.1.tis.10.x86_64.rpm”, instead of other
|
|
# folders (for example, ../std/rpmbuild/RPMS/systemd-219-42.el7_4.1.tis.10.x86_64.rpm), they are actually having
|
|
# different sizes and delta in contents.
|
|
|
|
# Extract the rest into the squashfs
|
|
rm -rf usr/lib64/python2.7/site-packages/pyanaconda/
|
|
rm -rf usr/lib64/python2.7/site-packages/rpm/
|
|
# get files from RPMs and copy them into corresponding folders
|
|
for f in ../rootfs-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done
|
|
#find old .pyo files and delete them
|
|
find usr/lib64/python2.7/site-packages/pyanaconda/ usr/lib64/python2.7/site-packages/rpm/ -name *.pyo | xargs rm
|
|
rm -rf usr/lib/.build-id
|
|
|
|
# IMPORTANT Note, please do NOT forget the following step:
|
|
# MUST HAVE!!! Update the kernel and related kernel modules, same as what was done for "initrd.img" updating
|
|
for f in ../kernel-rpms/*.rpm ; do rpm2cpio $f | cpio -idu; done
|
|
|
|
# Remove the bisodevname package from initrd and squashfs
|
|
rm -f ./usr/lib/udev/rules.d/71-biosdevname.rules ./usr/sbin/biosdevname
|
|
|
|
cd ..
|
|
umount squashfs.work
|
|
|
|
# Build/rebuild a new squashfs.img (output file is test.squashfs.img in this
|
|
# example)
|
|
# Note: You may need to install "squashfs-tools" in advance
|
|
#remove the old version named test.squashfs.img
|
|
rm -f test.squashfs.img
|
|
#make the new squashfs image named "test.squashfs.img" or another name
|
|
mksquashfs LiveOS test.squashfs.img -keep-as-directory -comp xz -b 1M
|
|
|
|
|
|
===========
|
|
To test with design build, update the following files with paths to your test
|
|
files and filenames:
|
|
recipes-installer/pxe-network-installer/centos/build_srpm.data
|
|
recipes-installer/pxe-network-installer/centos/pxe-network-installer.spec
|
|
|
|
|
|
===========
|
|
Delivering changes:
|
|
Copy the updated vmlinuz (from kernel rpm), initrd.img, and squashfs.img files,
|
|
with appropriate version suffixes, to mirror folder where you placethese files.
|
|
|
|
Update the pxe-network-installer files to point to the new versions.
|
|
|
|
|
|
===========
|
|
NOTE: The following jiggery-pokery is no longer required after recent mirror updates.
|
|
I'm keeping the text here, though, for future reference. Just in case.
|
|
|
|
Jiggery-pokery required to build anaconda after rebase to 7.3:
|
|
|
|
The anaconda build reports a dependency error:
|
|
|
|
12:45:41 Error: Package: libgudev1-219-19.el7_2.13.x86_64 (TisCentos7Distro)
|
|
12:45:41 Requires: systemd-libs = 219-19.el7_2.13
|
|
12:45:41 Installed: systemd-libs-219-30.el7_3.6.x86_64 (@TisCentos7Distro)
|
|
12:45:41 systemd-libs = 219-30.el7_3.6
|
|
12:45:41 Available: systemd-libs-219-19.el7_2.13.x86_64 (TisCentos7Distro)
|
|
12:45:41 systemd-libs = 219-19.el7_2.13
|
|
12:45:41 You could try using --skip-broken to work around the problem
|
|
12:45:41 You could try running: rpm -Va --nofiles --nodigest
|
|
|
|
Our build system is setup to install the highest versions of packages, but there's a dependency
|
|
that has a version-specific dependency to an older version of the RPM, so it requires a little
|
|
massaging to get the anaconda RPM to build.
|
|
|
|
Step 1: Add a symlink into the cgcs-centos-repo dir:
|
|
ln -s /import/mirrors/CentOS/tis-r4-CentOS/mitaka/Binary/x86_64/systemd-libs-219-19.el7_2.13.x86_64.rpm \
|
|
$MY_REPO/cgcs-centos-repo/Binary/x86_64/
|
|
|
|
Step 2: Try to build, so the repodata is updated (this will still fail)
|
|
build-srpms --installer && build-rpms --installer
|
|
|
|
Step 3: Short-circuit the update_cgcs_repo function in build-rpms to avoid repodata update and mock env clearout
|
|
|
|
Step 4: Manually install RPM in mock env
|
|
mock -r installer/${MY_BUILD_ENVIRONMENT}-installer.cfg --copyin systemd-libs-219-19.el7_2.13.x86_64.rpm systemd-libs-219-19.el7_2.13.x86_64.rpm
|
|
mock -r installer/${MY_BUILD_ENVIRONMENT}-installer.cfg --shell
|
|
rpm -i --force systemd-libs-219-19.el7_2.13.x86_64.rpm
|
|
|
|
Step 5: Build with success!
|
|
build-srpms --installer && build-rpms --installer
|
|
|